Fenetres CID

Résolu
Den360 Messages postés 13 Statut Membre -  
Den360 Messages postés 13 Statut Membre -
Bonjour,

Depuis quelques semaines j' ai des fenetres CId qui apparaissent et qui me dérange beaucoup. Je ne sais plus quoi faire pour m' en débarasser ... à l' aide .... je ne peut plus les voirs.

Merci de votre aide !

Den360
Configuration: Windows XP
Internet Explorer 6.0

22 réponses

  • 1
  • 2
  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Salut,

    ---> Télécharge Lop S&D sur ton Bureau
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    ---> Double-clique dessus pour lancer l'installation
    ---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    ---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
    ---> Patiente jusqu'à la fin du scan
    ---> Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

    Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
    http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
    0
  2. Den360 Messages postés 13 Statut Membre
     
    Voici mon rapport .... merci de m' aider !

    # Rapport Lopxp fait le 2008-07-21 à 20:27:08
    # Exécuté dans : C:\Program Files\Lopxp
    # Version 3.06 - Maj du 05/02/2008

    Killing 'iexplore.exe'
    "C:\Program Files\Internet Explorer\iexplore.exe" (2704)
    "C:\Program Files\Internet Explorer\iexplore.exe" (2728)
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" (3444)
    "C:\Program Files\Internet Explorer\iexplore.exe" (560)
    "C:\Program Files\Internet Explorer\iexplore.exe" (3440)
    "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (2976)
    "C:\Program Files\Internet Explorer\IEXPLORE.EXE" (2204)

    ========== Listing des dossiers Application Data

    +- C:\Documents and Settings\Administrateur\Application Data

    2005-06-16 à 00:10:42 - Lavasoft
    2005-06-15 à 23:03:13 - Microsoft

    +- C:\Documents and Settings\Administrateur\Local Settings\Application Data

    2006-10-16 à 23:47:49 - IM
    2005-06-15 à 23:04:17 - Microsoft

    +- C:\Documents and Settings\All Users\Application Data

    2004-06-20 à 16:10:33 - ACD Systems
    2008-03-10 à 23:19:21 - Adobe
    2008-01-22 à 15:00:04 - Apple Computer
    2006-06-14 à 23:59:45 - Avery
    2006-09-13 à 23:21:59 - Google
    2007-08-30 à 00:08:45 - MailFrontier
    2008-07-03 à 12:45:24 - Meal Memo Free View
    2006-08-03 à 23:33:57 - Microsoft
    2006-07-28 à 10:00:30 - QuickTime
    2008-07-07 à 19:56:20 - Spybot - Search & Destroy
    2004-03-12 à 00:39:30 - Symantec
    2004-11-09 à 23:13:58 - Ulead Systems
    2005-03-25 à 19:02:53 - Viewpoint
    2006-07-23 à 22:16:41 - Windows Genuine Advantage
    2007-09-17 à 02:55:44 - Windows Live Toolbar
    2005-06-22 à 01:39:06 - wsxs
    2007-01-06 à 01:45:55 - yahoo!

    +- C:\Documents and Settings\Denis\Application Data

    2004-07-17 à 11:57:07 - ACD Systems
    2006-09-20 à 20:04:26 - Adobe
    2007-02-09 à 01:52:35 - AdobeUM
    2008-06-12 à 19:34:52 - Apple Computer
    2006-09-23 à 14:55:07 - ArcSoft
    2008-02-19 à 01:41:37 - BudgetExpress
    2004-03-11 à 02:52:31 - Dossier de téléchargement Share-to-Web
    2004-03-11 à 02:52:31 - Dossier de téléchargement Share-to-Web
    2006-07-28 à 10:06:50 - FotoWire
    2006-09-14 à 15:51:50 - Google
    2004-06-24 à 13:13:03 - Help
    2007-06-28 à 20:53:23 - ICAClient
    2004-03-08 à 00:28:19 - Identities
    2007-06-05 à 23:23:03 - IPC
    2005-06-06 à 01:36:37 - Lavasoft
    2004-11-09 à 01:06:35 - Leadertech
    2004-11-30 à 01:08:12 - Macromedia
    2008-04-28 à 20:08:14 - Microsoft
    2004-03-08 à 00:33:55 - Microsoft Web Folders
    2004-12-17 à 16:03:27 - Mozilla
    2007-01-31 à 01:06:24 - Netscape
    2005-05-16 à 13:13:37 - ntoc
    2008-06-03 à 00:09:20 - OWNS LOVE OKAY
    2008-06-14 à 19:02:48 - PPTminimizer
    2005-02-09 à 00:35:25 - Real
    2007-05-10 à 21:25:51 - Screenshot Sender
    2004-09-10 à 01:47:25 - Sun
    2004-11-26 à 23:56:06 - Symantec
    2008-03-25 à 02:20:04 - U3
    2004-11-09 à 23:14:43 - Ulead Systems

    +- C:\Documents and Settings\Denis\Local Settings\Application Data

    2006-08-29 à 00:07:15 - Adobe
    2008-02-03 à 22:36:28 - Apple Computer
    2006-09-14 à 15:47:19 - Google
    2004-03-12 à 00:40:37 - Help
    2004-03-13 à 17:47:34 - Identities
    2006-12-03 à 16:18:59 - IM
    2006-07-28 à 10:13:41 - Logitech-LS
    2008-06-20 à 01:57:22 - Microsoft
    2008-01-22 à 15:01:54 - OLYMPUS
    2004-11-05 à 23:26:02 - Rio

    +- C:\Documents and Settings\Joannie\Application Data

    2008-01-24 à 21:35:23 - ACD Systems
    2004-12-12 à 21:13:28 - Adobe
    2006-06-29 à 14:52:59 - AdobeUM
    2004-03-15 à 03:37:48 - Dossier de téléchargement Share-to-Web
    2006-12-05 à 16:45:40 - Google
    2004-03-08 à 01:12:23 - Help
    2004-03-08 à 01:09:20 - Identities
    2004-11-06 à 01:12:17 - Lavasoft
    2004-12-12 à 21:19:55 - Macromedia
    2007-09-17 à 02:55:38 - Microsoft
    2008-05-25 à 11:05:31 - OWNS LOVE OKAY
    2005-04-30 à 23:35:36 - Real
    2004-11-20 à 03:01:17 - Sun
    2005-12-05 à 23:22:46 - Symantec

    +- C:\Documents and Settings\Joannie\Local Settings\Application Data

    2006-12-31 à 20:24:26 - Adobe
    2006-09-13 à 23:20:24 - Google
    2004-03-08 à 01:12:23 - Help
    2004-03-08 à 01:13:49 - Identities
    2006-11-19 à 21:18:14 - IM
    2006-08-03 à 18:36:02 - Logitech-LS
    2006-07-06 à 16:38:38 - Microsoft

    +- C:\Documents and Settings\Maryse\Application Data

    2006-03-18 à 22:18:15 - ACD Systems
    2007-02-12 à 22:05:22 - Adobe
    2007-04-11 à 00:19:29 - AdobeUM
    2006-11-08 à 01:25:15 - ArcSoft
    2004-03-14 à 18:41:24 - Dossier de téléchargement Share-to-Web
    2006-09-13 à 00:48:14 - Google
    2004-05-03 à 01:42:59 - Help
    2004-03-08 à 00:37:45 - Identities
    2004-11-08 à 02:46:49 - Lavasoft
    2005-01-13 à 01:57:58 - Macromedia
    2007-09-18 à 23:26:56 - Microsoft
    2005-04-03 à 23:30:16 - Mozilla
    2008-07-03 à 12:45:33 - OWNS LOVE OKAY
    2006-01-22 à 20:50:37 - Real
    2004-09-27 à 00:45:59 - Sun
    2005-08-02 à 16:14:26 - Symantec
    2008-01-22 à 02:16:37 - U3
    2004-11-28 à 17:01:19 - Ulead Systems
    2007-01-06 à 01:47:58 - yahoo!

