Fenetre Pop Up impossible a enlever...

Fermé

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 - 22 oct. 2008 à 17:18
totobetourne - 9 nov. 2008 à 17:06

Bonjour,

J'ai depuis une semaine des Pop up... c'est la première fois que ca m'arrive sur cette ordinateur âgé de 6 mois...
Mon navigateur est Mozilla 3 sous Vista avec comme anti virus Avira Antivir (version gratuite) et comme pare feu celui de windows qui me semble suffisant.

J'ai fait plusieurs analyse par Hijackthis puis par Navilog1, de nombreuses analyse par Ad aware/Spybot/antivir...

Mais le résultat est toujours le même! peut être que vous pouvez m'aider voici le rapport Hijackthis:

"Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:02:08, on 22/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Volumouse\volumouse.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Vista Anti-Lag\val.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\hanalyse\HJHa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.everyoneweb.com/AziaTikTak/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files\Volumouse\volumouse.exe" /nodlg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Vista Anti-Lag.lnk = Vista Anti-Lag\val.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Anyplace Control Security - Unknown owner - C:\Windows\svcadmin.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

A voir également:

Fenetre Pop Up impossible a enlever...
Pop up mcafee - Accueil - Piratage
Serveur pop - Guide
Autoriser pop up firefox - Guide
Enlever pub youtube - Accueil - Streaming
Comment enlever une page sur word - Guide

41 réponses

Réponse 21 / 41

Utilisateur anonyme
22 oct. 2008 à 21:42

non attends confirmation j en suis pas certain que ce soit la cause de ton probleme

Réponse 22 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
22 oct. 2008 à 22:32

Ok pas de problème

Réponse 23 / 41

Utilisateur anonyme
23 oct. 2008 à 13:35

oui suis ce que dit Marie tu peux lui faire confiance elle beaucoup calée en desinfection....moi memme je prends exemple dessus (enfin j essaie)

Réponse 24 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
23 oct. 2008 à 18:48

Voila le raport

-------------- UsbFix V2.395 ---------------

* User : Famille VU - PC-DE-FAMILLEVU
* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 18:42:53 le 23/10/2008
* Windows Vista - Internet Explorer 7.0.6001.18000

--------------- [ Processus actifs ] ----------------

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Users\FAMILL~1\AppData\Local\Temp\927E.tmp\b2e.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Volumouse\volumouse.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Vista Anti-Lag\val.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe
D: - Lecteur fixe
K: - Lecteur fixe

--------------- [ Registre / Startup ] ----------------

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Windows Defender REG_EXPAND_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
RtHDVCpl REG_SZ RtHDVCpl.exe
Acer Empowering Technology Monitor REG_SZ C:\Windows\system32\SysMonitor.exe
Acer Tour REG_SZ
WarReg_PopUp REG_SZ C:\Acer\WR_PopUp\WarReg_PopUp.exe
eRecoveryService REG_SZ
eDataSecurity Loader REG_SZ C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
avgnt REG_SZ "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
????r REG_SZ
ISUSPM Startup REG_SZ "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
$Volumouse$ REG_SZ "C:\Program Files\Volumouse\volumouse.exe" /nodlg

--------------- [ Registre / Mountpoint2 ] ----------------

-> Recherche négative.

--------------- [ Nettoyage des disques ] ----------------

--------------- ! Fin du rapport ! ----------------

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
23 oct. 2008 à 19:54

Pour info les pop ups sont toujours la!!! tenace :s !

Réponse 26 / 41

^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
23 oct. 2008 à 19:57

Refais un log hijackthis -- stp

Réponse 27 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
3 nov. 2008 à 21:59

Bonsoir

Désoler pour le retard mais j'étais partie en vacance ;)

Voila le rapport Hijack

Les pop ups sont toujours la . . .

Réponse 28 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
3 nov. 2008 à 22:00

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:38, on 03/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Volumouse\volumouse.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Vista Anti-Lag\val.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Program Files\WC3Banlist\WC3Banlist.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\hanalyse\HJHa.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.everyoneweb.com/AziaTikTak/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\FAMILL~1\AppData\Local\Temp\IXP001.TMP\"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files\Volumouse\volumouse.exe" /nodlg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Vista Anti-Lag.lnk = Vista Anti-Lag\val.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Anyplace Control Security - Unknown owner - C:\Windows\svcadmin.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe

Réponse 29 / 41

^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
3 nov. 2008 à 22:50

Salut

Télécharges ComboFix à partir d'un de ces liens :
En premier
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

► Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. /!\

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

+ 1 log hijackthis

Réponse 30 / 41

Utilisateur anonyme
3 nov. 2008 à 22:54

Salut,

pour suivre

biz a tous

Réponse 31 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 12:03

Je suis en train de poster le rapport combofix mais c'est très long en attendant voici celui de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59:21, on 04/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Volumouse\volumouse.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\hanalyse\HJHa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.everyoneweb.com/AziaTikTak/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files\Volumouse\volumouse.exe" /nodlg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Vista Anti-Lag.lnk = Vista Anti-Lag\val.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Anyplace Control Security - Unknown owner - C:\Windows\svcadmin.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe

Réponse 32 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 12:06

Impossible d'envoyer le rapport combo fix...

