Sujet Précédent Sujet Suivant

Des fenêtres internet s'ouvrent toutes seules

guigui -  
BP'S Messages postés 1607 Statut Membre -
Bonjour à tout le monde,
Voila mon problème, j'ai des fenêtres qui n'arrettent pas de s'ouvrir. Je n'y comprend rien, ce n'est pas que des publicités mais des sites en tous genres : pmu, meetic, ulla........ J'ai téléchargé hijackthis et je vous transmet le rapport... Merci d'avance.....

Logfile of HijackThis v1.99.1
Scan saved at 19:41:28, on 06/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp\Rar$EX00.516\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S -S2
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [wiqqgem] "c:\documents and settings\andre violaine\local settings\application data\wiqqgem.exe" wiqqgem
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f5e0d1954fad4593a365f3ec915b432e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f5e0d1954fad4593a365f3ec915b432e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:

13 réponses

Réponse 1 / 13
BP'S Messages postés 1607 Statut Membre 314
 
hello,

Désolé du retard mais je n étais pas là pendant quelques jours, tu vas relancer lop S&D et choisis cette foi-ci l option 2 et reposte le rapport
1
Réponse 2 / 13
guigui
 
Ok merci d'avoir repondu! J'ai fait comme tu m'as dit et voila le resulat (du chinois pour moi)

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Turion(tm) 64 Mobile Technology ML-30 )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : andre violaine ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081009-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 74 Go Free : 62 Go
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 09/10/2008|21:44 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@advertising[2].txt
Supprime! - C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\AEF0FB2091F76EAC.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
Supprime! - C:\DOCUME~1\ANDREV~1\APPLIC~1\glueco~1
Supprime! - C:\Program Files\glueco~1
Supprime! - C:\Program Files\BitRoll
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[31/08/2007|20:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[18/02/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/08/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[07/04/2008|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[07/04/2008|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/09/2007|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[13/05/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[09/08/2008|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[14/11/2007|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMonitor
[06/10/2008|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/06/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla!
[15/10/2007|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/09/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/02/2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[09/11/2007|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[31/03/2008|19:41] C:\DOCUME~1\ANDREV~1\APPLIC~1\Adobe
[10/04/2008|11:03] C:\DOCUME~1\ANDREV~1\APPLIC~1\Apple Computer
[27/01/2008|21:19] C:\DOCUME~1\ANDREV~1\APPLIC~1\ArcSoft
[07/09/2008|20:41] C:\DOCUME~1\ANDREV~1\APPLIC~1\Azureus
[09/11/2007|23:42] C:\DOCUME~1\ANDREV~1\APPLIC~1\Camfrog
[29/01/2008|18:59] C:\DOCUME~1\ANDREV~1\APPLIC~1\dvdcss
[14/09/2008|16:14] C:\DOCUME~1\ANDREV~1\APPLIC~1\FileZilla
[10/01/2008|13:16] C:\DOCUME~1\ANDREV~1\APPLIC~1\Google
[31/08/2007|21:05] C:\DOCUME~1\ANDREV~1\APPLIC~1\Identities
[11/01/2008|21:56] C:\DOCUME~1\ANDREV~1\APPLIC~1\InstallShield
[14/11/2007|01:57] C:\DOCUME~1\ANDREV~1\APPLIC~1\Macromedia
[29/09/2008|17:56] C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner
[01/04/2008|13:44] C:\DOCUME~1\ANDREV~1\APPLIC~1\Microsoft
[07/10/2007|22:32] C:\DOCUME~1\ANDREV~1\APPLIC~1\Mozilla
[31/08/2007|22:54] C:\DOCUME~1\ANDREV~1\APPLIC~1\MSNInstaller
[27/09/2008|19:13] C:\DOCUME~1\ANDREV~1\APPLIC~1\OpenOffice.org2
[03/09/2007|23:03] C:\DOCUME~1\ANDREV~1\APPLIC~1\Sun
[07/10/2007|22:32] C:\DOCUME~1\ANDREV~1\APPLIC~1\Talkback
[15/10/2007|19:00] C:\DOCUME~1\ANDREV~1\APPLIC~1\vlc
[23/07/2008|13:23] C:\DOCUME~1\ANDREV~1\APPLIC~1\Vso
[30/10/2007|16:51] C:\DOCUME~1\ANDREV~1\APPLIC~1\Windows Desktop Search
[27/03/2008|16:07] C:\DOCUME~1\ANDREV~1\APPLIC~1\WinRAR

[25/02/2008|10:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Google
[25/02/2008|10:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[21/01/2008|14:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/10/2007|13:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[30/10/2007|13:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/10/2008 22:22][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/10/2008 18:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/10/2008 16:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[08/08/2008|06:44] C:\Program Files\Adobe
[31/08/2007|21:09] C:\Program Files\Alwil Software
[07/04/2008|23:42] C:\Program Files\Apple Software Update
[11/01/2008|22:12] C:\Program Files\ArcSoft
[10/04/2008|14:05] C:\Program Files\AskTBar
[02/09/2008|19:14] C:\Program Files\Azureus
[31/08/2007|20:54] C:\Program Files\ComPlus Applications
[22/02/2008|17:26] C:\Program Files\CONEXANT
[11/01/2008|21:56] C:\Program Files\Digital Video
[07/02/2008|17:55] C:\Program Files\DivX
[06/04/2008|22:33] C:\Program Files\eMule
[13/06/2008|15:54] C:\Program Files\Fichiers communs
[14/09/2008|15:22] C:\Program Files\FileZilla FTP Client
[20/11/2007|21:25] C:\Program Files\Free
[21/09/2007|14:55] C:\Program Files\Freeplayer
[10/01/2008|13:15] C:\Program Files\Google
[13/05/2008|15:17] C:\Program Files\Hewlett-Packard
[13/09/2008|13:59] C:\Program Files\HomePlayer
[13/05/2008|15:18] C:\Program Files\HP
[03/11/2007|16:43] C:\Program Files\IKEA HomePlanner
[09/08/2008|21:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|10:05] C:\Program Files\Internet Explorer
[16/11/2007|21:49] C:\Program Files\Java
[14/08/2008|10:09] C:\Program Files\Messenger
[29/09/2008|17:56] C:\Program Files\MessengerSkinner
[15/05/2008|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[31/08/2007|20:58] C:\Program Files\microsoft frontpage
[05/10/2007|14:38] C:\Program Files\Microsoft Office
[30/10/2007|13:31] C:\Program Files\Microsoft SQL Server Compact Edition
[31/08/2007|20:55] C:\Program Files\Movie Maker
[09/10/2008|16:57] C:\Program Files\Mozilla Firefox
[31/08/2007|22:53] C:\Program Files\MSN
[31/08/2007|20:53] C:\Program Files\MSN Gaming Zone
[10/04/2008|03:00] C:\Program Files\MSXML 4.0
[31/08/2007|20:55] C:\Program Files\NetMeeting
[31/08/2007|20:53] C:\Program Files\Online Services
[08/04/2008|00:30] C:\Program Files\OpenOffice.org 2.4
[31/08/2007|22:50] C:\Program Files\Outlook Express
[07/04/2008|23:47] C:\Program Files\QuickTime
[31/08/2007|20:56] C:\Program Files\Services en ligne
[06/10/2008|20:01] C:\Program Files\Spybot - Search & Destroy
[13/06/2008|15:54] C:\Program Files\STOPzilla!
[10/11/2007|12:26] C:\Program Files\The Weather Channel FW
[31/08/2007|21:04] C:\Program Files\Uninstall Information
[09/04/2008|14:24] C:\Program Files\VSO
[30/10/2007|13:31] C:\Program Files\Windows Desktop Search
[28/02/2008|12:24] C:\Program Files\Windows Live
[01/12/2007|11:16] C:\Program Files\Windows Live Favorites
[01/12/2007|11:16] C:\Program Files\Windows Live Toolbar
[27/01/2008|21:38] C:\Program Files\Windows Media Connect 2
[13/10/2007|10:28] C:\Program Files\Windows Media Player
[31/08/2007|20:53] C:\Program Files\Windows NT
[31/08/2007|20:56] C:\Program Files\WindowsUpdate
[27/03/2008|16:07] C:\Program Files\WinRAR
[31/08/2007|20:58] C:\Program Files\xerox
[17/09/2008|10:49] C:\Program Files\XP Antivirus
[09/11/2007|23:42] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/02/2008|12:24] C:\Program Files\Fichiers communs\Adobe
[11/01/2008|22:04] C:\Program Files\Fichiers communs\ArcSoft
[13/05/2008|15:15] C:\Program Files\Fichiers communs\Hewlett-Packard
[13/05/2008|15:18] C:\Program Files\Fichiers communs\HP
[13/06/2008|15:13] C:\Program Files\Fichiers communs\InstallShield
[03/09/2007|23:01] C:\Program Files\Fichiers communs\Java
[29/02/2008|20:52] C:\Program Files\Fichiers communs\Microsoft Shared
[31/08/2007|20:55] C:\Program Files\Fichiers communs\MSSoap
[31/08/2007|22:47] C:\Program Files\Fichiers communs\ODBC
[31/08/2007|20:55] C:\Program Files\Fichiers communs\Services
[31/08/2007|22:47] C:\Program Files\Fichiers communs\SpeechEngines
[31/08/2007|22:50] C:\Program Files\Fichiers communs\System
[29/02/2008|20:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[10/09/2007|19:57] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 39 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-09 21:46:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 64

--------------------\\ Recherche d'autres infections

C:\Program Files\MessengerSkinner
C:\Program Files\MessengerSkinner\download
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
C:\Program Files\MessengerSkinner\resources
C:\Program Files\MessengerSkinner\uninst.exe
C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner
C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner\Userdata
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\MessengerSkinner.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url
C:\DOCUME~1\ANDREV~1\Bureau\MessengerSkinner_setup.exe
C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf
C:\WINDOWS\prefetch\MESSENGERSKINNER_SETUP.EXE-1419657A.pf

C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem.dat
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem.exe
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem_nav.dat
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ ROGUES ..

C:\PROGRA~1\XP Antivirus

[F:51][D:90]-> C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp
[F:361][D:0]-> C:\DOCUME~1\ANDREV~1\Cookies
[F:15960][D:21]-> C:\DOCUME~1\ANDREV~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|23:56 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/10/2008|21:48 - Option : [2]

--------------------\\ Fin du rapport a 21:48:17
0
Réponse 3 / 13
guigui
 
Comme demandé je re poste un rapport hijackthis en esperant que cela puisse vous aider. Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:08:25, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\documents and settings\andre violaine\local settings\application data\eoeieqw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S -S2
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wiqqgem] "c:\documents and settings\andre violaine\local settings\application data\wiqqgem.exe" wiqqgem
O4 - HKCU\..\Run: [eoeieqw] "c:\documents and settings\andre violaine\local settings\application data\eoeieqw.exe" eoeieqw
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f5e0d1954fad4593a365f3ec915b432e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f5e0d1954fad4593a365f3ec915b432e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 4 / 13
guigui
 
Comme demandé je re poste un rapport hijackthis en esperant que cela puisse vous aider. Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:08:25, on 11/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\documents and settings\andre violaine\local settings\application data\eoeieqw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S -S2
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wiqqgem] "c:\documents and settings\andre violaine\local settings\application data\wiqqgem.exe" wiqqgem
O4 - HKCU\..\Run: [eoeieqw] "c:\documents and settings\andre violaine\local settings\application data\eoeieqw.exe" eoeieqw
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f5e0d1954fad4593a365f3ec915b432e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f5e0d1954fad4593a365f3ec915b432e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
guigui
 
BONJOUR, MERCI POUR L'INTERET QUE TU PORTES A MON CAS : VOILA LE RAPPORT QUE TU M'AS DEMANDE :

Search Navipromo version 3.6.6 began on 11/10/2008 at 14:37:55,09

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Actual User Account : "andre violaine"

Updated on 29.09.2008 at 17h30 by IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Version Internet Explorer : 6.0.2900.2180
Filesystem type : NTFS

Search done in normal mode

*** Searching for installed Software ***

Favorit
MessengerSkinner

*** Search folders in "C:\WINDOWS" ***

*** Search folders in "C:\Program Files" ***

...\MessengerSkinner found !

*** Search folders in "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\MessengerSkinner found !

*** Search folders in "C:\Documents and Settings\All Users\menudm~1" ***

*** Search folders in "c:\docume~1\alluse~1\applic~1" ***

*** Search folders in "C:\Documents and Settings\andre violaine\applic~1" ***

...\MessengerSkinner found !

*** Search folders in "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Search folders in "C:\Documents and Settings\andre violaine\locals~1\applic~1" ***

*** Search folders in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Search folders in "C:\Documents and Settings\andre violaine\menudm~1\progra~1" ***

*** Search folders in "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Documents and Settings\andre violaine\locals~1\applic~1" *

* Scan in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Search files ***

C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf found !
C:\WINDOWS\prefetch\MESSENGERSKINNER_SETUP.EXE-1419657A.pf found !

*** Search specific Registry keys ***

HKEY_CURRENT_USER\Software\Lanconfig found !

*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :

2)Heuristic Search :

* In "C:\WINDOWS\system32" :

* In "C:\Documents and Settings\andre violaine\locals~1\applic~1" :

eoeieqw.dat found !
eoeieqw.exe found !
eoeieqw_nav.dat found !
eoeieqw_navps.dat found !

* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :

3)Certificates Search :

Egroup certificate found !
Electronic-Group certificate found !
Montorgueil certificate not found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :

*** Search completed on 11/10/2008 at 14:44:29,48 ***

merci
0
Réponse 6 / 13
guigui
 
merci encore un fois de plus pour ta reponse. Désolé pour le rapport en anglais. J'ai suivi tes instructions, voila le nouveau rapport :
Clean Navipromo version 3.6.6 commencé le 12/10/2008 à 0:01:33,31

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "andre violaine"

Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.5512
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage exécuté au redémarrage de l'ordinateur

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\andre violaine\locals~1\applic~1" *

* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\andre violaine\applic~1" ***

...\MessengerSkinner ...suppression...
...\MessengerSkinner supprimé !

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\andre violaine\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\andre violaine\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\andre violaine\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

* Dans "C:\Documents and Settings\andre violaine\locals~1\applic~1" *

eoeieqw.exe trouvé !
Copie eoeieqw.exe réalisée avec succès !
eoeieqw.exe supprimé !

eoeieqw.dat trouvé !
Copie eoeieqw.dat réalisée avec succès !
eoeieqw.dat supprimé !

eoeieqw_nav.dat trouvé !
Copie eoeieqw_nav.dat réalisée avec succès !
eoeieqw_nav.dat supprimé !

eoeieqw_navps.dat trouvé !
Copie eoeieqw_navps.dat réalisée avec succès !
eoeieqw_navps.dat supprimé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 12/10/2008 à 0:09:54,73 ***

MERCI
0
Réponse 7 / 13
guigui
 
salut! Ca veut dire que tout est ok?
Je te poste le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:46, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UIUCU] C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S -S2
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [wiqqgem] "c:\documents and settings\andre violaine\local settings\application data\wiqqgem.exe" wiqqgem
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f5e0d1954fad4593a365f3ec915b432e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f5e0d1954fad4593a365f3ec915b432e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl.CAB
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 8 / 13
BP'S Messages postés 1607 Statut Membre 314
 
hello,

tu vas télécharger lop S&D faire un scan de ton pc et tu posteras le rapport obtenu pour cela tu vas désactiver tes protections résidentes : Antivirus, antispywares etc... tu lances "Lop S&D" tu choisis F puis l option 1

tutorial de téléchargement et d utilisation
-1
guigui
 
re bonsoir, Merci d'avoir repondu aussi rapidement.
J'ai suivi tes instructions, voila donc le rapport de lop s d :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Turion(tm) 64 Mobile Technology ML-30 )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : andre violaine ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081006-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 74 Go Free : 62 Go
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 06/10/2008|23:53 )

--------------------\\ Listing des dossiers dans APPLIC~1

[31/08/2007|20:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[18/02/2008|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/08/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alexandra Ledermann 8
[07/04/2008|23:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[07/04/2008|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03/09/2007|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2007|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[13/05/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[09/08/2008|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/10/2007|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[14/11/2007|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMonitor
[06/10/2008|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[13/06/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STOPzilla!
[28/02/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
[15/10/2007|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/09/2007|10:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[29/02/2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[09/11/2007|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[31/03/2008|19:41] C:\DOCUME~1\ANDREV~1\APPLIC~1\Adobe
[10/04/2008|11:03] C:\DOCUME~1\ANDREV~1\APPLIC~1\Apple Computer
[27/01/2008|21:19] C:\DOCUME~1\ANDREV~1\APPLIC~1\ArcSoft
[07/09/2008|20:41] C:\DOCUME~1\ANDREV~1\APPLIC~1\Azureus
[09/11/2007|23:42] C:\DOCUME~1\ANDREV~1\APPLIC~1\Camfrog
[29/01/2008|18:59] C:\DOCUME~1\ANDREV~1\APPLIC~1\dvdcss
[14/09/2008|16:14] C:\DOCUME~1\ANDREV~1\APPLIC~1\FileZilla
[28/02/2008|18:26] C:\DOCUME~1\ANDREV~1\APPLIC~1\Glue comp noun
[10/01/2008|13:16] C:\DOCUME~1\ANDREV~1\APPLIC~1\Google
[31/08/2007|21:05] C:\DOCUME~1\ANDREV~1\APPLIC~1\Identities
[11/01/2008|21:56] C:\DOCUME~1\ANDREV~1\APPLIC~1\InstallShield
[14/11/2007|01:57] C:\DOCUME~1\ANDREV~1\APPLIC~1\Macromedia
[29/09/2008|17:56] C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner
[01/04/2008|13:44] C:\DOCUME~1\ANDREV~1\APPLIC~1\Microsoft
[07/10/2007|22:32] C:\DOCUME~1\ANDREV~1\APPLIC~1\Mozilla
[31/08/2007|22:54] C:\DOCUME~1\ANDREV~1\APPLIC~1\MSNInstaller
[27/09/2008|19:13] C:\DOCUME~1\ANDREV~1\APPLIC~1\OpenOffice.org2
[03/09/2007|23:03] C:\DOCUME~1\ANDREV~1\APPLIC~1\Sun
[07/10/2007|22:32] C:\DOCUME~1\ANDREV~1\APPLIC~1\Talkback
[15/10/2007|19:00] C:\DOCUME~1\ANDREV~1\APPLIC~1\vlc
[23/07/2008|13:23] C:\DOCUME~1\ANDREV~1\APPLIC~1\Vso
[30/10/2007|16:51] C:\DOCUME~1\ANDREV~1\APPLIC~1\Windows Desktop Search
[27/03/2008|16:07] C:\DOCUME~1\ANDREV~1\APPLIC~1\WinRAR

[25/02/2008|10:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Google
[25/02/2008|10:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[21/01/2008|14:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/10/2007|13:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[30/10/2007|13:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[03/10/2008 22:22][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/10/2008 23:00][--ah-----] C:\WINDOWS\tasks\AEF0FB2091F76EAC.job
[06/10/2008 23:45][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[06/10/2008 22:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AEF0FB2091F76EAC.job )=( c:\docume~1\andrev~1\applic~1\glueco~1\Flapokayref.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[08/08/2008|06:44] C:\Program Files\Adobe
[31/08/2007|21:09] C:\Program Files\Alwil Software
[07/04/2008|23:42] C:\Program Files\Apple Software Update
[11/01/2008|22:12] C:\Program Files\ArcSoft
[10/04/2008|14:05] C:\Program Files\AskTBar
[02/09/2008|19:14] C:\Program Files\Azureus
[26/07/2008|09:42] C:\Program Files\BitRoll
[31/08/2007|20:54] C:\Program Files\ComPlus Applications
[22/02/2008|17:26] C:\Program Files\CONEXANT
[11/01/2008|21:56] C:\Program Files\Digital Video
[07/02/2008|17:55] C:\Program Files\DivX
[06/04/2008|22:33] C:\Program Files\eMule
[13/06/2008|15:54] C:\Program Files\Fichiers communs
[14/09/2008|15:22] C:\Program Files\FileZilla FTP Client
[20/11/2007|21:25] C:\Program Files\Free
[21/09/2007|14:55] C:\Program Files\Freeplayer
[22/02/2008|19:47] C:\Program Files\Glue comp noun
[10/01/2008|13:15] C:\Program Files\Google
[13/05/2008|15:17] C:\Program Files\Hewlett-Packard
[13/09/2008|13:59] C:\Program Files\HomePlayer
[13/05/2008|15:18] C:\Program Files\HP
[03/11/2007|16:43] C:\Program Files\IKEA HomePlanner
[09/08/2008|21:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|10:05] C:\Program Files\Internet Explorer
[16/11/2007|21:49] C:\Program Files\Java
[14/08/2008|10:09] C:\Program Files\Messenger
[29/09/2008|17:56] C:\Program Files\MessengerSkinner
[15/05/2008|03:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[31/08/2007|20:58] C:\Program Files\microsoft frontpage
[05/10/2007|14:38] C:\Program Files\Microsoft Office
[30/10/2007|13:31] C:\Program Files\Microsoft SQL Server Compact Edition
[31/08/2007|20:55] C:\Program Files\Movie Maker
[06/10/2008|22:58] C:\Program Files\Mozilla Firefox
[31/08/2007|22:53] C:\Program Files\MSN
[31/08/2007|20:53] C:\Program Files\MSN Gaming Zone
[10/04/2008|03:00] C:\Program Files\MSXML 4.0
[31/08/2007|20:55] C:\Program Files\NetMeeting
[31/08/2007|20:53] C:\Program Files\Online Services
[08/04/2008|00:30] C:\Program Files\OpenOffice.org 2.4
[31/08/2007|22:50] C:\Program Files\Outlook Express
[07/04/2008|23:47] C:\Program Files\QuickTime
[31/08/2007|20:56] C:\Program Files\Services en ligne
[06/10/2008|20:01] C:\Program Files\Spybot - Search & Destroy
[13/06/2008|15:54] C:\Program Files\STOPzilla!
[10/11/2007|12:26] C:\Program Files\The Weather Channel FW
[31/08/2007|21:04] C:\Program Files\Uninstall Information
[09/04/2008|14:24] C:\Program Files\VSO
[30/10/2007|13:31] C:\Program Files\Windows Desktop Search
[28/02/2008|12:24] C:\Program Files\Windows Live
[01/12/2007|11:16] C:\Program Files\Windows Live Favorites
[01/12/2007|11:16] C:\Program Files\Windows Live Toolbar
[27/01/2008|21:38] C:\Program Files\Windows Media Connect 2
[13/10/2007|10:28] C:\Program Files\Windows Media Player
[31/08/2007|20:53] C:\Program Files\Windows NT
[31/08/2007|20:56] C:\Program Files\WindowsUpdate
[27/03/2008|16:07] C:\Program Files\WinRAR
[31/08/2007|20:58] C:\Program Files\xerox
[17/09/2008|10:49] C:\Program Files\XP Antivirus
[09/11/2007|23:42] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/02/2008|12:24] C:\Program Files\Fichiers communs\Adobe
[11/01/2008|22:04] C:\Program Files\Fichiers communs\ArcSoft
[13/05/2008|15:15] C:\Program Files\Fichiers communs\Hewlett-Packard
[13/05/2008|15:18] C:\Program Files\Fichiers communs\HP
[13/06/2008|15:13] C:\Program Files\Fichiers communs\InstallShield
[03/09/2007|23:01] C:\Program Files\Fichiers communs\Java
[29/02/2008|20:52] C:\Program Files\Fichiers communs\Microsoft Shared
[31/08/2007|20:55] C:\Program Files\Fichiers communs\MSSoap
[31/08/2007|22:47] C:\Program Files\Fichiers communs\ODBC
[31/08/2007|20:55] C:\Program Files\Fichiers communs\Services
[31/08/2007|22:47] C:\Program Files\Fichiers communs\SpeechEngines
[31/08/2007|22:50] C:\Program Files\Fichiers communs\System
[29/02/2008|20:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[10/09/2007|19:57] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 40 Processes )

iexplore.exe ~ [PID:148]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\ANDREV~1\APPLIC~1\GLUECO~1

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win knob owns four
C:\DOCUME~1\ANDREV~1\APPLIC~1\glueco~1
C:\Program Files\glueco~1
C:\Program Files\BitRoll
C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@advertising[2].txt
C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@adopt.euroclick[1].txt
C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@2xmoinscher[1].txt
C:\DOCUME~1\ANDREV~1\Cookies\andre violaine@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\AEF0FB2091F76EAC.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\blehsetupeggs]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\ANDREV~1\\APPLIC~1\\GLUECO~1\\ChinSign.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 9424 [ 70 ## added by CiD ]

/!\ 103 Not 127.0.0.1 !!

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 23:54:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 64

--------------------\\ Recherche d'autres infections

C:\Program Files\MessengerSkinner
C:\Program Files\MessengerSkinner\download
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\MessengerSkinner\MessengerSkinnerDll.dll
C:\Program Files\MessengerSkinner\resources
C:\Program Files\MessengerSkinner\uninst.exe
C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner
C:\DOCUME~1\ANDREV~1\APPLIC~1\MessengerSkinner\Userdata
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Conditions g‚n‚rales.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Confidentialit‚.url
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\D‚sinstaller.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\MessengerSkinner.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\MessengerSkinner\Website.url
C:\DOCUME~1\ANDREV~1\Bureau\MessengerSkinner_setup.exe
C:\WINDOWS\prefetch\MESSENGERSKINNER.EXE-0EE2A110.pf
C:\WINDOWS\prefetch\MESSENGERSKINNER_SETUP.EXE-1419657A.pf

C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem.dat
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem.exe
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem_nav.dat
C:\DOCUME~1\ANDREV~1\LOCALS~1\APPLIC~1\wiqqgem_navps.dat
[b]==> EGDACCESS <==/b

--------------------\\ ROGUES ..

C:\PROGRA~1\XP Antivirus



[F:15][D:88]-> C:\DOCUME~1\ANDREV~1\LOCALS~1\Temp
[F:350][D:0]-> C:\DOCUME~1\ANDREV~1\Cookies
[F:16103][D:21]-> C:\DOCUME~1\ANDREV~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 06/10/2008|23:56 - Option : [1]

--------------------\\ Fin du rapport a 23:56:23
0
Réponse 9 / 13
BP'S Messages postés 1607 Statut Membre 314
 
salut,

Repostes un nouveau rapport hijackthis stp
-1
Réponse 10 / 13
BP'S Messages postés 1607 Statut Membre 314
 
hello,

Ton rapport n est pas bon , il y a des infections qui n apparaissaient pas dans le premier tu vas commencer par faire ceci :

- Fais un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
- Enregistres la cible (du lien) sous... et enregistres-le sur le bureau.
- Fais un clic droit sur navilog1.zip et choisis "tout extraire"
- Double-cliques sur navilog1.exe
- Arriver au menu principal, choisis l'option 1 et valides.
- Patientes jusqu'au message : Analyse Termine le ...
- Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt)
- Postes le rapport obtenu dans ta prochaine réponse
-1
Réponse 11 / 13
BP'S Messages postés 1607 Statut Membre 314
 
reuh,

Ton rapport n est pas en français mais ce n est pas trops grave, relances navilog et cette fois-ci choisis l option 2 et repostes le rapport obtenu.
-1
Réponse 12 / 13
BP'S Messages postés 1607 Statut Membre 314
 
hello,

Tu vas pouvoir supprimer navilog sinon postes un nouveau rapport hijackthis stp
-1
Réponse 13 / 13
BP'S Messages postés 1607 Statut Membre 314
 
reuh,

Scan ton pc avec malwarebyte's puis postes le rapport obtenu ( le scan se fera en mode sans echec, pour cela frappe tout doucement de façon répétée sur la touche F8 au démarrage du pc )
lien pour télécharger et installer malwarebyte's => ici <=
-1

Discussions similaires

FOTOSE (allemagne)
lix -
Yves -

13 réponses
Formaté mais pas de connexion Internet ?
VissErale -
VissErale -

4 réponses
ATTENTION : escroquerie à la carte bleue !!
dvrg -
dvrg -

80 réponses
Virus Android page internet qui s'ouvre
Maxibaer -
Gars sympa -

3 réponses