    +- C:\Documents and Settings\Maryse\Local Settings\Application Data

    2006-08-27 à 18:53:14 - Adobe
    2008-02-27 à 13:03:14 - Apple Computer
    2006-09-13 à 00:12:31 - Google
    2004-05-03 à 01:42:59 - Help
    2004-03-08 à 01:03:30 - Identities
    2006-12-14 à 22:30:44 - IM
    2007-03-03 à 03:04:02 - Logitech-LS
    2008-06-14 à 01:20:12 - Microsoft

    ========== Listing du dossier Program Files

    +- C:\Program Files

    2005-05-22 à 20:43:20 - Access 97 Runtime
    2004-06-20 à 16:10:33 - ACD Systems
    2004-03-09 à 23:19:42 - acrobat reader
    2008-03-10 à 23:14:54 - Adobe
    2004-04-02 à 00:44:28 - Ahead
    2006-09-23 à 14:25:01 - ArcSoft
    2006-06-14 à 23:59:54 - Avery Dennison
    2008-02-19 à 00:56:55 - BudgetExpress
    2005-06-22 à 01:39:19 - C2Media
    2005-07-02 à 11:22:29 - CCleaner
    2005-06-19 à 02:00:12 - ComPlus Applications
    2004-03-14 à 23:22:45 - Desktop Messenger
    2008-01-22 à 15:01:31 - DIFX
    2005-06-21 à 22:32:58 - ewido
    2008-07-21 à 23:27:22 - Fichiers communs
    2006-08-04 à 09:15:25 - Golden
    2007-01-27 à 12:57:44 - Google
    2004-03-11 à 02:52:27 - Hewlett-Packard
    2006-11-15 à 22:10:14 - IncrediMail
    2007-01-14 à 16:11:24 - InstallShield Installation Information
    2005-11-20 à 15:59:50 - Internet Explorer
    2007-10-16 à 23:18:15 - Java
    2005-06-06 à 01:36:26 - Lavasoft
    2006-07-28 à 10:06:47 - Logitech
    2008-07-22 à 00:27:14 - Lopxp
    2005-11-20 à 16:00:55 - Messenger
    2005-06-06 à 01:38:46 - Messenger Plus! 3
    2004-03-08 à 00:19:07 - microsoft frontpage
    2007-01-31 à 01:08:23 - Microsoft Games
    2006-07-05 à 01:39:59 - Microsoft Hardware
    2006-09-23 à 15:31:36 - Microsoft Office
    2004-12-07 à 13:33:55 - mIRC
    2004-03-08 à 00:16:14 - Movie Maker
    2004-03-08 à 00:14:06 - MSN Gaming Zone
    2006-08-02 à 02:24:37 - MSXML 4.0
    2004-03-14 à 23:23:26 - MUSICMATCH
    2004-08-26 à 23:19:55 - NetMeeting
    2006-09-19 à 17:14:14 - Netscape
    2008-05-24 à 01:36:06 - Norton SystemWorks
    2008-01-22 à 14:57:02 - OLYMPUS
    2005-06-21 à 21:41:17 - Outlook Express
    2008-07-03 à 12:45:20 - OWNS LOVE OKAY
    2005-05-17 à 00:24:03 - PolderbitS
    2008-01-22 à 15:01:23 - QuickTime
    2004-12-17 à 20:29:15 - Real
    2006-08-04 à 08:57:44 - Registry Mechanic
    2008-01-22 à 14:42:16 - RescuePRO
    2004-11-05 à 23:24:37 - Rio
    2005-06-19 à 02:01:27 - Services en ligne
    2005-01-25 à 01:39:14 - Siber Systems
    2008-05-28 à 21:03:57 - Spybot - Search & Destroy
    2008-06-17 à 21:11:54 - SpywareBlaster
    2004-11-05 à 00:59:52 - StreamCast
    2006-12-26 à 02:41:11 - Symantec
    2005-02-12 à 19:39:22 - SymNetDrv
    2005-03-06 à 20:56:09 - TablEdit
    2004-08-26 à 23:17:41 - Uninstall Information
    2004-12-17 à 20:35:14 - Winamp
    2008-01-22 à 14:59:13 - Windows Media Player
    2004-03-08 à 00:14:06 - Windows NT
    2005-06-21 à 01:47:19 - WindowsUpdate
    2005-05-22 à 22:14:14 - Wine Cellar
    2005-11-20 à 16:06:16 - WinZip
    2004-03-08 à 00:19:07 - xerox
    2004-12-08 à 18:50:15 - ZeusCDRipper
    2005-12-10 à 19:20:35 - Zone Labs

    ========== Tâches planifiées

    A5F334F19184A9A1.job: c:\docume~1\joannie\applic~1\ownslo~1\way move keep.exe
    A864E12E918F9872.job: c:\docume~1\maryse\applic~1\ownslo~1\way move keep.exe
    Norton AntiVirus - Scan my computer.job: C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.exe /task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
    Norton SystemWorks One Button Checkup.job: C:\Program Files\Norton SystemWorks\OBC.exe /CUSTOM /SCHEDULE
    Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE

    ========== Clés registre

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FREE VIEW GRIM SOAP"="C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe"

    ========== Bloqueur popups Internet Explorer

    Blocage des popups non géré par cette version du navigateur.

    ========== Suggestion ( /!\ Nécessite une interprétation.) ==========

    C:\Documents and Settings\All Users\Application Data\Meal Memo Free View
    C:\Documents and Settings\Denis\Application Data\OWNS LOVE OKAY
    C:\Documents and Settings\Joannie\Application Data\OWNS LOVE OKAY
    C:\Documents and Settings\Maryse\Application Data\OWNS LOVE OKAY
    C:\Program Files\C2Media
    C:\Program Files\OWNS LOVE OKAY
    C:\WINDOWS\tasks\A5F334F19184A9A1.job
    C:\WINDOWS\tasks\A864E12E918F9872.job

    +- Registre:

    REGEDIT4

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FREE VIEW GRIM SOAP"=-

    - Fin du rapport -
    0
  3. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Utilise mon programme s'il te plaît, celui-là ne gère pas le fichier Hosts.
    0
  4. Den360 Messages postés 13 Statut Membre
     
    voici le rapport !

