Cid: analyse d'un rapport lop S&D
bigropier58
-
E..T Messages postés 6565 Statut Contributeur -
E..T Messages postés 6565 Statut Contributeur -
Bonjour,
Bonjour, j'ai un problème de pubs "CID" je ne sais pas comment m'en débarrasser; on m'a conseillé de télécharger lop S&D et de laisser le rapport a un amateur éclairer. merci d'avance!!
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : pierrot ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 16/08/2008 | 17:46:48 ] [ PC : JEAN-PIÔTRE (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[07/02/2008|15:06] C:\Users\pierrot\AppData\Local\Adobe
[05/02/2008|14:25] C:\Users\pierrot\AppData\Local\AOL
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Application Data
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\AtStart.txt
[12/08/2008|20:40] C:\Users\pierrot\AppData\Local\d3d9caps.dat
[01/08/2008|20:26] C:\Users\pierrot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/01/2008|12:49] C:\Users\pierrot\AppData\Local\Downloaded Installations
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\DSwitch.txt
[17/02/2008|19:54] C:\Users\pierrot\AppData\Local\eMule
[05/08/2008|23:37] C:\Users\pierrot\AppData\Local\GDIPFONTCACHEV1.DAT
[15/02/2008|18:40] C:\Users\pierrot\AppData\Local\Google
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\Hewlett-Packard
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Historique
[16/08/2008|02:45] C:\Users\pierrot\AppData\Local\IconCache.db
[13/08/2008|19:01] C:\Users\pierrot\AppData\Local\Microsoft
[30/06/2008|23:00] C:\Users\pierrot\AppData\Local\Microsoft Games
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\QSwitch.txt
[06/02/2008|21:15] C:\Users\pierrot\AppData\Local\QuickPlay
[16/08/2008|17:46] C:\Users\pierrot\AppData\Local\Temp
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Temporary Internet Files
[04/04/2008|13:29] C:\Users\pierrot\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/06/2008 01:13][--a------] C:\Windows\tasks\McDefragTask.job
[01/08/2008 01:13][--a------] C:\Windows\tasks\McQcTask.job
[16/08/2008 14:52][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B9000B84-E70B-495E-BB8D-59100D7F5D7C}.job
[07/02/2008 14:47][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[16/08/2008 14:48][--ah-----] C:\Windows\tasks\SA.DAT
[16/08/2008 02:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/10/2007|01:00] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[15/08/2008|19:41] C:\ProgramData\AboutManagerManager.1wn5rjv
[30/07/2008|12:51] C:\ProgramData\AboutManagerManager.9c644du
[15/08/2008|19:41] C:\ProgramData\AboutManagerManager.g7v6w0
[06/07/2008|01:03] C:\ProgramData\AboutManagerManager.j1goh
[07/05/2008|12:56] C:\ProgramData\AboutManagerManager.jmq60p
[07/06/2008|19:47] C:\ProgramData\AboutManagerManager.lezmc
[19/03/2008|20:56] C:\ProgramData\AboutManagerManager.ptgoi
[07/02/2008|15:20] C:\ProgramData\Adobe
[26/01/2008|12:39] C:\ProgramData\Application Data
[06/12/2007|23:01] C:\ProgramData\Atheros
[26/01/2008|12:39] C:\ProgramData\Bureau
[08/02/2008|14:28] C:\ProgramData\CyberLink
[26/01/2008|12:39] C:\ProgramData\Documents
[26/01/2008|12:50] C:\ProgramData\Electronic Arts
[17/02/2008|19:54] C:\ProgramData\eMule
[26/01/2008|12:39] C:\ProgramData\Favoris
[15/08/2008|19:42] C:\ProgramData\Flagpile
[31/05/2008|02:54] C:\ProgramData\Google
[26/01/2008|12:57] C:\ProgramData\Hewlett-Packard
[26/01/2008|16:50] C:\ProgramData\HP
[06/07/2008|21:51] C:\ProgramData\Lavasoft
[08/05/2008|17:41] C:\ProgramData\LDM
[15/08/2008|19:42] C:\ProgramData\list dvd link.9y9hj
[06/02/2008|21:02] C:\ProgramData\LuUninstall.LiveUpdate
[30/05/2008|19:45] C:\ProgramData\McAfee
[26/01/2008|12:39] C:\ProgramData\Menu D‚marrer
[01/08/2008|19:05] C:\ProgramData\Microsoft
[16/08/2008|14:55] C:\ProgramData\Microsoft Help
[26/01/2008|12:39] C:\ProgramData\ModŠles
[25/10/2007|00:46] C:\ProgramData\muvee Technologies
[26/01/2008|12:57] C:\ProgramData\NVIDIA
[30/05/2008|19:44] C:\ProgramData\SiteAdvisor
[01/08/2008|19:43] C:\ProgramData\Spybot - Search & Destroy
[30/07/2008|12:11] C:\ProgramData\SUPERAntiSpyware.com
[06/02/2008|21:10] C:\ProgramData\Symantec
[08/05/2008|17:07] C:\ProgramData\Ten Thumbs Typing Tutor
[15/08/2008|19:42] C:\ProgramData\Time Dead Warn Default
[25/10/2007|00:23] C:\ProgramData\Viewpoint
[06/12/2007|23:16] C:\ProgramData\WildTangent
[16/02/2008|21:50] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/10/2007|01:00] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/10/2007|00:23] C:\Program Files\AIM6
[26/01/2008|12:52] C:\Program Files\AOL
[06/12/2007|23:01] C:\Program Files\Atheros
[30/07/2008|12:53] C:\Program Files\Common Files
[06/12/2007|23:01] C:\Program Files\CONEXANT
[06/12/2007|23:12] C:\Program Files\CyberLink
[10/07/2008|10:24] C:\Program Files\desktop.ini
[19/02/2008|17:58] C:\Program Files\Electronic Arts
[26/01/2008|12:39] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[15/08/2008|19:41] C:\Program Files\Flagpile
[27/06/2008|12:11] C:\Program Files\Foxit Software
[31/05/2008|13:52] C:\Program Files\Google
[06/12/2007|23:07] C:\Program Files\Hewlett-Packard
[06/12/2007|23:05] C:\Program Files\Hp
[06/12/2007|23:16] C:\Program Files\HP Games
[06/12/2007|23:07] C:\Program Files\HPQ
[30/07/2008|17:03] C:\Program Files\InstallShield Installation Information
[15/08/2008|18:46] C:\Program Files\Internet Explorer
[18/06/2008|14:57] C:\Program Files\Inventel
[15/08/2008|18:27] C:\Program Files\Java
[11/06/2008|12:23] C:\Program Files\LimeWire
[15/08/2008|01:51] C:\Program Files\McAfee
[30/05/2008|19:41] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/10/2007|00:59] C:\Program Files\Microsoft Office
[07/02/2008|14:47] C:\Program Files\Microsoft SQL Server Compact Edition
[25/10/2007|00:59] C:\Program Files\Microsoft Works
[25/10/2007|00:59] C:\Program Files\Microsoft.NET
[25/10/2007|08:57] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[27/06/2008|12:43] C:\Program Files\MSN Spy 2004
[07/02/2008|14:03] C:\Program Files\MSXML 4.0
[13/08/2008|19:01] C:\Program Files\Navilog1
[06/12/2007|23:00] C:\Program Files\NetWaiting
[27/06/2008|12:42] C:\Program Files\NoPub
[24/06/2008|11:02] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[06/02/2008|21:30] C:\Program Files\Satsuki Decoder Pack
[18/06/2008|14:57] C:\Program Files\Securitoo
[06/12/2007|23:16] C:\Program Files\Services en ligne
[06/06/2008|10:49] C:\Program Files\SiteAdvisor
[01/08/2008|19:22] C:\Program Files\Spybot - Search & Destroy
[15/08/2008|18:28] C:\Program Files\Sun
[30/07/2008|12:10] C:\Program Files\SUPERAntiSpyware
[06/12/2007|22:58] C:\Program Files\Synaptics
[08/05/2008|17:41] C:\Program Files\Tap'Touche 5.5
[10/07/2008|13:56] C:\Program Files\Trend Micro
[01/08/2008|19:05] C:\Program Files\Uniblue
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/07/2008|13:05] C:\Program Files\UseNeXT
[07/07/2008|13:56] C:\Program Files\uTorrent
[12/03/2008|17:41] C:\Program Files\VideoLAN
[25/10/2007|00:23] C:\Program Files\Viewpoint
[15/05/2008|17:40] C:\Program Files\WinamaxPoker
[25/10/2007|00:17] C:\Program Files\Windows Calendar
[25/10/2007|08:57] C:\Program Files\Windows Collaboration
[25/10/2007|00:16] C:\Program Files\Windows Defender
[25/10/2007|08:57] C:\Program Files\Windows Journal
[01/03/2008|10:43] C:\Program Files\Windows Live
[07/02/2008|14:47] C:\Program Files\Windows Live Favorites
[07/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[15/08/2008|18:46] C:\Program Files\Windows Mail
[07/02/2008|14:12] C:\Program Files\Windows Media Player
[26/01/2008|12:39] C:\Program Files\Windows NT
[25/10/2007|08:57] C:\Program Files\Windows Photo Gallery
[07/02/2008|14:12] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[07/02/2008|15:20] C:\Program Files\Common Files\Adobe
[25/10/2007|00:23] C:\Program Files\Common Files\AOL
[25/10/2007|00:59] C:\Program Files\Common Files\DESIGNER
[25/10/2007|01:13] C:\Program Files\Common Files\InstallShield
[25/10/2007|01:25] C:\Program Files\Common Files\Java
[07/03/2008|17:48] C:\Program Files\Common Files\logishrd
[30/05/2008|19:42] C:\Program Files\Common Files\McAfee
[07/02/2008|14:46] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/02/2008|21:12] C:\Program Files\Common Files\Symantec Shared
[25/10/2007|00:16] C:\Program Files\Common Files\System
[07/02/2008|14:45] C:\Program Files\Common Files\WindowsLiveInstaller
[30/07/2008|13:00] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 78 Processus )
iexplore.exe ~ [PID:1848] ~ [Threads:6]
iexplore.exe ~ [PID:4048] ~ [Threads:16]
iexplore.exe ~ [PID:5656] ~ [Threads:39]
iexplore.exe ~ [PID:5200] ~ [Threads:38]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\AboutManagerManager.j1goh
C:\ProgramData\AboutManagerManager.lezmc
C:\ProgramData\AboutManagerManager.ptgoi
C:\ProgramData\list dvd link.9y9hj
C:\ProgramData\AboutManagerManager.g7v6w0
C:\ProgramData\AboutManagerManager.jmq60p
C:\ProgramData\AboutManagerManager.1wn5rjv
C:\ProgramData\AboutManagerManager.9c644du
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@advertising[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@adopt.euroclick[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@pacificpoker[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@partypoker[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[3].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@2xmoinscher[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flapup"="\"C:\\ProgramData\\AboutManagerManager.6v2lg\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flapup"="\"C:\\ProgramData\\AboutManagerManager.g7v6w0\""
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 17:47:01
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:286][D:13]-> C:\Users\pierrot\AppData\Local\Temp
[F:942][D:1]-> C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies
[F:4690][D:15]-> C:\Users\pierrot\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:116][D:8]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 17:49:30,21
[ UAC => 1 ]
Bonjour, j'ai un problème de pubs "CID" je ne sais pas comment m'en débarrasser; on m'a conseillé de télécharger lop S&D et de laisser le rapport a un amateur éclairer. merci d'avance!!
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : pierrot ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 16/08/2008 | 17:46:48 ] [ PC : JEAN-PIÔTRE (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[07/02/2008|15:06] C:\Users\pierrot\AppData\Local\Adobe
[05/02/2008|14:25] C:\Users\pierrot\AppData\Local\AOL
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Application Data
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\AtStart.txt
[12/08/2008|20:40] C:\Users\pierrot\AppData\Local\d3d9caps.dat
[01/08/2008|20:26] C:\Users\pierrot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/01/2008|12:49] C:\Users\pierrot\AppData\Local\Downloaded Installations
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\DSwitch.txt
[17/02/2008|19:54] C:\Users\pierrot\AppData\Local\eMule
[05/08/2008|23:37] C:\Users\pierrot\AppData\Local\GDIPFONTCACHEV1.DAT
[15/02/2008|18:40] C:\Users\pierrot\AppData\Local\Google
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\Hewlett-Packard
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Historique
[16/08/2008|02:45] C:\Users\pierrot\AppData\Local\IconCache.db
[13/08/2008|19:01] C:\Users\pierrot\AppData\Local\Microsoft
[30/06/2008|23:00] C:\Users\pierrot\AppData\Local\Microsoft Games
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\QSwitch.txt
[06/02/2008|21:15] C:\Users\pierrot\AppData\Local\QuickPlay
[16/08/2008|17:46] C:\Users\pierrot\AppData\Local\Temp
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Temporary Internet Files
[04/04/2008|13:29] C:\Users\pierrot\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/06/2008 01:13][--a------] C:\Windows\tasks\McDefragTask.job
[01/08/2008 01:13][--a------] C:\Windows\tasks\McQcTask.job
[16/08/2008 14:52][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B9000B84-E70B-495E-BB8D-59100D7F5D7C}.job
[07/02/2008 14:47][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[16/08/2008 14:48][--ah-----] C:\Windows\tasks\SA.DAT
[16/08/2008 02:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/10/2007|01:00] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[15/08/2008|19:41] C:\ProgramData\AboutManagerManager.1wn5rjv
[30/07/2008|12:51] C:\ProgramData\AboutManagerManager.9c644du
[15/08/2008|19:41] C:\ProgramData\AboutManagerManager.g7v6w0
[06/07/2008|01:03] C:\ProgramData\AboutManagerManager.j1goh
[07/05/2008|12:56] C:\ProgramData\AboutManagerManager.jmq60p
[07/06/2008|19:47] C:\ProgramData\AboutManagerManager.lezmc
[19/03/2008|20:56] C:\ProgramData\AboutManagerManager.ptgoi
[07/02/2008|15:20] C:\ProgramData\Adobe
[26/01/2008|12:39] C:\ProgramData\Application Data
[06/12/2007|23:01] C:\ProgramData\Atheros
[26/01/2008|12:39] C:\ProgramData\Bureau
[08/02/2008|14:28] C:\ProgramData\CyberLink
[26/01/2008|12:39] C:\ProgramData\Documents
[26/01/2008|12:50] C:\ProgramData\Electronic Arts
[17/02/2008|19:54] C:\ProgramData\eMule
[26/01/2008|12:39] C:\ProgramData\Favoris
[15/08/2008|19:42] C:\ProgramData\Flagpile
[31/05/2008|02:54] C:\ProgramData\Google
[26/01/2008|12:57] C:\ProgramData\Hewlett-Packard
[26/01/2008|16:50] C:\ProgramData\HP
[06/07/2008|21:51] C:\ProgramData\Lavasoft
[08/05/2008|17:41] C:\ProgramData\LDM
[15/08/2008|19:42] C:\ProgramData\list dvd link.9y9hj
[06/02/2008|21:02] C:\ProgramData\LuUninstall.LiveUpdate
[30/05/2008|19:45] C:\ProgramData\McAfee
[26/01/2008|12:39] C:\ProgramData\Menu D‚marrer
[01/08/2008|19:05] C:\ProgramData\Microsoft
[16/08/2008|14:55] C:\ProgramData\Microsoft Help
[26/01/2008|12:39] C:\ProgramData\ModŠles
[25/10/2007|00:46] C:\ProgramData\muvee Technologies
[26/01/2008|12:57] C:\ProgramData\NVIDIA
[30/05/2008|19:44] C:\ProgramData\SiteAdvisor
[01/08/2008|19:43] C:\ProgramData\Spybot - Search & Destroy
[30/07/2008|12:11] C:\ProgramData\SUPERAntiSpyware.com
[06/02/2008|21:10] C:\ProgramData\Symantec
[08/05/2008|17:07] C:\ProgramData\Ten Thumbs Typing Tutor
[15/08/2008|19:42] C:\ProgramData\Time Dead Warn Default
[25/10/2007|00:23] C:\ProgramData\Viewpoint
[06/12/2007|23:16] C:\ProgramData\WildTangent
[16/02/2008|21:50] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/10/2007|01:00] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/10/2007|00:23] C:\Program Files\AIM6
[26/01/2008|12:52] C:\Program Files\AOL
[06/12/2007|23:01] C:\Program Files\Atheros
[30/07/2008|12:53] C:\Program Files\Common Files
[06/12/2007|23:01] C:\Program Files\CONEXANT
[06/12/2007|23:12] C:\Program Files\CyberLink
[10/07/2008|10:24] C:\Program Files\desktop.ini
[19/02/2008|17:58] C:\Program Files\Electronic Arts
[26/01/2008|12:39] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[15/08/2008|19:41] C:\Program Files\Flagpile
[27/06/2008|12:11] C:\Program Files\Foxit Software
[31/05/2008|13:52] C:\Program Files\Google
[06/12/2007|23:07] C:\Program Files\Hewlett-Packard
[06/12/2007|23:05] C:\Program Files\Hp
[06/12/2007|23:16] C:\Program Files\HP Games
[06/12/2007|23:07] C:\Program Files\HPQ
[30/07/2008|17:03] C:\Program Files\InstallShield Installation Information
[15/08/2008|18:46] C:\Program Files\Internet Explorer
[18/06/2008|14:57] C:\Program Files\Inventel
[15/08/2008|18:27] C:\Program Files\Java
[11/06/2008|12:23] C:\Program Files\LimeWire
[15/08/2008|01:51] C:\Program Files\McAfee
[30/05/2008|19:41] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/10/2007|00:59] C:\Program Files\Microsoft Office
[07/02/2008|14:47] C:\Program Files\Microsoft SQL Server Compact Edition
[25/10/2007|00:59] C:\Program Files\Microsoft Works
[25/10/2007|00:59] C:\Program Files\Microsoft.NET
[25/10/2007|08:57] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[27/06/2008|12:43] C:\Program Files\MSN Spy 2004
[07/02/2008|14:03] C:\Program Files\MSXML 4.0
[13/08/2008|19:01] C:\Program Files\Navilog1
[06/12/2007|23:00] C:\Program Files\NetWaiting
[27/06/2008|12:42] C:\Program Files\NoPub
[24/06/2008|11:02] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[06/02/2008|21:30] C:\Program Files\Satsuki Decoder Pack
[18/06/2008|14:57] C:\Program Files\Securitoo
[06/12/2007|23:16] C:\Program Files\Services en ligne
[06/06/2008|10:49] C:\Program Files\SiteAdvisor
[01/08/2008|19:22] C:\Program Files\Spybot - Search & Destroy
[15/08/2008|18:28] C:\Program Files\Sun
[30/07/2008|12:10] C:\Program Files\SUPERAntiSpyware
[06/12/2007|22:58] C:\Program Files\Synaptics
[08/05/2008|17:41] C:\Program Files\Tap'Touche 5.5
[10/07/2008|13:56] C:\Program Files\Trend Micro
[01/08/2008|19:05] C:\Program Files\Uniblue
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/07/2008|13:05] C:\Program Files\UseNeXT
[07/07/2008|13:56] C:\Program Files\uTorrent
[12/03/2008|17:41] C:\Program Files\VideoLAN
[25/10/2007|00:23] C:\Program Files\Viewpoint
[15/05/2008|17:40] C:\Program Files\WinamaxPoker
[25/10/2007|00:17] C:\Program Files\Windows Calendar
[25/10/2007|08:57] C:\Program Files\Windows Collaboration
[25/10/2007|00:16] C:\Program Files\Windows Defender
[25/10/2007|08:57] C:\Program Files\Windows Journal
[01/03/2008|10:43] C:\Program Files\Windows Live
[07/02/2008|14:47] C:\Program Files\Windows Live Favorites
[07/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[15/08/2008|18:46] C:\Program Files\Windows Mail
[07/02/2008|14:12] C:\Program Files\Windows Media Player
[26/01/2008|12:39] C:\Program Files\Windows NT
[25/10/2007|08:57] C:\Program Files\Windows Photo Gallery
[07/02/2008|14:12] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[07/02/2008|15:20] C:\Program Files\Common Files\Adobe
[25/10/2007|00:23] C:\Program Files\Common Files\AOL
[25/10/2007|00:59] C:\Program Files\Common Files\DESIGNER
[25/10/2007|01:13] C:\Program Files\Common Files\InstallShield
[25/10/2007|01:25] C:\Program Files\Common Files\Java
[07/03/2008|17:48] C:\Program Files\Common Files\logishrd
[30/05/2008|19:42] C:\Program Files\Common Files\McAfee
[07/02/2008|14:46] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/02/2008|21:12] C:\Program Files\Common Files\Symantec Shared
[25/10/2007|00:16] C:\Program Files\Common Files\System
[07/02/2008|14:45] C:\Program Files\Common Files\WindowsLiveInstaller
[30/07/2008|13:00] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 78 Processus )
iexplore.exe ~ [PID:1848] ~ [Threads:6]
iexplore.exe ~ [PID:4048] ~ [Threads:16]
iexplore.exe ~ [PID:5656] ~ [Threads:39]
iexplore.exe ~ [PID:5200] ~ [Threads:38]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\AboutManagerManager.j1goh
C:\ProgramData\AboutManagerManager.lezmc
C:\ProgramData\AboutManagerManager.ptgoi
C:\ProgramData\list dvd link.9y9hj
C:\ProgramData\AboutManagerManager.g7v6w0
C:\ProgramData\AboutManagerManager.jmq60p
C:\ProgramData\AboutManagerManager.1wn5rjv
C:\ProgramData\AboutManagerManager.9c644du
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@advertising[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@adopt.euroclick[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@pacificpoker[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@partypoker[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[3].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@2xmoinscher[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flapup"="\"C:\\ProgramData\\AboutManagerManager.6v2lg\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flapup"="\"C:\\ProgramData\\AboutManagerManager.g7v6w0\""
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 17:47:01
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:286][D:13]-> C:\Users\pierrot\AppData\Local\Temp
[F:942][D:1]-> C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies
[F:4690][D:15]-> C:\Users\pierrot\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:116][D:8]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 17:49:30,21
[ UAC => 1 ]
A voir également:
- Cid: analyse d'un rapport lop S&D
- Samy vous donne accès au fichier partagé le cid. que pouvez-vous faire avec ce document en ligne ? ✓ - Forum Réseau
- Avast a détecté JS:Decode-CID[Trj] ✓ - Forum Virus
- Enlever les pub intempestives "CiD" ✓ - Forum Réseaux sociaux
- Speedtest me donne des faux résultats... ✓ - Forum Réseaux sociaux
- Le couplage de donne ✓ - Forum Études / Formation High-Tech
5 réponses
Salut bigropier58, et plm69
bigropier58
Refais la même chose mais la tu choisis le choix 2
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum.
Ensuite fais ceci
Clique sur ce lien
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
pour télécharger le fichier d'installation d'HijackThis.
Enregistre HJTInstall.exe sur ton bureau.
-Une fois installé, le renommer en HJT.exe en fesant un clic droit dessus
On le renomme pour contrer une éventuelle infection de vundo
Double-clique sur HJT.exe pour lancer le programme
Accepte en cliquant sur le bouton "I Accept"
Ensuite clique sur "do a system scan and save a logfile" et postes le rapport obtenu ici.
@++
bigropier58
Refais la même chose mais la tu choisis le choix 2
Laisse travailler le pc
Une fois le nettoyage fini ,une recherche sera relancée et un rapport
s'ouvrira automatiquement dans le Bloc-Notes.
Copies-colles le contenu de ce rapport sur le forum.
Ensuite fais ceci
Clique sur ce lien
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
pour télécharger le fichier d'installation d'HijackThis.
Enregistre HJTInstall.exe sur ton bureau.
-Une fois installé, le renommer en HJT.exe en fesant un clic droit dessus
On le renomme pour contrer une éventuelle infection de vundo
Double-clique sur HJT.exe pour lancer le programme
Accepte en cliquant sur le bouton "I Accept"
Ensuite clique sur "do a system scan and save a logfile" et postes le rapport obtenu ici.
@++
Salut, E..T; je te remerci de te pencher sur mon cas!! j'ai deja fait l'etape deux de lopS&D; je te laisse le blocnote et je m'occupe d'hijack:
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : pierrot ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 18/08/2008 | 10:10:07 ] [ PC : JEAN-PIÔTRE (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Echec ! - C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@adopt.euroclick[2].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@partypoker[1].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[1].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[3].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@2xmoinscher[2].txt
Supprime! - C:\ProgramData\AboutManagerManager.j1goh
Supprime! - C:\ProgramData\AboutManagerManager.lezmc
Supprime! - C:\ProgramData\AboutManagerManager.ptgoi
Supprime! - C:\ProgramData\list dvd link.9y9hj
Supprime! - C:\ProgramData\AboutManagerManager.g7v6w0
Supprime! - C:\ProgramData\AboutManagerManager.jmq60p
Supprime! - C:\ProgramData\AboutManagerManager.1wn5rjv
Supprime! - C:\ProgramData\AboutManagerManager.9c644du
Echec ! - C:\ProgramData\Time Dead Warn Default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Supprime! - C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
Supprime! - C:\ProgramData\Time Dead Warn Default
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\PROGRA~2\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[07/02/2008|15:06] C:\Users\pierrot\AppData\Local\Adobe
[05/02/2008|14:25] C:\Users\pierrot\AppData\Local\AOL
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Application Data
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\AtStart.txt
[18/08/2008|03:18] C:\Users\pierrot\AppData\Local\d3d9caps.dat
[01/08/2008|20:26] C:\Users\pierrot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/01/2008|12:49] C:\Users\pierrot\AppData\Local\Downloaded Installations
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\DSwitch.txt
[17/02/2008|19:54] C:\Users\pierrot\AppData\Local\eMule
[05/08/2008|23:37] C:\Users\pierrot\AppData\Local\GDIPFONTCACHEV1.DAT
[15/02/2008|18:40] C:\Users\pierrot\AppData\Local\Google
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\Hewlett-Packard
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Historique
[18/08/2008|10:07] C:\Users\pierrot\AppData\Local\IconCache.db
[13/08/2008|19:01] C:\Users\pierrot\AppData\Local\Microsoft
[30/06/2008|23:00] C:\Users\pierrot\AppData\Local\Microsoft Games
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\QSwitch.txt
[06/02/2008|21:15] C:\Users\pierrot\AppData\Local\QuickPlay
[18/08/2008|10:10] C:\Users\pierrot\AppData\Local\Temp
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Temporary Internet Files
[04/04/2008|13:29] C:\Users\pierrot\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/06/2008 01:13][--a------] C:\Windows\tasks\McDefragTask.job
[01/08/2008 01:13][--a------] C:\Windows\tasks\McQcTask.job
[17/08/2008 22:33][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B9000B84-E70B-495E-BB8D-59100D7F5D7C}.job
[07/02/2008 14:47][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[18/08/2008 10:08][--ah-----] C:\Windows\tasks\SA.DAT
[18/08/2008 10:07][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/10/2007|01:00] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[07/02/2008|15:20] C:\ProgramData\Adobe
[26/01/2008|12:39] C:\ProgramData\Application Data
[06/12/2007|23:01] C:\ProgramData\Atheros
[26/01/2008|12:39] C:\ProgramData\Bureau
[08/02/2008|14:28] C:\ProgramData\CyberLink
[26/01/2008|12:39] C:\ProgramData\Documents
[26/01/2008|12:50] C:\ProgramData\Electronic Arts
[17/02/2008|19:54] C:\ProgramData\eMule
[26/01/2008|12:39] C:\ProgramData\Favoris
[15/08/2008|19:42] C:\ProgramData\Flagpile
[31/05/2008|02:54] C:\ProgramData\Google
[26/01/2008|12:57] C:\ProgramData\Hewlett-Packard
[26/01/2008|16:50] C:\ProgramData\HP
[06/07/2008|21:51] C:\ProgramData\Lavasoft
[08/05/2008|17:41] C:\ProgramData\LDM
[06/02/2008|21:02] C:\ProgramData\LuUninstall.LiveUpdate
[30/05/2008|19:45] C:\ProgramData\McAfee
[26/01/2008|12:39] C:\ProgramData\Menu D‚marrer
[01/08/2008|19:05] C:\ProgramData\Microsoft
[16/08/2008|14:55] C:\ProgramData\Microsoft Help
[26/01/2008|12:39] C:\ProgramData\ModŠles
[25/10/2007|00:46] C:\ProgramData\muvee Technologies
[26/01/2008|12:57] C:\ProgramData\NVIDIA
[30/05/2008|19:44] C:\ProgramData\SiteAdvisor
[01/08/2008|19:43] C:\ProgramData\Spybot - Search & Destroy
[30/07/2008|12:11] C:\ProgramData\SUPERAntiSpyware.com
[06/02/2008|21:10] C:\ProgramData\Symantec
[08/05/2008|17:07] C:\ProgramData\Ten Thumbs Typing Tutor
[06/12/2007|23:16] C:\ProgramData\WildTangent
[16/02/2008|21:50] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/10/2007|01:00] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/10/2007|00:23] C:\Program Files\AIM6
[26/01/2008|12:52] C:\Program Files\AOL
[06/12/2007|23:01] C:\Program Files\Atheros
[30/07/2008|12:53] C:\Program Files\Common Files
[06/12/2007|23:01] C:\Program Files\CONEXANT
[06/12/2007|23:12] C:\Program Files\CyberLink
[10/07/2008|10:24] C:\Program Files\desktop.ini
[19/02/2008|17:58] C:\Program Files\Electronic Arts
[26/01/2008|12:39] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[15/08/2008|19:41] C:\Program Files\Flagpile
[27/06/2008|12:11] C:\Program Files\Foxit Software
[31/05/2008|13:52] C:\Program Files\Google
[06/12/2007|23:07] C:\Program Files\Hewlett-Packard
[06/12/2007|23:05] C:\Program Files\Hp
[06/12/2007|23:16] C:\Program Files\HP Games
[06/12/2007|23:07] C:\Program Files\HPQ
[30/07/2008|17:03] C:\Program Files\InstallShield Installation Information
[15/08/2008|18:46] C:\Program Files\Internet Explorer
[18/06/2008|14:57] C:\Program Files\Inventel
[15/08/2008|18:27] C:\Program Files\Java
[11/06/2008|12:23] C:\Program Files\LimeWire
[15/08/2008|01:51] C:\Program Files\McAfee
[30/05/2008|19:41] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/10/2007|00:59] C:\Program Files\Microsoft Office
[07/02/2008|14:47] C:\Program Files\Microsoft SQL Server Compact Edition
[25/10/2007|00:59] C:\Program Files\Microsoft Works
[25/10/2007|00:59] C:\Program Files\Microsoft.NET
[25/10/2007|08:57] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[27/06/2008|12:43] C:\Program Files\MSN Spy 2004
[07/02/2008|14:03] C:\Program Files\MSXML 4.0
[13/08/2008|19:01] C:\Program Files\Navilog1
[06/12/2007|23:00] C:\Program Files\NetWaiting
[27/06/2008|12:42] C:\Program Files\NoPub
[24/06/2008|11:02] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[06/02/2008|21:30] C:\Program Files\Satsuki Decoder Pack
[18/06/2008|14:57] C:\Program Files\Securitoo
[06/12/2007|23:16] C:\Program Files\Services en ligne
[06/06/2008|10:49] C:\Program Files\SiteAdvisor
[01/08/2008|19:22] C:\Program Files\Spybot - Search & Destroy
[15/08/2008|18:28] C:\Program Files\Sun
[30/07/2008|12:10] C:\Program Files\SUPERAntiSpyware
[06/12/2007|22:58] C:\Program Files\Synaptics
[08/05/2008|17:41] C:\Program Files\Tap'Touche 5.5
[10/07/2008|13:56] C:\Program Files\Trend Micro
[01/08/2008|19:05] C:\Program Files\Uniblue
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/07/2008|13:05] C:\Program Files\UseNeXT
[07/07/2008|13:56] C:\Program Files\uTorrent
[12/03/2008|17:41] C:\Program Files\VideoLAN
[15/05/2008|17:40] C:\Program Files\WinamaxPoker
[25/10/2007|00:17] C:\Program Files\Windows Calendar
[25/10/2007|08:57] C:\Program Files\Windows Collaboration
[25/10/2007|00:16] C:\Program Files\Windows Defender
[25/10/2007|08:57] C:\Program Files\Windows Journal
[01/03/2008|10:43] C:\Program Files\Windows Live
[07/02/2008|14:47] C:\Program Files\Windows Live Favorites
[07/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[15/08/2008|18:46] C:\Program Files\Windows Mail
[07/02/2008|14:12] C:\Program Files\Windows Media Player
[26/01/2008|12:39] C:\Program Files\Windows NT
[25/10/2007|08:57] C:\Program Files\Windows Photo Gallery
[07/02/2008|14:12] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[07/02/2008|15:20] C:\Program Files\Common Files\Adobe
[25/10/2007|00:23] C:\Program Files\Common Files\AOL
[25/10/2007|00:59] C:\Program Files\Common Files\DESIGNER
[25/10/2007|01:13] C:\Program Files\Common Files\InstallShield
[25/10/2007|01:25] C:\Program Files\Common Files\Java
[07/03/2008|17:48] C:\Program Files\Common Files\logishrd
[30/05/2008|19:42] C:\Program Files\Common Files\McAfee
[07/02/2008|14:46] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/02/2008|21:12] C:\Program Files\Common Files\Symantec Shared
[25/10/2007|00:16] C:\Program Files\Common Files\System
[07/02/2008|14:45] C:\Program Files\Common Files\WindowsLiveInstaller
[30/07/2008|13:00] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 70 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@advertising[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@pacificpoker[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@888[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 10:12:00
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:325][D:13]-> C:\Users\pierrot\AppData\Local\Temp
[F:966][D:1]-> C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies
[F:5159][D:15]-> C:\Users\pierrot\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:116][D:8]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 10:16:48,08
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.2-9 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6000 ]
[ USER : pierrot ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 18/08/2008 | 10:10:07 ] [ PC : JEAN-PIÔTRE (Proc:x86) ]
[ MAJ : 13-08-2008 | 21:02 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Echec ! - C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@adopt.euroclick[2].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@partypoker[1].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[1].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@www.lop[3].txt
Supprime! - C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@2xmoinscher[2].txt
Supprime! - C:\ProgramData\AboutManagerManager.j1goh
Supprime! - C:\ProgramData\AboutManagerManager.lezmc
Supprime! - C:\ProgramData\AboutManagerManager.ptgoi
Supprime! - C:\ProgramData\list dvd link.9y9hj
Supprime! - C:\ProgramData\AboutManagerManager.g7v6w0
Supprime! - C:\ProgramData\AboutManagerManager.jmq60p
Supprime! - C:\ProgramData\AboutManagerManager.1wn5rjv
Supprime! - C:\ProgramData\AboutManagerManager.9c644du
Echec ! - C:\ProgramData\Time Dead Warn Default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE
Supprime! - C:\ProgramData\Time Dead Warn Default\Remote Tool.exe
Supprime! - C:\ProgramData\Time Dead Warn Default
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\PROGRA~2\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[07/02/2008|15:06] C:\Users\pierrot\AppData\Local\Adobe
[05/02/2008|14:25] C:\Users\pierrot\AppData\Local\AOL
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Application Data
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\AtStart.txt
[18/08/2008|03:18] C:\Users\pierrot\AppData\Local\d3d9caps.dat
[01/08/2008|20:26] C:\Users\pierrot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/01/2008|12:49] C:\Users\pierrot\AppData\Local\Downloaded Installations
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\DSwitch.txt
[17/02/2008|19:54] C:\Users\pierrot\AppData\Local\eMule
[05/08/2008|23:37] C:\Users\pierrot\AppData\Local\GDIPFONTCACHEV1.DAT
[15/02/2008|18:40] C:\Users\pierrot\AppData\Local\Google
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\Hewlett-Packard
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Historique
[18/08/2008|10:07] C:\Users\pierrot\AppData\Local\IconCache.db
[13/08/2008|19:01] C:\Users\pierrot\AppData\Local\Microsoft
[30/06/2008|23:00] C:\Users\pierrot\AppData\Local\Microsoft Games
[26/01/2008|12:57] C:\Users\pierrot\AppData\Local\QSwitch.txt
[06/02/2008|21:15] C:\Users\pierrot\AppData\Local\QuickPlay
[18/08/2008|10:10] C:\Users\pierrot\AppData\Local\Temp
[26/01/2008|12:42] C:\Users\pierrot\AppData\Local\Temporary Internet Files
[04/04/2008|13:29] C:\Users\pierrot\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[15/06/2008 01:13][--a------] C:\Windows\tasks\McDefragTask.job
[01/08/2008 01:13][--a------] C:\Windows\tasks\McQcTask.job
[17/08/2008 22:33][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B9000B84-E70B-495E-BB8D-59100D7F5D7C}.job
[07/02/2008 14:47][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[18/08/2008 10:08][--ah-----] C:\Windows\tasks\SA.DAT
[18/08/2008 10:07][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[25/10/2007|01:00] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[07/02/2008|15:20] C:\ProgramData\Adobe
[26/01/2008|12:39] C:\ProgramData\Application Data
[06/12/2007|23:01] C:\ProgramData\Atheros
[26/01/2008|12:39] C:\ProgramData\Bureau
[08/02/2008|14:28] C:\ProgramData\CyberLink
[26/01/2008|12:39] C:\ProgramData\Documents
[26/01/2008|12:50] C:\ProgramData\Electronic Arts
[17/02/2008|19:54] C:\ProgramData\eMule
[26/01/2008|12:39] C:\ProgramData\Favoris
[15/08/2008|19:42] C:\ProgramData\Flagpile
[31/05/2008|02:54] C:\ProgramData\Google
[26/01/2008|12:57] C:\ProgramData\Hewlett-Packard
[26/01/2008|16:50] C:\ProgramData\HP
[06/07/2008|21:51] C:\ProgramData\Lavasoft
[08/05/2008|17:41] C:\ProgramData\LDM
[06/02/2008|21:02] C:\ProgramData\LuUninstall.LiveUpdate
[30/05/2008|19:45] C:\ProgramData\McAfee
[26/01/2008|12:39] C:\ProgramData\Menu D‚marrer
[01/08/2008|19:05] C:\ProgramData\Microsoft
[16/08/2008|14:55] C:\ProgramData\Microsoft Help
[26/01/2008|12:39] C:\ProgramData\ModŠles
[25/10/2007|00:46] C:\ProgramData\muvee Technologies
[26/01/2008|12:57] C:\ProgramData\NVIDIA
[30/05/2008|19:44] C:\ProgramData\SiteAdvisor
[01/08/2008|19:43] C:\ProgramData\Spybot - Search & Destroy
[30/07/2008|12:11] C:\ProgramData\SUPERAntiSpyware.com
[06/02/2008|21:10] C:\ProgramData\Symantec
[08/05/2008|17:07] C:\ProgramData\Ten Thumbs Typing Tutor
[06/12/2007|23:16] C:\ProgramData\WildTangent
[16/02/2008|21:50] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[25/10/2007|01:00] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[25/10/2007|00:23] C:\Program Files\AIM6
[26/01/2008|12:52] C:\Program Files\AOL
[06/12/2007|23:01] C:\Program Files\Atheros
[30/07/2008|12:53] C:\Program Files\Common Files
[06/12/2007|23:01] C:\Program Files\CONEXANT
[06/12/2007|23:12] C:\Program Files\CyberLink
[10/07/2008|10:24] C:\Program Files\desktop.ini
[19/02/2008|17:58] C:\Program Files\Electronic Arts
[26/01/2008|12:39] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[15/08/2008|19:41] C:\Program Files\Flagpile
[27/06/2008|12:11] C:\Program Files\Foxit Software
[31/05/2008|13:52] C:\Program Files\Google
[06/12/2007|23:07] C:\Program Files\Hewlett-Packard
[06/12/2007|23:05] C:\Program Files\Hp
[06/12/2007|23:16] C:\Program Files\HP Games
[06/12/2007|23:07] C:\Program Files\HPQ
[30/07/2008|17:03] C:\Program Files\InstallShield Installation Information
[15/08/2008|18:46] C:\Program Files\Internet Explorer
[18/06/2008|14:57] C:\Program Files\Inventel
[15/08/2008|18:27] C:\Program Files\Java
[11/06/2008|12:23] C:\Program Files\LimeWire
[15/08/2008|01:51] C:\Program Files\McAfee
[30/05/2008|19:41] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[25/10/2007|00:59] C:\Program Files\Microsoft Office
[07/02/2008|14:47] C:\Program Files\Microsoft SQL Server Compact Edition
[25/10/2007|00:59] C:\Program Files\Microsoft Works
[25/10/2007|00:59] C:\Program Files\Microsoft.NET
[25/10/2007|08:57] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[27/06/2008|12:43] C:\Program Files\MSN Spy 2004
[07/02/2008|14:03] C:\Program Files\MSXML 4.0
[13/08/2008|19:01] C:\Program Files\Navilog1
[06/12/2007|23:00] C:\Program Files\NetWaiting
[27/06/2008|12:42] C:\Program Files\NoPub
[24/06/2008|11:02] C:\Program Files\Orange
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[06/02/2008|21:30] C:\Program Files\Satsuki Decoder Pack
[18/06/2008|14:57] C:\Program Files\Securitoo
[06/12/2007|23:16] C:\Program Files\Services en ligne
[06/06/2008|10:49] C:\Program Files\SiteAdvisor
[01/08/2008|19:22] C:\Program Files\Spybot - Search & Destroy
[15/08/2008|18:28] C:\Program Files\Sun
[30/07/2008|12:10] C:\Program Files\SUPERAntiSpyware
[06/12/2007|22:58] C:\Program Files\Synaptics
[08/05/2008|17:41] C:\Program Files\Tap'Touche 5.5
[10/07/2008|13:56] C:\Program Files\Trend Micro
[01/08/2008|19:05] C:\Program Files\Uniblue
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/07/2008|13:05] C:\Program Files\UseNeXT
[07/07/2008|13:56] C:\Program Files\uTorrent
[12/03/2008|17:41] C:\Program Files\VideoLAN
[15/05/2008|17:40] C:\Program Files\WinamaxPoker
[25/10/2007|00:17] C:\Program Files\Windows Calendar
[25/10/2007|08:57] C:\Program Files\Windows Collaboration
[25/10/2007|00:16] C:\Program Files\Windows Defender
[25/10/2007|08:57] C:\Program Files\Windows Journal
[01/03/2008|10:43] C:\Program Files\Windows Live
[07/02/2008|14:47] C:\Program Files\Windows Live Favorites
[07/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[15/08/2008|18:46] C:\Program Files\Windows Mail
[07/02/2008|14:12] C:\Program Files\Windows Media Player
[26/01/2008|12:39] C:\Program Files\Windows NT
[25/10/2007|08:57] C:\Program Files\Windows Photo Gallery
[07/02/2008|14:12] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[07/02/2008|15:20] C:\Program Files\Common Files\Adobe
[25/10/2007|00:23] C:\Program Files\Common Files\AOL
[25/10/2007|00:59] C:\Program Files\Common Files\DESIGNER
[25/10/2007|01:13] C:\Program Files\Common Files\InstallShield
[25/10/2007|01:25] C:\Program Files\Common Files\Java
[07/03/2008|17:48] C:\Program Files\Common Files\logishrd
[30/05/2008|19:42] C:\Program Files\Common Files\McAfee
[07/02/2008|14:46] C:\Program Files\Common Files\microsoft shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[06/02/2008|21:12] C:\Program Files\Common Files\Symantec Shared
[25/10/2007|00:16] C:\Program Files\Common Files\System
[07/02/2008|14:45] C:\Program Files\Common Files\WindowsLiveInstaller
[30/07/2008|13:00] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 70 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@advertising[1].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@pacificpoker[2].txt
C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies\pierrot@888[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 10:12:00
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:325][D:13]-> C:\Users\pierrot\AppData\Local\Temp
[F:966][D:1]-> C:\Users\pierrot\AppData\Roaming\MICROS~1\Windows\Cookies
[F:5159][D:15]-> C:\Users\pierrot\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:116][D:8]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 10:16:48,08
[ UAC => 1 ]
et voila pour le rapport hijack! encore merci du coup de main!:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:32, on 18/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:32, on 18/08/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
salut j fait l'étape une et j'ai tjrs ces CID voilà le rapport
doit-je passer a l'étape 2 ?
est-ce sans risque pour mes fichier?
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Famille Zimmermann ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081018-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 111 Go Free : 75 Go
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 19/10/2008|23:07 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/07/2008|16:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[17/07/2008|16:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Downloaded Installations
[16/07/2008|20:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[31/08/2008|10:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[31/08/2008|10:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[18/10/2008|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Installations
[31/08/2008|10:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative
[18/10/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[18/10/2008|20:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[17/07/2008|15:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[18/10/2008|11:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Suite
[18/07/2008|04:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Winamp Toolbar
[17/07/2008|16:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[17/07/2008|16:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[17/07/2008|17:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[16/07/2008|20:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[18/07/2008|15:13] C:\DOCUME~1\FAMILL~1\APPLIC~1\Adobe
[29/07/2008|13:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\Ahead
[02/10/2008|11:52] C:\DOCUME~1\FAMILL~1\APPLIC~1\Anuman Interactive
[26/08/2008|09:59] C:\DOCUME~1\FAMILL~1\APPLIC~1\ArcSoft
[17/07/2008|17:00] C:\DOCUME~1\FAMILL~1\APPLIC~1\DivX
[16/07/2008|20:55] C:\DOCUME~1\FAMILL~1\APPLIC~1\Google
[30/08/2008|19:31] C:\DOCUME~1\FAMILL~1\APPLIC~1\gtk-2.0
[05/10/2008|14:43] C:\DOCUME~1\FAMILL~1\APPLIC~1\Help Site Move
[16/07/2008|20:39] C:\DOCUME~1\FAMILL~1\APPLIC~1\Identities
[04/09/2008|12:48] C:\DOCUME~1\FAMILL~1\APPLIC~1\Inkscape
[29/09/2008|19:13] C:\DOCUME~1\FAMILL~1\APPLIC~1\LimeWire
[16/07/2008|20:52] C:\DOCUME~1\FAMILL~1\APPLIC~1\Macromedia
[21/09/2008|14:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Microsoft
[18/10/2008|11:29] C:\DOCUME~1\FAMILL~1\APPLIC~1\Nokia
[18/10/2008|11:27] C:\DOCUME~1\FAMILL~1\APPLIC~1\PC Suite
[30/09/2008|15:58] C:\DOCUME~1\FAMILL~1\APPLIC~1\Scatlaws
[17/07/2008|16:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\streamripper
[17/07/2008|16:12] C:\DOCUME~1\FAMILL~1\APPLIC~1\Template
[30/07/2008|08:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Todae
[10/10/2008|12:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Winamp
[17/07/2008|16:03] C:\DOCUME~1\FAMILL~1\APPLIC~1\Windows Desktop Search
[22/07/2008|12:22] C:\DOCUME~1\FAMILL~1\APPLIC~1\WinRAR
[17/07/2008|17:45] C:\DOCUME~1\FAMILL~1\APPLIC~1\Yahoo!
[17/07/2008|17:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/07/2008|20:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/10/2008 22:56][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/10/2008 16:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/07/2008|15:14] C:\Program Files\Adobe
[16/07/2008|20:42] C:\Program Files\Alice SSID
[16/07/2008|21:04] C:\Program Files\Alwil Software
[17/07/2008|15:51] C:\Program Files\AVC Finger-sensing Pad Driver
[17/07/2008|16:22] C:\Program Files\BarreConfCMCIC
[12/08/2008|11:25] C:\Program Files\BitLord
[18/07/2008|13:42] C:\Program Files\CCleaner
[16/07/2008|20:24] C:\Program Files\ComPlus Applications
[17/07/2008|15:30] C:\Program Files\CONEXANT
[17/07/2008|16:01] C:\Program Files\CyberLink
[18/10/2008|11:21] C:\Program Files\DIFX
[12/08/2008|09:06] C:\Program Files\DivX
[19/10/2008|20:59] C:\Program Files\eMule
[18/10/2008|11:21] C:\Program Files\Fichiers communs
[07/08/2008|17:02] C:\Program Files\Google
[31/08/2008|10:30] C:\Program Files\Help Site Move
[17/07/2008|18:18] C:\Program Files\Hercules
[17/07/2008|15:30] C:\Program Files\Hotkey Management
[02/10/2008|11:53] C:\Program Files\hugin
[07/10/2008|09:24] C:\Program Files\IncrediMail
[05/09/2008|08:34] C:\Program Files\InstallShield Installation Information
[18/10/2008|20:48] C:\Program Files\Internet Explorer
[16/07/2008|20:52] C:\Program Files\Java
[17/07/2008|16:32] C:\Program Files\LimeWire
[31/08/2008|10:52] C:\Program Files\Magentic
[22/08/2008|15:39] C:\Program Files\Messenger
[19/10/2008|22:00] C:\Program Files\Messenger Plus! Live
[17/07/2008|16:47] C:\Program Files\MessengerPlus! 3
[31/08/2008|17:32] C:\Program Files\MiC“-Soft
[16/07/2008|20:32] C:\Program Files\microsoft frontpage
[17/07/2008|16:05] C:\Program Files\Microsoft Office
[17/07/2008|16:56] C:\Program Files\Microsoft SQL Server Compact Edition
[17/07/2008|15:41] C:\Program Files\Microsoft Visual Studio
[11/09/2008|20:11] C:\Program Files\Microsoft Works
[17/07/2008|15:40] C:\Program Files\Microsoft.NET
[22/08/2008|15:35] C:\Program Files\Movie Maker
[17/07/2008|15:41] C:\Program Files\MSBuild
[08/08/2008|08:47] C:\Program Files\MSECache
[16/07/2008|20:23] C:\Program Files\MSN
[16/07/2008|20:23] C:\Program Files\MSN Gaming Zone
[17/07/2008|17:56] C:\Program Files\MSXML 4.0
[17/07/2008|15:29] C:\Program Files\Multimedia Card Reader
[17/07/2008|15:57] C:\Program Files\Nero
[22/08/2008|15:31] C:\Program Files\NetMeeting
[16/07/2008|20:44] C:\Program Files\Neuf
[18/10/2008|11:21] C:\Program Files\Nokia
[22/08/2008|15:42] C:\Program Files\Outlook Express
[18/10/2008|11:21] C:\Program Files\PC Connectivity Solution
[30/08/2008|16:40] C:\Program Files\PDF Editor Objects 2
[04/09/2008|16:31] C:\Program Files\PDF Suite
[17/07/2008|15:30] C:\Program Files\Power Manager
[16/07/2008|20:26] C:\Program Files\Services en ligne
[17/07/2008|16:50] C:\Program Files\Spyware-Secure
[17/07/2008|16:23] C:\Program Files\Streamripper
[16/07/2008|20:59] C:\Program Files\Support Tools
[16/07/2008|20:39] C:\Program Files\Uninstall Information
[17/07/2008|16:40] C:\Program Files\VirginMega
[03/09/2008|09:27] C:\Program Files\Winamp
[17/07/2008|16:01] C:\Program Files\Windows Desktop Search
[18/07/2008|15:32] C:\Program Files\Windows Live
[17/07/2008|16:55] C:\Program Files\Windows Live Favorites
[17/07/2008|16:55] C:\Program Files\Windows Live Toolbar
[17/07/2008|16:37] C:\Program Files\Windows Media Connect 2
[22/08/2008|15:30] C:\Program Files\Windows Media Player
[22/08/2008|15:30] C:\Program Files\Windows NT
[16/07/2008|20:26] C:\Program Files\WindowsUpdate
[17/07/2008|16:24] C:\Program Files\WinRAR
[16/07/2008|20:41] C:\Program Files\Wireless 802.11g Monitor
[16/07/2008|20:32] C:\Program Files\xerox
[17/07/2008|16:29] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/07/2008|16:22] C:\Program Files\Fichiers communs\Adobe
[17/07/2008|15:59] C:\Program Files\Fichiers communs\Ahead
[17/07/2008|18:20] C:\Program Files\Fichiers communs\ArcSoft
[17/07/2008|15:41] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|15:29] C:\Program Files\Fichiers communs\InstallShield
[16/07/2008|20:31] C:\Program Files\Fichiers communs\Java
[07/08/2008|14:22] C:\Program Files\Fichiers communs\Microsoft Shared
[16/07/2008|20:25] C:\Program Files\Fichiers communs\MSSoap
[18/10/2008|11:21] C:\Program Files\Fichiers communs\Nokia
[04/08/2008|11:39] C:\Program Files\Fichiers communs\NSV
[16/07/2008|22:18] C:\Program Files\Fichiers communs\ODBC
[18/10/2008|11:22] C:\Program Files\Fichiers communs\PCSuite
[16/07/2008|20:25] C:\Program Files\Fichiers communs\Services
[16/07/2008|22:18] C:\Program Files\Fichiers communs\SpeechEngines
[22/08/2008|15:42] C:\Program Files\Fichiers communs\System
[17/07/2008|16:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 61 Processes )
IEXPLORE.EXE ~ [PID:972]
IEXPLORE.EXE ~ [PID:5396]
IEXPLORE.EXE ~ [PID:3168]
IEXPLORE.EXE ~ [PID:4228]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative\Surf Mail.exe
C:\DOCUME~1\FAMILL~1\Cookies\famille_zimmermann@advertising[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Memo save stupid creative\\Surf Mail.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-19 23:09:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 838
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\FAMILL~1\MENUDM~1\PROGRA~1\Spyware-Secure
C:\PROGRA~1\Spyware-Secure
Aucune autre infection trouvée !
[F:44][D:6]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp
[F:17][D:0]-> C:\DOCUME~1\FAMILL~1\Cookies
[F:265][D:8]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 19/10/2008|23:10 - Option : [1]
--------------------\\ Fin du rapport a 23:10:31
doit-je passer a l'étape 2 ?
est-ce sans risque pour mes fichier?
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Famille Zimmermann ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081018-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 111 Go Free : 75 Go
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 19/10/2008|23:07 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/07/2008|16:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[17/07/2008|16:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Downloaded Installations
[16/07/2008|20:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[31/08/2008|10:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IM
[31/08/2008|10:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\IncrediMail
[18/10/2008|11:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Installations
[31/08/2008|10:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative
[18/10/2008|11:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[18/10/2008|20:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[17/07/2008|15:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[18/10/2008|11:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Suite
[18/07/2008|04:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Winamp Toolbar
[17/07/2008|16:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[17/07/2008|16:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WLInstaller
[17/07/2008|17:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
[16/07/2008|20:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[18/07/2008|15:13] C:\DOCUME~1\FAMILL~1\APPLIC~1\Adobe
[29/07/2008|13:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\Ahead
[02/10/2008|11:52] C:\DOCUME~1\FAMILL~1\APPLIC~1\Anuman Interactive
[26/08/2008|09:59] C:\DOCUME~1\FAMILL~1\APPLIC~1\ArcSoft
[17/07/2008|17:00] C:\DOCUME~1\FAMILL~1\APPLIC~1\DivX
[16/07/2008|20:55] C:\DOCUME~1\FAMILL~1\APPLIC~1\Google
[30/08/2008|19:31] C:\DOCUME~1\FAMILL~1\APPLIC~1\gtk-2.0
[05/10/2008|14:43] C:\DOCUME~1\FAMILL~1\APPLIC~1\Help Site Move
[16/07/2008|20:39] C:\DOCUME~1\FAMILL~1\APPLIC~1\Identities
[04/09/2008|12:48] C:\DOCUME~1\FAMILL~1\APPLIC~1\Inkscape
[29/09/2008|19:13] C:\DOCUME~1\FAMILL~1\APPLIC~1\LimeWire
[16/07/2008|20:52] C:\DOCUME~1\FAMILL~1\APPLIC~1\Macromedia
[21/09/2008|14:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Microsoft
[18/10/2008|11:29] C:\DOCUME~1\FAMILL~1\APPLIC~1\Nokia
[18/10/2008|11:27] C:\DOCUME~1\FAMILL~1\APPLIC~1\PC Suite
[30/09/2008|15:58] C:\DOCUME~1\FAMILL~1\APPLIC~1\Scatlaws
[17/07/2008|16:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\streamripper
[17/07/2008|16:12] C:\DOCUME~1\FAMILL~1\APPLIC~1\Template
[30/07/2008|08:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Todae
[10/10/2008|12:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Winamp
[17/07/2008|16:03] C:\DOCUME~1\FAMILL~1\APPLIC~1\Windows Desktop Search
[22/07/2008|12:22] C:\DOCUME~1\FAMILL~1\APPLIC~1\WinRAR
[17/07/2008|17:45] C:\DOCUME~1\FAMILL~1\APPLIC~1\Yahoo!
[17/07/2008|17:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/07/2008|20:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/10/2008 22:56][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/10/2008 16:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/07/2008|15:14] C:\Program Files\Adobe
[16/07/2008|20:42] C:\Program Files\Alice SSID
[16/07/2008|21:04] C:\Program Files\Alwil Software
[17/07/2008|15:51] C:\Program Files\AVC Finger-sensing Pad Driver
[17/07/2008|16:22] C:\Program Files\BarreConfCMCIC
[12/08/2008|11:25] C:\Program Files\BitLord
[18/07/2008|13:42] C:\Program Files\CCleaner
[16/07/2008|20:24] C:\Program Files\ComPlus Applications
[17/07/2008|15:30] C:\Program Files\CONEXANT
[17/07/2008|16:01] C:\Program Files\CyberLink
[18/10/2008|11:21] C:\Program Files\DIFX
[12/08/2008|09:06] C:\Program Files\DivX
[19/10/2008|20:59] C:\Program Files\eMule
[18/10/2008|11:21] C:\Program Files\Fichiers communs
[07/08/2008|17:02] C:\Program Files\Google
[31/08/2008|10:30] C:\Program Files\Help Site Move
[17/07/2008|18:18] C:\Program Files\Hercules
[17/07/2008|15:30] C:\Program Files\Hotkey Management
[02/10/2008|11:53] C:\Program Files\hugin
[07/10/2008|09:24] C:\Program Files\IncrediMail
[05/09/2008|08:34] C:\Program Files\InstallShield Installation Information
[18/10/2008|20:48] C:\Program Files\Internet Explorer
[16/07/2008|20:52] C:\Program Files\Java
[17/07/2008|16:32] C:\Program Files\LimeWire
[31/08/2008|10:52] C:\Program Files\Magentic
[22/08/2008|15:39] C:\Program Files\Messenger
[19/10/2008|22:00] C:\Program Files\Messenger Plus! Live
[17/07/2008|16:47] C:\Program Files\MessengerPlus! 3
[31/08/2008|17:32] C:\Program Files\MiC“-Soft
[16/07/2008|20:32] C:\Program Files\microsoft frontpage
[17/07/2008|16:05] C:\Program Files\Microsoft Office
[17/07/2008|16:56] C:\Program Files\Microsoft SQL Server Compact Edition
[17/07/2008|15:41] C:\Program Files\Microsoft Visual Studio
[11/09/2008|20:11] C:\Program Files\Microsoft Works
[17/07/2008|15:40] C:\Program Files\Microsoft.NET
[22/08/2008|15:35] C:\Program Files\Movie Maker
[17/07/2008|15:41] C:\Program Files\MSBuild
[08/08/2008|08:47] C:\Program Files\MSECache
[16/07/2008|20:23] C:\Program Files\MSN
[16/07/2008|20:23] C:\Program Files\MSN Gaming Zone
[17/07/2008|17:56] C:\Program Files\MSXML 4.0
[17/07/2008|15:29] C:\Program Files\Multimedia Card Reader
[17/07/2008|15:57] C:\Program Files\Nero
[22/08/2008|15:31] C:\Program Files\NetMeeting
[16/07/2008|20:44] C:\Program Files\Neuf
[18/10/2008|11:21] C:\Program Files\Nokia
[22/08/2008|15:42] C:\Program Files\Outlook Express
[18/10/2008|11:21] C:\Program Files\PC Connectivity Solution
[30/08/2008|16:40] C:\Program Files\PDF Editor Objects 2
[04/09/2008|16:31] C:\Program Files\PDF Suite
[17/07/2008|15:30] C:\Program Files\Power Manager
[16/07/2008|20:26] C:\Program Files\Services en ligne
[17/07/2008|16:50] C:\Program Files\Spyware-Secure
[17/07/2008|16:23] C:\Program Files\Streamripper
[16/07/2008|20:59] C:\Program Files\Support Tools
[16/07/2008|20:39] C:\Program Files\Uninstall Information
[17/07/2008|16:40] C:\Program Files\VirginMega
[03/09/2008|09:27] C:\Program Files\Winamp
[17/07/2008|16:01] C:\Program Files\Windows Desktop Search
[18/07/2008|15:32] C:\Program Files\Windows Live
[17/07/2008|16:55] C:\Program Files\Windows Live Favorites
[17/07/2008|16:55] C:\Program Files\Windows Live Toolbar
[17/07/2008|16:37] C:\Program Files\Windows Media Connect 2
[22/08/2008|15:30] C:\Program Files\Windows Media Player
[22/08/2008|15:30] C:\Program Files\Windows NT
[16/07/2008|20:26] C:\Program Files\WindowsUpdate
[17/07/2008|16:24] C:\Program Files\WinRAR
[16/07/2008|20:41] C:\Program Files\Wireless 802.11g Monitor
[16/07/2008|20:32] C:\Program Files\xerox
[17/07/2008|16:29] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/07/2008|16:22] C:\Program Files\Fichiers communs\Adobe
[17/07/2008|15:59] C:\Program Files\Fichiers communs\Ahead
[17/07/2008|18:20] C:\Program Files\Fichiers communs\ArcSoft
[17/07/2008|15:41] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|15:29] C:\Program Files\Fichiers communs\InstallShield
[16/07/2008|20:31] C:\Program Files\Fichiers communs\Java
[07/08/2008|14:22] C:\Program Files\Fichiers communs\Microsoft Shared
[16/07/2008|20:25] C:\Program Files\Fichiers communs\MSSoap
[18/10/2008|11:21] C:\Program Files\Fichiers communs\Nokia
[04/08/2008|11:39] C:\Program Files\Fichiers communs\NSV
[16/07/2008|22:18] C:\Program Files\Fichiers communs\ODBC
[18/10/2008|11:22] C:\Program Files\Fichiers communs\PCSuite
[16/07/2008|20:25] C:\Program Files\Fichiers communs\Services
[16/07/2008|22:18] C:\Program Files\Fichiers communs\SpeechEngines
[22/08/2008|15:42] C:\Program Files\Fichiers communs\System
[17/07/2008|16:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 61 Processes )
IEXPLORE.EXE ~ [PID:972]
IEXPLORE.EXE ~ [PID:5396]
IEXPLORE.EXE ~ [PID:3168]
IEXPLORE.EXE ~ [PID:4228]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Memo save stupid creative\Surf Mail.exe
C:\DOCUME~1\FAMILL~1\Cookies\famille_zimmermann@advertising[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users.WINDOWS\\Application Data\\Memo save stupid creative\\Surf Mail.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-19 23:09:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 838
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\DOCUME~1\FAMILL~1\MENUDM~1\PROGRA~1\Spyware-Secure
C:\PROGRA~1\Spyware-Secure
Aucune autre infection trouvée !
[F:44][D:6]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp
[F:17][D:0]-> C:\DOCUME~1\FAMILL~1\Cookies
[F:265][D:8]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 19/10/2008|23:10 - Option : [1]
--------------------\\ Fin du rapport a 23:10:31
Ok on va vérifier quelques trucs
1) Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
2) Télécharge Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog présent sur ton bureau et choisis "Exécuter en tant qu'administrateur".
Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle l'intégralité du rapport ici.
@++
1) Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
2) Télécharge Navilog1 depuis-ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, Fais un Clic-droit sur le raccourci Navilog présent sur ton bureau et choisis "Exécuter en tant qu'administrateur".
Au menu principal, Fais le choix 1
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle l'intégralité du rapport ici.
@++
salut E..T! bon j'ai fait ce que tu m'a dit alors voila le rapport:
Search Navipromo version 3.6.0 commencé le 19/08/2008 à 17:30:15,83
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "pierrot"
Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16711
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "c:\users\pierrot\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\pierrot\AppData\Local\virtualstore\Program Files" ***
*** Recherche dossiers dans "C:\Users\pierrot\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\pierrot\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\pierrot\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\pierrot\AppData\Local" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\pierrot\AppData\Local\Microsoft" :
* Dans "C:\Users\pierrot\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\pierrot\AppData\Local" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 19/08/2008 à 17:40:32,44 ***
J'espere que ca aidera merci!!
Search Navipromo version 3.6.0 commencé le 19/08/2008 à 17:30:15,83
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "pierrot"
Mise à jour le 27.06.2008 à 23h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16711
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "c:\users\pierrot\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\pierrot\AppData\Local\virtualstore\Program Files" ***
*** Recherche dossiers dans "C:\Users\pierrot\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\pierrot\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\pierrot\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\pierrot\AppData\Local" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\pierrot\AppData\Local\Microsoft" :
* Dans "C:\Users\pierrot\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\pierrot\AppData\Local" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 19/08/2008 à 17:40:32,44 ***
J'espere que ca aidera merci!!
Salut,
Fais ce qui suit :
* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :
o S'il manque le fichier COMCTL32.OCX, télécharge le ici
* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)
* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait.
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée.
* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs
* // !! \\ Une fois le scan terminé, clique sur supprimer (si un message te demande de redémarrer le PC, accepte.)
* Un rapport sera généré, enregistre le de manière à le retrouver sur ton bureau par exemple et poste le ici.
@++
Fais ce qui suit :
* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :
o S'il manque le fichier COMCTL32.OCX, télécharge le ici
* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)
* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait.
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée.
* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs
* // !! \\ Une fois le scan terminé, clique sur supprimer (si un message te demande de redémarrer le PC, accepte.)
* Un rapport sera généré, enregistre le de manière à le retrouver sur ton bureau par exemple et poste le ici.
@++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bon pas de rapport du message 7 alors ?
Et si tu veux arrêter la fais ce qui suit :
Télécharge ToolsCleaner il permet de supprimer les logiciels installés pendant la désinfection.
--> https://www.commentcamarche.net/telecharger/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
@++
Et si tu veux arrêter la fais ce qui suit :
Télécharge ToolsCleaner il permet de supprimer les logiciels installés pendant la désinfection.
--> https://www.commentcamarche.net/telecharger/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
@++