Je n'est plus de pop up le rapport semble trop long je vais le poster en plusieurs foit

ComboFix 08-11-03.04 - Famille VU 2008-11-04 11:47:07.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.1.1036.18.779 [GMT 1:00]
Lancé depuis: c:\users\Famille VU\Desktop\ComboFix.exe
* Un nouveau point de restauration a été créé
.
[color=purple]Les fichiers ci-dessous ont été désactivés pendant l'exécution:[/color]
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\System32\QYJSBccf.ini
c:\windows\System32\QYJSBccf.ini2
c:\windows\system32\yoatklnn.ini

----- BITS: Il y a peut-être des sites infectés -----

hxxp://www.criticalsetup.com
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-04 au 2008-11-04 ))))))))))))))))))))))))))))))))))))
.

2008-11-03 18:09 . 2008-11-03 18:09 <REP> d-------- c:\users\Famille VU\AppData\Roaming\vlc
2008-11-02 18:41 . 2008-11-02 18:41 268 --ah----- C:\sqmdata00.sqm
2008-11-02 18:41 . 2008-11-02 18:41 244 --ah----- C:\sqmnoopt00.sqm
2008-11-02 18:41 . 2008-11-02 18:41 172 --ah----- C:\sqmnoopt02.sqm
2008-11-02 18:41 . 2008-11-02 18:41 172 --ah----- C:\sqmnoopt01.sqm
2008-11-02 18:41 . 2008-11-02 18:41 172 --ah----- C:\sqmdata02.sqm
2008-11-02 18:41 . 2008-11-02 18:41 172 --ah----- C:\sqmdata01.sqm
2008-10-23 17:34 . 2008-11-03 21:56 <REP> d-------- c:\program files\UsbFix
2008-10-23 17:33 . 2008-10-23 18:34 <REP> d-------- c:\users\Famille VU\AppData\Roaming\TeamViewer
2008-10-23 17:32 . 2008-10-23 17:32 <REP> d-------- c:\users\Famille VU\temp
2008-10-23 17:32 . 2008-10-23 17:33 <REP> d-------- c:\program files\TeamViewer3
2008-10-22 20:35 . 2008-10-22 20:35 <REP> d-------- c:\users\All Users\ma-config.com
2008-10-22 20:35 . 2008-10-22 20:35 <REP> d-------- c:\programdata\ma-config.com
2008-10-22 20:35 . 2008-10-22 20:35 <REP> d-------- c:\program files\ma-config.com
2008-10-22 20:05 . 2008-10-22 20:05 <REP> d-------- c:\program files\Common Files\Steam
2008-10-22 16:32 . 2008-10-22 16:32 <REP> d-------- c:\users\Famille VU\AppData\Roaming\Malwarebytes
2008-10-22 16:32 . 2008-10-22 16:32 <REP> d-------- c:\users\All Users\Malwarebytes
2008-10-22 16:32 . 2008-10-22 16:32 <REP> d-------- c:\programdata\Malwarebytes
2008-10-22 16:32 . 2008-10-22 16:32 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-10-22 16:32 . 2008-10-16 19:25 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-10-22 16:32 . 2008-10-16 19:25 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-10-22 10:25 . 2008-09-11 21:23 15,648 --a------ c:\windows\System32\drivers\NSDriver.sys
2008-10-22 10:25 . 2008-09-11 21:23 15,648 --a------ c:\windows\System32\drivers\AWRTRD.sys
2008-10-22 10:25 . 2008-09-11 21:23 12,960 --a------ c:\windows\System32\drivers\AWRTPD.sys
2008-10-21 17:49 . 2008-10-21 20:24 <REP> d-------- c:\program files\Navilog1
2008-10-20 20:40 . 2008-10-20 20:41 238,498,740 --a------ C:\Sauv.reg
2008-10-20 19:51 . 2008-10-20 19:51 <REP> d-------- c:\program files\CleanUp!
2008-10-19 10:58 . 2008-10-19 10:58 <REP> d--h----- c:\windows\System32\dwrcssft
2008-10-19 10:57 . 2008-10-19 10:57 <REP> d-------- c:\users\Famille VU\AppData\Roaming\DWMRCMSI
2008-10-18 19:39 . 2008-09-10 12:06 61,440 --a------ c:\windows\System32\DWRCSh32.DLL
2008-10-18 19:38 . 2008-10-19 11:01 <REP> d-------- c:\users\Famille VU\AppData\Roaming\DameWare Development
2008-10-18 17:32 . 2008-10-18 17:32 <REP> d-------- c:\program files\RealVNC