    --------------------\\ Lop S&D 4.2.2-2 XP/Vista

    [ Windows XP (NT 5.1) Build 2600 ]
    [ USER : Denis ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 2008-07-21 | 20:37:18,57 ] [ PC : BUREAU ]
    [ MAJ : 20-07-2008 | 12:15 ]

    --------------------\\ Listing des dossiers dans Application Data

    [2004-12-10|11:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [2005-06-19|22:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Install.dat
    [2005-06-15|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
    [2005-06-15|19:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [2004-06-20|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
    [2008-03-10|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-01-22|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2006-06-14|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
    [2005-06-18|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2006-09-13|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-08-29|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    [2008-07-03|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal Memo Free View
    [2006-08-03|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2008-06-12|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [2006-07-28|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2008-07-07|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2004-03-11|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2004-11-09|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [2005-03-25|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [2006-07-23|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-09-16|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [2005-06-21|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs
    [2007-01-05|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

    [2005-06-18|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2004-03-07|20:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2004-07-17|07:57] C:\DOCUME~1\Denis\APPLIC~1\ACD Systems
    [2006-09-20|16:04] C:\DOCUME~1\Denis\APPLIC~1\Adobe
    [2007-02-08|21:52] C:\DOCUME~1\Denis\APPLIC~1\AdobeUM
    [2008-06-12|15:34] C:\DOCUME~1\Denis\APPLIC~1\Apple Computer
    [2006-09-23|10:55] C:\DOCUME~1\Denis\APPLIC~1\ArcSoft
    [2008-02-18|21:41] C:\DOCUME~1\Denis\APPLIC~1\BudgetExpress
    [2004-03-07|13:59] C:\DOCUME~1\Denis\APPLIC~1\desktop.ini
    [2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-07-28|06:06] C:\DOCUME~1\Denis\APPLIC~1\FotoWire
    [2006-09-14|11:51] C:\DOCUME~1\Denis\APPLIC~1\Google
    [2004-06-24|09:13] C:\DOCUME~1\Denis\APPLIC~1\Help
    [2007-06-28|16:53] C:\DOCUME~1\Denis\APPLIC~1\ICAClient
    [2004-03-07|20:28] C:\DOCUME~1\Denis\APPLIC~1\Identities
    [2007-06-05|19:23] C:\DOCUME~1\Denis\APPLIC~1\IPC
    [2005-06-05|21:36] C:\DOCUME~1\Denis\APPLIC~1\Lavasoft
    [2004-11-08|21:06] C:\DOCUME~1\Denis\APPLIC~1\Leadertech
    [2004-11-29|21:08] C:\DOCUME~1\Denis\APPLIC~1\Macromedia
    [2008-04-28|16:08] C:\DOCUME~1\Denis\APPLIC~1\Microsoft
    [2004-03-07|20:33] C:\DOCUME~1\Denis\APPLIC~1\Microsoft Web Folders
    [2004-12-17|12:03] C:\DOCUME~1\Denis\APPLIC~1\Mozilla
    [2007-01-30|21:06] C:\DOCUME~1\Denis\APPLIC~1\Netscape
    [2005-05-16|09:13] C:\DOCUME~1\Denis\APPLIC~1\ntoc
    [2008-06-02|20:09] C:\DOCUME~1\Denis\APPLIC~1\OWNS LOVE OKAY
    [2008-06-14|15:02] C:\DOCUME~1\Denis\APPLIC~1\PPTminimizer
    [2005-02-08|20:35] C:\DOCUME~1\Denis\APPLIC~1\Real
    [2007-05-10|17:25] C:\DOCUME~1\Denis\APPLIC~1\Screenshot Sender
    [2004-09-09|21:47] C:\DOCUME~1\Denis\APPLIC~1\Sun
    [2004-11-26|19:56] C:\DOCUME~1\Denis\APPLIC~1\Symantec
    [2004-12-09|21:00] C:\DOCUME~1\Denis\APPLIC~1\tvmcwrd.dll
    [2004-12-09|20:43] C:\DOCUME~1\Denis\APPLIC~1\tvmknwrd.dll
    [2008-03-24|22:20] C:\DOCUME~1\Denis\APPLIC~1\U3
    [2004-11-09|19:14] C:\DOCUME~1\Denis\APPLIC~1\Ulead Systems

    [2008-01-24|17:35] C:\DOCUME~1\Joannie\APPLIC~1\ACD Systems
    [2004-12-12|17:13] C:\DOCUME~1\Joannie\APPLIC~1\Adobe
    [2006-06-29|10:52] C:\DOCUME~1\Joannie\APPLIC~1\AdobeUM
    [2004-03-07|13:59] C:\DOCUME~1\Joannie\APPLIC~1\desktop.ini
    [2004-03-14|23:37] C:\DOCUME~1\Joannie\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-12-05|12:45] C:\DOCUME~1\Joannie\APPLIC~1\Google
    [2004-03-07|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Help
    [2004-03-07|21:09] C:\DOCUME~1\Joannie\APPLIC~1\Identities
    [2004-11-05|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Lavasoft
    [2004-12-12|17:19] C:\DOCUME~1\Joannie\APPLIC~1\Macromedia
    [2007-09-16|22:55] C:\DOCUME~1\Joannie\APPLIC~1\Microsoft
    [2008-05-25|07:05] C:\DOCUME~1\Joannie\APPLIC~1\OWNS LOVE OKAY
    [2005-04-30|19:35] C:\DOCUME~1\Joannie\APPLIC~1\Real
    [2004-11-19|23:01] C:\DOCUME~1\Joannie\APPLIC~1\Sun
    [2005-12-05|19:22] C:\DOCUME~1\Joannie\APPLIC~1\Symantec

    [2004-03-09|22:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2006-03-18|18:18] C:\DOCUME~1\Maryse\APPLIC~1\ACD Systems
    [2007-02-12|18:05] C:\DOCUME~1\Maryse\APPLIC~1\Adobe
    [2007-04-10|20:19] C:\DOCUME~1\Maryse\APPLIC~1\AdobeUM
    [2006-11-07|21:25] C:\DOCUME~1\Maryse\APPLIC~1\ArcSoft
    [2004-03-07|13:59] C:\DOCUME~1\Maryse\APPLIC~1\desktop.ini
    [2004-11-07|22:36] C:\DOCUME~1\Maryse\APPLIC~1\dm.ini
    [2004-03-14|14:41] C:\DOCUME~1\Maryse\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-09-12|20:48] C:\DOCUME~1\Maryse\APPLIC~1\Google
    [2004-05-02|21:42] C:\DOCUME~1\Maryse\APPLIC~1\Help
    [2004-03-07|20:37] C:\DOCUME~1\Maryse\APPLIC~1\Identities
    [2004-11-07|22:46] C:\DOCUME~1\Maryse\APPLIC~1\Lavasoft
    [2005-01-12|21:57] C:\DOCUME~1\Maryse\APPLIC~1\Macromedia
    [2007-09-18|19:26] C:\DOCUME~1\Maryse\APPLIC~1\Microsoft
    [2005-04-03|19:30] C:\DOCUME~1\Maryse\APPLIC~1\Mozilla
    [2008-07-03|08:45] C:\DOCUME~1\Maryse\APPLIC~1\OWNS LOVE OKAY
    [2006-01-22|16:50] C:\DOCUME~1\Maryse\APPLIC~1\Real
    [2004-09-26|20:45] C:\DOCUME~1\Maryse\APPLIC~1\Sun
    [2005-08-02|12:14] C:\DOCUME~1\Maryse\APPLIC~1\Symantec
    [2008-01-21|22:16] C:\DOCUME~1\Maryse\APPLIC~1\U3
    [2004-11-28|13:01] C:\DOCUME~1\Maryse\APPLIC~1\Ulead Systems
    [2007-01-05|21:47] C:\DOCUME~1\Maryse\APPLIC~1\yahoo!

