Sujet Précédent Sujet Suivant

Problème page de pub rapport NAVILOG

Fermé
pascalou - 18 sept. 2008 à 20:47
 pascalou - 20 sept. 2008 à 08:10
Bonjour,
je viens retenter ma chance pour que les pages de pub arrête de me harceler, je voudrais un avis à savoir si je peut passer à l'étape 2 de NAVILOG 1 je joint le rapport de son analyse MERCI d'avance
Search Navipromo version 3.6.5 commencé le 18/09/2008 à 20:16:32,04

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "pascal et nana"

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\users\pascal~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\pascal et nana\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\pascal et nana\AppData\Roaming" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\pascal et nana\AppData\Local\Microsoft" :


* Dans "C:\Users\pascal et nana\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\pascal et nana\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 18/09/2008 à 20:22:29,08 ***
A voir également:

37 réponses

  • 1
  • 2
Réponse 1 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 21:04
salut,

navilog n´a rien trouvé...

Télécharge HijackThis ici :

-> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp...

@+
1
Réponse 2 / 37
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
18 sept. 2008 à 21:07
bonjour à vous deux pour suivre @+
0
Réponse 3 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 21:15
Salut jacques.gache
0
Réponse 4 / 37
pascalou
18 sept. 2008 à 21:17
merci, j'ai donc désinstaller NAVILOG et voici le rapport de hijack
Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: ASETRES.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 37
pascalou
18 sept. 2008 à 21:17
merci, j'ai donc désinstaller NAVILOG et voici le rapport de hijack
Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: ASETRES.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
0
Réponse 6 / 37
jacques.gache Messages postés 33453 Date d'inscription mardi 13 novembre 2007 Statut Contributeur sécurité Dernière intervention 25 janvier 2016 1 616
18 sept. 2008 à 21:19
bonjour, ton hijackthis n'est pas complet ? il manque tout le début
0
Réponse 7 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 21:22
On dirait bien que c´est du cid...

Pascalou :

Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

[*]Double-clique sur Lop S&D.exe pour lancer l'installation,
[*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
[*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
[*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
[*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

@+
0
Réponse 8 / 37
pascalou
18 sept. 2008 à 21:41
oups !! pour repondre à jacque désolé le revoilà complet et en attendant j'essaie lop S&D
e of Trend Micro HijackThis v2.0.2
Scan saved at 21:13:32, on 18/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pascal et nana\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: ASETRES.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
0
Réponse 9 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 21:46
tu as deux antivirus !!!
desinstalles avast
et post le rapport lopsd stp
@+
0
Réponse 10 / 37
pascalou
18 sept. 2008 à 21:51
Voici le rapport lopS&D en espérant que ça vous parle parce que moi !!! :-))
--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
USER : pascal et nana ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080918-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 18/09/2008|21:46 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
[17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
[31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
[18/09/2008|20:11] C:\Users\PASCAL~1\AppData\Local\IconCache.db
[30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
[18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
[08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
[01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
[31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
[28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
[18/09/2008|21:45] C:\Users\PASCAL~1\AppData\Local\Temp
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
[28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
[21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
[18/09/2008 20:12][--ah-----] C:\Windows\tasks\SA.DAT
[18/09/2008 20:11][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
[30/08/2008|08:40] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[31/08/2008|00:19] C:\ProgramData\Azureus
[28/08/2008|16:35] C:\ProgramData\Bureau
[13/09/2008|17:57] C:\ProgramData\byte loud style cool
[13/09/2008|17:56] C:\ProgramData\chingramgram.o26a411
[13/09/2008|17:56] C:\ProgramData\chingramgram.vi7ar3w
[21/03/2008|13:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/03/2008|13:47] C:\ProgramData\eSobi
[28/08/2008|16:35] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[21/03/2008|13:36] C:\ProgramData\FloodLightGames
[31/08/2008|09:04] C:\ProgramData\Google
[30/08/2008|15:31] C:\ProgramData\IM
[30/08/2008|15:29] C:\ProgramData\IncrediMail
[14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
[14/09/2008|11:59] C:\ProgramData\Malwarebytes
[21/03/2008|13:53] C:\ProgramData\McAfee
[28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
[16/09/2008|17:13] C:\ProgramData\Microsoft
[10/09/2008|07:31] C:\ProgramData\Microsoft Help
[28/08/2008|16:35] C:\ProgramData\ModŠles
[18/06/2008|08:06] C:\ProgramData\NVIDIA
[21/03/2008|13:52] C:\ProgramData\SiteAdvisor
[18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[13/09/2008|17:57] C:\ProgramData\traydead
[13/09/2008|17:57] C:\ProgramData\WIN LICENSE DRAW.38zdbe
[07/09/2008|09:22] C:\ProgramData\WLInstaller
[30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[21/03/2008|13:47] C:\Program Files\Acer Arcade Live
[21/03/2008|13:46] C:\Program Files\Acer GameZone
[18/06/2008|08:12] C:\Program Files\Acer Incorporated
[21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[30/08/2008|08:41] C:\Program Files\Adobe
[18/09/2008|18:14] C:\Program Files\Alwil Software
[31/08/2008|00:19] C:\Program Files\AskSBar
[18/06/2008|08:07] C:\Program Files\ATI
[31/08/2008|00:20] C:\Program Files\Azureus
[12/09/2008|17:32] C:\Program Files\Common Files
[31/08/2008|08:59] C:\Program Files\Conduit
[21/03/2008|13:33] C:\Program Files\CyberLink
[28/08/2008|16:54] C:\Program Files\DIFX
[21/03/2008|13:47] C:\Program Files\eSobi
[28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/09/2008|07:13] C:\Program Files\Google
[02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
[21/01/2008|04:35] C:\Program Files\Internet Explorer
[12/09/2008|17:33] C:\Program Files\Java
[12/09/2008|17:30] C:\Program Files\LimeWire
[14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
[14/09/2008|09:29] C:\Program Files\McAfee
[21/03/2008|13:51] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/03/2008|13:17] C:\Program Files\Microsoft Office
[10/09/2008|07:30] C:\Program Files\Microsoft Works
[21/03/2008|13:15] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|17:15] C:\Program Files\MSXML 4.0
[18/09/2008|21:11] C:\Program Files\Navilog1
[21/03/2008|13:22] C:\Program Files\NewTech Infosystems
[31/08/2008|08:59] C:\Program Files\P2P_Energy
[21/03/2008|13:11] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/09/2008|17:28] C:\Program Files\Samsung
[14/09/2008|08:37] C:\Program Files\SiteAdvisor
[18/09/2008|21:43] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|17:33] C:\Program Files\Sun
[28/08/2008|16:54] C:\Program Files\TRENDnet
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/08/2008|12:55] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[07/09/2008|09:28] C:\Program Files\Windows Live
[28/08/2008|18:16] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[28/08/2008|16:35] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[21/03/2008|13:48] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/08/2008|08:41] C:\Program Files\Common Files\Adobe
[21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
[21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
[12/09/2008|17:32] C:\Program Files\Common Files\Java
[21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
[21/03/2008|13:52] C:\Program Files\Common Files\McAfee
[07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
[21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
[21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
[21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:35] C:\Program Files\Common Files\System
[07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 81 Processes )

iexplore.exe ~ [PID:2340]
iexplore.exe ~ [PID:2524]
iexplore.exe ~ [PID:4300]
iexplore.exe ~ [PID:1752]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\WIN LICENSE DRAW.38zdbe
C:\ProgramData\chingramgram.o26a411
C:\ProgramData\chingramgram.vi7ar3w

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\byte loud style cool
C:\ProgramData\byte loud style cool\sign idol.exe
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"style cool 2 city"="\"C:\\ProgramData\\WIN LICENSE DRAW.38zdbe\""
"GreatLog"="\"C:\\ProgramData\\chingramgram.o26a411\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 21:46:30
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:250][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
[F:182][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2513][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:27][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]

--------------------\\ Fin du rapport a 21:48:05
[ UAC => 1 ]
0
Réponse 11 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 22:02
oui ca me parle :)

passe l´option 2 > netoyage et post le rapport stp

d´une pierre deux coup :

Télécharge Toolbar-S&D de Eric_71 :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
Sur ton bureau, impératif.

**Recherche**

Double clique sur le fichier ToolBar SD.exe, avec élévation des privilèges sous Vista.
https://i45.servimg.com/u/f45/11/05/93/83/tb110.jpg
Coche la case "Je suis d'accord...ci-dessus", accepter la création du répertoire par Oui, puis Suivant et Quitter
Une icône sera crée sur le bureau ToolBar SD
https://i45.servimg.com/u/f45/11/05/93/83/tb210.jpg
Sous Vista, faire un clic droit et Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.
Dans la fenêtre DOS bleue, Tape F, Entrer.
Ensuite tape 1 et Entrer.
Le système va redémarrer et le scan prendra quelques minutes.
Une fois terminé un rapport TB.txt va s'ouvrir.
Tu cliques dessus et tu fais :
CTRL+A pour tout sélectionner
CTRL+C pour tout mettre dans le presse-papier
Tu ouvres une réponse sur le forum et tu fais :
CTRL+V pour coller le rapport dans cette réponse.
Tu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
Ce rapport sera enregistré à la racine du système : C:\TB.txt

donc post les deux rapports stp

@+
0
Réponse 12 / 37
pascalou
18 sept. 2008 à 22:16
voila avast déinstaller joint rapport après désinstallation et je télécharge toolbar,c'est l'option 2 ?

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
USER : pascal et nana ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 18/09/2008|22:03 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
[17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
[31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
[18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
[30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
[18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
[08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
[01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
[31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
[28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
[18/09/2008|22:02] C:\Users\PASCAL~1\AppData\Local\Temp
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
[28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
[21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
[18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
[18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
[30/08/2008|08:40] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[31/08/2008|00:19] C:\ProgramData\Azureus
[28/08/2008|16:35] C:\ProgramData\Bureau
[13/09/2008|17:57] C:\ProgramData\byte loud style cool
[13/09/2008|17:56] C:\ProgramData\chingramgram.o26a411
[13/09/2008|17:56] C:\ProgramData\chingramgram.vi7ar3w
[21/03/2008|13:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/03/2008|13:47] C:\ProgramData\eSobi
[28/08/2008|16:35] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[21/03/2008|13:36] C:\ProgramData\FloodLightGames
[31/08/2008|09:04] C:\ProgramData\Google
[30/08/2008|15:31] C:\ProgramData\IM
[30/08/2008|15:29] C:\ProgramData\IncrediMail
[14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
[14/09/2008|11:59] C:\ProgramData\Malwarebytes
[21/03/2008|13:53] C:\ProgramData\McAfee
[28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
[16/09/2008|17:13] C:\ProgramData\Microsoft
[10/09/2008|07:31] C:\ProgramData\Microsoft Help
[28/08/2008|16:35] C:\ProgramData\ModŠles
[18/06/2008|08:06] C:\ProgramData\NVIDIA
[21/03/2008|13:52] C:\ProgramData\SiteAdvisor
[18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[13/09/2008|17:57] C:\ProgramData\traydead
[13/09/2008|17:57] C:\ProgramData\WIN LICENSE DRAW.38zdbe
[07/09/2008|09:22] C:\ProgramData\WLInstaller
[30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[21/03/2008|13:47] C:\Program Files\Acer Arcade Live
[21/03/2008|13:46] C:\Program Files\Acer GameZone
[18/06/2008|08:12] C:\Program Files\Acer Incorporated
[21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[30/08/2008|08:41] C:\Program Files\Adobe
[18/09/2008|18:14] C:\Program Files\Alwil Software
[31/08/2008|00:19] C:\Program Files\AskSBar
[18/06/2008|08:07] C:\Program Files\ATI
[31/08/2008|00:20] C:\Program Files\Azureus
[12/09/2008|17:32] C:\Program Files\Common Files
[31/08/2008|08:59] C:\Program Files\Conduit
[21/03/2008|13:33] C:\Program Files\CyberLink
[28/08/2008|16:54] C:\Program Files\DIFX
[21/03/2008|13:47] C:\Program Files\eSobi
[28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/09/2008|07:13] C:\Program Files\Google
[02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
[21/01/2008|04:35] C:\Program Files\Internet Explorer
[12/09/2008|17:33] C:\Program Files\Java
[12/09/2008|17:30] C:\Program Files\LimeWire
[14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
[14/09/2008|09:29] C:\Program Files\McAfee
[21/03/2008|13:51] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/03/2008|13:17] C:\Program Files\Microsoft Office
[10/09/2008|07:30] C:\Program Files\Microsoft Works
[21/03/2008|13:15] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|17:15] C:\Program Files\MSXML 4.0
[18/09/2008|21:11] C:\Program Files\Navilog1
[21/03/2008|13:22] C:\Program Files\NewTech Infosystems
[31/08/2008|08:59] C:\Program Files\P2P_Energy
[21/03/2008|13:11] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/09/2008|17:28] C:\Program Files\Samsung
[14/09/2008|08:37] C:\Program Files\SiteAdvisor
[18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|17:33] C:\Program Files\Sun
[28/08/2008|16:54] C:\Program Files\TRENDnet
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/08/2008|12:55] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[07/09/2008|09:28] C:\Program Files\Windows Live
[28/08/2008|18:16] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[28/08/2008|16:35] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[21/03/2008|13:48] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/08/2008|08:41] C:\Program Files\Common Files\Adobe
[21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
[21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
[12/09/2008|17:32] C:\Program Files\Common Files\Java
[21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
[21/03/2008|13:52] C:\Program Files\Common Files\McAfee
[07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
[21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
[21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
[21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:35] C:\Program Files\Common Files\System
[07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 69 Processes )

iexplore.exe ~ [PID:576]
iexplore.exe ~ [PID:3964]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\WIN LICENSE DRAW.38zdbe
C:\ProgramData\chingramgram.o26a411
C:\ProgramData\chingramgram.vi7ar3w

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\byte loud style cool
C:\ProgramData\byte loud style cool\sign idol.exe
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"style cool 2 city"="\"C:\\ProgramData\\WIN LICENSE DRAW.38zdbe\""
"GreatLog"="\"C:\\ProgramData\\chingramgram.o26a411\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 22:03:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:245][D:13]-> C:\Users\PASCAL~1\AppData\Local\Temp
[F:185][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2717][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:27][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]

--------------------\\ Fin du rapport a 22:05:14
[ UAC => 1 ]
0
Réponse 13 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 22:19
Là c´est encore le rapport de l´option 1 de lop sd ?
post le rapport de l´option 2 stp
ps : je vais trop vite > on va faire un truc a la fois ;)
0
Réponse 14 / 37
pascalou
18 sept. 2008 à 22:25
Oui oui un peut vite :-)) voici le rapport de toolbar et je passe à l'option 2 de celui-ci?

-----------\\ ToolBar S&D 1.2.0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
USER : pascal et nana ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 18/09/2008|22:20 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Program Files\P2P_Energy
C:\Program Files\P2P_Energy\INSTALL.LOG
C:\Program Files\P2P_Energy\P2P_EnergyToolbarHelper.exe
C:\Program Files\P2P_Energy\tbP2P_.dll
C:\Program Files\P2P_Energy\toolbar.cfg
C:\Program Files\P2P_Energy\UNWISE.EXE

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Start Page Restore"="https://www.google.fr/?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 18/09/2008|22:20 - Option : [1]

-----------\\ Fin du rapport a 22:20:42,96
0
Réponse 15 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 22:28
oui passe l´option 2 de celui ci et post le rapport
0
Réponse 16 / 37
pascalou
18 sept. 2008 à 22:33
voila le rapport de l'option 2 de lopSD, je m'embrouille un peu entre toolbar et lopSD désolé!

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
USER : pascal et nana ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 18/09/2008|22:29 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\byte loud style cool\sign idol.exe
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt
Supprime! - C:\ProgramData\WIN LICENSE DRAW.38zdbe
Supprime! - C:\ProgramData\chingramgram.o26a411
Supprime! - C:\ProgramData\chingramgram.vi7ar3w
Supprime! - C:\ProgramData\byte loud style cool
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
[17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
[31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
[18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
[30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
[18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
[08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
[01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
[31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
[28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
[18/09/2008|22:29] C:\Users\PASCAL~1\AppData\Local\Temp
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
[28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
[21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
[18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
[18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
[30/08/2008|08:40] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[31/08/2008|00:19] C:\ProgramData\Azureus
[28/08/2008|16:35] C:\ProgramData\Bureau
[21/03/2008|13:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/03/2008|13:47] C:\ProgramData\eSobi
[28/08/2008|16:35] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[21/03/2008|13:36] C:\ProgramData\FloodLightGames
[31/08/2008|09:04] C:\ProgramData\Google
[30/08/2008|15:31] C:\ProgramData\IM
[30/08/2008|15:29] C:\ProgramData\IncrediMail
[14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
[14/09/2008|11:59] C:\ProgramData\Malwarebytes
[21/03/2008|13:53] C:\ProgramData\McAfee
[28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
[16/09/2008|17:13] C:\ProgramData\Microsoft
[10/09/2008|07:31] C:\ProgramData\Microsoft Help
[28/08/2008|16:35] C:\ProgramData\ModŠles
[18/06/2008|08:06] C:\ProgramData\NVIDIA
[21/03/2008|13:52] C:\ProgramData\SiteAdvisor
[18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[13/09/2008|17:57] C:\ProgramData\traydead
[07/09/2008|09:22] C:\ProgramData\WLInstaller
[30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[21/03/2008|13:47] C:\Program Files\Acer Arcade Live
[21/03/2008|13:46] C:\Program Files\Acer GameZone
[18/06/2008|08:12] C:\Program Files\Acer Incorporated
[21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[30/08/2008|08:41] C:\Program Files\Adobe
[18/09/2008|18:14] C:\Program Files\Alwil Software
[31/08/2008|00:19] C:\Program Files\AskSBar
[18/06/2008|08:07] C:\Program Files\ATI
[31/08/2008|00:20] C:\Program Files\Azureus
[12/09/2008|17:32] C:\Program Files\Common Files
[31/08/2008|08:59] C:\Program Files\Conduit
[21/03/2008|13:33] C:\Program Files\CyberLink
[28/08/2008|16:54] C:\Program Files\DIFX
[21/03/2008|13:47] C:\Program Files\eSobi
[28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/09/2008|07:13] C:\Program Files\Google
[02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
[21/01/2008|04:35] C:\Program Files\Internet Explorer
[12/09/2008|17:33] C:\Program Files\Java
[12/09/2008|17:30] C:\Program Files\LimeWire
[14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
[14/09/2008|09:29] C:\Program Files\McAfee
[21/03/2008|13:51] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/03/2008|13:17] C:\Program Files\Microsoft Office
[10/09/2008|07:30] C:\Program Files\Microsoft Works
[21/03/2008|13:15] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|17:15] C:\Program Files\MSXML 4.0
[18/09/2008|21:11] C:\Program Files\Navilog1
[21/03/2008|13:22] C:\Program Files\NewTech Infosystems
[31/08/2008|08:59] C:\Program Files\P2P_Energy
[21/03/2008|13:11] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/09/2008|17:28] C:\Program Files\Samsung
[14/09/2008|08:37] C:\Program Files\SiteAdvisor
[18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|17:33] C:\Program Files\Sun
[28/08/2008|16:54] C:\Program Files\TRENDnet
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/08/2008|12:55] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[07/09/2008|09:28] C:\Program Files\Windows Live
[28/08/2008|18:16] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[28/08/2008|16:35] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[21/03/2008|13:48] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/08/2008|08:41] C:\Program Files\Common Files\Adobe
[21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
[21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
[12/09/2008|17:32] C:\Program Files\Common Files\Java
[21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
[21/03/2008|13:52] C:\Program Files\Common Files\McAfee
[07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
[21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
[21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
[21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:35] C:\Program Files\Common Files\System
[07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 70 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 22:29:23
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:258][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
[F:186][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2726][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:27][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 18/09/2008|22:30 - Option : [2]

--------------------\\ Fin du rapport a 22:30:52
[ UAC => 1 ]
0
Réponse 17 / 37
pascalou
18 sept. 2008 à 22:39
et voici le rapport de l'option de toolbar

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
USER : pascal et nana ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 18/09/2008|22:29 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\byte loud style cool\sign idol.exe
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt
Supprime! - C:\ProgramData\WIN LICENSE DRAW.38zdbe
Supprime! - C:\ProgramData\chingramgram.o26a411
Supprime! - C:\ProgramData\chingramgram.vi7ar3w
Supprime! - C:\ProgramData\byte loud style cool
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
[17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
[31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
[18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
[30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
[18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
[08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
[01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
[31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
[28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
[18/09/2008|22:29] C:\Users\PASCAL~1\AppData\Local\Temp
[28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
[28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
[21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
[18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
[18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
[30/08/2008|08:40] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[31/08/2008|00:19] C:\ProgramData\Azureus
[28/08/2008|16:35] C:\ProgramData\Bureau
[21/03/2008|13:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/03/2008|13:47] C:\ProgramData\eSobi
[28/08/2008|16:35] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[21/03/2008|13:36] C:\ProgramData\FloodLightGames
[31/08/2008|09:04] C:\ProgramData\Google
[30/08/2008|15:31] C:\ProgramData\IM
[30/08/2008|15:29] C:\ProgramData\IncrediMail
[14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
[14/09/2008|11:59] C:\ProgramData\Malwarebytes
[21/03/2008|13:53] C:\ProgramData\McAfee
[28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
[16/09/2008|17:13] C:\ProgramData\Microsoft
[10/09/2008|07:31] C:\ProgramData\Microsoft Help
[28/08/2008|16:35] C:\ProgramData\ModŠles
[18/06/2008|08:06] C:\ProgramData\NVIDIA
[21/03/2008|13:52] C:\ProgramData\SiteAdvisor
[18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[02/11/2006|15:02] C:\ProgramData\Templates
[13/09/2008|17:57] C:\ProgramData\traydead
[07/09/2008|09:22] C:\ProgramData\WLInstaller
[30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[21/03/2008|13:47] C:\Program Files\Acer Arcade Live
[21/03/2008|13:46] C:\Program Files\Acer GameZone
[18/06/2008|08:12] C:\Program Files\Acer Incorporated
[21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[30/08/2008|08:41] C:\Program Files\Adobe
[18/09/2008|18:14] C:\Program Files\Alwil Software
[31/08/2008|00:19] C:\Program Files\AskSBar
[18/06/2008|08:07] C:\Program Files\ATI
[31/08/2008|00:20] C:\Program Files\Azureus
[12/09/2008|17:32] C:\Program Files\Common Files
[31/08/2008|08:59] C:\Program Files\Conduit
[21/03/2008|13:33] C:\Program Files\CyberLink
[28/08/2008|16:54] C:\Program Files\DIFX
[21/03/2008|13:47] C:\Program Files\eSobi
[28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/09/2008|07:13] C:\Program Files\Google
[02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
[21/01/2008|04:35] C:\Program Files\Internet Explorer
[12/09/2008|17:33] C:\Program Files\Java
[12/09/2008|17:30] C:\Program Files\LimeWire
[14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
[14/09/2008|09:29] C:\Program Files\McAfee
[21/03/2008|13:51] C:\Program Files\McAfee.com
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[21/03/2008|13:17] C:\Program Files\Microsoft Office
[10/09/2008|07:30] C:\Program Files\Microsoft Works
[21/03/2008|13:15] C:\Program Files\Microsoft.NET
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|17:15] C:\Program Files\MSXML 4.0
[18/09/2008|21:11] C:\Program Files\Navilog1
[21/03/2008|13:22] C:\Program Files\NewTech Infosystems
[31/08/2008|08:59] C:\Program Files\P2P_Energy
[21/03/2008|13:11] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[02/09/2008|17:28] C:\Program Files\Samsung
[14/09/2008|08:37] C:\Program Files\SiteAdvisor
[18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
[12/09/2008|17:33] C:\Program Files\Sun
[28/08/2008|16:54] C:\Program Files\TRENDnet
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[31/08/2008|12:55] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[07/09/2008|09:28] C:\Program Files\Windows Live
[28/08/2008|18:16] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[28/08/2008|16:35] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
[21/03/2008|13:48] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/08/2008|08:41] C:\Program Files\Common Files\Adobe
[21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
[21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
[12/09/2008|17:32] C:\Program Files\Common Files\Java
[21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
[21/03/2008|13:52] C:\Program Files\Common Files\McAfee
[07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
[21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
[21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
[21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/01/2008|04:35] C:\Program Files\Common Files\System
[07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 70 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-18 22:29:23
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:258][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
[F:186][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2726][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:27][D:5]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 18/09/2008|22:30 - Option : [2]

--------------------\\ Fin du rapport a 22:30:52
[ UAC => 1 ]
0
Réponse 18 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 22:40
oui je voie ça...

bon celui la; c´était lopsd option 2 il te reste a passer toolbar sd option 2 maintenant et a poster le rapport :)

@+
0
Réponse 19 / 37
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
18 sept. 2008 à 22:45
re,
c´est ma faute; j´ai reussi a t´embrouiller...
post un rapport nouveau hijack this stp
0
Réponse 20 / 37
pascalou
18 sept. 2008 à 22:46
ca y est tu à les deux juste avant ton dernier message je ne vais pas assez vite lol alors ça donne quoi?
0

Discussions similaires

[référencement] Ne pas être référencé
kij_82 -
Searaphina -

10 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses