Problème page de pub rapport NAVILOG

pascalou -  
 pascalou -
Bonjour,
je viens retenter ma chance pour que les pages de pub arrête de me harceler, je voudrais un avis à savoir si je peut passer à l'étape 2 de NAVILOG 1 je joint le rapport de son analyse MERCI d'avance
Search Navipromo version 3.6.5 commencé le 18/09/2008 à 20:16:32,04

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "pascal et nana"

Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "c:\users\pascal~1\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\pascal et nana\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\pascal et nana\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\pascal et nana\AppData\Local" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\pascal et nana\AppData\Local\Microsoft" :

* Dans "C:\Users\pascal et nana\AppData\Local\virtualstore\windows\system32" :

* Dans "C:\Users\pascal et nana\AppData\Local" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 18/09/2008 à 20:22:29,08 ***
Configuration: Windows Vista
Internet Explorer 7.0

37 réponses

  • 1
  • 2
  1. g!rly Messages postés 18462 Statut Contributeur 407
     
    salut,

    navilog n´a rien trouvé...

    Télécharge HijackThis ici :

    -> http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

    Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

    -> http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

    -> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    Post le rapport généré ici stp...

    @+
    1
  2. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour à vous deux pour suivre @+
    0
  3. g!rly Messages postés 18462 Statut Contributeur 407
     
    Salut jacques.gache
    0
  4. pascalou
     
    merci, j'ai donc désinstaller NAVILOG et voici le rapport de hijack
    Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
    O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
    O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: ASETRES.EXE
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. pascalou
     
    merci, j'ai donc désinstaller NAVILOG et voici le rapport de hijack
    Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
    O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
    O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: ASETRES.EXE
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
    0
  7. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour, ton hijackthis n'est pas complet ? il manque tout le début
    0
  8. g!rly Messages postés 18462 Statut Contributeur 407
     
    On dirait bien que c´est du cid...

    Pascalou :

    Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    [*]Double-clique sur Lop S&D.exe pour lancer l'installation,
    [*]Puis double-clique sur le raccourci Lop S&D présent sur le Bureau.
    [*]Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
    Le scan prend moins d'une minute.
    [*]A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
    [*]Enregistre le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt

    @+
    0
  9. pascalou
     
    oups !! pour repondre à jacque désolé le revoilà complet et en attendant j'essaie lop S&D
    e of Trend Micro HijackThis v2.0.2
    Scan saved at 21:13:32, on 18/09/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\nvraidservice.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\notepad.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\pascal et nana\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [Setresolution] C:\ACERSW\config\1680x1050.cmd
    O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [GreatLog] "C:\ProgramData\chingramgram.o26a411"
    O4 - HKCU\..\Run: [style cool 2 city] "C:\ProgramData\WIN LICENSE DRAW.38zdbe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: ASETRES.EXE
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O4 - Global Startup: TEW-624UB & TEW-644UB Manager.lnk = C:\Program Files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?AuthParam=1221233562_e964e718fa30c2d836e90dd3ed12dabd&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&File=jinstall-6u7-windows-i586-jc.cab
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
    0
  10. g!rly Messages postés 18462 Statut Contributeur 407
     
    tu as deux antivirus !!!
    desinstalles avast
    et post le rapport lopsd stp
    @+
    0
  11. pascalou
     
    Voici le rapport lopS&D en espérant que ça vous parle parce que moi !!! :-))
    --------------------\\ Lop S&D 4.2.4-3 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
    BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
    USER : pascal et nana ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1229 [VPS 080918-0] 4.8.1229 (Activated)
    C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
    D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
    Option : [1] ( 18/09/2008|21:46 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
    [17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
    [18/09/2008|20:11] C:\Users\PASCAL~1\AppData\Local\IconCache.db
    [30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
    [18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
    [08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
    [01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
    [31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
    [28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
    [18/09/2008|21:45] C:\Users\PASCAL~1\AppData\Local\Temp
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
    [28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
    [21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
    [18/09/2008 20:12][--ah-----] C:\Windows\tasks\SA.DAT
    [18/09/2008 20:11][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
    [30/08/2008|08:40] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [31/08/2008|00:19] C:\ProgramData\Azureus
    [28/08/2008|16:35] C:\ProgramData\Bureau
    [13/09/2008|17:57] C:\ProgramData\byte loud style cool
    [13/09/2008|17:56] C:\ProgramData\chingramgram.o26a411
    [13/09/2008|17:56] C:\ProgramData\chingramgram.vi7ar3w
    [21/03/2008|13:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/03/2008|13:47] C:\ProgramData\eSobi
    [28/08/2008|16:35] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [21/03/2008|13:36] C:\ProgramData\FloodLightGames
    [31/08/2008|09:04] C:\ProgramData\Google
    [30/08/2008|15:31] C:\ProgramData\IM
    [30/08/2008|15:29] C:\ProgramData\IncrediMail
    [14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
    [14/09/2008|11:59] C:\ProgramData\Malwarebytes
    [21/03/2008|13:53] C:\ProgramData\McAfee
    [28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
    [16/09/2008|17:13] C:\ProgramData\Microsoft
    [10/09/2008|07:31] C:\ProgramData\Microsoft Help
    [28/08/2008|16:35] C:\ProgramData\ModŠles
    [18/06/2008|08:06] C:\ProgramData\NVIDIA
    [21/03/2008|13:52] C:\ProgramData\SiteAdvisor
    [18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [02/11/2006|15:02] C:\ProgramData\Templates
    [13/09/2008|17:57] C:\ProgramData\traydead
    [13/09/2008|17:57] C:\ProgramData\WIN LICENSE DRAW.38zdbe
    [07/09/2008|09:22] C:\ProgramData\WLInstaller
    [30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/03/2008|13:47] C:\Program Files\Acer Arcade Live
    [21/03/2008|13:46] C:\Program Files\Acer GameZone
    [18/06/2008|08:12] C:\Program Files\Acer Incorporated
    [21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [30/08/2008|08:41] C:\Program Files\Adobe
    [18/09/2008|18:14] C:\Program Files\Alwil Software
    [31/08/2008|00:19] C:\Program Files\AskSBar
    [18/06/2008|08:07] C:\Program Files\ATI
    [31/08/2008|00:20] C:\Program Files\Azureus
    [12/09/2008|17:32] C:\Program Files\Common Files
    [31/08/2008|08:59] C:\Program Files\Conduit
    [21/03/2008|13:33] C:\Program Files\CyberLink
    [28/08/2008|16:54] C:\Program Files\DIFX
    [21/03/2008|13:47] C:\Program Files\eSobi
    [28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/09/2008|07:13] C:\Program Files\Google
    [02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
    [21/01/2008|04:35] C:\Program Files\Internet Explorer
    [12/09/2008|17:33] C:\Program Files\Java
    [12/09/2008|17:30] C:\Program Files\LimeWire
    [14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
    [14/09/2008|09:29] C:\Program Files\McAfee
    [21/03/2008|13:51] C:\Program Files\McAfee.com
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [21/03/2008|13:17] C:\Program Files\Microsoft Office
    [10/09/2008|07:30] C:\Program Files\Microsoft Works
    [21/03/2008|13:15] C:\Program Files\Microsoft.NET
    [21/01/2008|04:35] C:\Program Files\Movie Maker
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [28/08/2008|17:15] C:\Program Files\MSXML 4.0
    [18/09/2008|21:11] C:\Program Files\Navilog1
    [21/03/2008|13:22] C:\Program Files\NewTech Infosystems
    [31/08/2008|08:59] C:\Program Files\P2P_Energy
    [21/03/2008|13:11] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [02/09/2008|17:28] C:\Program Files\Samsung
    [14/09/2008|08:37] C:\Program Files\SiteAdvisor
    [18/09/2008|21:43] C:\Program Files\Spybot - Search & Destroy
    [12/09/2008|17:33] C:\Program Files\Sun
    [28/08/2008|16:54] C:\Program Files\TRENDnet
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [31/08/2008|12:55] C:\Program Files\VideoLAN
    [21/01/2008|04:35] C:\Program Files\Windows Calendar
    [21/01/2008|04:35] C:\Program Files\Windows Collaboration
    [21/01/2008|04:35] C:\Program Files\Windows Defender
    [21/01/2008|04:35] C:\Program Files\Windows Journal
    [07/09/2008|09:28] C:\Program Files\Windows Live
    [28/08/2008|18:16] C:\Program Files\Windows Mail
    [21/01/2008|04:35] C:\Program Files\Windows Media Player
    [28/08/2008|16:35] C:\Program Files\Windows NT
    [21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
    [21/01/2008|04:35] C:\Program Files\Windows Sidebar
    [21/03/2008|13:48] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [30/08/2008|08:41] C:\Program Files\Common Files\Adobe
    [21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
    [21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
    [12/09/2008|17:32] C:\Program Files\Common Files\Java
    [21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
    [21/03/2008|13:52] C:\Program Files\Common Files\McAfee
    [07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
    [21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
    [21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
    [21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [21/01/2008|04:35] C:\Program Files\Common Files\System
    [07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 81 Processes )