2008-10-16 12:38 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-10-16 12:38 . 2008-10-02 04:49 827,392 --a------ c:\windows\System32\wininet.dll
2008-10-16 12:25 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe
2008-10-16 12:25 . 2008-09-18 06:09 3,549,240 --a------ c:\windows\System32\ntoskrnl.exe
2008-10-16 12:16 . 2008-09-18 03:16 2,032,640 --a------ c:\windows\System32\win32k.sys
2008-10-16 12:14 . 2008-08-27 02:06 288,768 --a------ c:\windows\System32\drivers\srv.sys
2008-10-15 17:06 . 2008-10-15 17:07 <REP> d-------- c:\program files\Volumouse
2008-10-15 17:06 . 2008-10-15 17:06 39,424 --a------ c:\windows\zipinst.exe
2008-10-11 21:03 . 2008-10-22 21:30 <REP> d-------- c:\users\Famille VU\AppData\Roaming\LimeWire
2008-10-11 21:02 . 2008-10-11 21:03 <REP> d-------- c:\program files\LimeWire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 22:22 --------- d-----w c:\program files\Warcraft III
2008-10-23 06:45 --------- d-----w c:\users\Famille VU\AppData\Roaming\uTorrent
2008-10-22 15:00 --------- d-----w c:\program files\Trend Micro
2008-10-22 09:28 --------- d-----w c:\programdata\Spybot - Search & Destroy
2008-10-20 18:49 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-18 16:42 --------- d-----w c:\program files\StuffPlug3
2008-10-17 01:05 --------- d-----w c:\program files\Windows Mail
2008-10-11 20:15 --------- d-----w c:\users\Famille VU\AppData\Roaming\Shareaza
2008-10-08 15:53 --------- d-----w c:\users\Famille VU\AppData\Roaming\Skype
2008-10-08 14:28 --------- d-----w c:\users\Famille VU\AppData\Roaming\skypePM
2008-10-02 20:42 --------- d-----w c:\program files\Foto-Mosaik
2008-10-02 20:40 --------- d-----w c:\program files\AndreaMosaic
2008-10-02 20:34 737,280 ----a-w c:\windows\iun6002.exe
2008-09-28 18:13 --------- d-----w c:\users\Famille VU\AppData\Roaming\teamspeak2
2008-09-27 08:42 --------- d-----w c:\program files\CCleaner
2008-09-23 20:24 --------- d-----w c:\programdata\WLInstaller
2008-09-23 20:22 --------- d-----w c:\program files\Windows Live
2008-09-23 19:15 --------- d-----w c:\program files\Microsoft
2008-09-23 19:02 --------- d-----w c:\program files\Common Files\Windows Live
2008-09-23 18:42 --------- d-----w c:\program files\Dofus
2008-09-14 11:08 --------- d-----w c:\program files\Windows Live Safety Center
2008-09-12 06:22 --------- d-----w c:\program files\Google
2008-09-11 20:40 --------- d-----w c:\program files\The KMPlayer
2008-09-11 20:21 --------- d-----w c:\program files\Lavasoft
2008-09-11 20:15 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-09-11 17:05 --------- d--h--w c:\program files\InstallShield Installation Information
2008-09-11 17:03 --------- d-----w c:\program files\Gnumeric
2008-09-11 17:03 --------- d-----w c:\program files\AVS4YOU
2008-06-23 15:29 174 --sha-w c:\program files\desktop.ini
2008-02-27 18:36 32 ----a-w c:\users\All Users\ezsid.dat
2008-02-27 18:36 32 ----a-w c:\programdata\ezsid.dat
2007-10-21 16:14 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-10-21 16:14 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-10-21 16:14 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" [?]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"$Volumouse$"="c:\program files\Volumouse\volumouse.exe" [2008-09-21 31232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-11-23 319488]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-07 464168]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-08-03 266497]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe]

c:\users\Famille VU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Vista Anti-Lag.lnk - c:\program files\Vista Anti-Lag\val.exe [2007-04-10 143360]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WiFi Station.lnk - c:\program files\Hercules\WiFi Station\WifiStation.exe [2007-10-21 626176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= c:\acer\EMPOWE~1\eMode\PCM\Kernel\Burner\MKDMP3Enc.ACM
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
"VIDC.I420"= emYUV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\?????????]
??????????????e [?]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 21:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-10-25 15:33 563984 c:\program files\Common Files\logishrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-10-25 15:37 2178832 c:\program files\Logitech\QuickCam\Quickcam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--a------ 2006-11-25 00:57 151552 c:\acer\Empowering Technology\eMode\PCM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-10 23:26 406016 c:\windows\System32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-11-30 06:54 282624 c:\program files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-01-12 22:08 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB2Check]
--a------ 2005-12-21 09:14 73728 c:\windows\System32\PCLECoInst.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3924145301-249925094-2446641776-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

Réponse 33 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 12:06

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{807E5DC2-E5BC-473C-94C4-50F1CFB1F978}"= UDP:c:\acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"{7174BCCA-F1B0-4D40-9C76-5DAD5905E41B}"= TCP:c:\acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"TCP Query User{CAB27761-8D80-4B54-B889-1DE85EEC71A9}c:\\program files\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{58E6A7E3-DC3F-431A-8EB1-502E8BA4483E}c:\\program files\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"{0175D796-C5E5-4B6E-ABA1-295EDE82ADA1}"= UDP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"{2812D412-91B8-4D7B-994B-97CF16483ACE}"= TCP:c:\program files\Shareaza\Shareaza.exe:Shareaza
"TCP Query User{06610A9C-3761-4A02-AFBE-912CF23ED300}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{D03A0618-F688-4D78-B3DC-D7402F62B190}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{A53E1CA1-01AA-435D-92DD-DB637A6CBB6F}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{5347A5F6-739E-41E7-8105-DBAFF73A2686}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{43F4F2D5-44E0-49F5-8FA3-E9BEB23BD4B0}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{95578398-F7E7-4987-A890-F6415DFA165B}c:\\program files\\common files\\pocketsoft\\rtpatch\\autortp\\artpschd.exe"= UDP:c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe:artpschd
"UDP Query User{26480415-1941-4A5B-A5AD-98D381B6FD2F}c:\\program files\\common files\\pocketsoft\\rtpatch\\autortp\\artpschd.exe"= TCP:c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe:artpschd
"TCP Query User{D53CA7E3-2432-43CE-8F6B-EA56F10B4AF1}c:\\program files\\pro evolution soccer 2008\\pes2008.exe"= UDP:c:\program files\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"UDP Query User{3B168F0F-BE77-4EE3-98F1-9BCDF5C0262B}c:\\program files\\pro evolution soccer 2008\\pes2008.exe"= TCP:c:\program files\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008
"{6B49B21E-99C2-4465-A732-7090FDC125D0}"= UDP:c:\program files\WC3Banlist\WC3Banlist.exe:WC3Banlist
"{43D7F0D1-F93B-4EEE-BD57-2657F22DA393}"= TCP:c:\program files\WC3Banlist\WC3Banlist.exe:WC3Banlist
"TCP Query User{C003B562-49C9-4AA2-9C91-8C53AE71C1CC}c:\\program files\\mozilla firefox 3 beta 2\\firefox.exe"= UDP:c:\program files\mozilla firefox 3 beta 2\firefox.exe:Firefox
"UDP Query User{032F724B-F863-4E17-8790-9AD5C5667F5C}c:\\program files\\mozilla firefox 3 beta 2\\firefox.exe"= TCP:c:\program files\mozilla firefox 3 beta 2\firefox.exe:Firefox
"TCP Query User{6546270A-CA8A-471E-BE37-1C82847C553E}c:\\program files\\et.exe"= UDP:c:\program files\et.exe:ET
"UDP Query User{9912396D-7C96-438E-8E8A-57E090BB0DBE}c:\\program files\\et.exe"= TCP:c:\program files\et.exe:ET
"TCP Query User{003538F1-B644-4B02-A948-D48BCB6C6F7C}c:\\users\\famille vu\\desktop\\pickup.listchecker\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\pickup.listchecker\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{B3F479C6-105C-4110-A5B6-84991D682FEF}c:\\users\\famille vu\\desktop\\pickup.listchecker\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\pickup.listchecker\pickup.listchecker.exe:pickup.listchecker.exe
"{174AA96B-F4F5-4CDD-AE7C-7E4DAA8826CB}"= Disabled:UDP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer
"{DC576CCC-D625-4CDE-B258-FCFF67EF12AC}"= Disabled:TCP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer
"TCP Query User{CD2FC774-AE0C-407A-9DC6-3C4279B6B58D}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{7098DE7B-A09A-4768-A867-4CB776410A74}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{6D1D55D4-3737-461C-A178-9DEF437FF880}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{E5E598A5-4391-496A-BFDB-07BA873B2E08}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{B9CA38AE-2AAD-4EEB-93DD-D26EDC73C307}c:\\users\\famille vu\\desktop\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{84AFAAF9-ADD0-4C86-80DA-5A9DDD792C76}c:\\users\\famille vu\\desktop\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\pickup.listchecker.exe:pickup.listchecker.exe
"TCP Query User{E44B036E-107E-4877-9B83-AA1C804EEEDA}c:\\users\\famille vu\\desktop\\cyphonia.exe"= UDP:c:\users\famille vu\desktop\cyphonia.exe:cyphonia.exe
"UDP Query User{04FAAF9D-4083-4206-A4CB-86300F90AFF6}c:\\users\\famille vu\\desktop\\cyphonia.exe"= TCP:c:\users\famille vu\desktop\cyphonia.exe:cyphonia.exe
"TCP Query User{8A00F678-A8AA-4A17-83B4-C7B4BD94E4A3}c:\\valve\\condition zero\\czero.exe"= UDP:c:\valve\condition zero\czero.exe:Condition Zero Launcher
"UDP Query User{45A9A423-F3CE-4238-B978-A96AC6C6395A}c:\\valve\\condition zero\\czero.exe"= TCP:c:\valve\condition zero\czero.exe:Condition Zero Launcher
"TCP Query User{4D4660B3-7DF9-4ED9-B672-8D79B5A58D6E}c:\\program files\\world of warcraft\\wow-2.4.0-frfr-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.4.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{AA64786F-109C-4423-9037-4D2ED00FFB0E}c:\\program files\\world of warcraft\\wow-2.4.0-frfr-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.4.0-frfr-downloader.exe:Blizzard Downloader
"{3D10C103-38B9-4FBE-A6A2-DAF48AF02EAF}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-downloader.exe:Blizzard Downloader
"{CB73E7AB-4B9B-4615-99E5-646CF4A5D363}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.3.2.7741-to-2.3.3.7799-frFR-downloader.exe:Blizzard Downloader
"{8EB28FF2-9E00-4A34-A33A-1BF06C0FB169}"= UDP:3724:Blizzard Downloader: 3724
"TCP Query User{9C651832-3069-4B2A-8729-76DA5ED6ADDA}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{F6C866BA-AB01-4D98-94EC-CDECFD036A1E}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"TCP Query User{AFCCBD70-0B02-4F83-84E5-D44594C87130}c:\\program files\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{F708A9EF-3DFC-495D-95CE-1B89B0E6D089}c:\\program files\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{4343BBA7-2100-4BCC-AD7D-E1E740B0A21A}c:\\program files\\steam\\steamapps\\mcquynh\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\mcquynh\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{22E96339-71F3-44CD-9F77-526CB4D842A4}c:\\program files\\steam\\steamapps\\mcquynh\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\mcquynh\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{9A44E41D-A1E2-4096-83C9-53FE3995EDA1}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{CBD70F9D-2B1C-4979-9D73-6CC3994BB3F3}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{9FDF4F67-8491-48E1-A339-1A06E96678DE}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{7F92065B-63EF-45DD-8E20-4D03145B99FC}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"TCP Query User{824A7522-D9E8-4BE6-94B5-F857FC05E9BC}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{202604E7-8F46-4E30-8351-E8AE53C6EB41}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{3B01C08F-764D-4CFB-A35F-DA0F82AF7D68}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"UDP Query User{B367099A-37CD-4544-B674-E8952DD3B571}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:bittorrent
"TCP Query User{A69E7C10-2A5C-4115-8088-765885BC793D}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{B5EB22B8-6118-4F0E-B61B-1FB6E7868424}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{BC4BAB03-5A26-4678-A2E5-76E07A6816C6}c:\\program files\\steam\\steamapps\\guismo69200\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\guismo69200\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{9911C02A-C195-4524-BDF4-978B5098F8FE}c:\\program files\\steam\\steamapps\\guismo69200\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\guismo69200\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{482ADEFD-39E9-4F37-A9D8-724D79CC3EEC}c:\\program files\\steam\\steamapps\\hadrienkiller\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\hadrienkiller\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{CE7B8182-2C4E-4DAA-8518-19F4EC9CDE09}c:\\program files\\steam\\steamapps\\hadrienkiller\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\hadrienkiller\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{6268353C-ECE0-416A-9122-8A52FC675674}c:\\program files\\steam\\steamapps\\mcquynh\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\mcquynh\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{E20E766D-C05A-46C8-A9D3-27100B833E55}c:\\program files\\steam\\steamapps\\mcquynh\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\mcquynh\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{2AA5C57F-567C-476D-B1C7-780445C12D38}c:\\users\\famille vu\\desktop\\divers telechargement\\1280_starcraft2gameplayvideo_french2-avi-downloader.exe"= UDP:c:\users\famille vu\desktop\divers telechargement\1280_starcraft2gameplayvideo_french2-avi-downloader.exe:1280_starcraft2gameplayvideo_french2-avi-downloader.exe