    [2004-03-07|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [2008-07-21 20:00][--ah-c---] C:\WINDOWS\tasks\A864E12E918F9872.job
    [2008-05-25 18:00][--ah-c---] C:\WINDOWS\tasks\A5F334F19184A9A1.job
    [2008-07-21 17:59][--a--c---] C:\WINDOWS\tasks\Symantec NetDetect.job
    [2008-06-13 20:03][--a--c---] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
    [2008-06-13 19:29][--a--c---] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
    [2008-07-21 14:09][--ah-c---] C:\WINDOWS\tasks\SA.DAT
    [2001-08-28 08:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

    ( A5F334F19184A9A1.job )=( c:\docume~1\joannie\applic~1\ownslo~1\waymovekeep.exe )
    ( A864E12E918F9872.job )=( c:\docume~1\maryse\applic~1\ownslo~1\waymovekeep.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [2005-05-22|16:43] C:\Program Files\Access 97 Runtime
    [2004-06-20|12:10] C:\Program Files\ACD Systems
    [2004-03-09|19:19] C:\Program Files\acrobat reader
    [2008-03-10|19:14] C:\Program Files\Adobe
    [2004-04-01|20:44] C:\Program Files\Ahead
    [2006-09-23|10:25] C:\Program Files\ArcSoft
    [2006-06-14|19:59] C:\Program Files\Avery Dennison
    [2008-02-18|20:56] C:\Program Files\BudgetExpress
    [2005-06-21|21:39] C:\Program Files\C2Media
    [2005-07-02|07:22] C:\Program Files\CCleaner
    [2005-06-18|22:00] C:\Program Files\ComPlus Applications
    [2004-03-14|19:22] C:\Program Files\Desktop Messenger
    [2008-01-22|11:01] C:\Program Files\DIFX
    [2005-06-21|18:32] C:\Program Files\ewido
    [2008-07-21|19:27] C:\Program Files\Fichiers communs
    [2006-08-04|05:15] C:\Program Files\Golden
    [2007-01-27|08:57] C:\Program Files\Google
    [2004-03-10|22:52] C:\Program Files\Hewlett-Packard
    [2006-11-15|18:10] C:\Program Files\IncrediMail
    [2007-01-14|12:11] C:\Program Files\InstallShield Installation Information
    [2005-11-20|11:59] C:\Program Files\Internet Explorer
    [2007-10-16|19:18] C:\Program Files\Java
    [2005-06-05|21:36] C:\Program Files\Lavasoft
    [2006-07-28|06:06] C:\Program Files\Logitech
    [2008-07-21|20:27] C:\Program Files\Lopxp
    [2005-11-20|12:00] C:\Program Files\Messenger
    [2005-06-05|21:38] C:\Program Files\Messenger Plus! 3
    [2004-03-07|20:19] C:\Program Files\microsoft frontpage
    [2007-01-30|21:08] C:\Program Files\Microsoft Games
    [2006-07-04|21:39] C:\Program Files\Microsoft Hardware
    [2006-09-23|11:31] C:\Program Files\Microsoft Office
    [2004-12-07|09:33] C:\Program Files\mIRC
    [2004-03-07|20:16] C:\Program Files\Movie Maker
    [2004-03-07|20:14] C:\Program Files\MSN Gaming Zone
    [2006-08-01|22:24] C:\Program Files\MSXML 4.0
    [2004-03-14|19:23] C:\Program Files\MUSICMATCH
    [2004-08-26|19:19] C:\Program Files\NetMeeting
    [2006-09-19|13:14] C:\Program Files\Netscape
    [2008-05-23|21:36] C:\Program Files\Norton SystemWorks
    [2008-01-22|10:57] C:\Program Files\OLYMPUS
    [2005-06-21|17:41] C:\Program Files\Outlook Express
    [2008-07-03|08:45] C:\Program Files\OWNS LOVE OKAY
    [2005-05-16|20:24] C:\Program Files\PolderbitS
    [2008-01-22|11:01] C:\Program Files\QuickTime
    [2004-12-17|16:29] C:\Program Files\Real
    [2006-08-04|04:57] C:\Program Files\Registry Mechanic
    [2008-01-22|10:42] C:\Program Files\RescuePRO
    [2004-11-05|19:24] C:\Program Files\Rio
    [2005-06-18|22:01] C:\Program Files\Services en ligne
    [2005-01-24|21:39] C:\Program Files\Siber Systems
    [2008-05-28|17:03] C:\Program Files\Spybot - Search & Destroy
    [2008-06-17|17:11] C:\Program Files\SpywareBlaster
    [2004-11-04|20:59] C:\Program Files\StreamCast
    [2006-12-25|22:41] C:\Program Files\Symantec
    [2005-02-12|15:39] C:\Program Files\SymNetDrv
    [2005-03-06|16:56] C:\Program Files\TablEdit
    [2004-08-26|19:17] C:\Program Files\Uninstall Information
    [2004-12-17|16:35] C:\Program Files\Winamp
    [2008-01-22|10:59] C:\Program Files\Windows Media Player
    [2004-03-07|20:14] C:\Program Files\Windows NT
    [2005-06-20|21:47] C:\Program Files\WindowsUpdate
    [2005-05-22|18:14] C:\Program Files\Wine Cellar
    [2005-11-20|12:06] C:\Program Files\WinZip
    [2004-03-07|20:19] C:\Program Files\xerox
    [2004-12-08|14:50] C:\Program Files\ZeusCDRipper
    [2005-12-10|15:20] C:\Program Files\Zone Labs

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [2004-06-20|12:10] C:\Program Files\Fichiers communs\ACD Systems
    [2008-03-10|19:14] C:\Program Files\Fichiers communs\Adobe
    [2004-04-01|20:44] C:\Program Files\Fichiers communs\Ahead
    [2004-03-07|20:35] C:\Program Files\Fichiers communs\Designer
    [2006-07-28|06:06] C:\Program Files\Fichiers communs\FotoWire
    [2004-11-05|19:24] C:\Program Files\Fichiers communs\Gracenote
    [2004-03-10|22:52] C:\Program Files\Fichiers communs\Hewlett-Packard
    [2006-06-14|19:58] C:\Program Files\Fichiers communs\InstallShield
    [2004-09-09|21:46] C:\Program Files\Fichiers communs\Java
    [2006-07-28|06:03] C:\Program Files\Fichiers communs\Logitech
    [2008-06-05|16:22] C:\Program Files\Fichiers communs\Microsoft Shared
    [2005-03-15|10:04] C:\Program Files\Fichiers communs\mozilla.org
    [2005-03-11|14:32] C:\Program Files\Fichiers communs\MSSoap
    [2004-03-07|14:00] C:\Program Files\Fichiers communs\ODBC
    [2005-02-08|20:32] C:\Program Files\Fichiers communs\Real
    [2004-03-07|20:15] C:\Program Files\Fichiers communs\Services
    [2004-03-07|20:46] C:\Program Files\Fichiers communs\Sierra On-Line
    [2004-03-07|14:00] C:\Program Files\Fichiers communs\SpeechEngines
    [2008-07-21|19:28] C:\Program Files\Fichiers communs\Symantec Shared
    [2005-06-21|17:41] C:\Program Files\Fichiers communs\System
    [2004-11-09|19:11] C:\Program Files\Fichiers communs\Ulead Systems
    [2005-06-21|21:39] C:\Program Files\Fichiers communs\Uninstall Information
    [2005-02-08|20:32] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 70 Processus )

    IEXPLORE.EXE ~ [2260]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Denis\APPLIC~1\ownslo~1
    C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1
    C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\BendDartStore.exe
    C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\jwhkwdsk.exe
    C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\The Copy Idle Program.exe
    C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\way move keep.exe
    C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1
    C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\BendDartStore.exe
    C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\rimtoves.exe
    C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\The Copy Idle Program.exe
    C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\way move keep.exe
    C:\Program Files\ownslo~1
    C:\Program Files\C2Media
    C:\DOCUME~1\Denis\Cookies\denis@adopt.euroclick[2].txt
    C:\WINDOWS\Tasks\A5F334F19184A9A1.job
    C:\WINDOWS\Tasks\A864E12E918F9872.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 8506 [ 70 ## added by CiD ]

    /!\ 1 Not 127.0.0.1 !!

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-21 20:38:22
    Windows 5.1.2600 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    => C:\DOCUME~1\Denis\Favoris\download\AllSeek.iNFO The Ultimate Cracks Search Engine.url
    => C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Animation\firecracker.ima
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif
    => C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url

    [F:5][D:2]-> C:\DOCUME~1\Denis\LOCALS~1\Temp
    [F:13][D:0]-> C:\DOCUME~1\Denis\Cookies
    [F:467][D:10]-> C:\DOCUME~1\Denis\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 20:40:34,67
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance Lop S&D
    ---> Choisis cette fois-ci l'option 2 (Suppression)
    ---> Ne ferme pas la fenêtre lors de la suppression !
    ---> Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    0
  7. Den360 Messages postés 13 Statut Membre
     
    Rapport avec option supperssion !

    --------------------\\ Lop S&D 4.2.2-2 XP/Vista

    [ Windows XP (NT 5.1) Build 2600 ]
    [ USER : Denis ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 2008-07-21 | 20:47:27,70 ] [ PC : BUREAU ]
    [ MAJ : 20-07-2008 | 12:15 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\BendDartStore.exe
    Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\jwhkwdsk.exe
    Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\The Copy Idle Program.exe
    Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1\way move keep.exe
    Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\BendDartStore.exe
    Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\rimtoves.exe
    Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\The Copy Idle Program.exe
    Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1\way move keep.exe
    Supprime! - C:\DOCUME~1\Denis\Cookies\denis@adopt.euroclick[2].txt
    Supprime! - C:\WINDOWS\Tasks\A5F334F19184A9A1.job
    Supprime! - C:\WINDOWS\Tasks\A864E12E918F9872.job
    Supprime! - C:\DOCUME~1\Denis\APPLIC~1\ownslo~1
    Supprime! - C:\DOCUME~1\Joannie\APPLIC~1\ownslo~1
    Supprime! - C:\DOCUME~1\Maryse\APPLIC~1\ownslo~1
    Supprime! - C:\Program Files\ownslo~1
    Supprime! - C:\Program Files\C2Media
    RestaurÚ! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans Application Data

    [2004-12-10|11:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [2005-06-19|22:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Install.dat
    [2005-06-15|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
    [2005-06-15|19:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [2004-06-20|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
    [2008-03-10|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [2008-01-22|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [2006-06-14|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
    [2005-06-18|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [2006-09-13|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [2007-08-29|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    [2008-07-03|08:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal Memo Free View
    [2006-08-03|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [2008-06-12|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [2006-07-28|06:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [2008-07-07|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [2004-03-11|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [2004-11-09|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
    [2006-07-23|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [2007-09-16|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [2005-06-21|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs
    [2007-01-05|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!

    [2005-06-18|21:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [2004-03-07|20:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [2004-07-17|07:57] C:\DOCUME~1\Denis\APPLIC~1\ACD Systems
    [2006-09-20|16:04] C:\DOCUME~1\Denis\APPLIC~1\Adobe
    [2007-02-08|21:52] C:\DOCUME~1\Denis\APPLIC~1\AdobeUM
    [2008-06-12|15:34] C:\DOCUME~1\Denis\APPLIC~1\Apple Computer
    [2006-09-23|10:55] C:\DOCUME~1\Denis\APPLIC~1\ArcSoft
    [2008-02-18|21:41] C:\DOCUME~1\Denis\APPLIC~1\BudgetExpress
    [2004-03-07|13:59] C:\DOCUME~1\Denis\APPLIC~1\desktop.ini
    [2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2004-03-10|22:52] C:\DOCUME~1\Denis\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-07-28|06:06] C:\DOCUME~1\Denis\APPLIC~1\FotoWire
    [2006-09-14|11:51] C:\DOCUME~1\Denis\APPLIC~1\Google
    [2004-06-24|09:13] C:\DOCUME~1\Denis\APPLIC~1\Help
    [2007-06-28|16:53] C:\DOCUME~1\Denis\APPLIC~1\ICAClient
    [2004-03-07|20:28] C:\DOCUME~1\Denis\APPLIC~1\Identities
    [2007-06-05|19:23] C:\DOCUME~1\Denis\APPLIC~1\IPC
    [2005-06-05|21:36] C:\DOCUME~1\Denis\APPLIC~1\Lavasoft
    [2004-11-08|21:06] C:\DOCUME~1\Denis\APPLIC~1\Leadertech
    [2004-11-29|21:08] C:\DOCUME~1\Denis\APPLIC~1\Macromedia
    [2008-04-28|16:08] C:\DOCUME~1\Denis\APPLIC~1\Microsoft
    [2004-03-07|20:33] C:\DOCUME~1\Denis\APPLIC~1\Microsoft Web Folders
    [2004-12-17|12:03] C:\DOCUME~1\Denis\APPLIC~1\Mozilla
    [2007-01-30|21:06] C:\DOCUME~1\Denis\APPLIC~1\Netscape
    [2005-05-16|09:13] C:\DOCUME~1\Denis\APPLIC~1\ntoc
    [2008-06-14|15:02] C:\DOCUME~1\Denis\APPLIC~1\PPTminimizer
    [2005-02-08|20:35] C:\DOCUME~1\Denis\APPLIC~1\Real
    [2007-05-10|17:25] C:\DOCUME~1\Denis\APPLIC~1\Screenshot Sender
    [2004-09-09|21:47] C:\DOCUME~1\Denis\APPLIC~1\Sun
    [2004-11-26|19:56] C:\DOCUME~1\Denis\APPLIC~1\Symantec
    [2004-12-09|21:00] C:\DOCUME~1\Denis\APPLIC~1\tvmcwrd.dll
    [2004-12-09|20:43] C:\DOCUME~1\Denis\APPLIC~1\tvmknwrd.dll
    [2008-03-24|22:20] C:\DOCUME~1\Denis\APPLIC~1\U3
    [2004-11-09|19:14] C:\DOCUME~1\Denis\APPLIC~1\Ulead Systems

