Se connecter / S'enregistrer
Votre question

virus nokia 19 et rapport navilog1

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Octobre 2007 14:25:24

Bonjour j'ai attraper le virus de msn nokia 19 et j'ai des pubs qui s'af
fiche tout le temps sur internet. j'ai télécharger le logiciel Navilog1 et j'ai fait un rapport mais je ne sais pas ce qu'il faut faire ensuite. Voici le rapport

Creation de la liste des programmes installes

Veuillez patienter

ExecutÚ en mode normal
Search Navipromo version 3.3.2 commence le 27/10/2007 a 14:08:45,20

!!! Attention,ce rapport peut indiquer des fichiers/programmes legitimes !!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie desinfection sans l'avis d'un specialiste !!!




*** Recherche programmes installes ***

Veuillez patienter


Recherche terminee


*** Recherche dossiers dans C:\WINDOWS ***

Veuillez patienter

Recherche terminee


*** Recherche dossiers dans C:\Program Files ***

Veuillez patienter

Recherche terminee


*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data
***

Veuillez patienter

Recherche terminee


*** Recherche dossiers dans C:\Documents and Settings\Adeline\Application Data *
**

Veuillez patienter

Recherche terminee


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***

Veuillez patienter

Recherche terminee


*** Recherche avec Catchme par gmer ***
pour + d'infos : http://www.gmer.net

Veuillez patienter ... Le scan peut durer une dizaine de minutes ...

C:\WINDOWS\System32\psnvexhf_navps.dat
C:\WINDOWS\System32\psnvexhf.dat
C:\WINDOWS\System32\psnvexhf.exe
C:\WINDOWS\System32\psnvexhf_nav.dat
C:\WINDOWS\system32\psnvexhf.exe [5000] 0x81EC5610
psnvexhf.exe
C:\WINDOWS\system32\psnvexhf_navps.dat
C:\WINDOWS\system32\psnvexhf.dat
C:\WINDOWS\system32\psnvexhf.exe
C:\WINDOWS\system32\psnvexhf_nav.dat

*** Recherche avec GenericNaviSearch ***

Veuillez patienter

1 fichier(s) copié(s).

GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
[+] C:\WINDOWS\system32\fzkvufvfsj.exe
[!] NaviPromo - Malware/Packer id:{1c7eee3.3242A00}

[+] C:\WINDOWS\system32\hcsovggq.exe
[·] NaviPromo - Malware/Packer id:{1c81351.6553448A00}

[+] C:\WINDOWS\system32\ionphl.exe
[·] NaviPromo - Malware/Packer id:{1c814be.2778145200}

[+] C:\WINDOWS\system32\owqmwnyqgd.exe
[·] NaviPromo - Malware/Packer id:{1c81311.2266146A00}

└────────────────────────────────────────────────────────┘ 1 fichier(s) c
opié(s).
1 fichier(s) copié(s).

GenericNaviCheck v0.2 for IL-MAFIOSO
Credits: Malware Analysis & Diagnostic
Coded by fRoGGz - SecuBox Labs (FRANCE)
┌────────────────────────────────────────────────────────┐
└────────────────────────────────────────────────────────┘
*** Recherche fichiers ***

Veuillez patienter

Recherche terminee

*** Recherche cles specifiques dans le Registre ***

Veuillez patienter


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Lanconfig
LAN REG_SZ UP

1)Recherche fichiers connus

Veuillez patienter...

2)Recherche Heuristique

Veuillez patienter...

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\TrustedPublisher\Certifi
cates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
Blob REG_BINARY 0F0000000100000010000000718B9510613CCAF8AFCAFCBF
945663A103000000010000001400000062119EF862C6B3A0D853419B87EB3E2F6C78640A20000000
01000000DF030000308203DB30820344A00302010202033FC398300D06092A864886F70D01010405
003055310B3009060355040613025A4131253023060355040A131C54686177746520436F6E73756C
74696E67202850747929204C74642E311F301D0603550403131654686177746520436F6465205369
676E696E67204341301E170D3035303831353031353134345A170D3037303931363133323531325A
30818B310B3009060355040613024652310E300C0603550408130552686F6E65310D300B06035504
0713044C796F6E31193017060355040A1310656C656374726F6E69632D67726F7570312730250603
55040B131E536563757265204170706C69636174696F6E20446576656C6F706D656E743119301706
035504031310656C656374726F6E69632D67726F757030820122300D06092A864886F70D01010105
000382010F003082010A0282010100E2754D8A4E6D4DB6E025B0073520DDD7EEEC116A813940FDA2
C4C66F7A354ADB3036188D4078F8891B3FE15D467DFBA5E17984CAC2B246C27C052E63956DFE817E
B423B9615BDDFDDAADAC5E2AC0F41F583EDD24D7830F5875DF2937A9152B741EEF3950E5116E76D2
E7E3FFDF6FCB5858AF26F5E2EFFD019A1F82B98D7F21ED089D5BB8553CD89C823BECAEB62EA1CC4B
455CB4E93E8AC715320F31DC3FBC2D0BE0D65C608C58C19FF06DA7BC1EC48A45EF0219EEF4029450
4E2663B1C9DAD6A2241DF996C59CF110B706285FBAEAE0C55D776573536218C3C7AE248B82CAE015
13CD8B2828A94F4A70BA6E199919A0F5EAE20643FEAABEBE2BA3B2819E92790203010001A381FD30
81FA301F0603551D250418301606082B06010505070303060A2B0601040182370201163011060960
86480186F8420101040403020410301D0603551D0404163014300E300C060A2B0601040182370201
160302078030230603551D11041C301A82187777772E656C656374726F6E69632D67726F75702E63
6F6D303E0603551D1F043730353033A031A02F862D687474703A2F2F63726C2E7468617774652E63
6F6D2F546861777465436F64655369676E696E6743412E63726C303206082B060105050701010426
3024302206082B060105050730018616687474703A2F2F6F6373702E7468617774652E636F6D300C
0603551D130101FF04023000300D06092A864886F70D01010405000381810075160A692F4BC2096B
CE67C58B0D88320552104E4D35F5018BC2AB1BE03ECAE3C0ABE7DB45629B1B3C1812039145C15D6F
2774C211A2C86F93A819573D58A3C0E66D1E19E84638800E3372880B4E9CDCF70CC769BDEFF236ED
3AC6F20E370122FA791E71B0EA8BE78077FFC288C382B201D78EA8BBF9E9457FAD4EE80273279C

*** Analyse terminee le 27/10/2007 a 14:09:40,53 ***
Appuyez sur une touche pour continuer...















Si quelqu'un pouvait m'aider se serait cool!!!

Autres pages sur : virus nokia rapport navilog1

27 Octobre 2007 15:25:45


Bonjour :) 

Tu peux poster ce rapport : C:\fixnavi.txt ?

Télécharge Hijackthis <- ici sur ton Bureau

lance le programme , clique do a system scan and save a logfile
copie / colle le rapport généré dans ta reponse

>> Tuto HiJackThis v2.0.2 <<

27 Octobre 2007 17:16:55

Bonjour merci de m'apporter de laide!! Voici mon rapport mais après je fais quoi?



