Sujet Précédent Sujet Suivant

Pop up cid

lasticote -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
pop up cid s'ouvre tout le temps. J ai desinstallé le sponsor msn plus mais cela continu !! HELP ME PLEASE !!
A voir également:

28 réponses

  • 1
  • 2
Réponse 1 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
Réponse 2 / 28
lasticote
 
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 19:18:47
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden files ...
0
Réponse 3 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Recommence.

---> Désactive l'UAC :
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
Réponse 4 / 28
lasticote
 
--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Not Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 09/09/2008|19:18 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[15/01/2008|20:01] C:\Users\Elodie\AppData\Local\Adobe
[30/09/2007|18:33] C:\Users\Elodie\AppData\Local\Apple
[24/07/2008|18:33] C:\Users\Elodie\AppData\Local\Apple Computer
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Application Data
[20/05/2008|17:32] C:\Users\Elodie\AppData\Local\d3d9caps.dat
[09/09/2008|09:20] C:\Users\Elodie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/09/2007|18:16] C:\Users\Elodie\AppData\Local\GDIPFONTCACHEV1.DAT
[25/09/2007|19:05] C:\Users\Elodie\AppData\Local\Google
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Historique
[09/09/2008|16:06] C:\Users\Elodie\AppData\Local\IconCache.db
[09/07/2008|01:00] C:\Users\Elodie\AppData\Local\Microsoft
[13/04/2008|20:57] C:\Users\Elodie\AppData\Local\MicroVision Applications
[25/09/2007|20:02] C:\Users\Elodie\AppData\Local\Scansoft
[25/09/2007|20:41] C:\Users\Elodie\AppData\Local\Shareaza
[09/09/2008|19:17] C:\Users\Elodie\AppData\Local\Temp
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Temporary Internet Files
[26/09/2007|23:49] C:\Users\Elodie\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[21/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Elodie.job
[09/09/2008 16:08][--ah-----] C:\Windows\tasks\SA.DAT
[09/09/2008 16:07][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/06/2007|00:54] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[29/02/2008|17:10] C:\ProgramData\Adobe
[07/09/2008|14:19] C:\ProgramData\aim rect help creative
[30/09/2007|18:32] C:\ProgramData\Apple
[30/09/2007|18:35] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[05/09/2008|13:54] C:\ProgramData\Audio Grim Locks.ludrd
[25/09/2007|18:07] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/09/2007|18:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[09/09/2008|11:45] C:\ProgramData\Google
[02/06/2007|01:16] C:\ProgramData\Hewlett-Packard
[02/06/2007|00:37] C:\ProgramData\HP
[02/06/2007|00:38] C:\ProgramData\hpzinstall.log
[25/09/2007|19:53] C:\ProgramData\InstallShield
[09/07/2008|01:12] C:\ProgramData\LUUnInstall.LiveUpdate
[25/09/2007|18:07] C:\ProgramData\Menu D‚marrer
[20/05/2008|17:34] C:\ProgramData\Microsoft
[15/08/2008|03:08] C:\ProgramData\Microsoft Help
[25/09/2007|18:07] C:\ProgramData\ModŠles
[02/06/2007|00:47] C:\ProgramData\muvee Technologies
[22/06/2008|07:14] C:\ProgramData\NVIDIA
[09/09/2008|09:43] C:\ProgramData\Obj Send Meow
[02/06/2007|00:56] C:\ProgramData\PC-Doctor
[13/04/2008|20:55] C:\ProgramData\Roxio
[25/09/2007|19:53] C:\ProgramData\ScanSoft
[02/06/2007|00:44] C:\ProgramData\Sonic
[02/11/2006|15:02] C:\ProgramData\Start Menu
[12/08/2008|03:06] C:\ProgramData\Symantec
[09/07/2008|01:57] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[25/09/2007|19:29] C:\ProgramData\UDL
[05/09/2008|13:53] C:\ProgramData\wipe memo memo.7yu6ji
[05/09/2008|13:53] C:\ProgramData\wipe memo memo.eu6ae6c
[09/09/2008|10:34] C:\ProgramData\wipe memo memo.hpirv
[09/09/2008|10:56] C:\ProgramData\wipe memo memo.k73a5w
[09/09/2008|09:51] C:\ProgramData\wipe memo memo.kf6opm
[09/09/2008|10:12] C:\ProgramData\wipe memo memo.nhwqv
[24/02/2008|23:12] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[02/06/2007|00:54] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[03/03/2008|20:39] C:\Program Files\Adobe
[29/02/2008|17:10] C:\Program Files\Adobe(0)
[09/09/2008|09:21] C:\Program Files\Alwil Software
[09/08/2008|20:40] C:\Program Files\Apple Software Update