    [2008-01-24|17:35] C:\DOCUME~1\Joannie\APPLIC~1\ACD Systems
    [2004-12-12|17:13] C:\DOCUME~1\Joannie\APPLIC~1\Adobe
    [2006-06-29|10:52] C:\DOCUME~1\Joannie\APPLIC~1\AdobeUM
    [2004-03-07|13:59] C:\DOCUME~1\Joannie\APPLIC~1\desktop.ini
    [2004-03-14|23:37] C:\DOCUME~1\Joannie\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-12-05|12:45] C:\DOCUME~1\Joannie\APPLIC~1\Google
    [2004-03-07|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Help
    [2004-03-07|21:09] C:\DOCUME~1\Joannie\APPLIC~1\Identities
    [2004-11-05|21:12] C:\DOCUME~1\Joannie\APPLIC~1\Lavasoft
    [2004-12-12|17:19] C:\DOCUME~1\Joannie\APPLIC~1\Macromedia
    [2007-09-16|22:55] C:\DOCUME~1\Joannie\APPLIC~1\Microsoft
    [2005-04-30|19:35] C:\DOCUME~1\Joannie\APPLIC~1\Real
    [2004-11-19|23:01] C:\DOCUME~1\Joannie\APPLIC~1\Sun
    [2005-12-05|19:22] C:\DOCUME~1\Joannie\APPLIC~1\Symantec

    [2004-03-09|22:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [2006-03-18|18:18] C:\DOCUME~1\Maryse\APPLIC~1\ACD Systems
    [2007-02-12|18:05] C:\DOCUME~1\Maryse\APPLIC~1\Adobe
    [2007-04-10|20:19] C:\DOCUME~1\Maryse\APPLIC~1\AdobeUM
    [2006-11-07|21:25] C:\DOCUME~1\Maryse\APPLIC~1\ArcSoft
    [2004-03-07|13:59] C:\DOCUME~1\Maryse\APPLIC~1\desktop.ini
    [2004-11-07|22:36] C:\DOCUME~1\Maryse\APPLIC~1\dm.ini
    [2004-03-14|14:41] C:\DOCUME~1\Maryse\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
    [2006-09-12|20:48] C:\DOCUME~1\Maryse\APPLIC~1\Google
    [2004-05-02|21:42] C:\DOCUME~1\Maryse\APPLIC~1\Help
    [2004-03-07|20:37] C:\DOCUME~1\Maryse\APPLIC~1\Identities
    [2004-11-07|22:46] C:\DOCUME~1\Maryse\APPLIC~1\Lavasoft
    [2005-01-12|21:57] C:\DOCUME~1\Maryse\APPLIC~1\Macromedia
    [2007-09-18|19:26] C:\DOCUME~1\Maryse\APPLIC~1\Microsoft
    [2005-04-03|19:30] C:\DOCUME~1\Maryse\APPLIC~1\Mozilla
    [2006-01-22|16:50] C:\DOCUME~1\Maryse\APPLIC~1\Real
    [2004-09-26|20:45] C:\DOCUME~1\Maryse\APPLIC~1\Sun
    [2005-08-02|12:14] C:\DOCUME~1\Maryse\APPLIC~1\Symantec
    [2008-01-21|22:16] C:\DOCUME~1\Maryse\APPLIC~1\U3
    [2004-11-28|13:01] C:\DOCUME~1\Maryse\APPLIC~1\Ulead Systems
    [2007-01-05|21:47] C:\DOCUME~1\Maryse\APPLIC~1\yahoo!

    [2004-03-07|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [2008-07-21 17:59][--a--c---] C:\WINDOWS\tasks\Symantec NetDetect.job
    [2008-06-13 20:03][--a--c---] C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
    [2008-06-13 19:29][--a--c---] C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
    [2008-07-21 14:09][--ah-c---] C:\WINDOWS\tasks\SA.DAT
    [2001-08-28 08:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [2005-05-22|16:43] C:\Program Files\Access 97 Runtime
    [2004-06-20|12:10] C:\Program Files\ACD Systems
    [2004-03-09|19:19] C:\Program Files\acrobat reader
    [2008-03-10|19:14] C:\Program Files\Adobe
    [2004-04-01|20:44] C:\Program Files\Ahead
    [2006-09-23|10:25] C:\Program Files\ArcSoft
    [2006-06-14|19:59] C:\Program Files\Avery Dennison
    [2008-02-18|20:56] C:\Program Files\BudgetExpress
    [2005-07-02|07:22] C:\Program Files\CCleaner
    [2005-06-18|22:00] C:\Program Files\ComPlus Applications
    [2004-03-14|19:22] C:\Program Files\Desktop Messenger
    [2008-01-22|11:01] C:\Program Files\DIFX
    [2005-06-21|18:32] C:\Program Files\ewido
    [2008-07-21|19:27] C:\Program Files\Fichiers communs
    [2006-08-04|05:15] C:\Program Files\Golden
    [2007-01-27|08:57] C:\Program Files\Google
    [2004-03-10|22:52] C:\Program Files\Hewlett-Packard
    [2006-11-15|18:10] C:\Program Files\IncrediMail
    [2007-01-14|12:11] C:\Program Files\InstallShield Installation Information
    [2005-11-20|11:59] C:\Program Files\Internet Explorer
    [2007-10-16|19:18] C:\Program Files\Java
    [2005-06-05|21:36] C:\Program Files\Lavasoft
    [2006-07-28|06:06] C:\Program Files\Logitech
    [2008-07-21|20:27] C:\Program Files\Lopxp
    [2005-11-20|12:00] C:\Program Files\Messenger
    [2005-06-05|21:38] C:\Program Files\Messenger Plus! 3
    [2004-03-07|20:19] C:\Program Files\microsoft frontpage
    [2007-01-30|21:08] C:\Program Files\Microsoft Games
    [2006-07-04|21:39] C:\Program Files\Microsoft Hardware
    [2006-09-23|11:31] C:\Program Files\Microsoft Office
    [2004-12-07|09:33] C:\Program Files\mIRC
    [2004-03-07|20:16] C:\Program Files\Movie Maker
    [2004-03-07|20:14] C:\Program Files\MSN Gaming Zone
    [2006-08-01|22:24] C:\Program Files\MSXML 4.0
    [2004-03-14|19:23] C:\Program Files\MUSICMATCH
    [2004-08-26|19:19] C:\Program Files\NetMeeting
    [2006-09-19|13:14] C:\Program Files\Netscape
    [2008-05-23|21:36] C:\Program Files\Norton SystemWorks
    [2008-01-22|10:57] C:\Program Files\OLYMPUS
    [2005-06-21|17:41] C:\Program Files\Outlook Express
    [2005-05-16|20:24] C:\Program Files\PolderbitS
    [2008-01-22|11:01] C:\Program Files\QuickTime
    [2004-12-17|16:29] C:\Program Files\Real
    [2006-08-04|04:57] C:\Program Files\Registry Mechanic
    [2008-01-22|10:42] C:\Program Files\RescuePRO
    [2004-11-05|19:24] C:\Program Files\Rio
    [2005-06-18|22:01] C:\Program Files\Services en ligne
    [2005-01-24|21:39] C:\Program Files\Siber Systems
    [2008-05-28|17:03] C:\Program Files\Spybot - Search & Destroy
    [2008-06-17|17:11] C:\Program Files\SpywareBlaster
    [2004-11-04|20:59] C:\Program Files\StreamCast
    [2006-12-25|22:41] C:\Program Files\Symantec
    [2005-02-12|15:39] C:\Program Files\SymNetDrv
    [2005-03-06|16:56] C:\Program Files\TablEdit
    [2004-08-26|19:17] C:\Program Files\Uninstall Information
    [2004-12-17|16:35] C:\Program Files\Winamp
    [2008-01-22|10:59] C:\Program Files\Windows Media Player
    [2004-03-07|20:14] C:\Program Files\Windows NT
    [2005-06-20|21:47] C:\Program Files\WindowsUpdate
    [2005-05-22|18:14] C:\Program Files\Wine Cellar
    [2005-11-20|12:06] C:\Program Files\WinZip
    [2004-03-07|20:19] C:\Program Files\xerox
    [2004-12-08|14:50] C:\Program Files\ZeusCDRipper
    [2005-12-10|15:20] C:\Program Files\Zone Labs

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [2004-06-20|12:10] C:\Program Files\Fichiers communs\ACD Systems
    [2008-03-10|19:14] C:\Program Files\Fichiers communs\Adobe
    [2004-04-01|20:44] C:\Program Files\Fichiers communs\Ahead
    [2004-03-07|20:35] C:\Program Files\Fichiers communs\Designer
    [2006-07-28|06:06] C:\Program Files\Fichiers communs\FotoWire
    [2004-11-05|19:24] C:\Program Files\Fichiers communs\Gracenote
    [2004-03-10|22:52] C:\Program Files\Fichiers communs\Hewlett-Packard
    [2006-06-14|19:58] C:\Program Files\Fichiers communs\InstallShield
    [2004-09-09|21:46] C:\Program Files\Fichiers communs\Java
    [2006-07-28|06:03] C:\Program Files\Fichiers communs\Logitech
    [2008-06-05|16:22] C:\Program Files\Fichiers communs\Microsoft Shared
    [2005-03-15|10:04] C:\Program Files\Fichiers communs\mozilla.org
    [2005-03-11|14:32] C:\Program Files\Fichiers communs\MSSoap
    [2004-03-07|14:00] C:\Program Files\Fichiers communs\ODBC
    [2005-02-08|20:32] C:\Program Files\Fichiers communs\Real
    [2004-03-07|20:15] C:\Program Files\Fichiers communs\Services
    [2004-03-07|20:46] C:\Program Files\Fichiers communs\Sierra On-Line
    [2004-03-07|14:00] C:\Program Files\Fichiers communs\SpeechEngines
    [2008-07-21|19:28] C:\Program Files\Fichiers communs\Symantec Shared
    [2005-06-21|17:41] C:\Program Files\Fichiers communs\System
    [2004-11-09|19:11] C:\Program Files\Fichiers communs\Ulead Systems
    [2005-06-21|21:39] C:\Program Files\Fichiers communs\Uninstall Information
    [2005-02-08|20:32] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 68 Processus )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-21 20:48:37
    Windows 5.1.2600 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    => C:\DOCUME~1\Denis\Favoris\download\AllSeek.iNFO The Ultimate Cracks Search Engine.url
    => C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Animation\firecracker.ima
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
    => C:\DOCUME~1\Denis\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif
    => C:\DOCUME~1\Denis\Favoris\download\CRACKFOUND - SERIALS - CRACKS - KEYS - KEYGENS - ALL THE UNDERGROUND IS HERE.url

    [F:5][D:2]-> C:\DOCUME~1\Denis\LOCALS~1\Temp
    [F:12][D:0]-> C:\DOCUME~1\Denis\Cookies
    [F:488][D:10]-> C:\DOCUME~1\Denis\LOCALS~1\TEMPOR~1\content.IE5

    --------------------\\ Fin du rapport a 20:50:26,83
    0
  8. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge OTMoveIt2 à partir du lien ci-dessous :
    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

    ---> Enregistre le fichier sur le Bureau.

    ---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
    Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

    ---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste Standard List of Files/Folders to be moved.

    C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\

    ---> Clique sur MoveIt! pour lancer la suppression.
    Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

    Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES.

    ---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles.
    0
  9. Den360 Messages postés 13 Statut Membre
     
    C:\Documents and Settings\All Users\Application Data\Meal Memo Free View moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07212008_210439
    0
  10. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    - Télécharge HijackThis V 2.02 (HijackThis Installer) :
    http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

    - Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    - Clique sur Install ensuite sur I Accept

    - Clique sur Do a scan system and save log file

    - Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
    0
  11. Den360 Messages postés 13 Statut Membre
     
    et voila le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:11:24, on 2008-07-21
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\RioMSC.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
    O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  12. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Ton Windows n'est pas à jour, c'est pas bien du tout.

    Mets à jour Java et poste un nouveau rapport HijackThis :
    https://www.java.com/fr/download/manual.jsp
    0
  13. Den360 Messages postés 13 Statut Membre
     
    j ai fais mon update java et voici le rapport de hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:31:25, on 2008-07-21
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\RioMSC.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
    O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  14. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Relance HijackThis et choisis Do a system scan only

    ---> Coche les cases qui sont devant les lignes suivantes :

    R3 - Default URLSearchHook is missing

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

    O4 - HKLM\..\Run: [FREE VIEW GRIM SOAP] C:\Documents and Settings\All Users\Application Data\Meal Memo Free View\fast global.exe

    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [BindKnob] C:\DOCUME~1\Maryse\APPLIC~1\OWNSLO~1\BendDartStore.exe (User 'Maryse')

    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

    ---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

    ---> Poste un nouveau rapport HijackThis.

