Probleme fenetre cid
Résolu
fierlosciste
-
fierlosciste -
fierlosciste -
Bonjour,
depuis 3 à 4 jours je me retrouve avec des fenetre publicitaire cid sur mon ordinateur
apres lecture du forum j'ai telecharge hajickthis et voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:02:44, on 06/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Windows\vVX1000.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\pierre\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Users\pierre\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pc7AWdoWAC] C:\ProgramData\wnarybuv\enehsdyn.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.s7f8cim"
O4 - HKCU\..\Run: [ANTI LITE TITLE DEBUG] "C:\ProgramData\Iso Hole Date.5s0opai"
O4 - Startup: Outil de notification Live Search.lnk = pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-1.1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
depuis 3 à 4 jours je me retrouve avec des fenetre publicitaire cid sur mon ordinateur
apres lecture du forum j'ai telecharge hajickthis et voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:02:44, on 06/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Windows\vVX1000.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\pierre\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Users\pierre\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pc7AWdoWAC] C:\ProgramData\wnarybuv\enehsdyn.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.s7f8cim"
O4 - HKCU\..\Run: [ANTI LITE TITLE DEBUG] "C:\ProgramData\Iso Hole Date.5s0opai"
O4 - Startup: Outil de notification Live Search.lnk = pierre\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerVistaADP-1.1.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
A voir également:
- Probleme fenetre cid
- Fenetre windows - Guide
- Fenêtre hors écran windows 11 - Guide
- Fenetre de navigation privée - Guide
- Mcafee fenetre intempestive - Accueil - Piratage
- Forcer fermeture fenetre windows - Guide
2 réponses
Copie/Colle Message CID :
" Salut
Cet adware ( CID ) s’installe lors de l’installation des logiciels suivants, en contre partie de leur dite « gratuité » :
* Sponsors MSN plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
* ...
https://www.commentcamarche.net/list 5996 comment bloquer les fenetres cid
Demarrer en mode sans echec
comment demarrer en mode sans echec en images
Redémarre l’ordinateur.
L'ordinateur commence le traitement d'instructions connues sous le nom Basic Input/Output System (BIOS). L'affichage dépend du fabricant du BIOS. Certains ordinateurs affichent une barre de progression faisant référence à BIOS, d'autres peuvent ne pas indiquer le processus en cours de réalisation.
A la fin du chargement du BIOS, commence à appuyer sur la touche F8 de ton clavier (ou F5 si F8 ne fonctionne pas). Procéde ainsi jusqu'à ce que le menu des options avancées de Windows apparaisse. Si tu commence à appuyer sur la touche F8 trop tôt, il est possible que certains ordinateurs affichent le message "erreur clavier". Pour résoudre ce problème, redémarre l'ordinateur et essaye de nouveau.
En utilisant les flèches du clavier, sélectionne "Mode sans échec" dans le menu puis appuye sur Entrée.
Allez dans le menu Démarrer
Cliquez sur panneau de configuration
Choisissez le module ajout/suppression de programmes
Pour Msn plus! : il suffit de désinstaller le sponsor :
Pour les logiciels p2p indiqués un peu plus haut : il faut chercher et supprimer le sponsor lié à CiD :
Supprimer les programmes suivants si présents :
Cid help
Circle Developement
Adverts
ENSUITE :
Télécharge ceci: Lopxp (by Moe)
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Un rapport sera créé,copie/colle le en entier sur ta prochaine réponse stp. "
Merci !
" Salut
Cet adware ( CID ) s’installe lors de l’installation des logiciels suivants, en contre partie de leur dite « gratuité » :
* Sponsors MSN plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
* ...
https://www.commentcamarche.net/list 5996 comment bloquer les fenetres cid
Demarrer en mode sans echec
comment demarrer en mode sans echec en images
Redémarre l’ordinateur.
L'ordinateur commence le traitement d'instructions connues sous le nom Basic Input/Output System (BIOS). L'affichage dépend du fabricant du BIOS. Certains ordinateurs affichent une barre de progression faisant référence à BIOS, d'autres peuvent ne pas indiquer le processus en cours de réalisation.
A la fin du chargement du BIOS, commence à appuyer sur la touche F8 de ton clavier (ou F5 si F8 ne fonctionne pas). Procéde ainsi jusqu'à ce que le menu des options avancées de Windows apparaisse. Si tu commence à appuyer sur la touche F8 trop tôt, il est possible que certains ordinateurs affichent le message "erreur clavier". Pour résoudre ce problème, redémarre l'ordinateur et essaye de nouveau.
En utilisant les flèches du clavier, sélectionne "Mode sans échec" dans le menu puis appuye sur Entrée.
Allez dans le menu Démarrer
Cliquez sur panneau de configuration
Choisissez le module ajout/suppression de programmes
Pour Msn plus! : il suffit de désinstaller le sponsor :
Pour les logiciels p2p indiqués un peu plus haut : il faut chercher et supprimer le sponsor lié à CiD :
Supprimer les programmes suivants si présents :
Cid help
Circle Developement
Adverts
ENSUITE :
Télécharge ceci: Lopxp (by Moe)
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Un rapport sera créé,copie/colle le en entier sur ta prochaine réponse stp. "
Merci !
salut
j'ai esssayer de telecharge lopxp mais a chaque fois il ne veux pas fonctionner car je suis sur vista
donc comment puis je trouve la version vista de lopxp?
j'ai esssayer de telecharge lopxp mais a chaque fois il ne veux pas fonctionner car je suis sur vista
donc comment puis je trouve la version vista de lopxp?
slt
ai reussi a faire l'analyse et voici le rapport
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : pierre ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 07/09/2008| 1:32 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[10/11/2007|20:15] C:\Users\pierre\AppData\Local\Acer Arcade Live
[11/11/2007|14:04] C:\Users\pierre\AppData\Local\Adobe
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Application Data
[21/08/2008|23:00] C:\Users\pierre\AppData\Local\Apps
[10/11/2007|20:02] C:\Users\pierre\AppData\Local\ATI
[01/08/2008|09:53] C:\Users\pierre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[21/08/2008|23:00] C:\Users\pierre\AppData\Local\Deployment
[05/04/2008|22:32] C:\Users\pierre\AppData\Local\eMule
[13/11/2007|23:43] C:\Users\pierre\AppData\Local\GDIPFONTCACHEV1.DAT
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Historique
[06/09/2008|14:52] C:\Users\pierre\AppData\Local\IconCache.db
[14/11/2007|12:55] C:\Users\pierre\AppData\Local\KodakGallery
[03/03/2008|00:37] C:\Users\pierre\AppData\Local\Microsoft
[11/11/2007|22:02] C:\Users\pierre\AppData\Local\Microsoft Games
[14/11/2007|01:18] C:\Users\pierre\AppData\Local\Microsoft Help
[09/03/2008|17:51] C:\Users\pierre\AppData\Local\MigWiz
[07/08/2008|11:57] C:\Users\pierre\AppData\Local\Mozilla
[09/05/2008|22:54] C:\Users\pierre\AppData\Local\NOS
[10/11/2007|20:01] C:\Users\pierre\AppData\Local\PowerCinema
[07/09/2008|01:23] C:\Users\pierre\AppData\Local\Temp
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Temporary Internet Files
[13/11/2007|19:19] C:\Users\pierre\AppData\Local\VirtualStore
[08/03/2008|14:21] C:\Users\pierre\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[06/09/2008 17:48][--ah-----] C:\Windows\tasks\SA.DAT
[06/09/2008 14:52][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/04/2007|14:41] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[09/05/2008|22:56] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[14/11/2007|16:20] C:\ProgramData\BitDefender
[10/11/2007|19:55] C:\ProgramData\Bureau
[24/04/2007|14:32] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[05/04/2008|22:34] C:\ProgramData\eMule
[10/11/2007|20:10] C:\ProgramData\eSobi
[10/11/2007|19:55] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[06/09/2008|22:13] C:\ProgramData\Grisoft
[05/07/2008|17:46] C:\ProgramData\Kodak
[17/08/2008|10:33] C:\ProgramData\LauncherAccess.dt
[01/08/2008|11:14] C:\ProgramData\Lavasoft
[28/06/2008|14:06] C:\ProgramData\LogiShrd
[28/06/2008|14:07] C:\ProgramData\Logitech
[10/11/2007|19:55] C:\ProgramData\Menu D‚marrer
[06/09/2008|00:22] C:\ProgramData\Messenger Plus!
[13/09/2007|10:47] C:\ProgramData\Microsoft
[13/08/2008|23:12] C:\ProgramData\Microsoft Help
[10/11/2007|19:55] C:\ProgramData\ModŠles
[14/11/2007|01:21] C:\ProgramData\ntuser.pol
[14/11/2007|12:29] C:\ProgramData\QuickTime
[02/11/2006|15:02] C:\ProgramData\Start Menu
[10/11/2007|22:08] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[14/11/2007|14:14] C:\ProgramData\UDL
[02/12/2007|21:45] C:\ProgramData\WLInstaller
[08/04/2008|22:57] C:\ProgramData\wnarybuv
[05/04/2008|22:07] C:\ProgramData\ysabvzbj
[08/03/2008|14:18] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[24/04/2007|14:31] C:\Program Files\Acer Arcade Live
[13/09/2007|10:55] C:\Program Files\Acer Inc
[24/04/2007|14:41] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[24/04/2007|14:57] C:\Program Files\Adobe
[13/09/2007|10:49] C:\Program Files\ATI
[15/11/2007|13:09] C:\Program Files\ATI Technologies
[14/11/2007|16:19] C:\Program Files\BitDefender
[22/08/2008|20:47] C:\Program Files\Common Files
[24/04/2007|14:27] C:\Program Files\CyberLink
[13/11/2007|19:45] C:\Program Files\CyberQix
[07/09/2008|00:08] C:\Program Files\eMule
[10/11/2007|19:55] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[06/09/2008|22:13] C:\Program Files\Grisoft
[22/08/2008|20:47] C:\Program Files\InstallShield Installation Information
[22/07/2008|15:27] C:\Program Files\Internet Explorer
[03/02/2008|16:43] C:\Program Files\Java
[05/07/2008|17:51] C:\Program Files\Kodak
[01/08/2008|11:14] C:\Program Files\Lavasoft
[22/07/2008|18:16] C:\Program Files\Logitech
[07/09/2008|01:17] C:\Program Files\Lopxp
[05/09/2008|19:19] C:\Program Files\Messenger Plus! Live
[14/11/2007|01:20] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[13/11/2007|18:42] C:\Program Files\Microsoft LifeCam
[24/04/2007|14:40] C:\Program Files\Microsoft Office
[13/11/2007|19:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2007|14:40] C:\Program Files\Microsoft Works
[24/04/2007|14:36] C:\Program Files\Microsoft.NET
[22/07/2008|15:27] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[13/11/2007|17:53] C:\Program Files\MSXML 4.0
[13/11/2007|17:16] C:\Program Files\Neuf
[24/04/2007|15:07] C:\Program Files\NewTech Infosystems
[14/11/2007|12:29] C:\Program Files\QuickTime
[24/04/2007|14:48] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[27/02/2008|10:42] C:\Program Files\Samsung
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[08/04/2008|00:53] C:\Program Files\VideoLAN
[22/07/2008|15:27] C:\Program Files\Windows Calendar
[22/07/2008|15:27] C:\Program Files\Windows Collaboration
[22/07/2008|15:27] C:\Program Files\Windows Defender
[22/07/2008|15:27] C:\Program Files\Windows Journal
[27/02/2008|20:29] C:\Program Files\Windows Live
[13/08/2008|23:09] C:\Program Files\Windows Mail
[22/07/2008|15:27] C:\Program Files\Windows Media Player
[10/11/2007|19:55] C:\Program Files\Windows NT
[22/07/2008|15:27] C:\Program Files\Windows Photo Gallery
[22/07/2008|15:27] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[09/05/2008|22:56] C:\Program Files\Common Files\Adobe
[14/11/2007|16:19] C:\Program Files\Common Files\BitDefender
[24/04/2007|14:36] C:\Program Files\Common Files\DESIGNER
[24/04/2007|15:05] C:\Program Files\Common Files\InstallShield
[03/02/2008|16:42] C:\Program Files\Common Files\Java
[05/07/2008|17:50] C:\Program Files\Common Files\Kodak
[24/04/2007|15:07] C:\Program Files\Common Files\LightScribe
[22/08/2008|20:48] C:\Program Files\Common Files\Logishrd
[22/08/2008|20:48] C:\Program Files\Common Files\Logitech
[06/04/2008|20:52] C:\Program Files\Common Files\microsoft shared
[14/11/2007|12:28] C:\Program Files\Common Files\MSSoap
[24/04/2007|15:06] C:\Program Files\Common Files\muvee Technologies
[24/04/2007|15:07] C:\Program Files\Common Files\NewTech Infosystems
[05/07/2008|17:50] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[10/11/2007|22:09] C:\Program Files\Common Files\Symantec Shared
[22/07/2008|15:27] C:\Program Files\Common Files\System
[13/11/2007|19:14] C:\Program Files\Common Files\WindowsLiveInstaller
[01/08/2008|11:13] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 79 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\Users\pierre\AppData\Local\Temp\bis6B63.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 00:29:59
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 00:35:34
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 01:32:33
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:4558][D:53]-> C:\Users\pierre\AppData\Local\Temp
[F:609][D:1]-> C:\Users\pierre\AppData\Roaming\MICROS~1\Windows\Cookies
[F:694][D:5]-> C:\Users\pierre\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008| 1:34 - Option : [1]
--------------------\\ Fin du rapport a 1:34:46
[ UAC => 1 ]
donc que dois je faire a present merci
ai reussi a faire l'analyse et voici le rapport
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : pierre ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 07/09/2008| 1:32 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[10/11/2007|20:15] C:\Users\pierre\AppData\Local\Acer Arcade Live
[11/11/2007|14:04] C:\Users\pierre\AppData\Local\Adobe
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Application Data
[21/08/2008|23:00] C:\Users\pierre\AppData\Local\Apps
[10/11/2007|20:02] C:\Users\pierre\AppData\Local\ATI
[01/08/2008|09:53] C:\Users\pierre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[21/08/2008|23:00] C:\Users\pierre\AppData\Local\Deployment
[05/04/2008|22:32] C:\Users\pierre\AppData\Local\eMule
[13/11/2007|23:43] C:\Users\pierre\AppData\Local\GDIPFONTCACHEV1.DAT
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Historique
[06/09/2008|14:52] C:\Users\pierre\AppData\Local\IconCache.db
[14/11/2007|12:55] C:\Users\pierre\AppData\Local\KodakGallery
[03/03/2008|00:37] C:\Users\pierre\AppData\Local\Microsoft
[11/11/2007|22:02] C:\Users\pierre\AppData\Local\Microsoft Games
[14/11/2007|01:18] C:\Users\pierre\AppData\Local\Microsoft Help
[09/03/2008|17:51] C:\Users\pierre\AppData\Local\MigWiz
[07/08/2008|11:57] C:\Users\pierre\AppData\Local\Mozilla
[09/05/2008|22:54] C:\Users\pierre\AppData\Local\NOS
[10/11/2007|20:01] C:\Users\pierre\AppData\Local\PowerCinema
[07/09/2008|01:23] C:\Users\pierre\AppData\Local\Temp
[10/11/2007|20:00] C:\Users\pierre\AppData\Local\Temporary Internet Files
[13/11/2007|19:19] C:\Users\pierre\AppData\Local\VirtualStore
[08/03/2008|14:21] C:\Users\pierre\AppData\Local\Zylom Games
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[06/09/2008 17:48][--ah-----] C:\Windows\tasks\SA.DAT
[06/09/2008 14:52][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[24/04/2007|14:41] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[09/05/2008|22:56] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[14/11/2007|16:20] C:\ProgramData\BitDefender
[10/11/2007|19:55] C:\ProgramData\Bureau
[24/04/2007|14:32] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[05/04/2008|22:34] C:\ProgramData\eMule
[10/11/2007|20:10] C:\ProgramData\eSobi
[10/11/2007|19:55] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[06/09/2008|22:13] C:\ProgramData\Grisoft
[05/07/2008|17:46] C:\ProgramData\Kodak
[17/08/2008|10:33] C:\ProgramData\LauncherAccess.dt
[01/08/2008|11:14] C:\ProgramData\Lavasoft
[28/06/2008|14:06] C:\ProgramData\LogiShrd
[28/06/2008|14:07] C:\ProgramData\Logitech
[10/11/2007|19:55] C:\ProgramData\Menu D‚marrer
[06/09/2008|00:22] C:\ProgramData\Messenger Plus!
[13/09/2007|10:47] C:\ProgramData\Microsoft
[13/08/2008|23:12] C:\ProgramData\Microsoft Help
[10/11/2007|19:55] C:\ProgramData\ModŠles
[14/11/2007|01:21] C:\ProgramData\ntuser.pol
[14/11/2007|12:29] C:\ProgramData\QuickTime
[02/11/2006|15:02] C:\ProgramData\Start Menu
[10/11/2007|22:08] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[14/11/2007|14:14] C:\ProgramData\UDL
[02/12/2007|21:45] C:\ProgramData\WLInstaller
[08/04/2008|22:57] C:\ProgramData\wnarybuv
[05/04/2008|22:07] C:\ProgramData\ysabvzbj
[08/03/2008|14:18] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[24/04/2007|14:31] C:\Program Files\Acer Arcade Live
[13/09/2007|10:55] C:\Program Files\Acer Inc
[24/04/2007|14:41] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[24/04/2007|14:57] C:\Program Files\Adobe
[13/09/2007|10:49] C:\Program Files\ATI
[15/11/2007|13:09] C:\Program Files\ATI Technologies
[14/11/2007|16:19] C:\Program Files\BitDefender
[22/08/2008|20:47] C:\Program Files\Common Files
[24/04/2007|14:27] C:\Program Files\CyberLink
[13/11/2007|19:45] C:\Program Files\CyberQix
[07/09/2008|00:08] C:\Program Files\eMule
[10/11/2007|19:55] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[06/09/2008|22:13] C:\Program Files\Grisoft
[22/08/2008|20:47] C:\Program Files\InstallShield Installation Information
[22/07/2008|15:27] C:\Program Files\Internet Explorer
[03/02/2008|16:43] C:\Program Files\Java
[05/07/2008|17:51] C:\Program Files\Kodak
[01/08/2008|11:14] C:\Program Files\Lavasoft
[22/07/2008|18:16] C:\Program Files\Logitech
[07/09/2008|01:17] C:\Program Files\Lopxp
[05/09/2008|19:19] C:\Program Files\Messenger Plus! Live
[14/11/2007|01:20] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[13/11/2007|18:42] C:\Program Files\Microsoft LifeCam
[24/04/2007|14:40] C:\Program Files\Microsoft Office
[13/11/2007|19:15] C:\Program Files\Microsoft SQL Server Compact Edition
[24/04/2007|14:40] C:\Program Files\Microsoft Works
[24/04/2007|14:36] C:\Program Files\Microsoft.NET
[22/07/2008|15:27] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[13/11/2007|17:53] C:\Program Files\MSXML 4.0
[13/11/2007|17:16] C:\Program Files\Neuf
[24/04/2007|15:07] C:\Program Files\NewTech Infosystems
[14/11/2007|12:29] C:\Program Files\QuickTime
[24/04/2007|14:48] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[27/02/2008|10:42] C:\Program Files\Samsung
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[08/04/2008|00:53] C:\Program Files\VideoLAN
[22/07/2008|15:27] C:\Program Files\Windows Calendar
[22/07/2008|15:27] C:\Program Files\Windows Collaboration
[22/07/2008|15:27] C:\Program Files\Windows Defender
[22/07/2008|15:27] C:\Program Files\Windows Journal
[27/02/2008|20:29] C:\Program Files\Windows Live
[13/08/2008|23:09] C:\Program Files\Windows Mail
[22/07/2008|15:27] C:\Program Files\Windows Media Player
[10/11/2007|19:55] C:\Program Files\Windows NT
[22/07/2008|15:27] C:\Program Files\Windows Photo Gallery
[22/07/2008|15:27] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[09/05/2008|22:56] C:\Program Files\Common Files\Adobe
[14/11/2007|16:19] C:\Program Files\Common Files\BitDefender
[24/04/2007|14:36] C:\Program Files\Common Files\DESIGNER
[24/04/2007|15:05] C:\Program Files\Common Files\InstallShield
[03/02/2008|16:42] C:\Program Files\Common Files\Java
[05/07/2008|17:50] C:\Program Files\Common Files\Kodak
[24/04/2007|15:07] C:\Program Files\Common Files\LightScribe
[22/08/2008|20:48] C:\Program Files\Common Files\Logishrd
[22/08/2008|20:48] C:\Program Files\Common Files\Logitech
[06/04/2008|20:52] C:\Program Files\Common Files\microsoft shared
[14/11/2007|12:28] C:\Program Files\Common Files\MSSoap
[24/04/2007|15:06] C:\Program Files\Common Files\muvee Technologies
[24/04/2007|15:07] C:\Program Files\Common Files\NewTech Infosystems
[05/07/2008|17:50] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[10/11/2007|22:09] C:\Program Files\Common Files\Symantec Shared
[22/07/2008|15:27] C:\Program Files\Common Files\System
[13/11/2007|19:14] C:\Program Files\Common Files\WindowsLiveInstaller
[01/08/2008|11:13] C:\Program Files\Common Files\Wise Installation Wizard
--------------------\\ Process
( 79 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\Users\pierre\AppData\Local\Temp\bis6B63.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 00:29:59
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 00:35:34
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 01:32:33
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 5
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:4558][D:53]-> C:\Users\pierre\AppData\Local\Temp
[F:609][D:1]-> C:\Users\pierre\AppData\Roaming\MICROS~1\Windows\Cookies
[F:694][D:5]-> C:\Users\pierre\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008| 1:34 - Option : [1]
--------------------\\ Fin du rapport a 1:34:46
[ UAC => 1 ]
donc que dois je faire a present merci