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:55, on 27/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Saitek\Software\ProfilerU.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\tsitra1148.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Advanced Messenger Plus\AdvMsg.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Adeline\LOCALS~1\Temp\Rar$EX00.953\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fgrqfbeg] c:\windows\system32\fgrqfbeg.exe fgrqfbeg
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [fzkvufvfsj] c:\windows\system32\fzkvufvfsj.exe fzkvufvfsj
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [LBTWiz.exe] C:\WINDOWS\LBTWiz.exe
O4 - HKLM\..\Run: [owqmwnyqgd] c:\windows\system32\owqmwnyqgd.exe owqmwnyqgd
O4 - HKLM\..\Run: [hcsovggq] c:\windows\system32\hcsovggq.exe hcsovggq
O4 - HKLM\..\Run: [ionphl] c:\windows\system32\ionphl.exe ionphl
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\tsitra1148.exe 61A847B5BBF72813339F30466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Great Less] C:\DOCUME~1\Adeline\APPLIC~1\SPAMBO~1\bitstest.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-861567501-1035525444-1801674531-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Bernard')
O4 - HKUS\S-1-5-21-861567501-1035525444-1801674531-1004\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart (User 'Bernard')
O4 - HKUS\S-1-5-21-861567501-1035525444-1801674531-1004\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User 'Bernard')
O4 - HKUS\S-1-5-21-861567501-1035525444-1801674531-1004\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Bernard')
O4 - HKUS\S-1-5-21-861567501-1035525444-1801674531-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'JULIEN')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Advanced Messenger Plus.lnk = C:\Program Files\Advanced Messenger Plus\AdvMsg.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1105\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///C:/Documents%20and%20Settings/Maxime/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

--
End of file - 14499 bytes*** Recherche programmes installes ***

Veuillez patienter


Recherche terminee


Contenus similaires
27 Octobre 2007 17:21:42

Qu'es ce qu'il faut que je fasse dans ma fenetre de "Trend Micro HijackThis" il faut que je coche une case??
27 Octobre 2007 17:33:20


Télécharge Lop S&D <- ici
clique sur Extraire tous les fichiers , dezippe le sur ton Bureau

Ouvre le Dossier Lop S&D et double clique sur Scan.bat ( le .bat peut ne pas apparaitre )
Au menu , tape R ( Rechercher ) et valide
N'éxecute pas l'option S sans notre avis !!

Poste le rapport généré
( il se trouve aussi dans le dossier Lop S&D et se nomme Rapport-Lop.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer et valide )
27 Octobre 2007 17:36:13

"Lop S&D <- ici " euh ce lien n'exite pas
27 Octobre 2007 17:38:40


Si si réessai pour voir
27 Octobre 2007 17:39:06

dsl je dis n importe quoi c lien existe. je me suis trompé!!
27 Octobre 2007 17:44:30

Voci le rapport



------------------------------[ Lop S&D 1.4 ]----------------------------

Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

Lancé depuis : "C:\Documents and Settings\Adeline\Bureau\Lop S&D"

Rapport créé Le 27/10/2007 à 17:42:01,64 PC : MR-F406

! Faire analyser le rapport par un Helper avant intervention !

-------------[ Listing des Dossiers dans Application Data ]-------------

C:\Documents and settings\Adeline\Application Data\Image Zone Express
C:\Documents and settings\Adeline\Application Data\Apple Computer
C:\Documents and settings\Adeline\Application Data\CDRusersDB.v12
C:\Documents and settings\Adeline\Application Data\Spam bold book
C:\Documents and settings\Adeline\Application Data\InfraRecorder
C:\Documents and settings\Adeline\Application Data\Vso
C:\Documents and settings\Adeline\Application Data\pcouffin.log
C:\Documents and settings\Adeline\Application Data\inst.exe
C:\Documents and settings\Adeline\Application Data\pcouffin.cat
C:\Documents and settings\Adeline\Application Data\pcouffin.sys
C:\Documents and settings\Adeline\Application Data\pcouffin.inf
C:\Documents and settings\Adeline\Application Data\Microsoft
C:\Documents and settings\Adeline\Application Data\Shareaza
C:\Documents and settings\Adeline\Application Data\Screenshot Sender
C:\Documents and settings\Adeline\Application Data\Google
C:\Documents and settings\Adeline\Application Data\Sun
C:\Documents and settings\Adeline\Application Data\LG Electronics
C:\Documents and settings\Adeline\Application Data\AdobeUM
C:\Documents and settings\Adeline\Application Data\vlc
C:\Documents and settings\Adeline\Application Data\ACD Systems
C:\Documents and settings\Adeline\Application Data\Adobe
C:\Documents and settings\Adeline\Application Data\MSN Search Toolbar
C:\Documents and settings\Adeline\Application Data\Macromedia
C:\Documents and settings\Adeline\Application Data\Ahead
C:\Documents and settings\Adeline\Application Data\EPSON
C:\Documents and settings\Adeline\Application Data\3D-Album-PS
C:\Documents and settings\Adeline\Application Data\Help
C:\Documents and settings\Adeline\Application Data\InterVideo
C:\Documents and settings\Adeline\Application Data\Identities
C:\Documents and settings\Adeline\Application Data\desktop.ini

C:\Documents and settings\All Users\Application Data\Google Updater
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\Logishrd
C:\Documents and settings\All Users\Application Data\PopCap
C:\Documents and settings\All Users\Application Data\Logo style sect remote
C:\Documents and settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Logitech
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\DVD Shrink
C:\Documents and settings\All Users\Application Data\Macrovision
C:\Documents and settings\All Users\Application Data\Autodesk
C:\Documents and settings\All Users\Application Data\ACD Systems
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\MSN Search Toolbar
C:\Documents and settings\All Users\Application Data\Ulead Systems
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\UDL
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage

C:\Documents and settings\Bernard\Application Data\ACD Systems
C:\Documents and settings\Bernard\Application Data\Sun
C:\Documents and settings\Bernard\Application Data\AdobeUM
C:\Documents and settings\Bernard\Application Data\Microsoft
C:\Documents and settings\Bernard\Application Data\Google
C:\Documents and settings\Bernard\Application Data\vlc
C:\Documents and settings\Bernard\Application Data\Help
C:\Documents and settings\Bernard\Application Data\LG Electronics
C:\Documents and settings\Bernard\Application Data\Macromedia
C:\Documents and settings\Bernard\Application Data\MSN Search Toolbar
C:\Documents and settings\Bernard\Application Data\desktop.ini
C:\Documents and settings\Bernard\Application Data\InterVideo
C:\Documents and settings\Bernard\Application Data\Adobe
C:\Documents and settings\Bernard\Application Data\InterTrust
C:\Documents and settings\Bernard\Application Data\Identities

C:\Documents and settings\Default User\Application Data\Macromedia
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft


C:\Documents and settings\LocalService\Application Data\Microsoft

C:\Documents and settings\Maxime\Application Data\XnView
C:\Documents and settings\Maxime\Application Data\IGN2K5
C:\Documents and settings\Maxime\Application Data\InfraRecorder
C:\Documents and settings\Maxime\Application Data\Spam bold book
C:\Documents and settings\Maxime\Application Data\CDRusersDB.v12
C:\Documents and settings\Maxime\Application Data\Apple Computer
C:\Documents and settings\Maxime\Application Data\ContactMusic
C:\Documents and settings\Maxime\Application Data\Google
C:\Documents and settings\Maxime\Application Data\Image Zone Express
C:\Documents and settings\Maxime\Application Data\Microsoft
C:\Documents and settings\Maxime\Application Data\Sun
C:\Documents and settings\Maxime\Application Data\AdobeUM
C:\Documents and settings\Maxime\Application Data\Pioneer
C:\Documents and settings\Maxime\Application Data\LG Electronics
C:\Documents and settings\Maxime\Application Data\Autodesk
C:\Documents and settings\Maxime\Application Data\vlc
C:\Documents and settings\Maxime\Application Data\ACD Systems
C:\Documents and settings\Maxime\Application Data\Adobe
C:\Documents and settings\Maxime\Application Data\MSN Search Toolbar
C:\Documents and settings\Maxime\Application Data\Ulead Systems
C:\Documents and settings\Maxime\Application Data\Ahead
C:\Documents and settings\Maxime\Application Data\3D-Album-PS
C:\Documents and settings\Maxime\Application Data\Macromedia
C:\Documents and settings\Maxime\Application Data\EPSON
C:\Documents and settings\Maxime\Application Data\Help
C:\Documents and settings\Maxime\Application Data\InterVideo
C:\Documents and settings\Maxime\Application Data\Identities
C:\Documents and settings\Maxime\Application Data\desktop.ini

C:\Documents and settings\NetworkService\Application Data\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans Program Files ]--------------

C:\Program Files\01%2F03%2F2007
C:\Program Files\2K Sports
C:\Program Files\3D-WinBrick2001
C:\Program Files\ABBYY FineReader 6.0 Sprint
C:\Program Files\ACD Systems
C:\Program Files\Adobe
C:\Program Files\Advanced Messenger Plus
C:\Program Files\Adverts
C:\Program Files\Ahead
C:\Program Files\Alwil Software
C:\Program Files\AnglaisFacile.com
C:\Program Files\AnswerWorks 4.0
C:\Program Files\Apple Software Update
C:\Program Files\ATI Technologies
C:\Program Files\AutoCAD 2004
C:\Program Files\Autodesk
C:\Program Files\AvRack
C:\Program Files\CCleaner
C:\Program Files\ComPlus Applications
C:\Program Files\Davilex
C:\Program Files\DelMp3Kok
C:\Program Files\directx
C:\Program Files\DJ Mix Pro
C:\Program Files\DVD Shrink
C:\Program Files\EA GAMES
C:\Program Files\Eidos Interactive
C:\Program Files\eMule
C:\Program Files\epson
C:\Program Files\EVF
C:\Program Files\FairUse Wizard 2
C:\Program Files\Farnell InOne
C:\Program Files\Fichiers communs
C:\Program Files\GameSpy Arcade
C:\Program Files\Google
C:\Program Files\Hits Collection
C:\Program Files\HP
C:\Program Files\IGN France
C:\Program Files\InfraRecorder
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\iPod
C:\Program Files\Irregular Verbs
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\JavaSoft
C:\Program Files\LG Electronics
C:\Program Files\LG PC Suite
C:\Program Files\Ligos
C:\Program Files\LimeWire
C:\Program Files\Logitech
C:\Program Files\Macrogaming
C:\Program Files\Maxis
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerPlus! 3
C:\Program Files\Micro Application
C:\Program Files\Microsoft Encarta
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Monte Cristo
C:\Program Files\MotoRacer2
C:\Program Files\MotoRacer3
C:\Program Files\Movie Maker
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar Suite
C:\Program Files\MSXML 4.0
C:\Program Files\Navilog1
C:\Program Files\NetMeeting
C:\Program Files\Online Services
C:\Program Files\Optio 50L Digital Camera
C:\Program Files\Outlook Express
C:\Program Files\Picasa2
C:\Program Files\PIXELA
C:\Program Files\QuickTime
C:\Program Files\Realtek AC97
C:\Program Files\Realtek Sound Manager
C:\Program Files\Red Storm Entertainment
C:\Program Files\Roller Coaster Mania
C:\Program Files\RuiZhi
C:\Program Files\SAGEM
C:\Program Files\Saitek
C:\Program Files\satsukidecodersettings.ini
C:\Program Files\Securitoo
C:\Program Files\Services en ligne
C:\Program Files\Shareaza
C:\Program Files\Sierra On-Line
C:\Program Files\Sony Corporation
C:\Program Files\SopCast
C:\Program Files\Spam bold book
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Steam
C:\Program Files\Temporary
C:\Program Files\TPlayer
C:\Program Files\Ulead Systems
C:\Program Files\vanBasco's Karaoke Player
C:\Program Files\VideoLAN
C:\Program Files\visviva
C:\Program Files\VIZup
C:\Program Files\VSO
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Edition
C:\Program Files\Wanadoo Messager
C:\Program Files\WebMediaPlayer
C:\Program Files\WinAble
C:\Program Files\Windows Defender
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\WON
C:\Program Files\xerox
C:\Program Files\XnView
C:\Program Files\Yahoo!

------[ Listing des dossiers dans Program Files\Fichiers Communs ]------

C:\program files\fichiers communs\ACD Systems
C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\Autodesk Shared
C:\program files\fichiers communs\Designer
C:\program files\fichiers communs\HP
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\LogiShrd
C:\program files\fichiers communs\Logitech
C:\program files\fichiers communs\Macrovision Shared
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\SONY Digital Images
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\System
C:\program files\fichiers communs\Ulead Systems

----------------------[ Recherche dans le Registre ]----------------------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"Great Less"="C:\\DOCUME~1\\Adeline\\APPLIC~1\\SPAMBO~1\\bitstest.exe"

-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------

C:\Documents and settings\Adeline\Application Data\SPAMBO~1
C:\Documents and settings\Maxime\Application Data\SPAMBO~1
C:\Program Files\SPAMBO~1
C:\Program Files\Adverts
C:\Documents and settings\Adeline\Cookies\adeline@adserver.advertstream[1].txt
C:\Documents and settings\Adeline\Cookies\adeline@advertstream[1].txt
C:\Documents and settings\Adeline\Cookies\adeline@d2.advertserve[1].txt
C:\Documents and settings\Adeline\Cookies\adeline@sharpadverts[1].txt
C:\Documents and settings\Bernard\Cookies\bernard@advertstream[2].txt
C:\Documents and settings\Bernard\Cookies\bernard@d2.advertserve[1].txt
C:\Documents and settings\Maxime\Cookies\maxime@advertstream[1].txt
C:\Documents and settings\Maxime\Cookies\maxime@advertstream[3].txt
C:\Documents and settings\Maxime\Cookies\maxime@advertstream[4].txt
C:\Documents and settings\Maxime\Cookies\maxime@d2.advertserve[1].txt

--------------------[ Vérification du fichier Hosts ]---------------------

Fichier Hosts : MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

--------------[ Recherche de fichiers cachés avec Catchme ]---------------

catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-27 17:42:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\fgrqfbeg_navps.dat
C:\WINDOWS\system32\fgrqfbeg.exe
C:\WINDOWS\system32\fgrqfbeg.dat
C:\WINDOWS\system32\fzkvufvfsj_navps.dat
C:\WINDOWS\system32\fzkvufvfsj.exe
C:\WINDOWS\system32\fzkvufvfsj.dat
C:\WINDOWS\system32\hcsovggq_navps.dat
C:\WINDOWS\system32\hcsovggq.exe
C:\WINDOWS\system32\hcsovggq.dat
C:\WINDOWS\system32\ionphl_navps.dat
C:\WINDOWS\system32\ionphl.exe
C:\WINDOWS\system32\ionphl.dat
C:\WINDOWS\system32\owqmwnyqgd_navps.dat
C:\WINDOWS\system32\owqmwnyqgd.exe
C:\WINDOWS\system32\owqmwnyqgd.dat
C:\WINDOWS\system32\fgrqfbeg_nav.dat
C:\WINDOWS\system32\fzkvufvfsj_nav.dat
C:\WINDOWS\system32\hcsovggq_nav.dat
C:\WINDOWS\system32\ionphl_nav.dat
C:\WINDOWS\system32\owqmwnyqgd_nav.dat
! EGDACCESS Possible !


--------------------[ Fin du rapport à 17:43:10,25 ]----------------------

27 Octobre 2007 17:48:41


Ah ben t'es bien infecté

Ouvre le Dossier Lop S&D et double clique sur Scan.bat ( le .bat peut ne pas apparaitre )

Au menu , tape S ( Suppression ) et valide
Ne ferme pas la fenêtre lors de la suppression

Poste le rapport généré
( il se trouve aussi dans le dossier Lop S&D et se nomme Rapport-Lop.txt )

( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer et valide )

---------------------------------------------------------

Poste aussi le rapport de Navilog qui se trouve ici : C:\fixnavi.txt
27 Octobre 2007 17:52:08

Ah ouai ba sa m'étonne pas! mon ordi beug tout le temps!!
Mais si je tape S sa va pas faire des dégats dans mon ordi? Sa va pas supprimer des fichiers?
27 Octobre 2007 19:03:40

Citation :
Sa va pas supprimer des fichiers?

Oui , cela va supprimer des fichiers infectieux , si tu n'as pas confiance ce n'est pas la peine de continuer :) 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS