fenetre de publicité

Question

Bonjour,
je veux une solution car chaque fois quand j'ouvre l'internet il y des fenetre de publicité ouvre a part des fenetre de CID je crois
cette fenetre me derange beaucoup
merci

soulofbrunus · Answer

www.firefox.com
télécharge ce navigateur et hasta la vista les popup

crapoulou · Answer

Salut,
- Télécharge HijackThis Version 2.02 : 
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

- Enregistre HJTInstall.exe sur ton bureau.
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation 
- Clique sur Install ensuite sur I Accept 
- Clique sur Do a scan system and save log file 
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
Petit tuto si besoin : http://pageperso.aol.fr/balltrap34/demohijack.htm

soulofbrunus · Answer

firefox fait ca très bien aussi

crapoulou · Answer

Changer de navigateur ne désinfectera pas l'ordinateur infecté par l'infection navirpomo ...

Utilisateur anonyme · Answer

fenetre de pubs avec juste pub écrite ou animée ?
pub écrite > bloquer les pop-up
pub animée > désinstaller Adobe Flash Player avec un logiciel spécifique

crapoulou · Answer

Depuis quand on désinstalle Adobe Flash player ?
Sans ça tu navigues sur plus beaucoup de site car il y a beaucoup de sites en Flash !

Utilisateur anonyme · Answer

personnellement je l ai laissé , mais je le désinstalle pour des amis qui ne surf pas beaucoup !!!

soulofbrunus · Answer

"si tu veux que ca sente bon dans l'étable, tue la vache!"
useless la désintallation du flash player, surtout que de plus en plus de sites l'utilisent...

waelhl · Answer

quelle est la meilleur solution svp
merci

crapoulou · Answer

ah ok mais bon 
1. Si tu ne peux pas voir les sites en Flash c'est un inconvénient ...
2. Tu ne désinfecte pas l'ordi
3. Tu ne sais pas si l'utilisateur qui est infecté surf beaucoup ou pas et s'il en a besoin.

waelhl, je suis toujours là, j'attends le rapport.

crapoulou · Answer

Poste le rapport, fais moi confiance.

waelhl · Answer

quel rapport

soulofbrunus · Answer

wahel!

passe à FIREFOX
et adieu les popup, ce que IE ne sais pas faire ;)

crapoulou · Answer

Tout est écrit ici :
http://www.commentcamarche.net/forum/affich 9178527 fenetre de publicite?#2

crapoulou · Answer

Je suis d'ccord Mozilla Firefox est meilleur mais il faut désinfecter cet ordi alors laissez moi faire SVP.

waelhl · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45:35, on 31-10-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang NL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\meet peak.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cast option] C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
pjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
pjpi150_04.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

waelhl · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45:35, on 31-10-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang NL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA-zoomutility\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Application Data\Long slow road itch\meet peak.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD	oscdspd.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cast option] C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
pjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
pjpi150_04.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

waelhl · Answer

c le rapport que tu ma di

crapoulou · Answer

En effet tu es infecté.
Infection Lop pour les CID.

Télécharge LopS&D (de eric_71) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 
Enregistre le fichier sur ton bureau.
Lance l'installation.
Une fois le programme lancé tape F pour être en Français.
Puis exécute l'option 1 : Recherche.
Un rapport sera généré.
Poste le ici.
(Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\LopR.txt)
Petit tuto ici si besoin : http://www.malekal.com/tutorial_Lop_SD.php

waelhl · Answer

voila le rapport mon ami crapoulou


   --------------------\  Lop S&D 4.2.4-9   XP/Vista

   Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU           T2050  @ 1.60GHz )
   BIOS : PhoenixBIOS 4.0 Release 6.1     
   USER : HOB ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:29 Go (Free:7 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:63 Go (Free:59 Go)
   F:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 30-10-2008|21:58 )
   Option : [1] ( vr 31-10-2008|16:53 )
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [23-09-2008|07:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1	oshiba
   [0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
   [8|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

   [04-10-2008|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [24-09-2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
   [23-09-2008|07:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [04-10-2008|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [04-10-2008|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [25-09-2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
   [24-09-2008|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [30-10-2008|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [23-09-2008|07:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
   [25-09-2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25-09-2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [31-10-2008|13:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
   [25-09-2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
   [02-10-2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [24-09-2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
   [24-09-2008|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [24-09-2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [24-09-2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
   [20|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [23-09-2008|07:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1	oshiba
   [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
   [8|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

   [24-09-2008|15:54] C:\DOCUME~1\HOB\APPLIC~1\ACD Systems
   [24-09-2008|14:20] C:\DOCUME~1\HOB\APPLIC~1\Adobe
   [01-10-2008|23:00] C:\DOCUME~1\HOB\APPLIC~1\AdobeUM
   [04-10-2008|01:54] C:\DOCUME~1\HOB\APPLIC~1\Apple Computer
   [31-10-2008|16:46] C:\DOCUME~1\HOB\APPLIC~1\BitTorrent
   [31-10-2008|13:29] C:\DOCUME~1\HOB\APPLIC~1\Browseblahamok
   [25-09-2008|07:59] C:\DOCUME~1\HOB\APPLIC~1\DivX
   [31-10-2008|16:43] C:\DOCUME~1\HOB\APPLIC~1\DNA
   [25-09-2008|11:39] C:\DOCUME~1\HOB\APPLIC~1\EmailNotifier
   [24-09-2008|14:09] C:\DOCUME~1\HOB\APPLIC~1\Google
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1\Identities
   [23-09-2008|07:49] C:\DOCUME~1\HOB\APPLIC~1\Intel
   [24-10-2008|20:09] C:\DOCUME~1\HOB\APPLIC~1\Lingoes
   [23-09-2008|08:03] C:\DOCUME~1\HOB\APPLIC~1\Macromedia
   [16-10-2008|21:30] C:\DOCUME~1\HOB\APPLIC~1\Microsoft
   [25-09-2008|16:11] C:\DOCUME~1\HOB\APPLIC~1\Mozilla
   [23-09-2008|15:40] C:\DOCUME~1\HOB\APPLIC~1\Nero
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1\Sonic
   [29-09-2008|15:47] C:\DOCUME~1\HOB\APPLIC~1\Sun
   [25-09-2008|16:11] C:\DOCUME~1\HOB\APPLIC~1\Talkback
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1	oshiba
   [28-10-2008|14:49] C:\DOCUME~1\HOB\APPLIC~1\vlc
   [24-09-2008|14:42] C:\DOCUME~1\HOB\APPLIC~1\WinRAR
   [24-09-2008|14:14] C:\DOCUME~1\HOB\APPLIC~1\Yahoo!
   [0|bestand(en)] C:\DOCUME~1\HOB\APPLIC~1\bytes
   [26|map(pen)] C:\DOCUME~1\HOB\APPLIC~1\bytes beschikbaar

   [28-09-2008|17:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [23-09-2008|07:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [23-09-2008|07:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
   [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
   [5|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

   [23-09-2008|07:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
   [3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [31-10-2008 16:00][--ah-----] C:\WINDOWS	asks\ACFA868792CD059B.job
   [24-10-2008 19:58][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [31-10-2008 15:13][--ah-----] C:\WINDOWS	asks\SA.DAT
   [02-09-2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( ACFA868792CD059B.job )=( c:\docume~1\hob\applic~1\browse~1\FirstSafeFind.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [24-09-2008|20:50] C:\Program Files\ACD Systems
   [23-09-2008|07:45] C:\Program Files\Adobe
   [04-10-2008|01:52] C:\Program Files\Apple Software Update
   [25-09-2008|15:35] C:\Program Files\Athan
   [01-10-2008|21:14] C:\Program Files\BitTorrent
   [31-10-2008|13:28] C:\Program Files\Browseblahamok
   [04-10-2008|01:51] C:\Program Files\Common Files
   [24-03-2006|07:19] C:\Program Files\ComPlus Applications
   [23-09-2008|07:48] C:\Program Files\CONEXANT
   [24-09-2008|14:14] C:\Program Files\DivX
   [01-10-2008|21:14] C:\Program Files\DNA
   [02-10-2008|19:28] C:\Program Files\D-Tools
   [24-09-2008|14:06] C:\Program Files\Google
   [14-10-2008|13:54] C:\Program Files\InstallShield Installation Information
   [23-09-2008|07:49] C:\Program Files\Intel
   [26-09-2008|12:23] C:\Program Files\Internet Explorer
   [03-04-2006|22:07] C:\Program Files\InterVideo
   [04-10-2008|01:53] C:\Program Files\iPod
   [04-10-2008|01:53] C:\Program Files\iTunes
   [03-04-2006|22:07] C:\Program Files\Java
   [24-10-2008|20:09] C:\Program Files\Lingoes
   [25-09-2008|16:36] C:\Program Files\Logitech
   [31-10-2008|13:25] C:\Program Files\LunaPlayer
   [26-09-2008|12:29] C:\Program Files\Messenger
   [26-09-2008|12:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [23-09-2008|07:49] C:\Program Files\microsoft frontpage
   [02-10-2008|19:35] C:\Program Files\Microsoft Office
   [02-10-2008|19:35] C:\Program Files\Microsoft Visual Studio
   [23-09-2008|07:49] C:\Program Files\Microsoft.NET
   [23-09-2008|07:49] C:\Program Files\Movie Maker
   [31-10-2008|16:09] C:\Program Files\Mozilla Firefox
   [23-09-2008|07:49] C:\Program Files\MSN Gaming Zone
   [24-09-2008|13:38] C:\Program Files\MSN Toolbar
   [26-09-2008|12:21] C:\Program Files\MSXML 4.0
   [23-09-2008|15:37] C:\Program Files\Nero
   [23-09-2008|15:40] C:\Program Files\NeroInstall.bak
   [23-09-2008|07:49] C:\Program Files\NetMeeting
   [23-09-2008|07:50] C:\Program Files\Online Services
   [23-09-2008|07:50] C:\Program Files\Outlook Express
   [24-09-2008|14:44] C:\Program Files\PowerQuest
   [04-10-2008|01:53] C:\Program Files\QuickTime
   [23-09-2008|07:50] C:\Program Files\Sonic
   [24-09-2008|20:54] C:\Program Files\SuperCopier2
   [24-09-2008|11:52] C:\Program Files\Symantec
   [31-10-2008|15:14] C:\Program Files\Symantec AntiVirus
   [23-09-2008|07:50] C:\Program Files\Synaptics
   [04-04-2006|05:46] C:\Program Files\Toshiba
   [31-10-2008|16:43] C:\Program Files\Trend Micro
   [03-04-2006|14:43] C:\Program Files\Uninstall Information
   [24-09-2008|20:48] C:\Program Files\VideoLAN
   [24-09-2008|14:01] C:\Program Files\Windows Live
   [26-09-2008|12:26] C:\Program Files\Windows Media Player
   [23-09-2008|07:51] C:\Program Files\Windows NT
   [23-09-2008|07:51] C:\Program Files\Windows Plus
   [24-03-2006|07:21] C:\Program Files\WindowsUpdate
   [24-09-2008|19:56] C:\Program Files\WinRAR
   [23-09-2008|07:52] C:\Program Files\X10 Hardware
   [23-09-2008|07:52] C:\Program Files\xerox
   [31-10-2008|14:04] C:\Program Files\Xvid
   [24-09-2008|14:13] C:\Program Files\Yahoo!
   [0|bestand(en)] C:\Program Files\bytes
   [62|map(pen)] C:\Program Files\bytes beschikbaar

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [24-09-2008|20:50] C:\Program Files\Common Files\ACD Systems
   [23-09-2008|07:46] C:\Program Files\Common Files\Adobe
   [04-10-2008|01:52] C:\Program Files\Common Files\Apple
   [02-10-2008|19:35] C:\Program Files\Common Files\Designer
   [23-09-2008|07:46] C:\Program Files\Common Files\InstallShield
   [23-09-2008|07:46] C:\Program Files\Common Files\InterVideo
   [23-09-2008|07:46] C:\Program Files\Common Files\Java
   [25-09-2008|16:38] C:\Program Files\Common Files\LogiShrd
   [02-10-2008|19:36] C:\Program Files\Common Files\Microsoft Shared
   [23-09-2008|07:47] C:\Program Files\Common Files\MSSoap
   [24-09-2008|20:16] C:\Program Files\Common Files\Nero
   [01-10-2008|22:50] C:\Program Files\Common Files\NSV
   [01-10-2008|22:49] C:\Program Files\Common Files\Nullsoft
   [23-09-2008|07:47] C:\Program Files\Common Files\ODBC
   [23-09-2008|07:47] C:\Program Files\Common Files\Services
   [23-09-2008|07:47] C:\Program Files\Common Files\SpeechEngines
   [24-09-2008|12:17] C:\Program Files\Common Files\Symantec Shared
   [02-10-2008|19:35] C:\Program Files\Common Files\System
   [24-09-2008|14:00] C:\Program Files\Common Files\WindowsLiveInstaller
   [23-09-2008|07:48] C:\Program Files\Common Files\X10
   [0|bestand(en)] C:\Program Files\Common Files\bytes
   [22|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

   --------------------\  Process

   ( 79 Processes )

   iexplore.exe ~ [PID:192]
   iexplore.exe ~ [PID:2156]
   iexplore.exe ~ [PID:4508]
   iexplore.exe ~ [PID:5528]

   --------------------\  Recherche avec S_Lop

   C:\DOCUME~1\HOB\LOCALS~1\Temp\bis47.exe
   C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1
   C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe
   C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\First Safe Find.exe
   C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1	lkhblsp.exe
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch\meet peak.exe
   C:\DOCUME~1\HOB\APPLIC~1\browse~1
   C:\DOCUME~1\HOB\APPLIC~1\browse~1\4 road name.exe
   C:\DOCUME~1\HOB\APPLIC~1\browse~1\First Safe Find.exe
   C:\DOCUME~1\HOB\APPLIC~1\browse~1	lkhblsp.exe
   C:\Program Files\browse~1
   C:\DOCUME~1\HOB\LOCALS~1\Temp\DivoCodec.zip
   C:\DOCUME~1\HOB\LOCALS~1\Temp\GalaPlayer.zip
   C:\DOCUME~1\HOB\LOCALS~1\Temp\minime.exe
   C:\DOCUME~1\HOB\LOCALS~1\Temp\HtmlControl.dll
   C:\DOCUME~1\HOB\LOCALS~1\Temp\HtmlControl.zip
   C:\DOCUME~1\HOB\LOCALS~1\Temp\codec_dv.bmp
   C:\DOCUME~1\HOB\LOCALS~1\Temp\DivoCodec.zip
   C:\DOCUME~1\HOB\LOCALS~1\Temp
sv31.tmp
   C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec
   C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec\HomePage.lnk
   C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec\Uninstall.lnk
   C:\Program Files\DivoCodec
   C:\Program Files\DivoCodec\DivoCodec.url
   C:\Program Files\DivoCodec\uninstall.exe
   C:\Program Files\DivoCodec\WakeSplitter.ax
   C:\DOCUME~1\HOB\BUREAU~1\DivoCodec-1.1.0.0-setup.exe
   C:\WINDOWS\Prefetch\GALAPLAYER-1.4.0.0-SETUP.EXE-0C6982EB.pf
   C:\WINDOWS\Prefetch\GALAPLAYER.EXE-17664496.pf
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bird tray setup]
   "DisplayName"="CiD Help"
   "UninstallString"="C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe -uninstall"

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "cast option"="C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe"
   "cast option"="C:\DOCUME~1\HOB\APPLIC~1\BROWSE~1\4 road name.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-31 16:54:54
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2204][D:66]-> C:\DOCUME~1\HOB\LOCALS~1\Temp
   [F:52][D:0]-> C:\DOCUME~1\HOB\Cookies
   [F:1145][D:20]-> C:\DOCUME~1\HOB\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - vr 31-10-2008|16:55 - Option : [1]

   --------------------\  Fin du rapport a 16:55:43

crapoulou · Answer

Passe à l'option 2 de Lop S&D et poste le rapport généré.

waelhl · Answer

c koi mon ami sa

waelhl · Answer

t sur ces etapes sont neccesaire

crapoulou · Answer

Pour supprimer l'infection.
Pas de risque t'inquiète pas.
Etape nécessaire oui.

waelhl · Answer

c le rapport


   --------------------\  Lop S&D 4.2.4-9   XP/Vista

   Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU           T2050  @ 1.60GHz )
   BIOS : PhoenixBIOS 4.0 Release 6.1     
   USER : HOB ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:29 Go (Free:7 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:63 Go (Free:59 Go)
   F:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 30-10-2008|21:58 )
   Option : [2] ( vr 31-10-2008|17:01 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\HOB\APPLIC~1\browse~1\4 road name.exe
   Supprime! - C:\DOCUME~1\HOB\APPLIC~1\browse~1\First Safe Find.exe
   Supprime! - C:\DOCUME~1\HOB\APPLIC~1\browse~1	lkhblsp.exe
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\DivoCodec.zip
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\GalaPlayer.zip
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\minime.exe
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\HtmlControl.dll
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\HtmlControl.zip
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\codec_dv.bmp
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp
sv31.tmp
   Supprime! - C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec\HomePage.lnk
   Supprime! - C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec\Uninstall.lnk
   Supprime! - C:\Program Files\DivoCodec\DivoCodec.url
   Supprime! - C:\Program Files\DivoCodec\uninstall.exe
   Echec   ! - C:\Program Files\DivoCodec\WakeSplitter.ax
   Supprime! - C:\DOCUME~1\HOB\BUREAU~1\DivoCodec-1.1.0.0-setup.exe
   Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER-1.4.0.0-SETUP.EXE-0C6982EB.pf
   Supprime! - C:\WINDOWS\Prefetch\GALAPLAYER.EXE-17664496.pf
   Supprime! - C:\DOCUME~1\HOB\LOCALS~1\Temp\bis47.exe
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Long slow road itch
   Supprime! - C:\DOCUME~1\HOB\APPLIC~1\browse~1
   Supprime! - C:\Program Files\browse~1
   Supprime! - C:\DOCUME~1\HOB\MENUST~1\PROGRA~1\DivoCodec
   Echec   ! - C:\Program Files\DivoCodec

   \\\\\\\\\\\\\\\ DEUXIEME PASSAGE
 
   Echec   ! - C:\Program Files\DivoCodec\WakeSplitter.ax
   Echec   ! - C:\Program Files\DivoCodec
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [23-09-2008|07:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic
   [23-09-2008|07:34] C:\DOCUME~1\ADMINI~1\APPLIC~1	oshiba
   [0|bestand(en)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes
   [8|map(pen)] C:\DOCUME~1\ADMINI~1\APPLIC~1\bytes beschikbaar

   [04-10-2008|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
   [24-09-2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
   [23-09-2008|07:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [04-10-2008|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [04-10-2008|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [25-09-2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
   [24-09-2008|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [30-10-2008|23:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [23-09-2008|07:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
   [25-09-2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25-09-2008|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [25-09-2008|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
   [02-10-2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [24-09-2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
   [24-09-2008|12:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [24-09-2008|13:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [24-09-2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [0|bestand(en)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes
   [19|map(pen)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\bytes beschikbaar

   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [23-09-2008|07:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
   [23-09-2008|07:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1	oshiba
   [0|bestand(en)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes
   [8|map(pen)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\bytes beschikbaar

   [24-09-2008|15:54] C:\DOCUME~1\HOB\APPLIC~1\ACD Systems
   [24-09-2008|14:20] C:\DOCUME~1\HOB\APPLIC~1\Adobe
   [01-10-2008|23:00] C:\DOCUME~1\HOB\APPLIC~1\AdobeUM
   [31-10-2008|12:21] C:\DOCUME~1\HOB\APPLIC~1\Apple Computer
   [31-10-2008|16:56] C:\DOCUME~1\HOB\APPLIC~1\BitTorrent
   [25-09-2008|07:59] C:\DOCUME~1\HOB\APPLIC~1\DivX
   [31-10-2008|16:53] C:\DOCUME~1\HOB\APPLIC~1\DNA
   [25-09-2008|11:39] C:\DOCUME~1\HOB\APPLIC~1\EmailNotifier
   [24-09-2008|14:09] C:\DOCUME~1\HOB\APPLIC~1\Google
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1\Identities
   [23-09-2008|07:49] C:\DOCUME~1\HOB\APPLIC~1\Intel
   [24-10-2008|20:09] C:\DOCUME~1\HOB\APPLIC~1\Lingoes
   [23-09-2008|08:03] C:\DOCUME~1\HOB\APPLIC~1\Macromedia
   [16-10-2008|21:30] C:\DOCUME~1\HOB\APPLIC~1\Microsoft
   [25-09-2008|16:11] C:\DOCUME~1\HOB\APPLIC~1\Mozilla
   [23-09-2008|15:40] C:\DOCUME~1\HOB\APPLIC~1\Nero
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1\Sonic
   [29-09-2008|15:47] C:\DOCUME~1\HOB\APPLIC~1\Sun
   [25-09-2008|16:11] C:\DOCUME~1\HOB\APPLIC~1\Talkback
   [23-09-2008|07:34] C:\DOCUME~1\HOB\APPLIC~1	oshiba
   [28-10-2008|14:49] C:\DOCUME~1\HOB\APPLIC~1\vlc
   [24-09-2008|14:42] C:\DOCUME~1\HOB\APPLIC~1\WinRAR
   [24-09-2008|14:14] C:\DOCUME~1\HOB\APPLIC~1\Yahoo!
   [0|bestand(en)] C:\DOCUME~1\HOB\APPLIC~1\bytes
   [25|map(pen)] C:\DOCUME~1\HOB\APPLIC~1\bytes beschikbaar

   [28-09-2008|17:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
   [23-09-2008|07:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [23-09-2008|07:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
   [0|bestand(en)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes
   [5|map(pen)] C:\DOCUME~1\LOCALS~1\APPLIC~1\bytes beschikbaar

   [23-09-2008|07:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [0|bestand(en)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes
   [3|map(pen)] C:\DOCUME~1\NETWOR~1\APPLIC~1\bytes beschikbaar
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [31-10-2008 17:00][--ah-----] C:\WINDOWS	asks\90274B1191DD1A01.job
   [24-10-2008 19:58][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [31-10-2008 15:13][--ah-----] C:\WINDOWS	asks\SA.DAT
   [02-09-2004 14:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( 90274B1191DD1A01.job )=( c:\docume~1\hob\applic~1\browse~1\FirstSafeFind.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [24-09-2008|20:50] C:\Program Files\ACD Systems
   [23-09-2008|07:45] C:\Program Files\Adobe
   [04-10-2008|01:52] C:\Program Files\Apple Software Update
   [25-09-2008|15:35] C:\Program Files\Athan
   [01-10-2008|21:14] C:\Program Files\BitTorrent
   [04-10-2008|01:51] C:\Program Files\Common Files
   [24-03-2006|07:19] C:\Program Files\ComPlus Applications
   [23-09-2008|07:48] C:\Program Files\CONEXANT
   [31-10-2008|17:01] C:\Program Files\DivoCodec
   [24-09-2008|14:14] C:\Program Files\DivX
   [01-10-2008|21:14] C:\Program Files\DNA
   [02-10-2008|19:28] C:\Program Files\D-Tools
   [24-09-2008|14:06] C:\Program Files\Google
   [14-10-2008|13:54] C:\Program Files\InstallShield Installation Information
   [23-09-2008|07:49] C:\Program Files\Intel
   [26-09-2008|12:23] C:\Program Files\Internet Explorer
   [03-04-2006|22:07] C:\Program Files\InterVideo
   [04-10-2008|01:53] C:\Program Files\iPod
   [04-10-2008|01:53] C:\Program Files\iTunes
   [03-04-2006|22:07] C:\Program Files\Java
   [24-10-2008|20:09] C:\Program Files\Lingoes
   [25-09-2008|16:36] C:\Program Files\Logitech
   [31-10-2008|13:25] C:\Program Files\LunaPlayer
   [26-09-2008|12:29] C:\Program Files\Messenger
   [26-09-2008|12:28] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [23-09-2008|07:49] C:\Program Files\microsoft frontpage
   [02-10-2008|19:35] C:\Program Files\Microsoft Office
   [02-10-2008|19:35] C:\Program Files\Microsoft Visual Studio
   [23-09-2008|07:49] C:\Program Files\Microsoft.NET
   [23-09-2008|07:49] C:\Program Files\Movie Maker
   [31-10-2008|16:09] C:\Program Files\Mozilla Firefox
   [23-09-2008|07:49] C:\Program Files\MSN Gaming Zone
   [24-09-2008|13:38] C:\Program Files\MSN Toolbar
   [26-09-2008|12:21] C:\Program Files\MSXML 4.0
   [23-09-2008|15:37] C:\Program Files\Nero
   [23-09-2008|15:40] C:\Program Files\NeroInstall.bak
   [23-09-2008|07:49] C:\Program Files\NetMeeting
   [23-09-2008|07:50] C:\Program Files\Online Services
   [23-09-2008|07:50] C:\Program Files\Outlook Express
   [24-09-2008|14:44] C:\Program Files\PowerQuest
   [04-10-2008|01:53] C:\Program Files\QuickTime
   [23-09-2008|07:50] C:\Program Files\Sonic
   [24-09-2008|20:54] C:\Program Files\SuperCopier2
   [24-09-2008|11:52] C:\Program Files\Symantec
   [31-10-2008|15:14] C:\Program Files\Symantec AntiVirus
   [23-09-2008|07:50] C:\Program Files\Synaptics
   [04-04-2006|05:46] C:\Program Files\Toshiba
   [31-10-2008|16:43] C:\Program Files\Trend Micro
   [03-04-2006|14:43] C:\Program Files\Uninstall Information
   [24-09-2008|20:48] C:\Program Files\VideoLAN
   [24-09-2008|14:01] C:\Program Files\Windows Live
   [26-09-2008|12:26] C:\Program Files\Windows Media Player
   [23-09-2008|07:51] C:\Program Files\Windows NT
   [23-09-2008|07:51] C:\Program Files\Windows Plus
   [24-03-2006|07:21] C:\Program Files\WindowsUpdate
   [24-09-2008|19:56] C:\Program Files\WinRAR
   [23-09-2008|07:52] C:\Program Files\X10 Hardware
   [23-09-2008|07:52] C:\Program Files\xerox
   [31-10-2008|14:04] C:\Program Files\Xvid
   [24-09-2008|14:13] C:\Program Files\Yahoo!
   [0|bestand(en)] C:\Program Files\bytes
   [62|map(pen)] C:\Program Files\bytes beschikbaar

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [24-09-2008|20:50] C:\Program Files\Common Files\ACD Systems
   [23-09-2008|07:46] C:\Program Files\Common Files\Adobe
   [04-10-2008|01:52] C:\Program Files\Common Files\Apple
   [02-10-2008|19:35] C:\Program Files\Common Files\Designer
   [23-09-2008|07:46] C:\Program Files\Common Files\InstallShield
   [23-09-2008|07:46] C:\Program Files\Common Files\InterVideo
   [23-09-2008|07:46] C:\Program Files\Common Files\Java
   [25-09-2008|16:38] C:\Program Files\Common Files\LogiShrd
   [02-10-2008|19:36] C:\Program Files\Common Files\Microsoft Shared
   [23-09-2008|07:47] C:\Program Files\Common Files\MSSoap
   [24-09-2008|20:16] C:\Program Files\Common Files\Nero
   [01-10-2008|22:50] C:\Program Files\Common Files\NSV
   [01-10-2008|22:49] C:\Program Files\Common Files\Nullsoft
   [23-09-2008|07:47] C:\Program Files\Common Files\ODBC
   [23-09-2008|07:47] C:\Program Files\Common Files\Services
   [23-09-2008|07:47] C:\Program Files\Common Files\SpeechEngines
   [24-09-2008|12:17] C:\Program Files\Common Files\Symantec Shared
   [02-10-2008|19:35] C:\Program Files\Common Files\System
   [24-09-2008|14:00] C:\Program Files\Common Files\WindowsLiveInstaller
   [23-09-2008|07:48] C:\Program Files\Common Files\X10
   [0|bestand(en)] C:\Program Files\Common Files\bytes
   [22|map(pen)] C:\Program Files\Common Files\bytes beschikbaar

   --------------------\  Process

   ( 76 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   C:\DOCUME~1\HOB\LOCALS~1\Temp\bis34.exe
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\Program Files\DivoCodec
   C:\Program Files\DivoCodec\WakeSplitter.ax
   C:\WINDOWS\Tasks\90274B1191DD1A01.job
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-31 17:03:07
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2198][D:65]-> C:\DOCUME~1\HOB\LOCALS~1\Temp
   [F:54][D:0]-> C:\DOCUME~1\HOB\Cookies
   [F:1212][D:20]-> C:\DOCUME~1\HOB\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - vr 31-10-2008|16:55 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - vr 31-10-2008|17:03 - Option : [2]

   --------------------\  Fin du rapport a 17:03:40

waelhl · Answer

j'attend la reponse

crapoulou · Answer

Parfait.
Lop n'a pas supprimé un truc.
On va le faire en mode sans échec.
Pour redémarrer en mode sans échec : 

Cliques sur Démarrer
. Cliques sur Arrêter
. Sélectionnes Redémarrer et au redémarrage
. Appuis sur la touche F8 sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
. Utilise les touches de direction pour sélectionner mode sans échec
. Puis appuis sur ENTRÉE
. Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre 
une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude.

Option 2 de Lop.
Redémarre en mode normal et poste le nouveau rapport de l'option 2.
Note : En mode sans échec tu n'auras pas de connexion Internet, c'est tout à fait normal.
Il suffit de redémarrer en mode normal pour pouvoir me poster le rapport.

crapoulou · Answer

Salut, pas de nouvelle, bonne nouvelle ?

Fenetre de publicité

28 réponses

Votre réponse

Discussions similaires

Newsletters