[25/09/2007|19:51] C:\Program Files\ArcSoft
[18/05/2008|18:39] C:\Program Files\BitComet
[22/07/2008|01:08] C:\Program Files\Bonjour
[25/09/2007|19:45] C:\Program Files\Canon
[25/09/2007|19:41] C:\Program Files\CanonBJ
[07/09/2008|10:52] C:\Program Files\Common Files
[02/06/2007|09:41] C:\Program Files\EasyBits
[24/11/2007|15:27] C:\Program Files\EPSON
[05/08/2008|00:00] C:\Program Files\Everest Poker
[25/09/2007|18:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[05/11/2007|19:10] C:\Program Files\Free.fr
[09/09/2008|11:45] C:\Program Files\Google
[02/06/2007|00:57] C:\Program Files\Hewlett-Packard
[26/08/2008|20:25] C:\Program Files\HP
[07/09/2008|10:52] C:\Program Files\InstallShield Installation Information
[21/06/2008|20:31] C:\Program Files\Internet Explorer
[09/08/2008|20:39] C:\Program Files\iPod
[09/08/2008|20:39] C:\Program Files\iTunes
[07/09/2008|14:19] C:\Program Files\KYE
[09/09/2008|18:39] C:\Program Files\Messenger Plus! Live
[16/10/2007|21:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[15/03/2008|19:11] C:\Program Files\Microsoft Office
[16/10/2007|20:25] C:\Program Files\Microsoft SQL Server Compact Edition
[29/01/2008|21:03] C:\Program Files\Microsoft Works
[02/06/2007|00:53] C:\Program Files\Microsoft.NET
[21/06/2008|20:31] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[25/09/2007|19:11] C:\Program Files\MSXML 4.0
[02/06/2007|00:47] C:\Program Files\muvee Technologies
[29/01/2008|22:32] C:\Program Files\MySpace
[25/09/2007|19:54] C:\Program Files\NewSoft
[29/01/2008|21:03] C:\Program Files\Norton Internet Security
[02/06/2007|01:10] C:\Program Files\PC-Doctor 5 for Windows
[22/07/2008|01:08] C:\Program Files\QuickTime
[02/06/2007|00:46] C:\Program Files\Real
[10/04/2008|18:51] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/06/2007|00:45] C:\Program Files\Roxio
[25/09/2007|19:53] C:\Program Files\ScanSoft
[02/06/2007|00:59] C:\Program Files\Services en ligne
[07/06/2008|06:12] C:\Program Files\Shareaza
[27/12/2007|21:23] C:\Program Files\Sony
[09/07/2008|01:03] C:\Program Files\Symantec
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[25/09/2007|20:56] C:\Program Files\VideoLAN
[21/06/2008|20:31] C:\Program Files\Windows Calendar
[21/06/2008|20:30] C:\Program Files\Windows Collaboration
[21/06/2008|20:30] C:\Program Files\Windows Defender
[21/06/2008|20:30] C:\Program Files\Windows Journal
[05/03/2008|03:46] C:\Program Files\Windows Live
[05/11/2007|19:05] C:\Program Files\Windows Live Toolbar
[15/08/2008|03:13] C:\Program Files\Windows Mail
[21/06/2008|20:30] C:\Program Files\Windows Media Player
[25/09/2007|18:07] C:\Program Files\Windows NT
[21/06/2008|20:30] C:\Program Files\Windows Photo Gallery
[21/06/2008|20:31] C:\Program Files\Windows Sidebar
[07/06/2008|20:14] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[03/03/2008|20:39] C:\Program Files\Common Files\Adobe
[29/02/2008|17:10] C:\Program Files\Common Files\Adobe(1)
[30/09/2007|18:32] C:\Program Files\Common Files\Apple
[25/09/2007|19:47] C:\Program Files\Common Files\CANON
[02/06/2007|00:53] C:\Program Files\Common Files\DESIGNER
[02/06/2007|00:37] C:\Program Files\Common Files\HP
[25/09/2007|19:53] C:\Program Files\Common Files\InstallShield
[02/06/2007|00:46] C:\Program Files\Common Files\LightScribe
[02/06/2007|00:45] C:\Program Files\Common Files\LS Getting Started
[15/05/2008|01:34] C:\Program Files\Common Files\microsoft shared
[02/06/2007|00:47] C:\Program Files\Common Files\muvee Technologies
[25/09/2007|19:56] C:\Program Files\Common Files\PDFView
[02/06/2007|00:44] C:\Program Files\Common Files\PX Storage Engine
[02/06/2007|00:46] C:\Program Files\Common Files\Real
[02/06/2007|00:44] C:\Program Files\Common Files\Roxio Shared
[25/09/2007|19:53] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[07/09/2008|14:19] C:\Program Files\Common Files\snpstd
[02/06/2007|00:45] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[29/01/2008|21:03] C:\Program Files\Common Files\SureThing Shared
[12/08/2008|03:06] C:\Program Files\Common Files\Symantec Shared
[21/06/2008|20:30] C:\Program Files\Common Files\System
[03/03/2008|20:40] C:\Program Files\Common Files\WindowsLiveInstaller
[02/06/2007|00:46] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 80 Processes )

iexplore.exe ~ [PID:3352]
iexplore.exe ~ [PID:4448]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\Audio Grim Locks.ludrd
C:\ProgramData\wipe memo memo.hpirv
C:\ProgramData\wipe memo memo.nhwqv
C:\ProgramData\wipe memo memo.7yu6ji
C:\ProgramData\wipe memo memo.k73a5w
C:\ProgramData\wipe memo memo.kf6opm
C:\ProgramData\wipe memo memo.eu6ae6c

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\aim rect help creative
C:\ProgramData\aim rect help creative\roam mags.exe
C:\ProgramData\Obj Send Meow
C:\ProgramData\Obj Send Meow\Flap flaw bolt extra.exe
C:\ProgramData\Obj Send Meow\gwxggdnt.exe
C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies\elodie@advertising[2].txt
C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies\elodie@adopt.euroclick[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Help Creative Meow City"="\"C:\\ProgramData\\Audio Grim Locks.ludrd\""
"Mpegmode"="\"C:\\ProgramData\\wipe memo memo.k73a5w\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 19:18:47
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:1228][D:76]-> C:\Users\Elodie\AppData\Local\Temp
[F:170][D:1]-> C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies
[F:153][D:6]-> C:\Users\Elodie\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|19:24 - Option : [1]

--------------------\\ Fin du rapport a 19:24:16
[ UAC => 1 ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
Réponse 6 / 28
lasticote
 
--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Elodie ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Not Activated)
Firewall : Norton Internet Security 2007 (Not Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 09/09/2008|19:37 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\aim rect help creative\roam mags.exe
Supprime! - C:\ProgramData\Obj Send Meow\Flap flaw bolt extra.exe
Supprime! - C:\ProgramData\Obj Send Meow\gwxggdnt.exe
Supprime! - C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies\elodie@advertising[2].txt
Supprime! - C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies\elodie@adopt.euroclick[1].txt
Supprime! - C:\ProgramData\Audio Grim Locks.ludrd
Supprime! - C:\ProgramData\wipe memo memo.hpirv
Supprime! - C:\ProgramData\wipe memo memo.nhwqv
Supprime! - C:\ProgramData\wipe memo memo.7yu6ji
Supprime! - C:\ProgramData\wipe memo memo.k73a5w
Supprime! - C:\ProgramData\wipe memo memo.kf6opm
Supprime! - C:\ProgramData\wipe memo memo.eu6ae6c
Supprime! - C:\ProgramData\aim rect help creative
Supprime! - C:\ProgramData\Obj Send Meow
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[15/01/2008|20:01] C:\Users\Elodie\AppData\Local\Adobe
[30/09/2007|18:33] C:\Users\Elodie\AppData\Local\Apple
[24/07/2008|18:33] C:\Users\Elodie\AppData\Local\Apple Computer
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Application Data
[20/05/2008|17:32] C:\Users\Elodie\AppData\Local\d3d9caps.dat
[09/09/2008|09:20] C:\Users\Elodie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[25/09/2007|18:16] C:\Users\Elodie\AppData\Local\GDIPFONTCACHEV1.DAT
[25/09/2007|19:05] C:\Users\Elodie\AppData\Local\Google
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Historique
[09/09/2008|16:06] C:\Users\Elodie\AppData\Local\IconCache.db
[09/07/2008|01:00] C:\Users\Elodie\AppData\Local\Microsoft
[13/04/2008|20:57] C:\Users\Elodie\AppData\Local\MicroVision Applications
[25/09/2007|20:02] C:\Users\Elodie\AppData\Local\Scansoft
[25/09/2007|20:41] C:\Users\Elodie\AppData\Local\Shareaza
[09/09/2008|19:37] C:\Users\Elodie\AppData\Local\Temp
[25/09/2007|18:13] C:\Users\Elodie\AppData\Local\Temporary Internet Files
[26/09/2007|23:49] C:\Users\Elodie\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[21/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - Elodie.job
[09/09/2008 16:08][--ah-----] C:\Windows\tasks\SA.DAT
[09/09/2008 16:07][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/06/2007|00:54] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[29/02/2008|17:10] C:\ProgramData\Adobe
[30/09/2007|18:32] C:\ProgramData\Apple
[30/09/2007|18:35] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[25/09/2007|18:07] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/09/2007|18:07] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[09/09/2008|11:45] C:\ProgramData\Google
[02/06/2007|01:16] C:\ProgramData\Hewlett-Packard
[02/06/2007|00:37] C:\ProgramData\HP
[02/06/2007|00:38] C:\ProgramData\hpzinstall.log
[25/09/2007|19:53] C:\ProgramData\InstallShield
[09/07/2008|01:12] C:\ProgramData\LUUnInstall.LiveUpdate
[25/09/2007|18:07] C:\ProgramData\Menu D‚marrer
[20/05/2008|17:34] C:\ProgramData\Microsoft
[15/08/2008|03:08] C:\ProgramData\Microsoft Help
[25/09/2007|18:07] C:\ProgramData\ModŠles
[02/06/2007|00:47] C:\ProgramData\muvee Technologies
[22/06/2008|07:14] C:\ProgramData\NVIDIA
[02/06/2007|00:56] C:\ProgramData\PC-Doctor
[13/04/2008|20:55] C:\ProgramData\Roxio
[25/09/2007|19:53] C:\ProgramData\ScanSoft
[02/06/2007|00:44] C:\ProgramData\Sonic
[02/11/2006|15:02] C:\ProgramData\Start Menu
[12/08/2008|03:06] C:\ProgramData\Symantec
[09/07/2008|01:57] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[25/09/2007|19:29] C:\ProgramData\UDL
[24/02/2008|23:12] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[02/06/2007|00:54] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[03/03/2008|20:39] C:\Program Files\Adobe
[29/02/2008|17:10] C:\Program Files\Adobe(0)
[09/09/2008|09:21] C:\Program Files\Alwil Software
[09/08/2008|20:40] C:\Program Files\Apple Software Update
[25/09/2007|19:51] C:\Program Files\ArcSoft
[18/05/2008|18:39] C:\Program Files\BitComet
[22/07/2008|01:08] C:\Program Files\Bonjour
[25/09/2007|19:45] C:\Program Files\Canon
[25/09/2007|19:41] C:\Program Files\CanonBJ
[07/09/2008|10:52] C:\Program Files\Common Files
[02/06/2007|09:41] C:\Program Files\EasyBits
[24/11/2007|15:27] C:\Program Files\EPSON
[05/08/2008|00:00] C:\Program Files\Everest Poker
[25/09/2007|18:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[05/11/2007|19:10] C:\Program Files\Free.fr
[09/09/2008|11:45] C:\Program Files\Google
[02/06/2007|00:57] C:\Program Files\Hewlett-Packard
[26/08/2008|20:25] C:\Program Files\HP
[07/09/2008|10:52] C:\Program Files\InstallShield Installation Information
[21/06/2008|20:31] C:\Program Files\Internet Explorer
[09/08/2008|20:39] C:\Program Files\iPod
[09/08/2008|20:39] C:\Program Files\iTunes
[07/09/2008|14:19] C:\Program Files\KYE
[09/09/2008|18:39] C:\Program Files\Messenger Plus! Live
[16/10/2007|21:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[15/03/2008|19:11] C:\Program Files\Microsoft Office
[16/10/2007|20:25] C:\Program Files\Microsoft SQL Server Compact Edition
[29/01/2008|21:03] C:\Program Files\Microsoft Works
[02/06/2007|00:53] C:\Program Files\Microsoft.NET
[21/06/2008|20:31] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[25/09/2007|19:11] C:\Program Files\MSXML 4.0
[02/06/2007|00:47] C:\Program Files\muvee Technologies
[29/01/2008|22:32] C:\Program Files\MySpace
[25/09/2007|19:54] C:\Program Files\NewSoft
[29/01/2008|21:03] C:\Program Files\Norton Internet Security
[02/06/2007|01:10] C:\Program Files\PC-Doctor 5 for Windows
[22/07/2008|01:08] C:\Program Files\QuickTime
[02/06/2007|00:46] C:\Program Files\Real
[10/04/2008|18:51] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/06/2007|00:45] C:\Program Files\Roxio
[25/09/2007|19:53] C:\Program Files\ScanSoft
[02/06/2007|00:59] C:\Program Files\Services en ligne
[07/06/2008|06:12] C:\Program Files\Shareaza
[27/12/2007|21:23] C:\Program Files\Sony
[09/07/2008|01:03] C:\Program Files\Symantec
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[25/09/2007|20:56] C:\Program Files\VideoLAN
[21/06/2008|20:31] C:\Program Files\Windows Calendar
[21/06/2008|20:30] C:\Program Files\Windows Collaboration
[21/06/2008|20:30] C:\Program Files\Windows Defender
[21/06/2008|20:30] C:\Program Files\Windows Journal
[05/03/2008|03:46] C:\Program Files\Windows Live
[05/11/2007|19:05] C:\Program Files\Windows Live Toolbar
[15/08/2008|03:13] C:\Program Files\Windows Mail
[21/06/2008|20:30] C:\Program Files\Windows Media Player
[25/09/2007|18:07] C:\Program Files\Windows NT
[21/06/2008|20:30] C:\Program Files\Windows Photo Gallery
[21/06/2008|20:31] C:\Program Files\Windows Sidebar
[07/06/2008|20:14] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[03/03/2008|20:39] C:\Program Files\Common Files\Adobe
[29/02/2008|17:10] C:\Program Files\Common Files\Adobe(1)
[30/09/2007|18:32] C:\Program Files\Common Files\Apple
[25/09/2007|19:47] C:\Program Files\Common Files\CANON
[02/06/2007|00:53] C:\Program Files\Common Files\DESIGNER
[02/06/2007|00:37] C:\Program Files\Common Files\HP
[25/09/2007|19:53] C:\Program Files\Common Files\InstallShield
[02/06/2007|00:46] C:\Program Files\Common Files\LightScribe
[02/06/2007|00:45] C:\Program Files\Common Files\LS Getting Started
[15/05/2008|01:34] C:\Program Files\Common Files\microsoft shared
[02/06/2007|00:47] C:\Program Files\Common Files\muvee Technologies
[25/09/2007|19:56] C:\Program Files\Common Files\PDFView
[02/06/2007|00:44] C:\Program Files\Common Files\PX Storage Engine
[02/06/2007|00:46] C:\Program Files\Common Files\Real
[02/06/2007|00:44] C:\Program Files\Common Files\Roxio Shared
[25/09/2007|19:53] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[07/09/2008|14:19] C:\Program Files\Common Files\snpstd
[02/06/2007|00:45] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[29/01/2008|21:03] C:\Program Files\Common Files\SureThing Shared
[12/08/2008|03:06] C:\Program Files\Common Files\Symantec Shared
[21/06/2008|20:30] C:\Program Files\Common Files\System
[03/03/2008|20:40] C:\Program Files\Common Files\WindowsLiveInstaller
[02/06/2007|00:46] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 78 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 19:37:35
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:1228][D:76]-> C:\Users\Elodie\AppData\Local\Temp
[F:168][D:1]-> C:\Users\Elodie\AppData\Roaming\MICROS~1\Windows\Cookies
[F:153][D:6]-> C:\Users\Elodie\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|19:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/09/2008|19:39 - Option : [2]

--------------------\\ Fin du rapport a 19:39:57
[ UAC => 1 ]
0
Réponse 7 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Supprime Lop S&D

- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

- Clique sur Install ensuite sur I Accept

- Clique sur Do a scan system and save log file

- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
0
Réponse 8 / 28
lasticote
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49:09, on 09/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIAAE.EXE
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe -r
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
0
Réponse 9 / 28
lasticote
 
ma reponse est just au dessu
0
Réponse 10 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
lasticote ---> Tu as deux antivirus, c'est pas bien.
0
Réponse 11 / 28
lasticote
 
ba non j'ai que avast normalemnt sinon je suis pas au courant ! je fais quoi?
0
Réponse 12 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Supprime Norton avec ceci :
ftp://ftp.symantec.com/public/francais/removal_tools/Norton_Removal_Tool.exe

---> Désinstalle Avast et installe Antivir (français et bien plus efficace) :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_fr_h.exe

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
0
Réponse 13 / 28
najeth
 
personne ne peut me repondre a moi???
0
Réponse 14 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
najeth ---> Merci de créer ton propre sujet.
0
Réponse 15 / 28
lasticote
 
Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1132
Windows 6.0.6001 Service Pack 1

09/09/2008 20:24:34
mbam-log-2008-09-09 (20-24-34).txt

Type de recherche: Examen rapide
Eléments examinés: 46151
Temps écoulé: 4 minute(s), 25 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 16 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Pense un nouveau rapport HijackThis.
0
Réponse 17 / 28
lasticote
 
quoi
0
Réponse 18 / 28
lasticote
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49:09, on 09/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIAAE.EXE
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [EPSON Stylus D68 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe -r
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
0
Réponse 19 / 28
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
C'est le rapport de tout à l'heure. Réinstalle HijackThis.
0
Réponse 20 / 28
lasticote
 
tu peu remettre le lien stp
0

Discussions similaires

Comment désactiver le mode sécurisé de la Freebox POP.
Cycy -
bazfile -

18 réponses
Comment lire un DVD avec un pop-up mobile external DVD-RW
Anna -
Anna -

2 réponses
Freebox pop
Kuza -
CCMBot -

1 réponse
Notifications pop UP sous Android 14
Mich -
Panth33ra -

5 réponses
Freebox Pop Démarrer télé avec une seule télécommande
JOHN6733 -
JOHN6733 -

2 réponses