    Je pourrais te virer des logiciels qui se lancent au démarrage mais je sais pas si tu en as besoin.
    0
  15. Den360 Messages postés 13 Statut Membre
     
    et voila c est fait !

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:48:06, on 2008-07-21
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\ewido\security suite\ewidoctrl.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\WINDOWS\system32\pctspk.exe
    C:\WINDOWS\System32\RioMSC.exe
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\System32\WgaTray.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Netscape\Netscape\Netscp.exe
    C:\Program Files\Messenger\msmsgs.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lapresse.ca
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.netscape.fr"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\DENIS\Application Data\Mozilla\Profiles\default\nfw2teri.slt\prefs.js)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus1.exe" /WinStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User 'Maryse')
    O4 - HKUS\S-1-5-21-1801674531-920026266-854245398-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Maryse')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Barre RoboForm &2 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Enregistrer le &formulaire [ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Personnaliser le &menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Remplir le formulaire ] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Remplir le formulaire ] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Enregistrer le &formulaire [ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: Barre RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
    O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
    O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\System32\RioMSC.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  16. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Plus de trace d'infection.

    Je vais aller me coucher alors je vais te faire un pavé.

    Télécharge Tools Cleaner sur ton bureau.
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    Clique sur Recherche et laisse le scan agir.
    Clique sur Suppression pour finaliser.
    Tu peux, si tu le souhaites, te servir des Options facultatives.
    Clique sur Quitter pour obtenir le rapport.
    Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    ---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
    https://www.ccleaner.com/ccleaner/download

    ---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

    ---> Il est nécessaire de désactiver puis réactiver la restauration système, fais-le :
    http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme

    ---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
    https://www.vulgarisation-informatique.com/creer-point-restauration.php

    - Télécharge et installe MalwareByte's Anti-Malware :
    http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

    - Mets-le à jour

    - Redémarre en mode sans échec (Recommandé mais pas obligatoire) :
    https://www.malekal.com/demarrer-windows-mode-sans-echec/

    - Choisis ta session habituelle

    - Fais un scan complet avec MalwareByte's Anti-Malware

    - Supprime tout ce que le logiciel trouve, enregistre le rapport

    - Redémarre en mode normal et poste le rapport ici

    Tutorial :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  17. Den360 Messages postés 13 Statut Membre
     
    merci beaucoup , moi aussi je vais me coucher ... je vais continuer demain soir.

    Bonne Nuit !

    Den 360
    0
  18. Den360 Messages postés 13 Statut Membre
     
    rapport de tool cleaner

    -->- Recherche:

    C:\Lop SD: trouvé !
    C:\HijackThis: trouvé !
    C:\_OtMoveIt: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Denis\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Denis\Bureau\Lop S&D.lnk: trouvé !
    C:\Documents and Settings\Denis\Bureau\LopSD.exe: trouvé !
    C:\Documents and Settings\Denis\Bureau\KillBox.exe: trouvé !
    C:\Documents and Settings\Denis\Bureau\HJTInstall.exe: trouvé !
    C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Lop S&D: trouvé !
    C:\hijackthis\HijackThis.exe: trouvé !
    C:\Lop SD\Lop S&D.lnk: trouvé !
    C:\Program Files\Logitech\iTouch\Drivers\Clean: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Denis\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Denis\Bureau\Lop S&D.lnk: supprimé !
    C:\Documents and Settings\Denis\Bureau\LopSD.exe: supprimé !
    C:\Documents and Settings\Denis\Bureau\KillBox.exe: supprimé !
    C:\Documents and Settings\Denis\Bureau\HJTInstall.exe: supprimé !
    C:\hijackthis\HijackThis.exe: supprimé !
    C:\Lop SD\Lop S&D.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Lop SD: supprimé !
    C:\HijackThis: supprimé !
    C:\_OtMoveIt: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Lop S&D: supprimé !
    C:\Program Files\Logitech\iTouch\Drivers\Clean: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !

    Corbeille vidée!
    Fichiers temporaires nettoyés !
    0
  19. Den360 Messages postés 13 Statut Membre
     
    rapport

    Malwarebytes' Anti-Malware 1.22
    Version de la base de données: 980
    Windows 5.1.2600

    20:01:16 2008-07-22
    mbam-log-7-22-2008 (20-01-16).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
    Eléments examinés: 127800
    Temps écoulé: 38 minute(s), 20 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\tmlpcert2005 (Adware.EGDAccess) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Denis\Application Data\tvmknwrd.dll (Trojan.Agent) -> Quarantined and deleted successfully.

    Est-ce que tu crois qu'il me reste de cette saloperie ?

    Merci encore pour ton aide !
    0
  20. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Le rapport MBAM montre une infection. On va utiliser Navilog1 :

    - Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le bureau :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    - Double-clique sur Navilog1.exe afin de lancer l'installation

    - Si le fix ne lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le bureau

    - Appuie sur F ou f puis valide par Entrée

    - Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

    - Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix

    - Patiente jusqu'au message : *** Analyse Termine le ..... ***

    - Le scan fini, le bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse

    - Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

    N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
    0
  21. Den360 Messages postés 13 Statut Membre
     
    rapport completé

    Search Navipromo version 3.6.1 commencé le 2008-07-22 à 20:27:34,61

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "Denis"

    Mise à jour le 19.07.2008 à 20h00 par IL-MAFIOSO

    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 6.0.2600.0000
    Système de fichiers : NTFS

    Recherche executé en mode normal

    *** Recherche Programmes installés ***

    *** Recherche dossiers dans "C:\WINDOWS" ***

    *** Recherche dossiers dans "C:\Program Files" ***

    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Denis\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Joannie\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Maryse\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Denis\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Joannie\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Maryse\locals~1\applic~1" ***

    *** Recherche dossiers dans "C:\Documents and Settings\Denis\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Joannie\menudm~1\progra~1" ***

    *** Recherche dossiers dans "C:\DOCUME~1\Maryse\menudm~1\progra~1" ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier Navipromo trouvé

    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    * Recherche dans "C:\Documents and Settings\Denis\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\Joannie\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\Maryse\locals~1\applic~1" *

    *** Recherche fichiers ***

    *** Recherche clés spécifiques dans le Registre ***

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :

    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :

    * Dans "C:\Documents and Settings\Denis\locals~1\applic~1" :

    * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

    * Dans "C:\DOCUME~1\Joannie\locals~1\applic~1" :

    * Dans "C:\DOCUME~1\Maryse\locals~1\applic~1" :

    3)Recherche Certificats :

    Certificat Egroup absent !
    Certificat Electronic-Group absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :

    *** Analyse terminée le 2008-07-22 à 20:41:45,83 ***
    0
  • 1
  • 2