Aller au contenu

java57

Membres
  • Compteur de contenus

    5
  • Inscription

  • Dernière visite

Tout ce qui a été posté par java57

  1. 1000000 merci à toi pour ta rapidité et surtout pour ton aide vraiment précieuse ! Je serai dorrénavant bien plus vigilant (enfin je vais essayer) Merci encore !!!!
  2. et voilà.....d'apres moi cela a marché mais j'attends ton verdict final Clean Navipromo version 2.0.1 commencé le 12/05/2007 à 19:42:34,09 Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO Mode suppression par méthode manuelle Nom du fichier saisi : elmfyprb *** Recherche, Creation backups et suppression *** C:\WINDOWS\system32\elmfyprb_navup.dat absent ! C:\WINDOWS\system32\elmfyprb_navtmp.dat absent ! C:\WINDOWS\system32\elmfyprb_m2s.xml absent ! C:\WINDOWS\System32\elmfyprb.exe trouvé ! Copie C:\WINDOWS\system32\elmfyprb.exe realise avec succes ! C:\WINDOWS\system32\elmfyprb.exe supprimé ! C:\WINDOWS\System32\elmfyprb.dat trouvé ! Copie C:\WINDOWS\system32\elmfyprb.dat realise avec succes ! C:\WINDOWS\system32\elmfyprb.dat supprimé ! C:\WINDOWS\System32\elmfyprb_nav.dat trouvé ! Copie C:\WINDOWS\system32\elmfyprb_nav.dat realise avec succes ! C:\WINDOWS\system32\elmfyprb_nav.dat supprimé ! C:\WINDOWS\System32\elmfyprb_navps.dat trouvé ! Copie C:\WINDOWS\system32\elmfyprb_navps.dat realise avec succes ! C:\WINDOWS\system32\elmfyprb_navps.dat supprimé ! C:\WINDOWS\prefetch\elmfyprb*.pf trouvé ! Copie C:\WINDOWS\prefetch\elmfyprb*.pf realise avec succes ! C:\WINDOWS\prefetch\elmfyprb*.pf supprimé ! *** Suppression dossiers dans C:\WINDOWS *** *** Suppression dossiers dans C:\Program Files *** *** Suppression dossiers dans C:\Documents and Settings\All Users.WINDOWS\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\STEPH\Application Data *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué !
  3. premier rapport : Search Navipromo version 2.0.1 commencé le 12/05/2007 à 19:32:46,03 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users.WINDOWS\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\STEPH\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html Fichier(s) caché(s) dans C:\WINDOWS\system32 : c:\WINDOWS\system32\elmfyprb.dat C:\windows\system32\elmfyprb.exe c:\WINDOWS\system32\elmfyprb_nav.dat c:\WINDOWS\system32\elmfyprb_navps.dat Processus caché(s) dans C:\WINDOWS\system32 : C:\windows\system32\elmfyprb.exe *** Recherche fichiers *** C:\WINDOWS\pack.epk trouvé ! C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control HKEY_CURRENT_USER\Software\Lanconfig trouvé ! HKEY_USERS\S-1-5-21-1715567821-261478967-839522115-1003\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * C:\WINDOWS\system32\elmfyprb.dat trouvé ! ** C:\WINDOWS\system32\elmfyprb.dat trouvé ! *** **** ***** ****** ******* ******** C:\WINDOWS\system32\elmfyprb.exe trouvé ! *** Analyse Terminé le 12/05/2007 à 19:36:15,14 ***
  4. voici le résultat de tout cela : DiagHelp version v1.07.4 - http://www.malekal.com excute le 12/05/2007 à 17:04:27,34 Liste des fichiers modifies/crees dans les 24 dernieres heures... C:\!KillBox C:\!KillBox\Logs C:\!KillBox\Logs\kb.log C:\Documents and Settings\All Users.WINDOWS\Bureau C:\Documents and Settings\All Users.WINDOWS\Bureau\AVG Anti-Spyware.lnk C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVG Anti-Spyware 7.5 C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVG Anti-Spyware 7.5\AVG Anti-Spyware.lnk C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVG Anti-Spyware 7.5\Service & Support.lnk C:\Documents and Settings\All Users.WINDOWS.LOG C:\Documents and Settings\Default User.WINDOWS.LOG C:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat C:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\desktop.ini C:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT C:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG C:\Documents and Settings\NetworkService.AUTORITE NT\Cookies\index.dat C:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\desktop.ini C:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT C:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG C:\Documents and Settings\STEPH\Bureau C:\Documents and Settings\STEPH\Bureau\25078_PE097169_S4.jpg C:\Documents and Settings\STEPH\Bureau\avgas-setup-7.5.0.50.exe C:\Documents and Settings\STEPH\Bureau\clean.zip C:\Documents and Settings\STEPH\Bureau\diaghelp C:\Documents and Settings\STEPH\Bureau\diaghelp\DiagHelp C:\Documents and Settings\STEPH\Bureau\DiagHelp.zip C:\Documents and Settings\STEPH\Bureau\hijackthis C:\Documents and Settings\STEPH\Bureau\hijackthis\hijackthis.log C:\Documents and Settings\STEPH\Bureau\hijackthis.zip C:\Documents and Settings\STEPH\Bureau\KillBox.exe C:\Documents and Settings\STEPH\Bureau\MFO.doc C:\Documents and Settings\STEPH\Bureau\navilog1.lnk C:\Documents and Settings\STEPH\Bureau\Navilog1.zip C:\Documents and Settings\STEPH\Bureau\photos dominos C:\Documents and Settings\STEPH\Bureau\photos dominos\155_5574.JPG.zip C:\Documents and Settings\STEPH\Bureau\photos dominos\155_5582.JPG.zip C:\Documents and Settings\STEPH\Bureau\photos dominos\article sports et plein air site 2007.doc C:\Documents and Settings\STEPH\Bureau\photos dominos\CIMG0117.JPG C:\Documents and Settings\STEPH\Bureau\photos dominos\CIMG0125.JPG C:\Documents and Settings\STEPH\Bureau\photos dominos\DOMINO site avril 2007.doc C:\Documents and Settings\STEPH\Bureau\photos dominos\IMGP0043.JPG C:\Documents and Settings\STEPH\Bureau\photos dominos\IMGP0058.JPG C:\Documents and Settings\STEPH\Bureau\photos dominos\Thumbs.db C:\Documents and Settings\STEPH\Bureau\Site Semecourt Xbox C:\Documents and Settings\STEPH\Bureau\Site Semecourt Xbox\FlashFXP.ini C:\Documents and Settings\STEPH\Bureau\Site Semecourt Xbox\flashfxp.key C:\Documents and Settings\STEPH\Bureau\Site Semecourt Xbox\Stats.dat C:\Documents and Settings\STEPH\Contacts\moselle58@hotmail.com\356b2268-0b16-405c-8799-22517a93eb1f.WindowsLiveContact C:\Documents and Settings\STEPH\Contacts\moselle58@hotmail.com\aa2f55d9-8071-4596-b479-f68a204004c7.WindowsLiveContact C:\Documents and Settings\STEPH\Contacts\moselle58@hotmail.com\aba18bfa-aa7b-4704-b914-83eb87928f47.WindowsLiveContact C:\Documents and Settings\STEPH\Contacts\moselle58@hotmail.com\d0c76f18-ceb2-4a77-9182-26b5f68e843e.WindowsLiveContact C:\Documents and Settings\STEPH\Cookies C:\Documents and Settings\STEPH\Cookies\index.dat C:\Documents and Settings\STEPH\Cookies\steph@atdmt[2].txt C:\Documents and Settings\STEPH\Cookies\steph@becquet[1].txt C:\Documents and Settings\STEPH\Cookies\steph@by140w.bay140.mail.live[2].txt C:\Documents and Settings\STEPH\Cookies\steph@doubleclick[2].txt C:\Documents and Settings\STEPH\Cookies\steph@live[2].txt C:\Documents and Settings\STEPH\Cookies\steph@login.live[1].txt C:\Documents and Settings\STEPH\Cookies\steph@msn[1].txt C:\Documents and Settings\STEPH\Cookies\steph@phpmv2[1].txt C:\Documents and Settings\STEPH\Cookies\steph@stat.dealtime[2].txt