Spyware IE fenêtre CID [Résolu]

chronos790 14Messages postés 2 août 2008Date d'inscription - Dernière réponse le 3 août 2008 à 21:42

Bonjour, il y a deux jours je me suis chopé un spyware faisant apparaitre des pop up genre casino qui s'ouvre VIA IE alors que je ne l'utilise jamais ...
je n'utilise que FF
Les fenêtres ont un identifiant CID.
Si quelqu'un pouvait m'aider à identifier mon parasite et à le supprimer se serait super.
Merci d'avance.
Voici le Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:07:33, on 02/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\ASScrPro.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [HtmSite] "C:\ProgramData\upload axis axis.fyhqqv2"
O4 - HKCU\..\Run: [dog about manager team] "C:\ProgramData\amen sect base.83icw"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

Spyware IE fenêtre CID »

Suggestions

Spyware IE fenêtre CID
Bloquer les fenêtres CiD ? » Fiches pratiques
Fenetre cid (Résolu) » Forum
Fenêtres CID (Résolu) » Forum
Probleme avec les fenetres cid (Résolu) » Forum
Fenêtres CID (Résolu) » Forum

Plus

Réponse

chefpunky 673Messages postés 21 mai 2008Date d'inscription 18 novembre 2010Dernière intervention 2 août 2008 à 13:32

Salut,

telecharge Navilog:

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
instale le
choisit l' option 1 et poste ton rapport ici.

Ajouter un commentaire - Site web

Réponse

-1

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 13:36

Salut

Navilog fera rien du tout pour CID

→ Télécharge Lopxp et enregistres-le sur ton bureau.
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
http://www.commentcamarche.net/telecharger/telecharger 34055210 lopxp

► Referme les fenêtres de tous les programmes en cours, y compris Internet Explorer et MSN

Double clic sur le fichier Lopxpsetup.exe
pour lancer l'installation.

Sur le bureau, double clic ensuite sur le raccourci nommé Lopxp, pour lancer le programme.
Dans le menu, choisis l'option 1 et valide avec la touche entrée.
Patiente un peu, en fin d'analyse il te sera demandé d'appuyer sur une touche pour faire apparaître le rapport, fais-le.

Copie et colle ensuite tous son contenu dans ta prochaine réponse.

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 13:47

marche pas, je suis sur vista !

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 13:48

Télécharge Lop S&D.exe sur ton bureau
tu télécharge Lop S&D.exe sur ton Bureau.http://eric.71.mespages.googlepages.com/LopSD.exe

http://dcangeldark.googlepages.com/changelog
· Double-clique dessus pour lancer l'installation
· Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
· Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
· Patiente jusqu'à la fin du scan
· Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 13:56

marche pas non plus ...
voilà ce qui apparait http://img121.imagevenue.com/img.php?image=78083_2008-08-02_135316_122_197lo.jpg

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 13:58

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

"Exécuter en tant qu'administrateur".

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 14:25

Désolé d'avoir été un peu long...
Voilà le rapport

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 02/08/2008 | 14:19:27,83 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[02/08/2008|02:31] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[02/08/2008|14:05] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[02/08/2008|14:17] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[02/08/2008 14:14][--ah-----] C:\Windows\tasks\SA.DAT
[02/08/2008 14:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[30/07/2008|22:22] C:\ProgramData\amen sect base.83icw
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[30/07/2008|22:22] C:\ProgramData\Drv Audio Dog About
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[30/07/2008|22:22] C:\ProgramData\PureBiasBold
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[30/07/2008|22:22] C:\ProgramData\upload axis axis.2nis4
[30/07/2008|22:22] C:\ProgramData\upload axis axis.fyhqqv2
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[02/08/2008|13:34] C:\Program Files\Navilog1
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 97 Processus )

iexplore.exe ~ [516]
iexplore.exe ~ [904]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\amen sect base.83icw
C:\ProgramData\upload axis axis.2nis4
C:\ProgramData\upload axis axis.fyhqqv2
C:\Users\Aldric\AppData\Local\Temp\bis4241.exe
C:\ProgramData\PUREBI~1
C:\ProgramData\PUREBI~1\izzjaets.exe
C:\ProgramData\PUREBI~1\SupportLoad.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\roam intra.exe
C:\Users\Aldric\AppData\Local\Temp\3wPlayer.zip

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lovegreatinside]
"DisplayName"="CiD Help"
"UninstallString"="C:\\PROGRA~2\\PUREBI~1\\SupportLoad.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dog about manager team"="\"C:\\ProgramData\\amen sect base.83icw\""
"HtmSite"="\"C:\\ProgramData\\upload axis axis.fyhqqv2\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 14:09:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 14:19:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10612][D:707]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:4][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:22][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 14:22:52,81
[ UAC => 1 ]

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 18:43

Relance Lop S&D
· Choisis cette fois ci l'Option 2 ( Suppression )
· Ne ferme pas la fenêtre lors de la suppression !
· Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 18:58

Voilà

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 02/08/2008 | 18:54:41,82 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Supprime! - C:\Users\Aldric\AppData\Local\Temp\3wPlayer.zip
Supprime! - C:\ProgramData\amen sect base.83icw
Supprime! - C:\ProgramData\upload axis axis.2nis4
Supprime! - C:\ProgramData\upload axis axis.fyhqqv2
Supprime! - C:\Users\Aldric\AppData\Local\Temp\bis4241.exe
Supprime! - C:\ProgramData\PUREBI~1\izzjaets.exe
Supprime! - C:\ProgramData\PUREBI~1\SupportLoad.exe
Echec ! - C:\ProgramData\Drv Audio Dog About
Supprime! - C:\ProgramData\PUREBI~1
RestaurÚ! - Fichier Hosts

\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Echec ! - C:\ProgramData\Drv Audio Dog About

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[02/08/2008|17:29] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[02/08/2008|14:59] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[02/08/2008|18:55] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[02/08/2008 15:00][--ah-----] C:\Windows\tasks\SA.DAT
[02/08/2008 14:59][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[30/07/2008|22:22] C:\ProgramData\Drv Audio Dog About
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[02/08/2008|13:34] C:\Program Files\Navilog1
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 93 Processus )

iexplore.exe ~ [5736]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Drv Audio Dog About
C:\ProgramData\Drv Audio Dog About\roam intra.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 18:55:28
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10610][D:707]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:19][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:20][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 18:57:18,04
[ UAC => 1 ]

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 19:37

OK

Tu devrais avoir moins de soucis...

Envoie un log hijackthis -- stp

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 19:54

voilà !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:13, on 02/08/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\ASScrPro.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [orahssStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 20:29

si tu peux me dire également ce que tout ça a fait ce serait sympa !
que je sois pas complètement idiot, en cas de nouveau problème similaire lol

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 2 août 2008 à 20:31

Pour les pubs ? Tu as du aller quelque part et te chopper des merdouilles...

Dis moi, tu l'as acheté Norton ??

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 21:22

Il était déjà installé !
je sais que norton c'est pas super, mais bon... j'avais pas eu de problème jusqu'à maintenant ...
sur mon ancien ordi j'avais panda: http://www.antivirus-2008-fr.com/...

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 2 août 2008 à 22:34

Bon !
pour l'instant je n'est plus de problème, ces saletés de fenêtre n'apparaissent plus ^_^
je te remercie BEAUCOUP pour ton aide.
Passe un bon week end et de bonnes vacances, si pas encore prise.

Ajouter un commentaire

Réponse

^^Marie^^ 61071Messages postés 6 septembre 2005Date d'inscription ModérateurStatut 1 juin 2012Dernière intervention 3 août 2008 à 09:06

Re

Il prend bcp de place aussi Norton,

· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pc-system.fr/TC/ToolsCleaner2.exe

· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).

Ajouter un commentaire

chronos790- 3 août 2008 à 13:15

ToolsCleaner2 marche pas sur vista

Réponse

eZula 3303Messages postés 26 avril 2008Date d'inscription 7 mai 2012Dernière intervention 3 août 2008 à 09:17

Il semblerait que ce répertoire n'ait pas été supprimé :

Echec ! - C:\ProgramData\Drv Audio Dog About\roam intra.exe
Echec ! - C:\ProgramData\Drv Audio Dog About

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 3 août 2008 à 12:47

oui !
hier après la manip, tout allait bien et depuis ce matin j'ai de nouveau ces saletés de fenêtre ... GRRRRRR
Je fait comment pour les supprimer définitivement ?

Ajouter un commentaire

Réponse

eZula 3303Messages postés 26 avril 2008Date d'inscription 7 mai 2012Dernière intervention 3 août 2008 à 14:07

Lance un nouveau scan LopSD -> option suppression, et en mode sans échec
Lorsque c'est terminé, poste le rapport pour voir

Ajouter un commentaire

Réponse

chronos790 14Messages postés 2 août 2008Date d'inscription 3 août 2008 à 15:17

Le mode sans échec c'est le 1 ?

--------------------\\ Lop S&D 4.2.2-5 XP/Vista

[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : Aldric ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/08/2008 | 15:07:45,14 ] [ PC : PC-DE-ALDRIC ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[16/01/2008|20:45] C:\Users\Aldric\AppData\Local\{54777076-B070-4F23-AAEE-777F1A6792DD}
[30/05/2008|13:06] C:\Users\Aldric\AppData\Local\{B493C017-4AC8-4FE0-8022-2EAFBD578E6E}
[11/02/2008|19:54] C:\Users\Aldric\AppData\Local\{B734406A-61B5-4E1D-A964-81B07B93BB70}
[05/06/2008|18:53] C:\Users\Aldric\AppData\Local\{C98C229E-62B4-4551-B6D4-521A7B2D16EC}
[29/06/2008|20:45] C:\Users\Aldric\AppData\Local\Adobe
[17/01/2008|01:03] C:\Users\Aldric\AppData\Local\Ahead
[16/01/2008|20:03] C:\Users\Aldric\AppData\Local\Apple
[14/07/2008|23:15] C:\Users\Aldric\AppData\Local\Apple Computer
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Application Data
[26/07/2008|15:24] C:\Users\Aldric\AppData\Local\Cooliris
[15/06/2008|22:38] C:\Users\Aldric\AppData\Local\d3d9caps.dat
[03/08/2008|01:29] C:\Users\Aldric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2008|02:04] C:\Users\Aldric\AppData\Local\eMule
[10/05/2008|17:21] C:\Users\Aldric\AppData\Local\GDIPFONTCACHEV1.DAT
[15/01/2008|23:54] C:\Users\Aldric\AppData\Local\Google
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Historique
[03/08/2008|13:02] C:\Users\Aldric\AppData\Local\IconCache.db
[29/05/2008|01:41] C:\Users\Aldric\AppData\Local\Installer5288
[29/05/2008|01:25] C:\Users\Aldric\AppData\Local\Installer5792
[25/03/2008|02:18] C:\Users\Aldric\AppData\Local\Microsoft
[15/01/2008|23:19] C:\Users\Aldric\AppData\Local\Microsoft Games
[16/07/2008|00:08] C:\Users\Aldric\AppData\Local\Microsoft Help
[19/01/2008|18:11] C:\Users\Aldric\AppData\Local\Mozilla
[16/01/2008|20:46] C:\Users\Aldric\AppData\Local\Pando
[03/08/2008|15:07] C:\Users\Aldric\AppData\Local\Temp
[15/01/2008|20:43] C:\Users\Aldric\AppData\Local\Temporary Internet Files
[16/01/2008|21:14] C:\Users\Aldric\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[28/07/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Aldric.job
[03/08/2008 15:07][--ah-----] C:\Windows\tasks\SA.DAT
[03/08/2008 15:06][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/11/2007|10:31] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[10/05/2008|18:04] C:\ProgramData\Adobe
[16/01/2008|20:02] C:\ProgramData\Apple
[16/01/2008|20:05] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[15/01/2008|20:53] C:\ProgramData\ASUS
[21/01/2008|01:30] C:\ProgramData\Azureus
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[25/07/2008|18:49] C:\ProgramData\DVD Shrink
[01/02/2008|02:04] C:\ProgramData\eMule
[02/11/2006|15:02] C:\ProgramData\Favorites
[31/07/2008|19:12] C:\ProgramData\FLEXnet
[15/01/2008|23:54] C:\ProgramData\Google
[19/11/2007|11:55] C:\ProgramData\Infineon
[15/01/2008|21:01] C:\ProgramData\LightScribe
[01/08/2008|14:45] C:\ProgramData\Microsoft
[16/07/2008|00:18] C:\ProgramData\Microsoft Help
[19/11/2007|10:32] C:\ProgramData\Nero
[31/07/2008|19:12] C:\ProgramData\P4G
[02/11/2006|15:02] C:\ProgramData\Start Menu
[19/07/2008|01:17] C:\ProgramData\Symantec
[02/11/2006|15:02] C:\ProgramData\Templates
[24/03/2008|22:51] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/11/2007|10:31] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|18:34] C:\Program Files\Adobe
[19/11/2007|11:43] C:\Program Files\ASUS
[19/11/2007|11:25] C:\Program Files\ASUS Security Center
[19/11/2007|11:11] C:\Program Files\ATK Hotkey
[19/11/2007|11:12] C:\Program Files\ATKGFNEX
[19/11/2007|11:13] C:\Program Files\ATKOSD2
[17/07/2008|22:04] C:\Program Files\Azureus
[14/07/2008|23:05] C:\Program Files\Bonjour
[10/05/2008|16:56] C:\Program Files\Common Files
[19/11/2007|11:45] C:\Program Files\CSR
[01/08/2008|13:30] C:\Program Files\desktop.ini
[26/06/2008|22:12] C:\Program Files\DivX
[16/01/2008|20:41] C:\Program Files\DVD Shrink
[27/06/2008|19:02] C:\Program Files\eMule
[23/02/2008|02:21] C:\Program Files\FastStone Capture
[19/11/2007|11:24] C:\Program Files\Fingerprint Sensor
[31/07/2008|19:36] C:\Program Files\Google
[19/11/2007|11:55] C:\Program Files\Infineon
[19/11/2007|11:45] C:\Program Files\InstallShield Installation Information
[19/11/2007|11:38] C:\Program Files\Intel
[01/08/2008|02:22] C:\Program Files\Internet Explorer
[15/01/2008|23:41] C:\Program Files\Inventel
[14/07/2008|23:08] C:\Program Files\iPod
[14/07/2008|23:08] C:\Program Files\iTunes
[16/01/2008|20:39] C:\Program Files\IZArc
[14/07/2008|23:27] C:\Program Files\Java
[02/08/2008|13:43] C:\Program Files\Lopxp
[19/01/2008|00:53] C:\Program Files\Media Player Classic
[16/01/2008|19:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[19/11/2007|10:30] C:\Program Files\Microsoft Office
[19/11/2007|10:30] C:\Program Files\Microsoft Visual Studio
[19/11/2007|10:30] C:\Program Files\Microsoft Works
[19/11/2007|10:29] C:\Program Files\Microsoft.NET
[19/11/2007|10:19] C:\Program Files\Motorola
[01/08/2008|02:22] C:\Program Files\Movie Maker
[17/07/2008|00:13] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[18/04/2007|10:43] C:\Program Files\MSXML 4.0
[19/11/2007|10:32] C:\Program Files\Nero
[29/07/2008|18:41] C:\Program Files\Norton Internet Security
[19/01/2008|16:08] C:\Program Files\OrangeHSS
[19/11/2007|11:40] C:\Program Files\P4G
[05/06/2008|18:54] C:\Program Files\Pando Networks
[19/11/2007|11:40] C:\Program Files\Power4Gear eXtreme
[19/11/2007|11:44] C:\Program Files\PowerForPhone
[14/07/2008|23:04] C:\Program Files\QuickTime
[19/01/2008|18:38] C:\Program Files\Real
[19/11/2007|11:09] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[15/01/2008|23:41] C:\Program Files\Securitoo
[19/11/2007|11:18] C:\Program Files\Symantec
[19/11/2007|11:43] C:\Program Files\Synaptics
[01/02/2008|22:25] C:\Program Files\Total Video Converter
[02/08/2008|13:06] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/01/2008|20:38] C:\Program Files\VideoLAN
[19/01/2008|00:43] C:\Program Files\VistaCodecPack
[19/01/2008|15:46] C:\Program Files\Wanadoo
[01/08/2008|02:22] C:\Program Files\Windows Calendar
[01/08/2008|02:21] C:\Program Files\Windows Collaboration
[01/08/2008|02:21] C:\Program Files\Windows Defender
[01/08/2008|02:21] C:\Program Files\Windows Journal
[24/03/2008|22:59] C:\Program Files\Windows Live
[01/08/2008|02:22] C:\Program Files\Windows Mail
[01/08/2008|02:22] C:\Program Files\Windows Media Player
[02/11/2006|14:37] C:\Program Files\Windows NT
[01/08/2008|02:21] C:\Program Files\Windows Photo Gallery
[01/08/2008|02:22] C:\Program Files\Windows Sidebar
[19/01/2008|21:02] C:\Program Files\WinRAR
[19/11/2007|11:28] C:\Program Files\Wireless Console 2

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/05/2008|18:04] C:\Program Files\Common Files\Adobe
[19/11/2007|10:34] C:\Program Files\Common Files\Ahead
[16/01/2008|20:02] C:\Program Files\Common Files\Apple
[19/11/2007|10:30] C:\Program Files\Common Files\DESIGNER
[19/01/2008|15:58] C:\Program Files\Common Files\France Telecom
[19/11/2007|11:21] C:\Program Files\Common Files\InstallShield
[19/01/2008|18:31] C:\Program Files\Common Files\Java
[19/11/2007|10:34] C:\Program Files\Common Files\LightScribe
[10/05/2008|16:56] C:\Program Files\Common Files\Macrovision Shared
[16/07/2008|00:07] C:\Program Files\Common Files\microsoft shared
[20/01/2008|04:21] C:\Program Files\Common Files\PX Storage Engine
[19/01/2008|18:39] C:\Program Files\Common Files\Real
[31/07/2008|19:12] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[14/07/2008|23:28] C:\Program Files\Common Files\Symantec Shared
[01/08/2008|02:21] C:\Program Files\Common Files\System
[24/03/2008|22:58] C:\Program Files\Common Files\WindowsLiveInstaller
[19/01/2008|18:39] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 74 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:08:03
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:10627][D:709]-> C:\Users\Aldric\AppData\Local\Temp
[F:3][D:1]-> C:\Users\Aldric\AppData\Roaming\MICROS~1\Windows\Cookies
[F:46][D:4]-> C:\Users\Aldric\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:22][D:4]-> C:\$Recycle.Bin

--------------------\\ Fin du rapport a 15:14:22,18
[ UAC => 1 ]

Ajouter un commentaire

1 2

Répondre au sujet

Posez votre question

Dossier à la une

Passage au tout numérique : quel coût pour les particuliers ?

Passage au tout numérique : quel coût pour les particuliers ?

Combien cela coûte-t-il au total ? Quelles aides apportent l'état et les acteurs du marché pour alléger cette charge non choisie ? Tous les détails sur Commentçamarche.net.

Spyware IE fenêtre CID [Résolu]

Spyware IE fenêtre CID »

Passage au tout numérique : quel coût pour les particuliers ?