A voir également:
- VIrusss partout dans mon pc
- Test performance pc - Guide
- Mon pc rame que faire - Guide
- Reinitialiser pc - Guide
- Plus de son sur mon pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
3 réponses
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
24 déc. 2008 à 12:10
24 déc. 2008 à 12:10
BILF fait ce qui suit -- stp
Télécharge Lop S&D.exe sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
Télécharge Lop S&D.exe sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
ca a ete + rapide que prevu
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 12/12/05 19:01:31 Ver: 08.00.10
USER : Olivier ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:35 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:97 Go (Free:63 Go)
E:\ (Local Disk) - NTFS - Total:146 Go (Free:11 Go)
F:\ (CD or DVD)
H:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( mer. 24/12/2008|13:22 )
--------------------\\ Listing des dossiers dans APPLIC~1
[18/12/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[18/12/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[01/11/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/12/2008|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[16/11/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[13/11/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[18/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/11/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/12/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/12/2008|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[13/11/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[23/12/2008|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
[14/12/2008|03:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[28/10/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/10/2008|16:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/11/2008|18:03] C:\DOCUME~1\Olivier\APPLIC~1\Adobe
[24/12/2008|00:48] C:\DOCUME~1\Olivier\APPLIC~1\BitTorrent
[29/10/2008|00:06] C:\DOCUME~1\Olivier\APPLIC~1\Design Science
[04/12/2008|20:01] C:\DOCUME~1\Olivier\APPLIC~1\DivX
[24/12/2008|11:32] C:\DOCUME~1\Olivier\APPLIC~1\DNA
[16/11/2008|09:59] C:\DOCUME~1\Olivier\APPLIC~1\GetRight
[07/12/2008|16:54] C:\DOCUME~1\Olivier\APPLIC~1\Hamachi
[28/10/2008|16:41] C:\DOCUME~1\Olivier\APPLIC~1\Identities
[13/11/2008|13:22] C:\DOCUME~1\Olivier\APPLIC~1\InstallShield
[09/11/2008|10:37] C:\DOCUME~1\Olivier\APPLIC~1\InterTrust
[03/12/2008|19:05] C:\DOCUME~1\Olivier\APPLIC~1\LimeWire
[03/11/2008|17:35] C:\DOCUME~1\Olivier\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\Olivier\APPLIC~1\Logitech
[28/10/2008|18:29] C:\DOCUME~1\Olivier\APPLIC~1\Macromedia
[18/11/2008|15:16] C:\DOCUME~1\Olivier\APPLIC~1\Malwarebytes
[29/10/2008|14:05] C:\DOCUME~1\Olivier\APPLIC~1\Media Player Classic
[18/12/2008|17:33] C:\DOCUME~1\Olivier\APPLIC~1\Microsoft
[28/10/2008|19:26] C:\DOCUME~1\Olivier\APPLIC~1\Mozilla
[15/11/2008|17:48] C:\DOCUME~1\Olivier\APPLIC~1\SecuROM
[21/11/2008|20:28] C:\DOCUME~1\Olivier\APPLIC~1\Steinberg
[03/11/2008|16:14] C:\DOCUME~1\Olivier\APPLIC~1\Sun
[18/12/2008|18:39] C:\DOCUME~1\Olivier\APPLIC~1\Uniblue
[23/12/2008|22:16] C:\DOCUME~1\Olivier\APPLIC~1\Way Joy Funk
[13/11/2008|14:39] C:\DOCUME~1\Olivier\APPLIC~1\Winamp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/12/2008 13:00][--ah-----] C:\WINDOWS\tasks\B40B10179C7C89F3.job
[24/12/2008 11:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( B40B10179C7C89F3.job )=( c:\docume~1\olivier\applic~1\wayjoy~1\globalblah4.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[09/11/2008|10:37] C:\Program Files\Adobe
[30/10/2008|16:44] C:\Program Files\Ahead
[13/11/2008|13:39] C:\Program Files\ASUS
[18/12/2008|17:35] C:\Program Files\AVG
[03/11/2008|20:28] C:\Program Files\BitTorrent
[16/11/2008|10:04] C:\Program Files\CCleaner
[02/12/2008|16:12] C:\Program Files\Codemasters
[28/10/2008|16:32] C:\Program Files\ComPlus Applications
[28/10/2008|16:51] C:\Program Files\DAEMON Tools
[04/12/2008|19:55] C:\Program Files\DivX
[18/12/2008|17:23] C:\Program Files\DivX ThE LaUncHeR
[22/12/2008|12:22] C:\Program Files\DNA
[01/12/2008|22:15] C:\Program Files\DVD Shrink
[19/12/2008|09:15] C:\Program Files\eMule
[18/12/2008|18:31] C:\Program Files\ESET
[21/12/2008|12:16] C:\Program Files\Fichiers communs
[13/11/2008|14:34] C:\Program Files\Futuremark
[28/10/2008|23:11] C:\Program Files\Gadwin Systems
[22/12/2008|15:02] C:\Program Files\GameSpy Arcade
[16/11/2008|09:59] C:\Program Files\GetRight
[01/12/2008|22:45] C:\Program Files\Hamachi
[28/10/2008|15:03] C:\Program Files\ING
[02/12/2008|16:12] C:\Program Files\InstallShield Installation Information
[13/11/2008|13:48] C:\Program Files\Intel
[11/12/2008|00:12] C:\Program Files\Internet Explorer
[03/12/2008|11:16] C:\Program Files\Java
[28/10/2008|23:59] C:\Program Files\K-Lite Codec Pack
[16/11/2008|09:28] C:\Program Files\Lavasoft
[13/11/2008|13:17] C:\Program Files\ma-config.com
[16/11/2008|10:16] C:\Program Files\MagicISO
[24/12/2008|12:14] C:\Program Files\Malwarebytes' Anti-Malware
[28/10/2008|23:19] C:\Program Files\Marvell
[29/10/2008|00:06] C:\Program Files\MathType
[04/11/2008|14:15] C:\Program Files\Messenger
[03/11/2008|17:23] C:\Program Files\Messenger Plus! Live
[29/11/2008|19:33] C:\Program Files\Microprose
[28/10/2008|16:36] C:\Program Files\microsoft frontpage
[18/12/2008|16:22] C:\Program Files\Microsoft Games
[28/10/2008|23:42] C:\Program Files\Microsoft Office
[28/10/2008|23:42] C:\Program Files\Microsoft Visual Studio
[28/10/2008|23:43] C:\Program Files\Microsoft Works
[04/11/2008|13:47] C:\Program Files\Movie Maker
[24/12/2008|13:20] C:\Program Files\Mozilla Firefox
[28/10/2008|23:42] C:\Program Files\MSBuild
[28/10/2008|16:31] C:\Program Files\MSN
[28/10/2008|16:32] C:\Program Files\MSN Gaming Zone
[05/11/2008|18:51] C:\Program Files\NetLimiter 2 Pro
[04/11/2008|13:43] C:\Program Files\NetMeeting
[29/10/2008|00:20] C:\Program Files\No-IP
[09/11/2008|10:36] C:\Program Files\NVIDIA Corporation
[28/10/2008|16:32] C:\Program Files\Online Services
[04/11/2008|13:43] C:\Program Files\Outlook Express
[13/11/2008|13:27] C:\Program Files\Realtek
[13/11/2008|21:46] C:\Program Files\Serious Sam 2
[28/10/2008|16:34] C:\Program Files\Services en ligne
[21/12/2008|05:04] C:\Program Files\Steam
[21/11/2008|20:27] C:\Program Files\Steinberg
[18/12/2008|18:51] C:\Program Files\SuperCopier2
[24/12/2008|10:43] C:\Program Files\Trend Micro
[15/11/2008|17:36] C:\Program Files\Ubisoft
[28/10/2008|16:41] C:\Program Files\Uninstall Information
[29/10/2008|00:19] C:\Program Files\Veoh Networks
[13/11/2008|13:27] C:\Program Files\vtplus
[23/12/2008|22:15] C:\Program Files\Way Joy Funk
[13/11/2008|14:33] C:\Program Files\Winamp
[21/12/2008|12:23] C:\Program Files\Windows Live
[28/10/2008|19:35] C:\Program Files\Windows Media Connect 2
[04/11/2008|13:43] C:\Program Files\Windows Media Player
[04/11/2008|13:43] C:\Program Files\Windows NT
[28/10/2008|16:34] C:\Program Files\WindowsUpdate
[28/10/2008|16:46] C:\Program Files\WinRAR
[13/11/2008|13:27] C:\Program Files\WinTV
[28/10/2008|16:36] C:\Program Files\xerox
[03/11/2008|21:33] C:\Program Files\X'nStop 2.5
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[09/11/2008|18:03] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|16:44] C:\Program Files\Fichiers communs\Ahead
[28/10/2008|23:42] C:\Program Files\Fichiers communs\DESIGNER
[18/12/2008|15:58] C:\Program Files\Fichiers communs\InstallShield
[17/11/2008|11:23] C:\Program Files\Fichiers communs\Logishrd
[13/11/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2008|16:33] C:\Program Files\Fichiers communs\MSSoap
[28/10/2008|17:23] C:\Program Files\Fichiers communs\ODBC
[28/10/2008|16:33] C:\Program Files\Fichiers communs\Services
[28/10/2008|17:23] C:\Program Files\Fichiers communs\SpeechEngines
[04/11/2008|13:43] C:\Program Files\Fichiers communs\System
[21/12/2008|12:16] C:\Program Files\Fichiers communs\Windows Live
[29/10/2008|00:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/11/2008|09:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 35 Processes )
IEXPLORE.EXE ~ [PID:4024]
IEXPLORE.EXE ~ [PID:252]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\Olivier\LOCALS~1\Temp\bis643.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\dale site locks.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\globalblah4.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\kqzxyddt.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\MIX EXIT.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\dale site locks.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\globalblah4.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\kqzxyddt.exe
C:\Program Files\wayjoy~1
C:\DOCUME~1\Olivier\LOCALS~1\Temp\DivoCodec.zip
C:\DOCUME~1\Olivier\LOCALS~1\Temp\codec_dv.bmp
C:\DOCUME~1\Olivier\LOCALS~1\Temp\DivoCodec.zip
C:\DOCUME~1\Olivier\LOCALS~1\Temp\nsiF3.tmp
C:\DOCUME~1\Olivier\Cookies\olivier@www.adserver5[1].txt
C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[1].txt
C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[3].txt
C:\DOCUME~1\Olivier\Cookies\olivier@partypoker[1].txt
C:\WINDOWS\Tasks\B40B10179C7C89F3.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\idol the one]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"greatokay"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe"
"greatokay"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 13:23:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:186][D:23]-> C:\DOCUME~1\Olivier\LOCALS~1\Temp
[F:81][D:0]-> C:\DOCUME~1\Olivier\Cookies
[F:932][D:4]-> C:\DOCUME~1\Olivier\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - mer. 24/12/2008|13:24 - Option : [1]
--------------------\\ Fin du rapport a 13:24:56
Merci de ton aide
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 12/12/05 19:01:31 Ver: 08.00.10
USER : Olivier ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:35 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:97 Go (Free:63 Go)
E:\ (Local Disk) - NTFS - Total:146 Go (Free:11 Go)
F:\ (CD or DVD)
H:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( mer. 24/12/2008|13:22 )
--------------------\\ Listing des dossiers dans APPLIC~1
[18/12/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[18/12/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[01/11/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/12/2008|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[16/11/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[13/11/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[18/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/11/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/12/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/12/2008|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[13/11/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[23/12/2008|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
[14/12/2008|03:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[28/10/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/10/2008|16:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/11/2008|18:03] C:\DOCUME~1\Olivier\APPLIC~1\Adobe
[24/12/2008|00:48] C:\DOCUME~1\Olivier\APPLIC~1\BitTorrent
[29/10/2008|00:06] C:\DOCUME~1\Olivier\APPLIC~1\Design Science
[04/12/2008|20:01] C:\DOCUME~1\Olivier\APPLIC~1\DivX
[24/12/2008|11:32] C:\DOCUME~1\Olivier\APPLIC~1\DNA
[16/11/2008|09:59] C:\DOCUME~1\Olivier\APPLIC~1\GetRight
[07/12/2008|16:54] C:\DOCUME~1\Olivier\APPLIC~1\Hamachi
[28/10/2008|16:41] C:\DOCUME~1\Olivier\APPLIC~1\Identities
[13/11/2008|13:22] C:\DOCUME~1\Olivier\APPLIC~1\InstallShield
[09/11/2008|10:37] C:\DOCUME~1\Olivier\APPLIC~1\InterTrust
[03/12/2008|19:05] C:\DOCUME~1\Olivier\APPLIC~1\LimeWire
[03/11/2008|17:35] C:\DOCUME~1\Olivier\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\Olivier\APPLIC~1\Logitech
[28/10/2008|18:29] C:\DOCUME~1\Olivier\APPLIC~1\Macromedia
[18/11/2008|15:16] C:\DOCUME~1\Olivier\APPLIC~1\Malwarebytes
[29/10/2008|14:05] C:\DOCUME~1\Olivier\APPLIC~1\Media Player Classic
[18/12/2008|17:33] C:\DOCUME~1\Olivier\APPLIC~1\Microsoft
[28/10/2008|19:26] C:\DOCUME~1\Olivier\APPLIC~1\Mozilla
[15/11/2008|17:48] C:\DOCUME~1\Olivier\APPLIC~1\SecuROM
[21/11/2008|20:28] C:\DOCUME~1\Olivier\APPLIC~1\Steinberg
[03/11/2008|16:14] C:\DOCUME~1\Olivier\APPLIC~1\Sun
[18/12/2008|18:39] C:\DOCUME~1\Olivier\APPLIC~1\Uniblue
[23/12/2008|22:16] C:\DOCUME~1\Olivier\APPLIC~1\Way Joy Funk
[13/11/2008|14:39] C:\DOCUME~1\Olivier\APPLIC~1\Winamp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/12/2008 13:00][--ah-----] C:\WINDOWS\tasks\B40B10179C7C89F3.job
[24/12/2008 11:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( B40B10179C7C89F3.job )=( c:\docume~1\olivier\applic~1\wayjoy~1\globalblah4.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[09/11/2008|10:37] C:\Program Files\Adobe
[30/10/2008|16:44] C:\Program Files\Ahead
[13/11/2008|13:39] C:\Program Files\ASUS
[18/12/2008|17:35] C:\Program Files\AVG
[03/11/2008|20:28] C:\Program Files\BitTorrent
[16/11/2008|10:04] C:\Program Files\CCleaner
[02/12/2008|16:12] C:\Program Files\Codemasters
[28/10/2008|16:32] C:\Program Files\ComPlus Applications
[28/10/2008|16:51] C:\Program Files\DAEMON Tools
[04/12/2008|19:55] C:\Program Files\DivX
[18/12/2008|17:23] C:\Program Files\DivX ThE LaUncHeR
[22/12/2008|12:22] C:\Program Files\DNA
[01/12/2008|22:15] C:\Program Files\DVD Shrink
[19/12/2008|09:15] C:\Program Files\eMule
[18/12/2008|18:31] C:\Program Files\ESET
[21/12/2008|12:16] C:\Program Files\Fichiers communs
[13/11/2008|14:34] C:\Program Files\Futuremark
[28/10/2008|23:11] C:\Program Files\Gadwin Systems
[22/12/2008|15:02] C:\Program Files\GameSpy Arcade
[16/11/2008|09:59] C:\Program Files\GetRight
[01/12/2008|22:45] C:\Program Files\Hamachi
[28/10/2008|15:03] C:\Program Files\ING
[02/12/2008|16:12] C:\Program Files\InstallShield Installation Information
[13/11/2008|13:48] C:\Program Files\Intel
[11/12/2008|00:12] C:\Program Files\Internet Explorer
[03/12/2008|11:16] C:\Program Files\Java
[28/10/2008|23:59] C:\Program Files\K-Lite Codec Pack
[16/11/2008|09:28] C:\Program Files\Lavasoft
[13/11/2008|13:17] C:\Program Files\ma-config.com
[16/11/2008|10:16] C:\Program Files\MagicISO
[24/12/2008|12:14] C:\Program Files\Malwarebytes' Anti-Malware
[28/10/2008|23:19] C:\Program Files\Marvell
[29/10/2008|00:06] C:\Program Files\MathType
[04/11/2008|14:15] C:\Program Files\Messenger
[03/11/2008|17:23] C:\Program Files\Messenger Plus! Live
[29/11/2008|19:33] C:\Program Files\Microprose
[28/10/2008|16:36] C:\Program Files\microsoft frontpage
[18/12/2008|16:22] C:\Program Files\Microsoft Games
[28/10/2008|23:42] C:\Program Files\Microsoft Office
[28/10/2008|23:42] C:\Program Files\Microsoft Visual Studio
[28/10/2008|23:43] C:\Program Files\Microsoft Works
[04/11/2008|13:47] C:\Program Files\Movie Maker
[24/12/2008|13:20] C:\Program Files\Mozilla Firefox
[28/10/2008|23:42] C:\Program Files\MSBuild
[28/10/2008|16:31] C:\Program Files\MSN
[28/10/2008|16:32] C:\Program Files\MSN Gaming Zone
[05/11/2008|18:51] C:\Program Files\NetLimiter 2 Pro
[04/11/2008|13:43] C:\Program Files\NetMeeting
[29/10/2008|00:20] C:\Program Files\No-IP
[09/11/2008|10:36] C:\Program Files\NVIDIA Corporation
[28/10/2008|16:32] C:\Program Files\Online Services
[04/11/2008|13:43] C:\Program Files\Outlook Express
[13/11/2008|13:27] C:\Program Files\Realtek
[13/11/2008|21:46] C:\Program Files\Serious Sam 2
[28/10/2008|16:34] C:\Program Files\Services en ligne
[21/12/2008|05:04] C:\Program Files\Steam
[21/11/2008|20:27] C:\Program Files\Steinberg
[18/12/2008|18:51] C:\Program Files\SuperCopier2
[24/12/2008|10:43] C:\Program Files\Trend Micro
[15/11/2008|17:36] C:\Program Files\Ubisoft
[28/10/2008|16:41] C:\Program Files\Uninstall Information
[29/10/2008|00:19] C:\Program Files\Veoh Networks
[13/11/2008|13:27] C:\Program Files\vtplus
[23/12/2008|22:15] C:\Program Files\Way Joy Funk
[13/11/2008|14:33] C:\Program Files\Winamp
[21/12/2008|12:23] C:\Program Files\Windows Live
[28/10/2008|19:35] C:\Program Files\Windows Media Connect 2
[04/11/2008|13:43] C:\Program Files\Windows Media Player
[04/11/2008|13:43] C:\Program Files\Windows NT
[28/10/2008|16:34] C:\Program Files\WindowsUpdate
[28/10/2008|16:46] C:\Program Files\WinRAR
[13/11/2008|13:27] C:\Program Files\WinTV
[28/10/2008|16:36] C:\Program Files\xerox
[03/11/2008|21:33] C:\Program Files\X'nStop 2.5
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[09/11/2008|18:03] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|16:44] C:\Program Files\Fichiers communs\Ahead
[28/10/2008|23:42] C:\Program Files\Fichiers communs\DESIGNER
[18/12/2008|15:58] C:\Program Files\Fichiers communs\InstallShield
[17/11/2008|11:23] C:\Program Files\Fichiers communs\Logishrd
[13/11/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2008|16:33] C:\Program Files\Fichiers communs\MSSoap
[28/10/2008|17:23] C:\Program Files\Fichiers communs\ODBC
[28/10/2008|16:33] C:\Program Files\Fichiers communs\Services
[28/10/2008|17:23] C:\Program Files\Fichiers communs\SpeechEngines
[04/11/2008|13:43] C:\Program Files\Fichiers communs\System
[21/12/2008|12:16] C:\Program Files\Fichiers communs\Windows Live
[29/10/2008|00:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/11/2008|09:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 35 Processes )
IEXPLORE.EXE ~ [PID:4024]
IEXPLORE.EXE ~ [PID:252]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\Olivier\LOCALS~1\Temp\bis643.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\dale site locks.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\globalblah4.exe
C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\kqzxyddt.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping\MIX EXIT.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\dale site locks.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\globalblah4.exe
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1\kqzxyddt.exe
C:\Program Files\wayjoy~1
C:\DOCUME~1\Olivier\LOCALS~1\Temp\DivoCodec.zip
C:\DOCUME~1\Olivier\LOCALS~1\Temp\codec_dv.bmp
C:\DOCUME~1\Olivier\LOCALS~1\Temp\DivoCodec.zip
C:\DOCUME~1\Olivier\LOCALS~1\Temp\nsiF3.tmp
C:\DOCUME~1\Olivier\Cookies\olivier@www.adserver5[1].txt
C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[1].txt
C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[3].txt
C:\DOCUME~1\Olivier\Cookies\olivier@partypoker[1].txt
C:\WINDOWS\Tasks\B40B10179C7C89F3.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\idol the one]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"greatokay"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe"
"greatokay"="C:\\DOCUME~1\\Olivier\\APPLIC~1\\WAYJOY~1\\dale site locks.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 13:23:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:186][D:23]-> C:\DOCUME~1\Olivier\LOCALS~1\Temp
[F:81][D:0]-> C:\DOCUME~1\Olivier\Cookies
[F:932][D:4]-> C:\DOCUME~1\Olivier\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - mer. 24/12/2008|13:24 - Option : [1]
--------------------\\ Fin du rapport a 13:24:56
Merci de ton aide
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
24 déc. 2008 à 14:34
24 déc. 2008 à 14:34
re
Relance Lop S&D
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
= 1log hijackthis
Relance Lop S&D
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
= 1log hijackthis
Log de lopsd :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 12/12/05 19:01:31 Ver: 08.00.10
USER : Olivier ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:35 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:97 Go (Free:63 Go)
E:\ (Local Disk) - NTFS - Total:146 Go (Free:11 Go)
F:\ (CD or DVD)
H:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( mer. 24/12/2008|15:39 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[3].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\B40B10179C7C89F3.job
Supprime! - C:\Program Files\wayjoy~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[18/12/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[18/12/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[01/11/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/12/2008|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[16/11/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[13/11/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[18/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/11/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/12/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/12/2008|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[13/11/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[14/12/2008|03:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[28/10/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/10/2008|16:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/11/2008|18:03] C:\DOCUME~1\Olivier\APPLIC~1\Adobe
[24/12/2008|15:38] C:\DOCUME~1\Olivier\APPLIC~1\BitTorrent
[29/10/2008|00:06] C:\DOCUME~1\Olivier\APPLIC~1\Design Science
[04/12/2008|20:01] C:\DOCUME~1\Olivier\APPLIC~1\DivX
[24/12/2008|15:30] C:\DOCUME~1\Olivier\APPLIC~1\DNA
[16/11/2008|09:59] C:\DOCUME~1\Olivier\APPLIC~1\GetRight
[07/12/2008|16:54] C:\DOCUME~1\Olivier\APPLIC~1\Hamachi
[28/10/2008|16:41] C:\DOCUME~1\Olivier\APPLIC~1\Identities
[13/11/2008|13:22] C:\DOCUME~1\Olivier\APPLIC~1\InstallShield
[09/11/2008|10:37] C:\DOCUME~1\Olivier\APPLIC~1\InterTrust
[03/12/2008|19:05] C:\DOCUME~1\Olivier\APPLIC~1\LimeWire
[03/11/2008|17:35] C:\DOCUME~1\Olivier\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\Olivier\APPLIC~1\Logitech
[28/10/2008|18:29] C:\DOCUME~1\Olivier\APPLIC~1\Macromedia
[18/11/2008|15:16] C:\DOCUME~1\Olivier\APPLIC~1\Malwarebytes
[29/10/2008|14:05] C:\DOCUME~1\Olivier\APPLIC~1\Media Player Classic
[18/12/2008|17:33] C:\DOCUME~1\Olivier\APPLIC~1\Microsoft
[28/10/2008|19:26] C:\DOCUME~1\Olivier\APPLIC~1\Mozilla
[15/11/2008|17:48] C:\DOCUME~1\Olivier\APPLIC~1\SecuROM
[21/11/2008|20:28] C:\DOCUME~1\Olivier\APPLIC~1\Steinberg
[03/11/2008|16:14] C:\DOCUME~1\Olivier\APPLIC~1\Sun
[18/12/2008|18:39] C:\DOCUME~1\Olivier\APPLIC~1\Uniblue
[24/12/2008|13:51] C:\DOCUME~1\Olivier\APPLIC~1\Way Joy Funk
[13/11/2008|14:39] C:\DOCUME~1\Olivier\APPLIC~1\Winamp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/12/2008 13:28][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[09/11/2008|10:37] C:\Program Files\Adobe
[30/10/2008|16:44] C:\Program Files\Ahead
[13/11/2008|13:39] C:\Program Files\ASUS
[18/12/2008|17:35] C:\Program Files\AVG
[03/11/2008|20:28] C:\Program Files\BitTorrent
[16/11/2008|10:04] C:\Program Files\CCleaner
[02/12/2008|16:12] C:\Program Files\Codemasters
[28/10/2008|16:32] C:\Program Files\ComPlus Applications
[28/10/2008|16:51] C:\Program Files\DAEMON Tools
[04/12/2008|19:55] C:\Program Files\DivX
[18/12/2008|17:23] C:\Program Files\DivX ThE LaUncHeR
[24/12/2008|13:29] C:\Program Files\DNA
[01/12/2008|22:15] C:\Program Files\DVD Shrink
[19/12/2008|09:15] C:\Program Files\eMule
[18/12/2008|18:31] C:\Program Files\ESET
[21/12/2008|12:16] C:\Program Files\Fichiers communs
[13/11/2008|14:34] C:\Program Files\Futuremark
[28/10/2008|23:11] C:\Program Files\Gadwin Systems
[22/12/2008|15:02] C:\Program Files\GameSpy Arcade
[16/11/2008|09:59] C:\Program Files\GetRight
[01/12/2008|22:45] C:\Program Files\Hamachi
[28/10/2008|15:03] C:\Program Files\ING
[02/12/2008|16:12] C:\Program Files\InstallShield Installation Information
[13/11/2008|13:48] C:\Program Files\Intel
[11/12/2008|00:12] C:\Program Files\Internet Explorer
[03/12/2008|11:16] C:\Program Files\Java
[28/10/2008|23:59] C:\Program Files\K-Lite Codec Pack
[16/11/2008|09:28] C:\Program Files\Lavasoft
[13/11/2008|13:17] C:\Program Files\ma-config.com
[16/11/2008|10:16] C:\Program Files\MagicISO
[24/12/2008|12:14] C:\Program Files\Malwarebytes' Anti-Malware
[28/10/2008|23:19] C:\Program Files\Marvell
[29/10/2008|00:06] C:\Program Files\MathType
[04/11/2008|14:15] C:\Program Files\Messenger
[03/11/2008|17:23] C:\Program Files\Messenger Plus! Live
[29/11/2008|19:33] C:\Program Files\Microprose
[28/10/2008|16:36] C:\Program Files\microsoft frontpage
[18/12/2008|16:22] C:\Program Files\Microsoft Games
[28/10/2008|23:42] C:\Program Files\Microsoft Office
[28/10/2008|23:42] C:\Program Files\Microsoft Visual Studio
[28/10/2008|23:43] C:\Program Files\Microsoft Works
[04/11/2008|13:47] C:\Program Files\Movie Maker
[24/12/2008|15:38] C:\Program Files\Mozilla Firefox
[28/10/2008|23:42] C:\Program Files\MSBuild
[28/10/2008|16:31] C:\Program Files\MSN
[28/10/2008|16:32] C:\Program Files\MSN Gaming Zone
[05/11/2008|18:51] C:\Program Files\NetLimiter 2 Pro
[04/11/2008|13:43] C:\Program Files\NetMeeting
[29/10/2008|00:20] C:\Program Files\No-IP
[09/11/2008|10:36] C:\Program Files\NVIDIA Corporation
[28/10/2008|16:32] C:\Program Files\Online Services
[04/11/2008|13:43] C:\Program Files\Outlook Express
[13/11/2008|13:27] C:\Program Files\Realtek
[13/11/2008|21:46] C:\Program Files\Serious Sam 2
[28/10/2008|16:34] C:\Program Files\Services en ligne
[24/12/2008|13:30] C:\Program Files\Steam
[21/11/2008|20:27] C:\Program Files\Steinberg
[18/12/2008|18:51] C:\Program Files\SuperCopier2
[24/12/2008|10:43] C:\Program Files\Trend Micro
[15/11/2008|17:36] C:\Program Files\Ubisoft
[28/10/2008|16:41] C:\Program Files\Uninstall Information
[29/10/2008|00:19] C:\Program Files\Veoh Networks
[13/11/2008|13:27] C:\Program Files\vtplus
[13/11/2008|14:33] C:\Program Files\Winamp
[21/12/2008|12:23] C:\Program Files\Windows Live
[28/10/2008|19:35] C:\Program Files\Windows Media Connect 2
[04/11/2008|13:43] C:\Program Files\Windows Media Player
[04/11/2008|13:43] C:\Program Files\Windows NT
[28/10/2008|16:34] C:\Program Files\WindowsUpdate
[28/10/2008|16:46] C:\Program Files\WinRAR
[13/11/2008|13:27] C:\Program Files\WinTV
[28/10/2008|16:36] C:\Program Files\xerox
[03/11/2008|21:33] C:\Program Files\X'nStop 2.5
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[09/11/2008|18:03] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|16:44] C:\Program Files\Fichiers communs\Ahead
[28/10/2008|23:42] C:\Program Files\Fichiers communs\DESIGNER
[18/12/2008|15:58] C:\Program Files\Fichiers communs\InstallShield
[17/11/2008|11:23] C:\Program Files\Fichiers communs\Logishrd
[13/11/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2008|16:33] C:\Program Files\Fichiers communs\MSSoap
[28/10/2008|17:23] C:\Program Files\Fichiers communs\ODBC
[28/10/2008|16:33] C:\Program Files\Fichiers communs\Services
[28/10/2008|17:23] C:\Program Files\Fichiers communs\SpeechEngines
[04/11/2008|13:43] C:\Program Files\Fichiers communs\System
[21/12/2008|12:16] C:\Program Files\Fichiers communs\Windows Live
[29/10/2008|00:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/11/2008|09:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 48 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 15:40:55
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:15][D:1]-> C:\DOCUME~1\Olivier\LOCALS~1\Temp
[F:77][D:0]-> C:\DOCUME~1\Olivier\Cookies
[F:977][D:4]-> C:\DOCUME~1\Olivier\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - mer. 24/12/2008|13:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - mer. 24/12/2008|13:45 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - mer. 24/12/2008|15:42 - Option : [2]
--------------------\\ Fin du rapport a 15:42:19
Log de hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:15, on 24/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\program files\steam\steam.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : BIOS Date: 12/12/05 19:01:31 Ver: 08.00.10
USER : Olivier ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:35 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:97 Go (Free:63 Go)
E:\ (Local Disk) - NTFS - Total:146 Go (Free:11 Go)
F:\ (CD or DVD)
H:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( mer. 24/12/2008|15:39 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@adopt.euroclick[3].txt
Supprime! - C:\DOCUME~1\Olivier\Cookies\olivier@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\B40B10179C7C89F3.job
Supprime! - C:\Program Files\wayjoy~1
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[18/12/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[18/12/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[01/11/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/12/2008|22:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[16/11/2008|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03/11/2008|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[13/11/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[18/11/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/11/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[21/12/2008|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/12/2008|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[13/11/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[14/12/2008|03:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[28/10/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/10/2008|16:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/12/2008|17:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/11/2008|18:03] C:\DOCUME~1\Olivier\APPLIC~1\Adobe
[24/12/2008|15:38] C:\DOCUME~1\Olivier\APPLIC~1\BitTorrent
[29/10/2008|00:06] C:\DOCUME~1\Olivier\APPLIC~1\Design Science
[04/12/2008|20:01] C:\DOCUME~1\Olivier\APPLIC~1\DivX
[24/12/2008|15:30] C:\DOCUME~1\Olivier\APPLIC~1\DNA
[16/11/2008|09:59] C:\DOCUME~1\Olivier\APPLIC~1\GetRight
[07/12/2008|16:54] C:\DOCUME~1\Olivier\APPLIC~1\Hamachi
[28/10/2008|16:41] C:\DOCUME~1\Olivier\APPLIC~1\Identities
[13/11/2008|13:22] C:\DOCUME~1\Olivier\APPLIC~1\InstallShield
[09/11/2008|10:37] C:\DOCUME~1\Olivier\APPLIC~1\InterTrust
[03/12/2008|19:05] C:\DOCUME~1\Olivier\APPLIC~1\LimeWire
[03/11/2008|17:35] C:\DOCUME~1\Olivier\APPLIC~1\Locktime
[13/11/2008|13:50] C:\DOCUME~1\Olivier\APPLIC~1\Logitech
[28/10/2008|18:29] C:\DOCUME~1\Olivier\APPLIC~1\Macromedia
[18/11/2008|15:16] C:\DOCUME~1\Olivier\APPLIC~1\Malwarebytes
[29/10/2008|14:05] C:\DOCUME~1\Olivier\APPLIC~1\Media Player Classic
[18/12/2008|17:33] C:\DOCUME~1\Olivier\APPLIC~1\Microsoft
[28/10/2008|19:26] C:\DOCUME~1\Olivier\APPLIC~1\Mozilla
[15/11/2008|17:48] C:\DOCUME~1\Olivier\APPLIC~1\SecuROM
[21/11/2008|20:28] C:\DOCUME~1\Olivier\APPLIC~1\Steinberg
[03/11/2008|16:14] C:\DOCUME~1\Olivier\APPLIC~1\Sun
[18/12/2008|18:39] C:\DOCUME~1\Olivier\APPLIC~1\Uniblue
[24/12/2008|13:51] C:\DOCUME~1\Olivier\APPLIC~1\Way Joy Funk
[13/11/2008|14:39] C:\DOCUME~1\Olivier\APPLIC~1\Winamp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/12/2008 13:28][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[09/11/2008|10:37] C:\Program Files\Adobe
[30/10/2008|16:44] C:\Program Files\Ahead
[13/11/2008|13:39] C:\Program Files\ASUS
[18/12/2008|17:35] C:\Program Files\AVG
[03/11/2008|20:28] C:\Program Files\BitTorrent
[16/11/2008|10:04] C:\Program Files\CCleaner
[02/12/2008|16:12] C:\Program Files\Codemasters
[28/10/2008|16:32] C:\Program Files\ComPlus Applications
[28/10/2008|16:51] C:\Program Files\DAEMON Tools
[04/12/2008|19:55] C:\Program Files\DivX
[18/12/2008|17:23] C:\Program Files\DivX ThE LaUncHeR
[24/12/2008|13:29] C:\Program Files\DNA
[01/12/2008|22:15] C:\Program Files\DVD Shrink
[19/12/2008|09:15] C:\Program Files\eMule
[18/12/2008|18:31] C:\Program Files\ESET
[21/12/2008|12:16] C:\Program Files\Fichiers communs
[13/11/2008|14:34] C:\Program Files\Futuremark
[28/10/2008|23:11] C:\Program Files\Gadwin Systems
[22/12/2008|15:02] C:\Program Files\GameSpy Arcade
[16/11/2008|09:59] C:\Program Files\GetRight
[01/12/2008|22:45] C:\Program Files\Hamachi
[28/10/2008|15:03] C:\Program Files\ING
[02/12/2008|16:12] C:\Program Files\InstallShield Installation Information
[13/11/2008|13:48] C:\Program Files\Intel
[11/12/2008|00:12] C:\Program Files\Internet Explorer
[03/12/2008|11:16] C:\Program Files\Java
[28/10/2008|23:59] C:\Program Files\K-Lite Codec Pack
[16/11/2008|09:28] C:\Program Files\Lavasoft
[13/11/2008|13:17] C:\Program Files\ma-config.com
[16/11/2008|10:16] C:\Program Files\MagicISO
[24/12/2008|12:14] C:\Program Files\Malwarebytes' Anti-Malware
[28/10/2008|23:19] C:\Program Files\Marvell
[29/10/2008|00:06] C:\Program Files\MathType
[04/11/2008|14:15] C:\Program Files\Messenger
[03/11/2008|17:23] C:\Program Files\Messenger Plus! Live
[29/11/2008|19:33] C:\Program Files\Microprose
[28/10/2008|16:36] C:\Program Files\microsoft frontpage
[18/12/2008|16:22] C:\Program Files\Microsoft Games
[28/10/2008|23:42] C:\Program Files\Microsoft Office
[28/10/2008|23:42] C:\Program Files\Microsoft Visual Studio
[28/10/2008|23:43] C:\Program Files\Microsoft Works
[04/11/2008|13:47] C:\Program Files\Movie Maker
[24/12/2008|15:38] C:\Program Files\Mozilla Firefox
[28/10/2008|23:42] C:\Program Files\MSBuild
[28/10/2008|16:31] C:\Program Files\MSN
[28/10/2008|16:32] C:\Program Files\MSN Gaming Zone
[05/11/2008|18:51] C:\Program Files\NetLimiter 2 Pro
[04/11/2008|13:43] C:\Program Files\NetMeeting
[29/10/2008|00:20] C:\Program Files\No-IP
[09/11/2008|10:36] C:\Program Files\NVIDIA Corporation
[28/10/2008|16:32] C:\Program Files\Online Services
[04/11/2008|13:43] C:\Program Files\Outlook Express
[13/11/2008|13:27] C:\Program Files\Realtek
[13/11/2008|21:46] C:\Program Files\Serious Sam 2
[28/10/2008|16:34] C:\Program Files\Services en ligne
[24/12/2008|13:30] C:\Program Files\Steam
[21/11/2008|20:27] C:\Program Files\Steinberg
[18/12/2008|18:51] C:\Program Files\SuperCopier2
[24/12/2008|10:43] C:\Program Files\Trend Micro
[15/11/2008|17:36] C:\Program Files\Ubisoft
[28/10/2008|16:41] C:\Program Files\Uninstall Information
[29/10/2008|00:19] C:\Program Files\Veoh Networks
[13/11/2008|13:27] C:\Program Files\vtplus
[13/11/2008|14:33] C:\Program Files\Winamp
[21/12/2008|12:23] C:\Program Files\Windows Live
[28/10/2008|19:35] C:\Program Files\Windows Media Connect 2
[04/11/2008|13:43] C:\Program Files\Windows Media Player
[04/11/2008|13:43] C:\Program Files\Windows NT
[28/10/2008|16:34] C:\Program Files\WindowsUpdate
[28/10/2008|16:46] C:\Program Files\WinRAR
[13/11/2008|13:27] C:\Program Files\WinTV
[28/10/2008|16:36] C:\Program Files\xerox
[03/11/2008|21:33] C:\Program Files\X'nStop 2.5
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[09/11/2008|18:03] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|16:44] C:\Program Files\Fichiers communs\Ahead
[28/10/2008|23:42] C:\Program Files\Fichiers communs\DESIGNER
[18/12/2008|15:58] C:\Program Files\Fichiers communs\InstallShield
[17/11/2008|11:23] C:\Program Files\Fichiers communs\Logishrd
[13/11/2008|13:50] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2008|16:33] C:\Program Files\Fichiers communs\MSSoap
[28/10/2008|17:23] C:\Program Files\Fichiers communs\ODBC
[28/10/2008|16:33] C:\Program Files\Fichiers communs\Services
[28/10/2008|17:23] C:\Program Files\Fichiers communs\SpeechEngines
[04/11/2008|13:43] C:\Program Files\Fichiers communs\System
[21/12/2008|12:16] C:\Program Files\Fichiers communs\Windows Live
[29/10/2008|00:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/11/2008|09:27] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 48 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Olivier\APPLIC~1\wayjoy~1
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-24 15:40:55
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:15][D:1]-> C:\DOCUME~1\Olivier\LOCALS~1\Temp
[F:77][D:0]-> C:\DOCUME~1\Olivier\Cookies
[F:977][D:4]-> C:\DOCUME~1\Olivier\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - mer. 24/12/2008|13:24 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - mer. 24/12/2008|13:45 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - mer. 24/12/2008|15:42 - Option : [2]
--------------------\\ Fin du rapport a 15:42:19
Log de hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:15, on 24/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\program files\steam\steam.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
24 déc. 2008 à 11:50
je pense avoir suivi la méthode c est à dire ouvrir hijackthis selectionner : " do a system scan and save a logfiles"
ce que j ai fait puis ja i fait un copier coller .
Je viens de le refaire mais c est le mm tel quel
Si je fais quelque chose qui ne va pas dis moi ....
24 déc. 2008 à 11:53
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:11, on 24/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\MIX EXIT.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [greatokay] C:\DOCUME~1\Olivier\APPLIC~1\WAYJOY~1\dale site locks.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
24 déc. 2008 à 12:01
24 déc. 2008 à 12:05
1) pas mal de fichier qui se rajoute un peu partout dans c:/
2) ma page de demarrage avait change !
3) msvbvm60.dll avait disparu j ai du le retelecharger
4) quand je fais un scan avg i bug et sarret aussi sec
Pourtant j ai un antivirus (avg 2008), un firewall mais j l active po svt ..., et je fais regulierment des scan avec adware
Enfin je pense bien etre virusse de tte part !
24 déc. 2008 à 12:06
http://html3.usagc.org/step1landing_fra.html?afk=AdPePMBEfra
merci de ton aide