    iexplore.exe ~ [PID:2340]
    iexplore.exe ~ [PID:2524]
    iexplore.exe ~ [PID:4300]
    iexplore.exe ~ [PID:1752]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\WIN LICENSE DRAW.38zdbe
    C:\ProgramData\chingramgram.o26a411
    C:\ProgramData\chingramgram.vi7ar3w

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\byte loud style cool
    C:\ProgramData\byte loud style cool\sign idol.exe
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "style cool 2 city"="\"C:\\ProgramData\\WIN LICENSE DRAW.38zdbe\""
    "GreatLog"="\"C:\\ProgramData\\chingramgram.o26a411\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-18 21:46:30
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:250][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
    [F:182][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2513][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:27][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]

    --------------------\\ Fin du rapport a 21:48:05
    [ UAC => 1 ]
    0
  12. g!rly Messages postés 18462 Statut Contributeur 407
     
    oui ca me parle :)

    passe l´option 2 > netoyage et post le rapport stp

    d´une pierre deux coup :

    Télécharge Toolbar-S&D de Eric_71 :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
    Sur ton bureau, impératif.

    **Recherche**

    Double clique sur le fichier ToolBar SD.exe, avec élévation des privilèges sous Vista.
    https://i45.servimg.com/u/f45/11/05/93/83/tb110.jpg
    Coche la case "Je suis d'accord...ci-dessus", accepter la création du répertoire par Oui, puis Suivant et Quitter
    Une icône sera crée sur le bureau ToolBar SD
    https://i45.servimg.com/u/f45/11/05/93/83/tb210.jpg
    Sous Vista, faire un clic droit et Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.
    Dans la fenêtre DOS bleue, Tape F, Entrer.
    Ensuite tape 1 et Entrer.
    Le système va redémarrer et le scan prendra quelques minutes.
    Une fois terminé un rapport TB.txt va s'ouvrir.
    Tu cliques dessus et tu fais :
    CTRL+A pour tout sélectionner
    CTRL+C pour tout mettre dans le presse-papier
    Tu ouvres une réponse sur le forum et tu fais :
    CTRL+V pour coller le rapport dans cette réponse.
    Tu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
    Ce rapport sera enregistré à la racine du système : C:\TB.txt

    donc post les deux rapports stp

    @+
    0
  13. pascalou
     
    voila avast déinstaller joint rapport après désinstallation et je télécharge toolbar,c'est l'option 2 ?

    --------------------\\ Lop S&D 4.2.4-3 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
    BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
    USER : pascal et nana ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
    D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
    Option : [1] ( 18/09/2008|22:03 )

    [ UAC => 1 ]

    --------------------\\ Listing des dossiers dans Local

    [29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
    [17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
    [18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
    [30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
    [18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
    [08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
    [01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
    [31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
    [28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
    [18/09/2008|22:02] C:\Users\PASCAL~1\AppData\Local\Temp
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
    [28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
    [21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
    [18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
    [18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
    [30/08/2008|08:40] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [31/08/2008|00:19] C:\ProgramData\Azureus
    [28/08/2008|16:35] C:\ProgramData\Bureau
    [13/09/2008|17:57] C:\ProgramData\byte loud style cool
    [13/09/2008|17:56] C:\ProgramData\chingramgram.o26a411
    [13/09/2008|17:56] C:\ProgramData\chingramgram.vi7ar3w
    [21/03/2008|13:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/03/2008|13:47] C:\ProgramData\eSobi
    [28/08/2008|16:35] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [21/03/2008|13:36] C:\ProgramData\FloodLightGames
    [31/08/2008|09:04] C:\ProgramData\Google
    [30/08/2008|15:31] C:\ProgramData\IM
    [30/08/2008|15:29] C:\ProgramData\IncrediMail
    [14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
    [14/09/2008|11:59] C:\ProgramData\Malwarebytes
    [21/03/2008|13:53] C:\ProgramData\McAfee
    [28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
    [16/09/2008|17:13] C:\ProgramData\Microsoft
    [10/09/2008|07:31] C:\ProgramData\Microsoft Help
    [28/08/2008|16:35] C:\ProgramData\ModŠles
    [18/06/2008|08:06] C:\ProgramData\NVIDIA
    [21/03/2008|13:52] C:\ProgramData\SiteAdvisor
    [18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [02/11/2006|15:02] C:\ProgramData\Templates
    [13/09/2008|17:57] C:\ProgramData\traydead
    [13/09/2008|17:57] C:\ProgramData\WIN LICENSE DRAW.38zdbe
    [07/09/2008|09:22] C:\ProgramData\WLInstaller
    [30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/03/2008|13:47] C:\Program Files\Acer Arcade Live
    [21/03/2008|13:46] C:\Program Files\Acer GameZone
    [18/06/2008|08:12] C:\Program Files\Acer Incorporated
    [21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [30/08/2008|08:41] C:\Program Files\Adobe
    [18/09/2008|18:14] C:\Program Files\Alwil Software
    [31/08/2008|00:19] C:\Program Files\AskSBar
    [18/06/2008|08:07] C:\Program Files\ATI
    [31/08/2008|00:20] C:\Program Files\Azureus
    [12/09/2008|17:32] C:\Program Files\Common Files
    [31/08/2008|08:59] C:\Program Files\Conduit
    [21/03/2008|13:33] C:\Program Files\CyberLink
    [28/08/2008|16:54] C:\Program Files\DIFX
    [21/03/2008|13:47] C:\Program Files\eSobi
    [28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/09/2008|07:13] C:\Program Files\Google
    [02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
    [21/01/2008|04:35] C:\Program Files\Internet Explorer
    [12/09/2008|17:33] C:\Program Files\Java
    [12/09/2008|17:30] C:\Program Files\LimeWire
    [14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
    [14/09/2008|09:29] C:\Program Files\McAfee
    [21/03/2008|13:51] C:\Program Files\McAfee.com
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [21/03/2008|13:17] C:\Program Files\Microsoft Office
    [10/09/2008|07:30] C:\Program Files\Microsoft Works
    [21/03/2008|13:15] C:\Program Files\Microsoft.NET
    [21/01/2008|04:35] C:\Program Files\Movie Maker
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [28/08/2008|17:15] C:\Program Files\MSXML 4.0
    [18/09/2008|21:11] C:\Program Files\Navilog1
    [21/03/2008|13:22] C:\Program Files\NewTech Infosystems
    [31/08/2008|08:59] C:\Program Files\P2P_Energy
    [21/03/2008|13:11] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [02/09/2008|17:28] C:\Program Files\Samsung
    [14/09/2008|08:37] C:\Program Files\SiteAdvisor
    [18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
    [12/09/2008|17:33] C:\Program Files\Sun
    [28/08/2008|16:54] C:\Program Files\TRENDnet
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [31/08/2008|12:55] C:\Program Files\VideoLAN
    [21/01/2008|04:35] C:\Program Files\Windows Calendar
    [21/01/2008|04:35] C:\Program Files\Windows Collaboration
    [21/01/2008|04:35] C:\Program Files\Windows Defender
    [21/01/2008|04:35] C:\Program Files\Windows Journal
    [07/09/2008|09:28] C:\Program Files\Windows Live
    [28/08/2008|18:16] C:\Program Files\Windows Mail
    [21/01/2008|04:35] C:\Program Files\Windows Media Player
    [28/08/2008|16:35] C:\Program Files\Windows NT
    [21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
    [21/01/2008|04:35] C:\Program Files\Windows Sidebar
    [21/03/2008|13:48] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [30/08/2008|08:41] C:\Program Files\Common Files\Adobe
    [21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
    [21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
    [12/09/2008|17:32] C:\Program Files\Common Files\Java
    [21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
    [21/03/2008|13:52] C:\Program Files\Common Files\McAfee
    [07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
    [21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
    [21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
    [21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [21/01/2008|04:35] C:\Program Files\Common Files\System
    [07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 69 Processes )

    iexplore.exe ~ [PID:576]
    iexplore.exe ~ [PID:3964]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\WIN LICENSE DRAW.38zdbe
    C:\ProgramData\chingramgram.o26a411
    C:\ProgramData\chingramgram.vi7ar3w

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\byte loud style cool
    C:\ProgramData\byte loud style cool\sign idol.exe
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
    C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "style cool 2 city"="\"C:\\ProgramData\\WIN LICENSE DRAW.38zdbe\""
    "GreatLog"="\"C:\\ProgramData\\chingramgram.o26a411\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-18 22:03:39
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:245][D:13]-> C:\Users\PASCAL~1\AppData\Local\Temp
    [F:185][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2717][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:27][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]

    --------------------\\ Fin du rapport a 22:05:14
    [ UAC => 1 ]
    0
  14. g!rly Messages postés 18462 Statut Contributeur 407
     
    Là c´est encore le rapport de l´option 1 de lop sd ?
    post le rapport de l´option 2 stp
    ps : je vais trop vite > on va faire un truc a la fois ;)
    0
  15. pascalou
     
    Oui oui un peut vite :-)) voici le rapport de toolbar et je passe à l'option 2 de celui-ci?

    -----------\\ ToolBar S&D 1.2.0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
    BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
    USER : pascal et nana ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
    D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
    Option : [1] ( 18/09/2008|22:20 )

    [ UAC => 1 ]

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\AskSBar
    C:\Program Files\AskSBar\bar
    C:\Program Files\AskSBar\SrchAstt
    C:\Program Files\P2P_Energy
    C:\Program Files\P2P_Energy\INSTALL.LOG
    C:\Program Files\P2P_Energy\P2P_EnergyToolbarHelper.exe
    C:\Program Files\P2P_Energy\tbP2P_.dll
    C:\Program Files\P2P_Energy\toolbar.cfg
    C:\Program Files\P2P_Energy\UNWISE.EXE

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "Search Page"="https://www.google.com/?gws_rd=ssl"
    "Start Page"="https://www.google.fr/?gws_rd=ssl"
    "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
    "Start Page Restore"="https://www.google.fr/?gws_rd=ssl"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://fr.yahoo.com/"
    "Default_Page_URL"="https://fr.yahoo.com/"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 18/09/2008|22:20 - Option : [1]

    -----------\\ Fin du rapport a 22:20:42,96
    0
  16. g!rly Messages postés 18462 Statut Contributeur 407
     
    oui passe l´option 2 de celui ci et post le rapport
    0
  17. pascalou
     
    voila le rapport de l'option 2 de lopSD, je m'embrouille un peu entre toolbar et lopSD désolé!

    --------------------\\ Lop S&D 4.2.4-3 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
    BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
    USER : pascal et nana ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
    D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
    Option : [2] ( 18/09/2008|22:29 )

    [ UAC => 1 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\byte loud style cool\sign idol.exe
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt
    Supprime! - C:\ProgramData\WIN LICENSE DRAW.38zdbe
    Supprime! - C:\ProgramData\chingramgram.o26a411
    Supprime! - C:\ProgramData\chingramgram.vi7ar3w
    Supprime! - C:\ProgramData\byte loud style cool
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans Local

    [29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
    [17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
    [18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
    [30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
    [18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
    [08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
    [01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
    [31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
    [28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
    [18/09/2008|22:29] C:\Users\PASCAL~1\AppData\Local\Temp
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
    [28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
    [21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
    [18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
    [18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
    [30/08/2008|08:40] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [31/08/2008|00:19] C:\ProgramData\Azureus
    [28/08/2008|16:35] C:\ProgramData\Bureau
    [21/03/2008|13:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/03/2008|13:47] C:\ProgramData\eSobi
    [28/08/2008|16:35] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [21/03/2008|13:36] C:\ProgramData\FloodLightGames
    [31/08/2008|09:04] C:\ProgramData\Google
    [30/08/2008|15:31] C:\ProgramData\IM
    [30/08/2008|15:29] C:\ProgramData\IncrediMail
    [14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
    [14/09/2008|11:59] C:\ProgramData\Malwarebytes
    [21/03/2008|13:53] C:\ProgramData\McAfee
    [28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
    [16/09/2008|17:13] C:\ProgramData\Microsoft
    [10/09/2008|07:31] C:\ProgramData\Microsoft Help
    [28/08/2008|16:35] C:\ProgramData\ModŠles
    [18/06/2008|08:06] C:\ProgramData\NVIDIA
    [21/03/2008|13:52] C:\ProgramData\SiteAdvisor
    [18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [02/11/2006|15:02] C:\ProgramData\Templates
    [13/09/2008|17:57] C:\ProgramData\traydead
    [07/09/2008|09:22] C:\ProgramData\WLInstaller
    [30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/03/2008|13:47] C:\Program Files\Acer Arcade Live
    [21/03/2008|13:46] C:\Program Files\Acer GameZone
    [18/06/2008|08:12] C:\Program Files\Acer Incorporated
    [21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [30/08/2008|08:41] C:\Program Files\Adobe
    [18/09/2008|18:14] C:\Program Files\Alwil Software
    [31/08/2008|00:19] C:\Program Files\AskSBar
    [18/06/2008|08:07] C:\Program Files\ATI
    [31/08/2008|00:20] C:\Program Files\Azureus
    [12/09/2008|17:32] C:\Program Files\Common Files
    [31/08/2008|08:59] C:\Program Files\Conduit
    [21/03/2008|13:33] C:\Program Files\CyberLink
    [28/08/2008|16:54] C:\Program Files\DIFX
    [21/03/2008|13:47] C:\Program Files\eSobi
    [28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/09/2008|07:13] C:\Program Files\Google
    [02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
    [21/01/2008|04:35] C:\Program Files\Internet Explorer
    [12/09/2008|17:33] C:\Program Files\Java
    [12/09/2008|17:30] C:\Program Files\LimeWire
    [14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
    [14/09/2008|09:29] C:\Program Files\McAfee
    [21/03/2008|13:51] C:\Program Files\McAfee.com
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [21/03/2008|13:17] C:\Program Files\Microsoft Office
    [10/09/2008|07:30] C:\Program Files\Microsoft Works
    [21/03/2008|13:15] C:\Program Files\Microsoft.NET
    [21/01/2008|04:35] C:\Program Files\Movie Maker
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [28/08/2008|17:15] C:\Program Files\MSXML 4.0
    [18/09/2008|21:11] C:\Program Files\Navilog1
    [21/03/2008|13:22] C:\Program Files\NewTech Infosystems
    [31/08/2008|08:59] C:\Program Files\P2P_Energy
    [21/03/2008|13:11] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [02/09/2008|17:28] C:\Program Files\Samsung
    [14/09/2008|08:37] C:\Program Files\SiteAdvisor
    [18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
    [12/09/2008|17:33] C:\Program Files\Sun
    [28/08/2008|16:54] C:\Program Files\TRENDnet
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [31/08/2008|12:55] C:\Program Files\VideoLAN
    [21/01/2008|04:35] C:\Program Files\Windows Calendar
    [21/01/2008|04:35] C:\Program Files\Windows Collaboration
    [21/01/2008|04:35] C:\Program Files\Windows Defender
    [21/01/2008|04:35] C:\Program Files\Windows Journal
    [07/09/2008|09:28] C:\Program Files\Windows Live
    [28/08/2008|18:16] C:\Program Files\Windows Mail
    [21/01/2008|04:35] C:\Program Files\Windows Media Player
    [28/08/2008|16:35] C:\Program Files\Windows NT
    [21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
    [21/01/2008|04:35] C:\Program Files\Windows Sidebar
    [21/03/2008|13:48] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [30/08/2008|08:41] C:\Program Files\Common Files\Adobe
    [21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
    [21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
    [12/09/2008|17:32] C:\Program Files\Common Files\Java
    [21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
    [21/03/2008|13:52] C:\Program Files\Common Files\McAfee
    [07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
    [21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
    [21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
    [21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [21/01/2008|04:35] C:\Program Files\Common Files\System
    [07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 70 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-18 22:29:23
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:258][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
    [F:186][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2726][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:27][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 18/09/2008|22:30 - Option : [2]

    --------------------\\ Fin du rapport a 22:30:52
    [ UAC => 1 ]
    0
  18. pascalou
     
    et voici le rapport de l'option de toolbar

    --------------------\\ Lop S&D 4.2.4-3 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
    BIOS : BIOS Date: 05/23/08 16:37:53 Ver: 08.00.15
    USER : pascal et nana ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total : 144 Go Free : 84 Go
    D:\ (Local Disk) - NTFS - Total : 144 Go Free : 143 Go
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)

    "C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
    Option : [2] ( 18/09/2008|22:29 )

    [ UAC => 1 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\byte loud style cool\sign idol.exe
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adultfriendfinder[1].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@adopt.euroclick[1].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@partypoker[2].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@32vegas[2].txt
    Supprime! - C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies\pascal_et_nana@banner.32vegas[2].txt
    Supprime! - C:\ProgramData\WIN LICENSE DRAW.38zdbe
    Supprime! - C:\ProgramData\chingramgram.o26a411
    Supprime! - C:\ProgramData\chingramgram.vi7ar3w
    Supprime! - C:\ProgramData\byte loud style cool
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans Local