"UDP Query User{ED982D89-A6CE-4CF1-8A11-F2E1E20BC78F}c:\\users\\famille vu\\desktop\\divers telechargement\\1280_starcraft2gameplayvideo_french2-avi-downloader.exe"= TCP:c:\users\famille vu\desktop\divers telechargement\1280_starcraft2gameplayvideo_french2-avi-downloader.exe:1280_starcraft2gameplayvideo_french2-avi-downloader.exe
"TCP Query User{AFD75213-CE13-441B-AE99-35DABAA40C9F}c:\\users\\famille vu\\desktop\\divers telechargement\\terran_demo_french_sub.avi-downloader.exe"= UDP:c:\users\famille vu\desktop\divers telechargement\terran_demo_french_sub.avi-downloader.exe:terran_demo_french_sub.avi-downloader.exe
"UDP Query User{6B9DDE36-7F7B-40AD-AAF0-093C83117078}c:\\users\\famille vu\\desktop\\divers telechargement\\terran_demo_french_sub.avi-downloader.exe"= TCP:c:\users\famille vu\desktop\divers telechargement\terran_demo_french_sub.avi-downloader.exe:terran_demo_french_sub.avi-downloader.exe
"TCP Query User{DBB16C6E-4887-410C-996C-42EF166CE5AB}c:\\users\\famille vu\\desktop\\divers telechargement\\zerg_reveal_final_french_xvid.avi-downloader.exe"= UDP:c:\users\famille vu\desktop\divers telechargement\zerg_reveal_final_french_xvid.avi-downloader.exe:zerg_reveal_final_french_xvid.avi-downloader.exe
"UDP Query User{FAEF9382-047E-40DB-BE3D-136194C29204}c:\\users\\famille vu\\desktop\\divers telechargement\\zerg_reveal_final_french_xvid.avi-downloader.exe"= TCP:c:\users\famille vu\desktop\divers telechargement\zerg_reveal_final_french_xvid.avi-downloader.exe:zerg_reveal_final_french_xvid.avi-downloader.exe
"TCP Query User{B8D8246F-43AA-43AD-8724-C17038728D94}c:\\program files\\steam\\steamapps\\gunther38\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\gunther38\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{1B114672-D143-4C76-A4F6-7D3EAE8EDEE3}c:\\program files\\steam\\steamapps\\gunther38\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\gunther38\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{F12DEC3C-FDEB-4D46-919A-85FE3A60F2BB}c:\\program files\\steam\\steamapps\\lorenzino69\\condition zero\\hl.exe"= UDP:c:\program files\steam\steamapps\lorenzino69\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{7964EC35-8B10-4AE9-93B2-364D292C89BF}c:\\program files\\steam\\steamapps\\lorenzino69\\condition zero\\hl.exe"= TCP:c:\program files\steam\steamapps\lorenzino69\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{E1EBB5D3-8DB4-477F-A7AA-56976A2AD630}c:\\users\\famille vu\\desktop\\divers telechargement\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\divers telechargement\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{DD488369-4584-44BC-BDD8-8A2C5EF487B0}c:\\users\\famille vu\\desktop\\divers telechargement\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\divers telechargement\pickup.listchecker.exe:pickup.listchecker.exe
"TCP Query User{BB32C0D0-96E0-49C8-A31E-5E5382C45AAA}c:\\users\\famille vu\\desktop\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{CF9DAB39-A573-4400-B5DF-2E2679ACE268}c:\\users\\famille vu\\desktop\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\pickup.listchecker.exe:pickup.listchecker.exe
"TCP Query User{38BE19D6-03EF-4F84-B617-9229E4DEBBCF}c:\\program files\\steam\\steamapps\\evictionz\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\evictionz\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{86C68E6B-2F71-49C7-BD75-827AC14AB80E}c:\\program files\\steam\\steamapps\\evictionz\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\evictionz\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{916067E5-7161-4B8B-AAC8-D80CC880D4E6}c:\\users\\famille vu\\desktop\\wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe"= UDP:c:\users\famille vu\desktop\wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe:wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe
"UDP Query User{67D9D39D-6EBB-4832-ADB7-B7602CCB434F}c:\\users\\famille vu\\desktop\\wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe"= TCP:c:\users\famille vu\desktop\wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe:wow-2.4.2.8278-to-0.4.3.8478-engb-downloader.exe
"TCP Query User{600C96BE-0EF1-446E-89F8-0A557FC7DC8F}c:\\users\\famille vu\\desktop\\divers\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\divers\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{CB7D17DD-F43F-4CBF-910E-DAC0013F1B21}c:\\users\\famille vu\\desktop\\divers\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\divers\pickup.listchecker.exe:pickup.listchecker.exe
"TCP Query User{C0C000EB-A997-44C5-AFE2-27D6F86504F6}c:\\users\\famille vu\\desktop\\divers\\pickup.listchecker.exe"= UDP:c:\users\famille vu\desktop\divers\pickup.listchecker.exe:pickup.listchecker.exe
"UDP Query User{D2DEC4D7-4D31-4286-86BA-1B1F4F3FA37F}c:\\users\\famille vu\\desktop\\divers\\pickup.listchecker.exe"= TCP:c:\users\famille vu\desktop\divers\pickup.listchecker.exe:pickup.listchecker.exe
"{77A424F6-561B-452E-B9C8-31F354361DB7}"= UDP:c:\program files\Pinnacle\Studio 10\programs\RM.exe:Render Manager
"{A38586D0-C3DA-4B8D-9CA0-C6EAACCFE9FF}"= TCP:c:\program files\Pinnacle\Studio 10\programs\RM.exe:Render Manager
"{8AA8F84D-2782-44DF-B7B9-5ECA44F11DEC}"= UDP:c:\program files\Pinnacle\Studio 10\programs\Studio.exe:Studio

Réponse 34 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 12:07

"{D3A2196F-9BA2-4BD8-A6B2-131B7A430627}"= TCP:c:\program files\Pinnacle\Studio 10\programs\Studio.exe:Studio
"{5DBC153F-586E-4F45-9EBE-8F5742B8A5EC}"= UDP:c:\program files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:PMSRegisterFile
"{8FF6C7FA-DC11-4EAC-95D9-8284FA777C56}"= TCP:c:\program files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:PMSRegisterFile
"{AF45EED0-3B1A-4336-9CF5-A2F57799023E}"= UDP:c:\program files\Pinnacle\Studio 10\programs\umi.exe:umi
"{ED28451D-72FC-4D37-BB66-5E97CDD62F10}"= TCP:c:\program files\Pinnacle\Studio 10\programs\umi.exe:umi
"{B3794DD6-E12F-48E6-ABFF-A3C5179267A6}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{29638876-EC1B-40A7-A210-92CDE64A8D40}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{680C7B4C-7BEF-45E1-9154-2E249D2BF036}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{A998FF86-DB5C-402D-A58C-DA96E4D45F44}k:\\steam\\steamapps\\thomale\\condition zero\\hl.exe"= UDP:k:\steam\steamapps\thomale\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{9A6C9D5C-DEA8-4F60-888F-79CF67E4094E}k:\\steam\\steamapps\\thomale\\condition zero\\hl.exe"= TCP:k:\steam\steamapps\thomale\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{B625E8AE-5EB0-45EA-96CB-88C70305FF26}c:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{4140C084-2B92-403A-8AF1-62A394D5293A}c:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{90264961-8C6D-46CE-9389-7F9D510DFC56}k:\\divertissement\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= UDP:k:\divertissement\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{D425D111-C402-41DB-9DA9-2C106E7017C3}k:\\divertissement\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= TCP:k:\divertissement\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"{935E4C5F-7831-45B4-B6D7-B9A1BB25DDDA}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{9151BF89-79D7-41DD-8432-3FAE621EFAD2}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"TCP Query User{CE20FBD6-70E0-4EBC-83F1-89345A23F044}c:\\program files\\realvnc\\vnc4\\winvnc4.exe"= UDP:c:\program files\realvnc\vnc4\winvnc4.exe:VNC Server Free Edition for Win32
"UDP Query User{FE8D3DAE-821B-4CD9-9057-66DB158346AF}c:\\program files\\realvnc\\vnc4\\winvnc4.exe"= TCP:c:\program files\realvnc\vnc4\winvnc4.exe:VNC Server Free Edition for Win32
"TCP Query User{A50C72E3-9433-4E01-995F-152EDFC90C3F}k:\\divertissement\\jeux vidéo\\steam\\steamapps\\valentin69260\\condition zero\\hl.exe"= UDP:k:\divertissement\jeux vidéo\steam\steamapps\valentin69260\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{F5C3C5DC-2704-49CE-BF2A-78D2EF0E5BD6}k:\\divertissement\\jeux vidéo\\steam\\steamapps\\valentin69260\\condition zero\\hl.exe"= TCP:k:\divertissement\jeux vidéo\steam\steamapps\valentin69260\condition zero\hl.exe:Half-Life Launcher
"{0C8E82B7-2B0B-4469-AD7E-C56208A324A8}"= UDP:6129:DameWare Mini Remote Control Service
"TCP Query User{328EEB6C-7528-4FDC-A7C0-C7E6F76DE613}c:\\program files\\realvnc\\vnc4\\vncviewer.exe"= UDP:c:\program files\realvnc\vnc4\vncviewer.exe:VNC Viewer Free Edition for Win32
"UDP Query User{050FF9D2-5383-4573-90C4-D1AB0FE019A5}c:\\program files\\realvnc\\vnc4\\vncviewer.exe"= TCP:c:\program files\realvnc\vnc4\vncviewer.exe:VNC Viewer Free Edition for Win32
"TCP Query User{3F8FBC91-041C-46EC-BC5D-69D5A3316908}k:\\divertissement\\jeux vidéo\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= UDP:k:\divertissement\jeux vidéo\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{7E058BE7-3613-486F-A832-B14FA8BC95BF}k:\\divertissement\\jeux vidéo\\steam\\steamapps\\kharnak120\\condition zero\\hl.exe"= TCP:k:\divertissement\jeux vidéo\steam\steamapps\kharnak120\condition zero\hl.exe:Half-Life Launcher
"{37E452F4-C94A-480A-94EC-7569EDB5933C}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{40264E9E-9F75-4EB5-B99E-97894CC59227}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{840AEA76-3DA9-44F1-B4CD-BC532B22AB42}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{ED0CFC80-8ADF-4B85-A0FD-74463F2B6CDA}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{4EBB75E4-48C5-4240-8A67-429CB943DF5F}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{D24C83F2-A006-4270-AC1B-705D52667F65}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2008-04-24 104960]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R2 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Service.exe [2008-10-07 185640]
R3 yukonwlh;Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon;c:\windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 Steam Client Service;Steam Client Service;c:\program files\Common Files\Steam\SteamService.exe [2008-10-19 87288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-Google Update - c:\users\Famille VU\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-LaunchList - c:\program files\Pinnacle\Studio 10\LaunchList.exe
MSConfigStartUp-LDM - \Program\BackWeb-8876480.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
MSConfigStartUp-Stop The Popup - c:\program files\Stop The Popup\StpPopup.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-USBToolTip - c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe
MSConfigStartUp-Zilla Popup Killer - c:\program files\Zilla Popup Killer\ZillaPop.exe

.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\users\Famille VU\AppData\Roaming\Mozilla\Firefox\Profiles\6afwzex6.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/ig?hl=fr&source=iglk
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\ma-config.com\nphardwaredetection.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-04 11:52:14
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\program files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\logishrd\LVCOMSER\LVComSer.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\WUDFHost.exe
c:\acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\conime.exe
c:\windows\System32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2008-11-04 11:55:50 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-04 10:55:33

Avant-CF: 36 124 209 152 octets libres
Après-CF: 35,830,366,208 octets libres

355 --- E O F --- 2008-10-18 10:45:42

Réponse 35 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 12:15

Oups en faite j'ai toujours ces ***** de pop ups...