C:\Documents and Settings\STEPH\Cookies\steph@statse.webtrendslive[2].txt C:\Documents and Settings\STEPH\Cookies\steph@weborama[1].txt C:\Documents and Settings\STEPH\Cookies\steph@webroot[1].txt C:\Documents and Settings\STEPH\Cookies\steph@www.poweradvertising[1].txt C:\Documents and Settings\STEPH\Cookies\steph@www.smartadserver[1].txt C:\Documents and Settings\STEPH\Cookies\steph@xiti[1].txt C:\Documents and Settings\STEPH\Local Settings\desktop.ini C:\Documents and Settings\STEPH\Local Settings\Temp C:\Documents and Settings\STEPH\Local Settings\Temp\F-Secure C:\Documents and Settings\STEPH\Local Settings\Temp\F-Secure\BlackLight C:\Documents and Settings\STEPH\Local Settings\Temp\flashgot.sc2e7lpc.default C:\Documents and Settings\STEPH\Local Settings\Temp\flashgot.sc2e7lpc.default\FlashGot.exe.test C:\Documents and Settings\STEPH\Local Settings\Temp\FRONTPG.log C:\Documents and Settings\STEPH\Local Settings\Temp\hsperfdata_STEPH C:\Documents and Settings\STEPH\Local Settings\Temp\install.dat C:\Documents and Settings\STEPH\Local Settings\Temp\java_install_reg.log C:\Documents and Settings\STEPH\Local Settings\Temp\jusched.log C:\Documents and Settings\STEPH\Local Settings\Temp\msohtml1 C:\Documents and Settings\STEPH\Local Settings\Temp\msohtml11 C:\Documents and Settings\STEPH\Local Settings\Temp\Perflib_Perfdata_108.dat C:\Documents and Settings\STEPH\Local Settings\Temp\Perflib_Perfdata_138.dat C:\Documents and Settings\STEPH\Local Settings\Temp\Spysweeper 5.3.1 + Updater 2.0 _-mininova.org-_.torrent C:\Documents and Settings\STEPH\Local Settings\Temp\TWAIN.LOG C:\Documents and Settings\STEPH\Local Settings\Temp\Twain001.Mtx C:\Documents and Settings\STEPH\Local Settings\Temp\Twunk001.MTX C:\Documents and Settings\STEPH\Local Settings\Temp\wecerr.txt C:\Documents and Settings\STEPH\Local Settings\Temp\WPDNSE C:\Documents and Settings\STEPH\Local Settings\Temp\~DFB412.tmp C:\Documents and Settings\STEPH\Local Settings\Temp\~DFD01D.tmp C:\Documents and Settings\STEPH\Local Settings\Temp\~nsu.tmp C:\Documents and Settings\STEPH\Menu Démarrer\Programmes C:\Documents and Settings\STEPH\Menu Démarrer\Programmes\Navilog1 C:\Documents and Settings\STEPH\Mes documents\Mes dossiers de partage.lnk C:\Documents and Settings\STEPH\Mes documents\Mes fichiers reçus C:\Documents and Settings\STEPH\Mes documents\Mes fichiers reçus\CIMG5319.JPG C:\Documents and Settings\STEPH\Mes documents\Mes fichiers reçus\CIMG5426.JPG C:\Documents and Settings\STEPH\Mes documents\Mes fichiers reçus\CIMG5428.JPG C:\Documents and Settings\STEPH\Mes documents\Mes fichiers reçus\Thumbs.db C:\Documents and Settings\STEPH\Mes documents\Mes images C:\Documents and Settings\STEPH\Mes documents\Mes images\capote2.jpg C:\Documents and Settings\STEPH\NTUSER.DAT C:\Documents and Settings\STEPH\ntuser.ini C:\Documents and Settings\STEPH\UserData\index.dat C:\fixnavi.txt C:\hiberfil.sys C:\install.dat C:\pagefile.sys C:\Program Files C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-11.19-11-54.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-11.20-26-34.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-11.20-30-18.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-12.07-49-39.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-12.15-11-17.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-12.15-36-37.log C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2007-05-12.17-02-28.log C:\Program Files\BitComet\BitComet.xml C:\Program Files\BitComet\Downloads C:\Program Files\BitComet\Downloads\10 roms ds ( C:\Program Files\BitComet\Downloads\10 roms ds (\Hamsterz(u).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Lost In Blue 2(fr).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Open Season(e).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Over the hedge hammy goes nuts(u).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Picross ds (fr).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Platinum Sudoku.rar C:\Program Files\BitComet\Downloads\10 roms ds (\Spider-Man 3 (F).rar C:\Program Files\BitComet\Downloads\10 roms ds (\Touch Detective (Fr).rar C:\Program Files\BitComet\Downloads\10 roms ds (\World Championship Poker Deluxe Series.rar C:\Program Files\BitComet\Downloads\10 roms ds (\Yu-Gi-Oh! World Championschip 2007 (fr).rar C:\Program Files\BitComet\Downloads\Casino.Royale.FRENCH.DVDRiP.XViD-STS.avi C:\Program Files\BitComet\Downloads\EA-Replay.2006.cso C:\Program Files\BitComet\Downloads\Evrybdy Glf.rar.bc! C:\Program Files\BitComet\Downloads\GOLDORAK - DVD 1 sur 15 - Coffret 1 - Ep 01 a 06 - (non retouché - copie 1-1 de l'original).iso.bc! C:\Program Files\BitComet\Downloads\GOLDORAK-DVD1picture0001.jpg.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10 C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\Torrent downloaded from Demonoid.com.txt C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VIDEO_TS.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VIDEO_TS.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VIDEO_TS.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_01_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_01_0.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_01_1.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_02_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_02_0.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_02_1.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_03_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_03_0.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_03_1.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_04_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_04_0.IFO C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_04_1.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_05_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_05_0.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_05_1.VOB.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_06_0.BUP.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_06_0.IFO.bc! C:\Program Files\BitComet\Downloads\GOLDORAK_DVD10\VIDEO_TS\VTS_06_1.VOB.bc! C:\Program Files\BitComet\Downloads\Heatseeker_USA.cso C:\Program Files\BitComet\Downloads\Just Over Eighteen 3.rar C:\Program Files\BitComet\Downloads\Spysweeper 5.3.1 + Updater 2.0 C:\Program Files\BitComet\Downloads\Spysweeper 5.3.1 + Updater 2.0\ReadMe!.txt C:\Program Files\BitComet\Downloads\Spysweeper 5.3.1 + Updater 2.0\Serial.txt C:\Program Files\BitComet\Downloads\Spysweeper 5.3.1 + Updater 2.0\SpySweeper_Updater2.0.exe C:\Program Files\BitComet\Downloads\Spysweeper 5.3.1 + Updater 2.0\sspsetup1_60786.exe C:\Program Files\BitComet\Downloads.xml C:\Program Files\BitComet\lang\lang_fr_fr.xml C:\Program Files\BitComet\rules\dhtnodes.dat C:\Program Files\BitComet\Torrents C:\Program Files\BitComet\Torrents\Evrybdy Glf.rar.torrent C:\Program Files\BitComet\Torrents\Evrybdy Glf.rar.xml C:\Program Files\BitComet\Torrents\GOLDORAK - DVD 1 sur 15 - Coffret 1 - Ep 01 a 06 - (non retouché - copie 1-1 de l'original).iso.torrent C:\Program Files\BitComet\Torrents\GOLDORAK - DVD 1 sur 15 - Coffret 1 - Ep 01 a 06 - (non retouché - copie 1-1 de l'original).iso.xml C:\Program Files\BitComet\Torrents\GOLDORAK-DVD1picture0001.jpg.torrent C:\Program Files\BitComet\Torrents\GOLDORAK-DVD1picture0001.jpg.xml C:\Program Files\BitComet\Torrents\GOLDORAK_DVD10.torrent C:\Program Files\BitComet\Torrents\GOLDORAK_DVD10.xml C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.log C:\Program Files\Grisoft C:\Program Files\Grisoft\AVG Anti-Spyware 7.5 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\help.chm C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\lang.ini C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\logfile.txt C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\Report-Scan-20070512-132011.txt C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2517.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2518.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2519.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2520.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2521.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2522.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2523.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2524.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2525.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2526.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2527.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2528.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2529.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2530.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2531.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2532.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2533.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2534.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2535.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2536.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2537.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2538.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2539.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2540.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2541.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2542.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2543.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2544.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Signatures\2545.dat C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Translations C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref C:\Program Files\Micro Application\PrintPratic 3 C:\Program Files\Micro Application\PrintPratic 3\Skins\fonts.txt C:\Program Files\Mozilla Firefox C:\Program Files\Mozilla Firefox\extensions C:\Program Files\Mozilla Firefox\updates C:\Program Files\MSN Messenger\ErrorResponse.xml C:\Program Files\Navilog1 C:\Program Files\Navilog1\Backupnavi C:\Program Files\Navilog1\blbetac.log C:\Program Files\Navilog1\fsbl1.txt C:\Program Files\Navilog1\fsblreg.txt C:\Program Files\Navilog1\setup.log C:\Program Files\PhotoFiltre\PhotoFiltre.ini C:\Program Files\StuffPlug3\CC1295779301.dat C:\rapport_clean.txt C:\resultat.txt C:\unpffc03.txt C:\WINDOWS C:\WINDOWS.log C:\WINDOWS\bootstat.dat C:\WINDOWS\Debug\PASSWD.LOG C:\WINDOWS\Debug\UserMode\userenv.log C:\WINDOWS\Downloaded Program Files C:\WINDOWS\Fonts C:\WINDOWS\Fonts\STEREOFI.TTF C:\WINDOWS\MEMORY.DMP C:\WINDOWS\SchedLgU.Txt C:\WINDOWS\setupact.log C:\WINDOWS\system32 C:\WINDOWS\system32\BMXState-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx C:\WINDOWS\system32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx C:\WINDOWS\system32\drivers C:\WINDOWS\system32\drivers\etc\hosts C:\WINDOWS\system32\drivers\etc\hosts.ics C:\WINDOWS\system32\drivers\fidbox.dat C:\WINDOWS\system32\drivers\fidbox.idx C:\WINDOWS\system32\drivers\fidbox2.dat C:\WINDOWS\system32\drivers\fidbox2.idx C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx C:\WINDOWS\system32\LogFiles\PunkBuster\PnkBstrA.log C:\WINDOWS\system32\nvapps.xml C:\WINDOWS\system32\oodag C:\WINDOWS\system32\oodag\4A9577E3C4B3DAF70443938C3AA6A7A5 C:\WINDOWS\system32\oodag\4A9577E3C4B3DAF70443938C3AA6A7A51C79401BCC7536A C:\WINDOWS\system32\oodag\4A9577E3C4B3DAF70443938C3AA6A7A51C79401BCC7536A\490263CA8E42AE5909EE4BA8861A778F.id C:\WINDOWS\system32\oodag\4A9577E3C4B3DAF70443938C3AA6A7A51C79401BCC7536A\8_1.rpd C:\WINDOWS\system32\oodag\4A9577E3C4B3DAF70443938C3AA6A7A51C79401BCC7536A\Job.Job C:\WINDOWS\system32\oodag\Analyze_8.dat C:\WINDOWS\system32\OODBS.lor C:\WINDOWS\system32\ScreensaverManager.log C:\WINDOWS\system32\settings.sfm C:\WINDOWS\system32\settingsbkup.sfm C:\WINDOWS\system32\spool\PRINTERS C:\WINDOWS\system32\The Lost Watch.log C:\WINDOWS\Tasks C:\WINDOWS\Tasks\SA.DAT C:\WINDOWS\Temp\cch~12844c8fb.htp C:\WINDOWS\Temp\cch~12844d323.htp C:\WINDOWS\Temp\cch~12c6ea2b7.htp C:\WINDOWS\Temp\cch~12c6eac86.htp C:\WINDOWS\Temp\cch~12c8eeb40.htp C:\WINDOWS\Temp\cch~12c8ef518.htp C:\WINDOWS\Temp\cch~e8ff818e.htp C:\WINDOWS\Temp\cch~e8ff937d.htp C:\WINDOWS\Temp\WGAErrLog.txt C:\WINDOWS\wiadebug.log C:\WINDOWS\wiaservc.log C:\WINDOWS\WindowsUpdate.log Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\fidbox.dat -->12/05/2007 17:02:17 C:\WINDOWS\System32/drivers\fidbox2.idx -->12/05/2007 15:44:28 C:\WINDOWS\System32/drivers\fidbox2.dat -->12/05/2007 15:44:28 C:\WINDOWS\System32/drivers\fidbox.idx -->12/05/2007 15:44:28 C:\WINDOWS\System32/drivers\PnkBstrK.sys -->10/05/2007 18:09:39 C:\WINDOWS\System32/drivers\lvuvc.hs -->08/04/2007 13:46:19 C:\WINDOWS\System32/drivers\Msft_Kernel_LMouFilt_01005.Wdf -->03/04/2007 18:20:06 C:\WINDOWS\System32\elmfyprb.dat -->12/05/2007 17:08:48 C:\WINDOWS\System32\nvapps.xml -->12/05/2007 17:02:09 C:\WINDOWS\System32\OODBS.lor -->12/05/2007 17:01:59 C:\WINDOWS\System32\settingsbkup.sfm -->12/05/2007 15:44:28 C:\WINDOWS\System32\settings.sfm -->12/05/2007 15:44:28 C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx -->12/05/2007 15:44:28 C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx -->12/05/2007 15:44:28 C:\WINDOWS\System32\BMXState-{00000002-00000000-0000000A-00001102-00000005-00211102}.rfx -->12/05/2007 15:44:28 C:\WINDOWS\System32\ScreensaverManager.log -->12/05/2007 09:32:22 C:\WINDOWS\System32\The Lost Watch.log -->12/05/2007 09:28:18 C:\WINDOWS\System32\Fireplace.log -->10/05/2007 20:09:43 C:\WINDOWS\System32\Tropical Fish.log -->10/05/2007 20:09:13 C:\WINDOWS\System32\Lagoon.log -->10/05/2007 20:00:05 C:\WINDOWS\System32\elmfyprb_nav.dat -->10/05/2007 19:36:03 C:\WINDOWS\System32\PnkBstrB.exe -->10/05/2007 18:09:12 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->10/05/2007 15:44:39 C:\WINDOWS\System32\d3d8caps.dat -->09/05/2007 16:44:46 C:\WINDOWS\System32\FNTCACHE.DAT -->08/05/2007 15:16:59 C:\WINDOWS\System32\wpa.dbl -->07/05/2007 13:19:00 C:\WINDOWS\System32\rnaph.dll -->29/04/2007 11:16:00 C:\WINDOWS\System32\W32N50.dll -->29/04/2007 10:49:57 C:\WINDOWS\System32\PCANDIS5.sys -->29/04/2007 10:49:57 C:\WINDOWS\System32\dedbcea_d.dll -->29/04/2007 10:04:23 C:\WINDOWS\System32\beefdbeeb_d.ocx -->29/04/2007 10:04:23 C:\WINDOWS\System32\dedbcea_g.dll -->29/04/2007 09:46:58 C:\WINDOWS\WindowsUpdate.log -->12/05/2007 17:03:19 C:\WINDOWS.log -->12/05/2007 17:02:58 C:\WINDOWS\wiadebug.log -->12/05/2007 17:02:32 C:\WINDOWS\wiaservc.log -->12/05/2007 17:02:30 C:\WINDOWS\bootstat.dat -->12/05/2007 17:02:04 C:\WINDOWS\SchedLgU.Txt -->12/05/2007 15:44:24 C:\WINDOWS\MEMORY.DMP -->12/05/2007 15:36:04 C:\WINDOWS\setupact.log -->11/05/2007 19:59:16 C:\WINDOWS\setupapi.log -->11/05/2007 05:27:40 C:\WINDOWS\win.ini -->10/05/2007 15:58:02 C:\WINDOWS\system.ini -->10/05/2007 15:58:02 C:\WINDOWS\INI2=No -->10/05/2007 15:13:16 C:\WINDOWS\INI1=No -->10/05/2007 15:13:16 C:\WINDOWS\wmsetup.log -->07/05/2007 16:14:47 C:\WINDOWS\NAVIGMA.INI -->07/05/2007 16:14:17 Le volume dans le lecteur C s'appelle Disque systeme Le numéro de série du volume est 7464-C781 Répertoire de C:\WINDOWS\system32 19/08/2004 17:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 47 279 738 880 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Disque systeme Le numéro de série du volume est 7464-C781 Répertoire de C:\WINDOWS\Downloaded Program Files 11/05/2007 19:58 <REP> . 11/05/2007 19:58 <REP> .. 05/12/2006 18:16 516 CTPID.inf 06/12/2006 12:10 38 696 CTPID.ocx 11/08/2006 10:40 523 CTSUEng.inf 11/08/2006 10:36 225 280 CTSUEng.ocx 24/12/2006 15:52 65 desktop.ini 13/04/2007 02:14 382 344 GAME_UNO1.dll 17/01/2007 15:44 316 GAME_UNO1.INF 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 24/01/2007 21:24 397 720 StagingUI.ocx 24/01/2007 21:24 299 432 StProxy.dll 09/11/2006 15:36 5 019 swflash.inf 24/01/2007 21:24 232 352 ZBuddy.ocx 19/02/2007 11:26 159 128 ZIntro.ocx 24/01/2007 21:24 509 848 ZPAChat.ocx 14 fichier(s) 2 555 783 octets Total des fichiers listés : 14 fichier(s) 2 555 783 octets 2 Rép(s) 47 279 738 880 octets libres Recherche de rootkit! (Merci S!Ri) infection possible Magic.Control : un scan F-Secure BlackLight est recommandé Recherche d'infections connues
  5. bonjour, Je galere avec des fenetre de pubs qui s'ouvrent toutes seules pendant le surf !! J'ai passé ad aware, seek and destroy, spy swepper ......sans résultat!!! Please help me. D'apres les premieres procédures j'ai installé hijackthis et voici le rapport qu'il me sort : d'avance merci pour votre aide bien généreuse: Logfile of HijackThis v1.99.1 Scan saved at 14:21:19, on 12/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Fichiers communs\Logitech\LCD Manager\lcdmon.exe C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\LCD Manager\Applets\LCDClock.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\WinRAR\WinRAR.exe C:\Documents and Settings\STEPH\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Fichiers communs\Logitech\LCD Manager\lcdmon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - Startup: WinColorReminder.exe.lnk = C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColor.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab55579.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll" O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
×
×
  • Créer...