Sujet Précédent Sujet Suivant

Problème de publicité

Elo1196 -  
 Elo1196 -
Bonjour,

Voilà, depuis quelques jours, j'ai des publicités qui s'ouvrent sans cesse lorsque je surf sur le net.... en effete j'avais le virus messengerskinner sur mon pc que j'ai normalement supprimé grace a navilog..... mais depuis les pubs apparaissent encore et encore et encore....je deviens folle. De plus depuis que g été infesté, mon pc m'indique qq chose qui se connecte et se déconnecte en USB et c assez stressant!!!!

Pourriez vous m'aider svp???

Merci

46 réponses

Réponse 1 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Tu es là ?
0
Réponse 2 / 46
Elo1196
 
oui je suis là... pk?
0
Réponse 3 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
OK !

Il me reste plus beacoup de temps avant de partir c'est pour ça que je te posais la question !

http://www.assistepc.com/forum/lop-s-d-nettoyer-les-infections-de-l-adware-lop-vt686.html

Fait ce qu'il y a de décrit, puis tu te contentera de l'option 1 !!

/!\ ne passes pas à l'option 2 sans que je te le dise !

Poste le rapport de l'option 1 ici (copier/coller)
0
Réponse 4 / 46
Elo1196
 
ok ça marche c partis....merci ;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 46
Elo1196
 
voici le rapport

--------------------\\ Lop S&D 4.2.2-4 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Elo ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 26/07/2008 | 15:08:27,41 ] [ PC : PC-DE-ELO ]
[ MAJ : 25-07-2008 | 17:45 ]
[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[26/07/2008|15:08] C:\Users\Elo\AppData\Local\aakgyue.dat
[24/07/2008|23:38] C:\Users\Elo\AppData\Local\aakgyue.exe
[24/07/2008|23:38] C:\Users\Elo\AppData\Local\aakgyue_nav.dat
[26/07/2008|15:08] C:\Users\Elo\AppData\Local\aakgyue_navps.dat
[20/06/2008|13:05] C:\Users\Elo\AppData\Local\Adobe
[20/06/2008|20:58] C:\Users\Elo\AppData\Local\Apple
[21/07/2008|12:31] C:\Users\Elo\AppData\Local\Apple Computer
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Application Data
[20/06/2008|21:29] C:\Users\Elo\AppData\Local\Ares
[18/07/2008|19:09] C:\Users\Elo\AppData\Local\d3d9caps.dat
[24/07/2008|01:33] C:\Users\Elo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[18/07/2008|18:40] C:\Users\Elo\AppData\Local\eMule
[20/06/2008|22:38] C:\Users\Elo\AppData\Local\GDIPFONTCACHEV1.DAT
[20/06/2008|12:59] C:\Users\Elo\AppData\Local\Google
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Historique
[26/07/2008|15:05] C:\Users\Elo\AppData\Local\IconCache.db
[03/07/2008|13:50] C:\Users\Elo\AppData\Local\MediaDirect
[22/07/2008|21:53] C:\Users\Elo\AppData\Local\Microsoft
[20/07/2008|14:24] C:\Users\Elo\AppData\Local\Microsoft Games
[20/06/2008|21:52] C:\Users\Elo\AppData\Local\Microsoft Help
[26/07/2008|15:06] C:\Users\Elo\AppData\Local\nooww.bat
[20/06/2008|13:17] C:\Users\Elo\AppData\Local\SupportSoft
[26/07/2008|15:08] C:\Users\Elo\AppData\Local\Temp
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Temporary Internet Files
[20/06/2008|13:05] C:\Users\Elo\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[26/07/2008 15:06][--ah-----] C:\Windows\tasks\SA.DAT
[26/07/2008 15:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/07/2008|23:38] C:\ProgramData\Adobe
[20/06/2008|20:57] C:\ProgramData\Apple
[20/06/2008|21:00] C:\ProgramData\Apple Computer
[20/06/2008|13:44] C:\ProgramData\Application Data
[22/06/2008|18:54] C:\ProgramData\Brother
[20/06/2008|13:44] C:\ProgramData\Bureau
[20/06/2008|18:25] C:\ProgramData\Creative
[13/06/2008|10:40] C:\ProgramData\Creative Labs
[03/07/2008|01:35] C:\ProgramData\CyberLink
[20/06/2008|13:19] C:\ProgramData\Dell
[20/06/2008|13:44] C:\ProgramData\Documents
[18/07/2008|18:58] C:\ProgramData\eMule
[22/06/2008|20:27] C:\ProgramData\EyePowerGames
[20/06/2008|13:44] C:\ProgramData\Favoris
[13/06/2008|10:51] C:\ProgramData\Google
[13/06/2008|10:58] C:\ProgramData\InstallShield
[13/06/2008|10:42] C:\ProgramData\Intel
[26/07/2008|15:06] C:\ProgramData\Kaspersky Lab
[20/06/2008|13:25] C:\ProgramData\Kaspersky Lab Setup Files
[20/06/2008|17:54] C:\ProgramData\McAfee
[03/07/2008|01:35] C:\ProgramData\MediaDirect
[20/06/2008|13:44] C:\ProgramData\Menu D‚marrer
[02/07/2008|23:12] C:\ProgramData\Messenger Plus!
[20/06/2008|21:58] C:\ProgramData\Microsoft
[26/07/2008|00:37] C:\ProgramData\Microsoft Help
[20/06/2008|13:44] C:\ProgramData\ModŠles
[13/06/2008|11:10] C:\ProgramData\Roxio
[22/06/2008|19:08] C:\ProgramData\ScanSoft
[13/06/2008|11:01] C:\ProgramData\Sonic
[22/07/2008|13:31] C:\ProgramData\Spybot - Search & Destroy
[13/06/2008|10:53] C:\ProgramData\SupportSoft
[13/06/2008|11:02] C:\ProgramData\Uninstall
[20/06/2008|17:58] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[02/07/2008|23:38] C:\Program Files\Adobe
[02/07/2008|13:42] C:\Program Files\Apple Software Update
[20/06/2008|20:59] C:\Program Files\Bonjour
[13/06/2008|10:44] C:\Program Files\Broadcom
[13/06/2008|11:04] C:\Program Files\Citrix
[02/07/2008|23:38] C:\Program Files\Common Files
[13/06/2008|10:27] C:\Program Files\CONEXANT
[13/06/2008|10:43] C:\Program Files\Creative
[13/06/2008|10:41] C:\Program Files\Creative Installation Information
[13/06/2008|10:43] C:\Program Files\Creative Live! Cam
[13/06/2008|10:54] C:\Program Files\CyberLink
[26/07/2008|13:13] C:\Program Files\Dell
[13/06/2008|10:53] C:\Program Files\Dell Support Center
[13/06/2008|18:21] C:\Program Files\DellTPad
[03/07/2008|17:05] C:\Program Files\desktop.ini
[13/06/2008|10:40] C:\Program Files\Digital Line Detect
[18/07/2008|18:40] C:\Program Files\eMule
[20/06/2008|13:44] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/06/2008|13:30] C:\Program Files\Google
[07/07/2008|22:19] C:\Program Files\Google Video
[13/06/2008|10:55] C:\Program Files\InstallShield Installation Information
[13/06/2008|10:49] C:\Program Files\Intel
[13/06/2008|10:42] C:\Program Files\Intel, Inc
[03/07/2008|16:58] C:\Program Files\Internet Explorer
[15/07/2008|12:11] C:\Program Files\iPod
[15/07/2008|12:11] C:\Program Files\iTunes
[13/06/2008|10:38] C:\Program Files\Java
[20/06/2008|13:26] C:\Program Files\Kaspersky Lab
[21/07/2008|14:36] C:\Program Files\LimeWire
[20/06/2008|18:17] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[20/06/2008|21:59] C:\Program Files\Microsoft Office
[20/06/2008|21:59] C:\Program Files\Microsoft Visual Studio
[20/06/2008|21:54] C:\Program Files\Microsoft Visual Studio 8
[20/06/2008|22:00] C:\Program Files\Microsoft Works
[20/06/2008|21:58] C:\Program Files\Microsoft.NET
[13/06/2008|10:39] C:\Program Files\Modem Diagnostic Tool
[03/07/2008|16:58] C:\Program Files\Movie Maker
[20/06/2008|21:59] C:\Program Files\MSBuild
[20/06/2008|18:24] C:\Program Files\MSXML 4.0
[24/07/2008|01:47] C:\Program Files\Navilog1
[13/06/2008|10:39] C:\Program Files\NetWaiting
[20/06/2008|20:59] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/06/2008|11:02] C:\Program Files\Roxio
[22/06/2008|19:08] C:\Program Files\ScanSoft
[13/06/2008|10:27] C:\Program Files\Sigmatel
[22/07/2008|20:38] C:\Program Files\Spybot - Search & Destroy
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[03/07/2008|14:59] C:\Program Files\VideoLAN
[13/06/2008|10:49] C:\Program Files\WIDCOMM
[03/07/2008|16:58] C:\Program Files\Windows Calendar
[03/07/2008|16:58] C:\Program Files\Windows Collaboration
[03/07/2008|16:58] C:\Program Files\Windows Defender
[03/07/2008|16:58] C:\Program Files\Windows Journal
[20/06/2008|18:09] C:\Program Files\Windows Live
[10/07/2008|10:30] C:\Program Files\Windows Mail
[03/07/2008|16:58] C:\Program Files\Windows Media Player
[20/06/2008|13:44] C:\Program Files\Windows NT
[03/07/2008|16:58] C:\Program Files\Windows Photo Gallery
[03/07/2008|16:58] C:\Program Files\Windows Sidebar
[22/06/2008|17:11] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[02/07/2008|23:38] C:\Program Files\Common Files\Adobe
[20/06/2008|20:57] C:\Program Files\Common Files\Apple
[13/06/2008|10:41] C:\Program Files\Common Files\Creative
[13/06/2008|10:40] C:\Program Files\Common Files\Creative Labs Shared
[20/06/2008|21:59] C:\Program Files\Common Files\DESIGNER
[22/06/2008|19:07] C:\Program Files\Common Files\InstallShield
[13/06/2008|10:38] C:\Program Files\Common Files\Java
[03/07/2008|14:57] C:\Program Files\Common Files\microsoft shared
[13/06/2008|11:01] C:\Program Files\Common Files\PX Storage Engine
[13/06/2008|10:43] C:\Program Files\Common Files\Reallusion
[13/06/2008|11:01] C:\Program Files\Common Files\Roxio Shared
[22/06/2008|19:08] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[13/06/2008|11:02] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/06/2008|10:52] C:\Program Files\Common Files\supportsoft
[13/06/2008|11:00] C:\Program Files\Common Files\SureThing Shared
[03/07/2008|16:58] C:\Program Files\Common Files\System
[20/06/2008|18:08] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 83 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-26 15:08:43
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 747

--------------------\\ Recherche d'autres infections

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"aakgyue"="c:\\users\\elo\\appdata\\local\\aakgyue.exe aakgyue"

C:\Users\Elo\AppData\Local\aakgyue.dat
C:\Users\Elo\AppData\Local\aakgyue.exe
C:\Users\Elo\AppData\Local\aakgyue_nav.dat
C:\Users\Elo\AppData\Local\aakgyue_navps.dat
C:\Windows\Prefetch\AAKGYUE.EXE-CAFC6B27.pf
[b]==> EGDACCESS <==/b

[F:174][D:14]-> C:\Users\Elo\AppData\Local\Temp
[F:112][D:1]-> C:\Users\Elo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:72][D:8]-> C:\Users\Elo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 15:11:20,53
[ UAC => 1 ]
0
Réponse 6 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Ok pour l'option 2 avec rapport sur le forum ;)
0
Réponse 7 / 46
Elo1196
 
voili voilou le 2e rapport:

--------------------\\ Lop S&D 4.2.2-4 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Elo ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 26/07/2008 | 15:18:19,06 ] [ PC : PC-DE-ELO ]
[ MAJ : 25-07-2008 | 17:45 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[26/07/2008|15:18] C:\Users\Elo\AppData\Local\aakgyue.dat
[24/07/2008|23:38] C:\Users\Elo\AppData\Local\aakgyue.exe
[24/07/2008|23:38] C:\Users\Elo\AppData\Local\aakgyue_nav.dat
[26/07/2008|15:18] C:\Users\Elo\AppData\Local\aakgyue_navps.dat
[20/06/2008|13:05] C:\Users\Elo\AppData\Local\Adobe
[20/06/2008|20:58] C:\Users\Elo\AppData\Local\Apple
[21/07/2008|12:31] C:\Users\Elo\AppData\Local\Apple Computer
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Application Data
[20/06/2008|21:29] C:\Users\Elo\AppData\Local\Ares
[18/07/2008|19:09] C:\Users\Elo\AppData\Local\d3d9caps.dat
[24/07/2008|01:33] C:\Users\Elo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[18/07/2008|18:40] C:\Users\Elo\AppData\Local\eMule
[20/06/2008|22:38] C:\Users\Elo\AppData\Local\GDIPFONTCACHEV1.DAT
[20/06/2008|12:59] C:\Users\Elo\AppData\Local\Google
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Historique
[26/07/2008|15:16] C:\Users\Elo\AppData\Local\IconCache.db
[03/07/2008|13:50] C:\Users\Elo\AppData\Local\MediaDirect
[22/07/2008|21:53] C:\Users\Elo\AppData\Local\Microsoft
[20/07/2008|14:24] C:\Users\Elo\AppData\Local\Microsoft Games
[20/06/2008|21:52] C:\Users\Elo\AppData\Local\Microsoft Help
[26/07/2008|15:18] C:\Users\Elo\AppData\Local\nooww.bat
[20/06/2008|13:17] C:\Users\Elo\AppData\Local\SupportSoft
[26/07/2008|15:18] C:\Users\Elo\AppData\Local\Temp
[20/06/2008|13:46] C:\Users\Elo\AppData\Local\Temporary Internet Files
[20/06/2008|13:05] C:\Users\Elo\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[26/07/2008 15:17][--ah-----] C:\Windows\tasks\SA.DAT
[26/07/2008 15:16][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/07/2008|23:38] C:\ProgramData\Adobe
[20/06/2008|20:57] C:\ProgramData\Apple
[20/06/2008|21:00] C:\ProgramData\Apple Computer
[20/06/2008|13:44] C:\ProgramData\Application Data
[22/06/2008|18:54] C:\ProgramData\Brother
[20/06/2008|13:44] C:\ProgramData\Bureau
[20/06/2008|18:25] C:\ProgramData\Creative
[13/06/2008|10:40] C:\ProgramData\Creative Labs
[03/07/2008|01:35] C:\ProgramData\CyberLink
[20/06/2008|13:19] C:\ProgramData\Dell
[20/06/2008|13:44] C:\ProgramData\Documents
[18/07/2008|18:58] C:\ProgramData\eMule
[22/06/2008|20:27] C:\ProgramData\EyePowerGames
[20/06/2008|13:44] C:\ProgramData\Favoris
[13/06/2008|10:51] C:\ProgramData\Google
[13/06/2008|10:58] C:\ProgramData\InstallShield
[13/06/2008|10:42] C:\ProgramData\Intel
[26/07/2008|15:18] C:\ProgramData\Kaspersky Lab
[20/06/2008|13:25] C:\ProgramData\Kaspersky Lab Setup Files
[20/06/2008|17:54] C:\ProgramData\McAfee
[03/07/2008|01:35] C:\ProgramData\MediaDirect
[20/06/2008|13:44] C:\ProgramData\Menu D‚marrer
[02/07/2008|23:12] C:\ProgramData\Messenger Plus!
[20/06/2008|21:58] C:\ProgramData\Microsoft
[26/07/2008|00:37] C:\ProgramData\Microsoft Help
[20/06/2008|13:44] C:\ProgramData\ModŠles
[13/06/2008|11:10] C:\ProgramData\Roxio
[22/06/2008|19:08] C:\ProgramData\ScanSoft
[13/06/2008|11:01] C:\ProgramData\Sonic
[22/07/2008|13:31] C:\ProgramData\Spybot - Search & Destroy
[13/06/2008|10:53] C:\ProgramData\SupportSoft
[13/06/2008|11:02] C:\ProgramData\Uninstall
[20/06/2008|17:58] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[02/07/2008|23:38] C:\Program Files\Adobe
[02/07/2008|13:42] C:\Program Files\Apple Software Update
[20/06/2008|20:59] C:\Program Files\Bonjour
[13/06/2008|10:44] C:\Program Files\Broadcom
[13/06/2008|11:04] C:\Program Files\Citrix
[02/07/2008|23:38] C:\Program Files\Common Files
[13/06/2008|10:27] C:\Program Files\CONEXANT
[13/06/2008|10:43] C:\Program Files\Creative
[13/06/2008|10:41] C:\Program Files\Creative Installation Information
[13/06/2008|10:43] C:\Program Files\Creative Live! Cam
[13/06/2008|10:54] C:\Program Files\CyberLink
[26/07/2008|13:13] C:\Program Files\Dell
[13/06/2008|10:53] C:\Program Files\Dell Support Center
[13/06/2008|18:21] C:\Program Files\DellTPad
[03/07/2008|17:05] C:\Program Files\desktop.ini
[13/06/2008|10:40] C:\Program Files\Digital Line Detect
[18/07/2008|18:40] C:\Program Files\eMule
[20/06/2008|13:44] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[20/06/2008|13:30] C:\Program Files\Google
[07/07/2008|22:19] C:\Program Files\Google Video
[13/06/2008|10:55] C:\Program Files\InstallShield Installation Information
[13/06/2008|10:49] C:\Program Files\Intel
[13/06/2008|10:42] C:\Program Files\Intel, Inc
[03/07/2008|16:58] C:\Program Files\Internet Explorer
[15/07/2008|12:11] C:\Program Files\iPod
[15/07/2008|12:11] C:\Program Files\iTunes
[13/06/2008|10:38] C:\Program Files\Java
[20/06/2008|13:26] C:\Program Files\Kaspersky Lab
[21/07/2008|14:36] C:\Program Files\LimeWire
[20/06/2008|18:17] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[20/06/2008|21:59] C:\Program Files\Microsoft Office
[20/06/2008|21:59] C:\Program Files\Microsoft Visual Studio
[20/06/2008|21:54] C:\Program Files\Microsoft Visual Studio 8
[20/06/2008|22:00] C:\Program Files\Microsoft Works
[20/06/2008|21:58] C:\Program Files\Microsoft.NET
[13/06/2008|10:39] C:\Program Files\Modem Diagnostic Tool
[03/07/2008|16:58] C:\Program Files\Movie Maker
[20/06/2008|21:59] C:\Program Files\MSBuild
[20/06/2008|18:24] C:\Program Files\MSXML 4.0
[24/07/2008|01:47] C:\Program Files\Navilog1
[13/06/2008|10:39] C:\Program Files\NetWaiting
[20/06/2008|20:59] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[13/06/2008|11:02] C:\Program Files\Roxio
[22/06/2008|19:08] C:\Program Files\ScanSoft
[13/06/2008|10:27] C:\Program Files\Sigmatel
[22/07/2008|20:38] C:\Program Files\Spybot - Search & Destroy
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[03/07/2008|14:59] C:\Program Files\VideoLAN
[13/06/2008|10:49] C:\Program Files\WIDCOMM
[03/07/2008|16:58] C:\Program Files\Windows Calendar
[03/07/2008|16:58] C:\Program Files\Windows Collaboration
[03/07/2008|16:58] C:\Program Files\Windows Defender
[03/07/2008|16:58] C:\Program Files\Windows Journal
[20/06/2008|18:09] C:\Program Files\Windows Live
[10/07/2008|10:30] C:\Program Files\Windows Mail
[03/07/2008|16:58] C:\Program Files\Windows Media Player
[20/06/2008|13:44] C:\Program Files\Windows NT
[03/07/2008|16:58] C:\Program Files\Windows Photo Gallery
[03/07/2008|16:58] C:\Program Files\Windows Sidebar
[22/06/2008|17:11] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[02/07/2008|23:38] C:\Program Files\Common Files\Adobe
[20/06/2008|20:57] C:\Program Files\Common Files\Apple
[13/06/2008|10:41] C:\Program Files\Common Files\Creative
[13/06/2008|10:40] C:\Program Files\Common Files\Creative Labs Shared
[20/06/2008|21:59] C:\Program Files\Common Files\DESIGNER
[22/06/2008|19:07] C:\Program Files\Common Files\InstallShield
[13/06/2008|10:38] C:\Program Files\Common Files\Java
[03/07/2008|14:57] C:\Program Files\Common Files\microsoft shared
[13/06/2008|11:01] C:\Program Files\Common Files\PX Storage Engine
[13/06/2008|10:43] C:\Program Files\Common Files\Reallusion
[13/06/2008|11:01] C:\Program Files\Common Files\Roxio Shared
[22/06/2008|19:08] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[13/06/2008|11:02] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[13/06/2008|10:52] C:\Program Files\Common Files\supportsoft
[13/06/2008|11:00] C:\Program Files\Common Files\SureThing Shared
[03/07/2008|16:58] C:\Program Files\Common Files\System
[20/06/2008|18:08] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 80 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-26 15:19:14
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 747

--------------------\\ Recherche d'autres infections

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"aakgyue"="c:\\users\\elo\\appdata\\local\\aakgyue.exe aakgyue"

C:\Users\Elo\AppData\Local\aakgyue.dat
C:\Users\Elo\AppData\Local\aakgyue.exe
C:\Users\Elo\AppData\Local\aakgyue_nav.dat
C:\Users\Elo\AppData\Local\aakgyue_navps.dat
C:\Windows\Prefetch\AAKGYUE.EXE-CAFC6B27.pf
[b]==> EGDACCESS <==/b

[F:177][D:14]-> C:\Users\Elo\AppData\Local\Temp
[F:122][D:1]-> C:\Users\Elo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:268][D:8]-> C:\Users\Elo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 15:21:34,20
[ UAC => 1 ]
0
Réponse 8 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Quand as tu utilisé navilog ?

Télécharges hijackthis : http://www.trendsecure.com/portal/en-US/_download/HiJackThis.zip

et voici un gif pour bien l'installer : http://pageperso.aol.fr/balltrap34/Hijenr.gif

- une fois installé, le renommer HJT.exe pour contrer une éventuelle infection vundo
- Double-clic dessus
- Clic sur "Do a system scan and save the log"
- Copies le rapport, le coller dans la réponse
0
Réponse 9 / 46
Elo1196
 
g utliser navilog en debut de semaine je crois
0
Réponse 10 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Si tu ne l'a pas télécharge aussi Spybot : https://www.safer-networking.org/download/
tuto : http://www.forum.keroinsite.com/tuto-info/tutoriel-configurer-utiliser-aware-spybot-t64.html#75

Et lance un scan et n'oublie pas de vacciner
0
Réponse 11 / 46
Elo1196
 
voici le rapport de hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:28, on 26/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Elo\AppData\Local\aakgyue.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Elo\Desktop\HiJackThis\HJT.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [aakgyue] c:\users\elo\appdata\local\aakgyue.exe aakgyue
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Elo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O13 - Gopher Prefix:
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD293B96-2A53-4E49-8CBC-97B1A3DF7480}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: 0160301213961861mcinstcleanup - - (no file)
O23 - Service: 0182541213962542mcinstcleanup - - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: SessionLauncher - Unknown owner - C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 12 / 46
Elo1196
 
voilà gfais un scan avec spybot et g tt vacciner :D

étape suivante? lol
0
Réponse 13 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Spybot a trouvé quelque chose ?
0
Réponse 14 / 46
Elo1196
 
ben des ptits trucs....comme il trouve habituellement koi!!!
0
buginformatik Messages postés 2210 Statut Contributeur 54
 
Tu l'avais déjà ?
0
Réponse 15 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
Tu vas télécharger la dernière version de Malwarebytes anti malware 1.23 : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

Voici un tuto pour bien l'installer et l'utiliser : http://www.infos-du-net.com/forum/278396-11-tuto-malwarebytes-anti-malware-mbam
(N'utilises pas File assassin)

! Il est Important d'être en mode sans échec lors de la recherche ! (Redémarrer l'ordi et tapoter à plusieurs reprises la touche F8 après le bip du PC)

N'oublie pas de supprimer les menaces à la fin du scan et de poster le log sur le forum !
Merci

Il faut fnir la désinfection aujourd'hui !
0
Réponse 16 / 46
Elo1196
 
ouais spybot je lavais deja...c grace a lui que javais trouver messengerskinner

Bon jv faire tt de suite ce que tu mas dis de faire, et je post tt a la fin ;)
0
Réponse 17 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
n'oublie pas d'être en mode sans échec... Ca arrive une fois sur 2
:D
0
Réponse 18 / 46
Elo1196
 
donc j'installe le logiciel et ensuite je me mets en mode sans echec, ou je me mets en mode sans echec avant de linstaller? *blonde* *nan c pas vrai lol*
0
Réponse 19 / 46
buginformatik Messages postés 2210 Statut Contributeur 54
 
J'ai rien contre les blondes moi ;)

Alors tu installes, tu mets à jour, puis tu te met en mode sans échec pour faire un scan
0
Réponse 20 / 46
Elo1196
 
oki ça roule....c partis ;) merci
0

Discussions similaires

Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
comment desactiver un bloqueur de pub
amour10 -
MPMP10 -

4 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses
Problème promotion Instagram
Seeysoon -
Ben -

22 réponses
retrouver les factures des posts sponsorisés
Carotte -
MathildeSpprn -

12 réponses