J'ai pourtant suivie toute la procédure...

Réponse 36 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 16:28

[ Rapport ToolsCleaner version 2.2.5 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\Combofix: trouvé !
C:\Qoobox: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\hanalyse\hijackthis.log: trouvé !
C:\Program Files\UsbFix\UsbFix.exe: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Navilog1: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navilog1: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navilog1\Navilog1.lnk: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\Navilog1: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Navilog1: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Navilog1\Navilog1.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: trouvé !
C:\Users\Famille VU\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\UsbFix: trouvé !
C:\Users\Famille VU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UsbFix: trouvé !
C:\Users\Famille VU\Desktop\HijackThis.lnk: trouvé !
C:\Users\Famille VU\Desktop\Navilog1.exe: trouvé !
C:\Users\Famille VU\Desktop\ComboFix.exe: trouvé !
C:\Users\Famille VU\Desktop\UsbFix.lnk: trouvé !
C:\Users\Famille VU\Desktop\Divers telechargement\UsbFix.exe: trouvé !
C:\Users\Famille VU\Desktop\Sécurité\Navilog1.exe: trouvé !
C:\Users\Famille VU\Desktop\Sécurité\HJTInstall.exe: trouvé !
C:\Users\Public\Desktop\Navilog1.lnk: trouvé !

---------------------------------
-->- Suppression:

C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navilog1\Navilog1.lnk: supprimé !
C:\Users\Famille VU\Desktop\HijackThis.lnk: supprimé !
C:\Users\Famille VU\Desktop\Navilog1.exe: supprimé !
C:\Users\Famille VU\Desktop\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Users\Famille VU\Desktop\Sécurité\Navilog1.exe: supprimé !
C:\Users\Famille VU\Desktop\Sécurité\HJTInstall.exe: supprimé !
C:\Users\Public\Desktop\Navilog1.lnk: supprimé !
C:\Combofix.txt: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Program Files\Trend Micro\hanalyse\hijackthis.log: supprimé !
C:\Program Files\UsbFix\UsbFix.exe: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix\UsbFix.lnk: supprimé !
C:\Users\Famille VU\Desktop\UsbFix.lnk: supprimé !
C:\Users\Famille VU\Desktop\Divers telechargement\UsbFix.exe: supprimé !
C:\Combofix: supprimé !
C:\Qoobox: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Navilog1: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\UsbFix: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navilog1: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UsbFix: supprimé !
C:\Users\Famille VU\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\UsbFix: ERREUR DE SUPPRESSION !!
C:\Users\Famille VU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UsbFix: supprimé !

Réponse 37 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 18:36

Le navilog que vous m'avez donner ne semble pas compatible avec mon ordinateur :s

^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
4 nov. 2008 à 18:42

Salut

Il est compatible avec Vista
Il faut bien suivre la procédure

Réponse 38 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 19:24

Ma version compatible vista fonctionne mais pas celle la :o

Lorsque je lance la recherche, Navilog m'annonce que la procédure peut prendre une 10 aines de minutes...
J'ai beau attendre, il ne se passe rien! ;s

Alors qu'avec ma version tout se passe bien :o

Voulez vous le rapport, cela ne change rien que se soie ma version ou de celle qui ne fonctionne pas :s enfin juste une question :p

Réponse 39 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
4 nov. 2008 à 19:34

Search Navipromo version 3.6.8 commencé le 04/11/2008 à 19:25:14,03

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Famille VU"

Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "c:\users\famill~1\appdata\roaming\micros~1\windows\startm~1\programs" ***

*** Recherche dossiers dans "C:\Users\Famille VU\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\Famille VU\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\Famille VU\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\Famille VU\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\Famille VU\AppData\Local" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\Famille VU\AppData\Local\Microsoft" :

* Dans "C:\Users\Famille VU\AppData\Local\virtualstore\windows\system32" :

* Dans "C:\Users\Famille VU\AppData\Local" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 04/11/2008 à 19:33:13,21 ***

Réponse 40 / 41

Cyphonia Messages postés 120 Date d'inscription mercredi 6 février 2008 Statut Membre Dernière intervention 11 janvier 2012 7
9 nov. 2008 à 13:32

Bon bah je voie que mon problème est résoluble seulement grace a un formatage merci de votre aide!

Discussions similaires

Comment lire un DVD avec un pop-up mobile external DVD-RW

Notifications pop UP sous Android 14