    [29/08/2008|18:34] C:\Users\PASCAL~1\AppData\Local\Adobe
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Application Data
    [17/09/2008|21:10] C:\Users\PASCAL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [30/08/2008|17:11] C:\Users\PASCAL~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [31/08/2008|09:06] C:\Users\PASCAL~1\AppData\Local\Google
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Historique
    [18/09/2008|21:59] C:\Users\PASCAL~1\AppData\Local\IconCache.db
    [30/08/2008|15:33] C:\Users\PASCAL~1\AppData\Local\IM
    [18/09/2008|20:22] C:\Users\PASCAL~1\AppData\Local\Microsoft
    [08/09/2008|20:37] C:\Users\PASCAL~1\AppData\Local\Microsoft Games
    [01/09/2008|18:55] C:\Users\PASCAL~1\AppData\Local\Microsoft Help
    [31/08/2008|09:00] C:\Users\PASCAL~1\AppData\Local\P2P_Energy
    [28/08/2008|16:39] C:\Users\PASCAL~1\AppData\Local\PowerCinema
    [18/09/2008|22:29] C:\Users\PASCAL~1\AppData\Local\Temp
    [28/08/2008|16:38] C:\Users\PASCAL~1\AppData\Local\Temporary Internet Files
    [28/08/2008|16:55] C:\Users\PASCAL~1\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [15/09/2008 01:00][--a------] C:\Windows\tasks\McDefragTask.job
    [21/03/2008 13:54][--a------] C:\Windows\tasks\McQcTask.job
    [18/09/2008 22:00][--ah-----] C:\Windows\tasks\SA.DAT
    [18/09/2008 21:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [21/03/2008|13:18] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [21/03/2008|13:35] C:\ProgramData\Acer GameZone Console
    [30/08/2008|08:40] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [31/08/2008|00:19] C:\ProgramData\Azureus
    [28/08/2008|16:35] C:\ProgramData\Bureau
    [21/03/2008|13:34] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/03/2008|13:47] C:\ProgramData\eSobi
    [28/08/2008|16:35] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [21/03/2008|13:36] C:\ProgramData\FloodLightGames
    [31/08/2008|09:04] C:\ProgramData\Google
    [30/08/2008|15:31] C:\ProgramData\IM
    [30/08/2008|15:29] C:\ProgramData\IncrediMail
    [14/09/2008|22:04] C:\ProgramData\LauncherAccess.dt
    [14/09/2008|11:59] C:\ProgramData\Malwarebytes
    [21/03/2008|13:53] C:\ProgramData\McAfee
    [28/08/2008|16:35] C:\ProgramData\Menu D‚marrer
    [16/09/2008|17:13] C:\ProgramData\Microsoft
    [10/09/2008|07:31] C:\ProgramData\Microsoft Help
    [28/08/2008|16:35] C:\ProgramData\ModŠles
    [18/06/2008|08:06] C:\ProgramData\NVIDIA
    [21/03/2008|13:52] C:\ProgramData\SiteAdvisor
    [18/09/2008|21:43] C:\ProgramData\Spybot - Search & Destroy
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [02/11/2006|15:02] C:\ProgramData\Templates
    [13/09/2008|17:57] C:\ProgramData\traydead
    [07/09/2008|09:22] C:\ProgramData\WLInstaller
    [30/08/2008|15:32] C:\ProgramData\Yahoo! Companion

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/03/2008|13:47] C:\Program Files\Acer Arcade Live
    [21/03/2008|13:46] C:\Program Files\Acer GameZone
    [18/06/2008|08:12] C:\Program Files\Acer Incorporated
    [21/03/2008|13:18] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [30/08/2008|08:41] C:\Program Files\Adobe
    [18/09/2008|18:14] C:\Program Files\Alwil Software
    [31/08/2008|00:19] C:\Program Files\AskSBar
    [18/06/2008|08:07] C:\Program Files\ATI
    [31/08/2008|00:20] C:\Program Files\Azureus
    [12/09/2008|17:32] C:\Program Files\Common Files
    [31/08/2008|08:59] C:\Program Files\Conduit
    [21/03/2008|13:33] C:\Program Files\CyberLink
    [28/08/2008|16:54] C:\Program Files\DIFX
    [21/03/2008|13:47] C:\Program Files\eSobi
    [28/08/2008|16:35] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [01/09/2008|07:13] C:\Program Files\Google
    [02/09/2008|17:28] C:\Program Files\InstallShield Installation Information
    [21/01/2008|04:35] C:\Program Files\Internet Explorer
    [12/09/2008|17:33] C:\Program Files\Java
    [12/09/2008|17:30] C:\Program Files\LimeWire
    [14/09/2008|11:59] C:\Program Files\Malwarebytes' Anti-Malware
    [14/09/2008|09:29] C:\Program Files\McAfee
    [21/03/2008|13:51] C:\Program Files\McAfee.com
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [21/03/2008|13:17] C:\Program Files\Microsoft Office
    [10/09/2008|07:30] C:\Program Files\Microsoft Works
    [21/03/2008|13:15] C:\Program Files\Microsoft.NET
    [21/01/2008|04:35] C:\Program Files\Movie Maker
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [28/08/2008|17:15] C:\Program Files\MSXML 4.0
    [18/09/2008|21:11] C:\Program Files\Navilog1
    [21/03/2008|13:22] C:\Program Files\NewTech Infosystems
    [31/08/2008|08:59] C:\Program Files\P2P_Energy
    [21/03/2008|13:11] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [02/09/2008|17:28] C:\Program Files\Samsung
    [14/09/2008|08:37] C:\Program Files\SiteAdvisor
    [18/09/2008|22:00] C:\Program Files\Spybot - Search & Destroy
    [12/09/2008|17:33] C:\Program Files\Sun
    [28/08/2008|16:54] C:\Program Files\TRENDnet
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [31/08/2008|12:55] C:\Program Files\VideoLAN
    [21/01/2008|04:35] C:\Program Files\Windows Calendar
    [21/01/2008|04:35] C:\Program Files\Windows Collaboration
    [21/01/2008|04:35] C:\Program Files\Windows Defender
    [21/01/2008|04:35] C:\Program Files\Windows Journal
    [07/09/2008|09:28] C:\Program Files\Windows Live
    [28/08/2008|18:16] C:\Program Files\Windows Mail
    [21/01/2008|04:35] C:\Program Files\Windows Media Player
    [28/08/2008|16:35] C:\Program Files\Windows NT
    [21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
    [21/01/2008|04:35] C:\Program Files\Windows Sidebar
    [21/03/2008|13:48] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [30/08/2008|08:41] C:\Program Files\Common Files\Adobe
    [21/03/2008|13:16] C:\Program Files\Common Files\DESIGNER
    [21/03/2008|13:32] C:\Program Files\Common Files\InstallShield
    [12/09/2008|17:32] C:\Program Files\Common Files\Java
    [21/03/2008|13:21] C:\Program Files\Common Files\LightScribe
    [21/03/2008|13:52] C:\Program Files\Common Files\McAfee
    [07/09/2008|22:32] C:\Program Files\Common Files\microsoft shared
    [21/03/2008|13:21] C:\Program Files\Common Files\muvee Technologies
    [21/03/2008|13:22] C:\Program Files\Common Files\NewTech Infosystems
    [21/03/2008|13:36] C:\Program Files\Common Files\Oberon Media
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [21/01/2008|04:35] C:\Program Files\Common Files\System
    [07/09/2008|09:26] C:\Program Files\Common Files\WindowsLiveInstaller

    --------------------\\ Process

    ( 70 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-18 22:29:23
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:258][D:14]-> C:\Users\PASCAL~1\AppData\Local\Temp
    [F:186][D:1]-> C:\Users\PASCAL~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2726][D:6]-> C:\Users\PASCAL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:27][D:5]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 18/09/2008|21:48 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 18/09/2008|22:05 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - 18/09/2008|22:30 - Option : [2]

    --------------------\\ Fin du rapport a 22:30:52
    [ UAC => 1 ]
    0
  19. g!rly Messages postés 18462 Statut Contributeur 407
     
    oui je voie ça...

    bon celui la; c´était lopsd option 2 il te reste a passer toolbar sd option 2 maintenant et a poster le rapport :)

    @+
    0
  20. g!rly Messages postés 18462 Statut Contributeur 407
     
    re,
    c´est ma faute; j´ai reussi a t´embrouiller...
    post un rapport nouveau hijack this stp
    0
  21. pascalou
     
    ca y est tu à les deux juste avant ton dernier message je ne vais pas assez vite lol alors ça donne quoi?
    0
  • 1
  • 2