Virus
Corb-val
Messages postés
8
Statut
Membre
-
Corb-val Messages postés 8 Statut Membre -
Corb-val Messages postés 8 Statut Membre -
Bonjour,
Je refais un nouveau post, J'ai chopé un virus nettoyé par Antivir mais mon pc reste lent et j'ai toujours des fenêtres de pub qui s'ouvrent intempestivement.
J'ai déjà passé ccleaner, spybot est bloqué et je n'arrive pas à le faire fonctionner. Je l'ai désinstallé et réinstallé mais c'est toujours pareil. J'ai installer Malwarebyte mais il ne fonctionne pas même en mode sans échec. Voici le rapport Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:08, on 29/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://meteofrance.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {D5BF49A2-94F1-42BD-F434-3604812C807D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Scanner Detector.lnk = C:\Program Files\Microtek ScanSuite\SDetect.exe
O4 - Global Startup: Ulead Acquire Fast.lnk = C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O22 - SharedTaskScheduler: FGYbf743iujndsfAfsdfd - {D5BF49A2-94F1-42BD-F434-3604812C807D} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Je refais un nouveau post, J'ai chopé un virus nettoyé par Antivir mais mon pc reste lent et j'ai toujours des fenêtres de pub qui s'ouvrent intempestivement.
J'ai déjà passé ccleaner, spybot est bloqué et je n'arrive pas à le faire fonctionner. Je l'ai désinstallé et réinstallé mais c'est toujours pareil. J'ai installer Malwarebyte mais il ne fonctionne pas même en mode sans échec. Voici le rapport Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:08, on 29/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://meteofrance.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {D5BF49A2-94F1-42BD-F434-3604812C807D} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Scanner Detector.lnk = C:\Program Files\Microtek ScanSuite\SDetect.exe
O4 - Global Startup: Ulead Acquire Fast.lnk = C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O22 - SharedTaskScheduler: FGYbf743iujndsfAfsdfd - {D5BF49A2-94F1-42BD-F434-3604812C807D} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:
- Virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
2 réponses
slt tu as le rapport antivir? colle le
sinon il faudra mettre a jour java, internet explorer avec la version 7
__________________
télécharger sur le bureau
Navilog.zip
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1
un rapport : fixnavi.txt dans C : va se creer
le copier/coller dans ton prochain message.
sinon il faudra mettre a jour java, internet explorer avec la version 7
__________________
télécharger sur le bureau
Navilog.zip
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1
un rapport : fixnavi.txt dans C : va se creer
le copier/coller dans ton prochain message.
ok pour internet explorer on essaiera apres
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
voici le rapport.
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Default System BIOS
USER : Nael ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:13 Go)
D:\ (Local Disk) - NTFS - Total:58 Go (Free:4 Go)
E:\ (Local Disk) - NTFS - Total:94 Go (Free:78 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB) - FAT32 - Total:8089 Mo (Free:5 Go)
I:\ (USB) - FAT32 - Total:3921 Mo (Free:2 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 31/12/2008|11:38 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/12/2008|09:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/11/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/10/2008|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2008|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[12/08/2008|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/02/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[18/12/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/03/2007|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast Locks Debug Kind
[18/12/2008|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CrucialSoft Ltd
[04/03/2006|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/03/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[16/06/2006|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/09/2006|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/10/2006|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/12/2008|08:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[28/12/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/12/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/03/2006|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[19/12/2008|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/12/2008|09:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/04/2006|08:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[10/03/2006|11:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/11/2007|15:26] C:\DOCUME~1\Nael\APPLIC~1\Adobe
[16/05/2008|07:15] C:\DOCUME~1\Nael\APPLIC~1\AdobeUM
[22/06/2006|22:00] C:\DOCUME~1\Nael\APPLIC~1\Ahead
[19/12/2008|07:42] C:\DOCUME~1\Nael\APPLIC~1\Apple Computer
[19/01/2008|14:39] C:\DOCUME~1\Nael\APPLIC~1\ArcSoft
[11/11/2007|18:03] C:\DOCUME~1\Nael\APPLIC~1\Autodesk
[18/04/2006|08:25] C:\DOCUME~1\Nael\APPLIC~1\Caere
[28/06/2006|16:28] C:\DOCUME~1\Nael\APPLIC~1\CyberLink
[11/03/2006|09:41] C:\DOCUME~1\Nael\APPLIC~1\DassaultSystemes
[11/03/2006|16:48] C:\DOCUME~1\Nael\APPLIC~1\DeepBurner
[05/02/2007|14:03] C:\DOCUME~1\Nael\APPLIC~1\DivX
[07/12/2008|15:49] C:\DOCUME~1\Nael\APPLIC~1\dvdcss
[15/09/2006|06:50] C:\DOCUME~1\Nael\APPLIC~1\Google
[02/03/2007|08:46] C:\DOCUME~1\Nael\APPLIC~1\GreatBindDead
[23/03/2006|16:38] C:\DOCUME~1\Nael\APPLIC~1\Help
[31/03/2006|07:49] C:\DOCUME~1\Nael\APPLIC~1\Identities
[19/09/2007|20:29] C:\DOCUME~1\Nael\APPLIC~1\InstallShield
[20/01/2007|10:25] C:\DOCUME~1\Nael\APPLIC~1\Jasc Software Inc
[28/12/2008|10:53] C:\DOCUME~1\Nael\APPLIC~1\Kptic
[30/05/2006|17:06] C:\DOCUME~1\Nael\APPLIC~1\Leadertech
[10/03/2006|08:51] C:\DOCUME~1\Nael\APPLIC~1\Macromedia
[01/02/2008|10:50] C:\DOCUME~1\Nael\APPLIC~1\Microsoft
[03/01/2008|13:54] C:\DOCUME~1\Nael\APPLIC~1\Mindscape
[31/08/2008|09:09] C:\DOCUME~1\Nael\APPLIC~1\Mozilla
[16/12/2008|21:24] C:\DOCUME~1\Nael\APPLIC~1\OpenOffice.org2
[21/09/2007|09:57] C:\DOCUME~1\Nael\APPLIC~1\Panasonic
[06/01/2008|19:04] C:\DOCUME~1\Nael\APPLIC~1\Petroglyph
[10/03/2006|11:11] C:\DOCUME~1\Nael\APPLIC~1\Real
[30/12/2007|10:14] C:\DOCUME~1\Nael\APPLIC~1\SecuROM
[01/08/2006|19:36] C:\DOCUME~1\Nael\APPLIC~1\SendPix
[08/05/2007|07:46] C:\DOCUME~1\Nael\APPLIC~1\Sun
[11/05/2008|10:45] C:\DOCUME~1\Nael\APPLIC~1\TaoUSign
[04/08/2007|09:06] C:\DOCUME~1\Nael\APPLIC~1\vlc
[06/01/2008|11:55] C:\DOCUME~1\Nael\APPLIC~1\Xfire
[10/03/2006|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[11/12/2008 12:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[31/12/2008 10:00][--ah-----] C:\WINDOWS\tasks\A66A1CA891C19C1C.job
[31/12/2008 11:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A66A1CA891C19C1C.job )=( c:\docume~1\nael\applic~1\greatb~1\cakemagssize.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[15/10/2008|15:07] C:\Program Files\Adobe
[22/06/2006|21:54] C:\Program Files\Ahead
[11/11/2007|18:04] C:\Program Files\AnswerWorks 4.0
[12/08/2008|20:10] C:\Program Files\Apple Software Update
[19/09/2007|20:34] C:\Program Files\ArcSoft
[30/09/2006|15:23] C:\Program Files\Astonsoft
[11/11/2007|18:06] C:\Program Files\AutoCAD 2004
[11/11/2007|18:05] C:\Program Files\Autodesk
[18/12/2008|19:55] C:\Program Files\Avira
[19/12/2006|08:40] C:\Program Files\Axis Communications
[10/03/2006|07:51] C:\Program Files\BeWAN ADSL V1.9.0.3
[20/01/2007|15:39] C:\Program Files\BitDownload
[23/09/2008|16:24] C:\Program Files\Bonjour
[17/12/2008|08:22] C:\Program Files\Bureau_Veritas_Conditions
[18/04/2006|08:22] C:\Program Files\Caere
[30/07/2006|11:13] C:\Program Files\CCleaner
[10/09/2006|18:18] C:\Program Files\CDBurnerXP Pro 3
[03/01/2008|15:26] C:\Program Files\Cryo
[04/03/2006|17:44] C:\Program Files\CyberLink
[05/03/2007|18:51] C:\Program Files\Dassault Systemes
[16/10/2008|13:14] C:\Program Files\DivX
[16/06/2006|20:00] C:\Program Files\DVD Decrypter
[16/06/2006|20:31] C:\Program Files\DVD Shrink
[03/01/2008|16:20] C:\Program Files\EA Games
[18/12/2006|18:15] C:\Program Files\Electronic Arts
[16/10/2008|16:41] C:\Program Files\Empire Interactive
[19/12/2008|14:52] C:\Program Files\eMule
[01/09/2006|19:22] C:\Program Files\EPSON
[19/12/2008|08:17] C:\Program Files\Fichiers communs
[31/12/2008|08:48] C:\Program Files\FindyKill
[06/01/2008|12:25] C:\Program Files\GameSpy Arcade
[19/02/2007|11:42] C:\Program Files\Google
[29/12/2008|08:57] C:\Program Files\Grisoft
[16/10/2008|16:41] C:\Program Files\InstallShield Installation Information
[18/10/2007|13:44] C:\Program Files\InterActual
[19/12/2008|09:57] C:\Program Files\Internet Explorer
[20/11/2008|13:09] C:\Program Files\iPod
[20/11/2008|13:09] C:\Program Files\iTunes
[20/01/2007|10:25] C:\Program Files\Jasc Software Inc
[31/12/2008|10:39] C:\Program Files\Java
[30/09/2006|15:20] C:\Program Files\Kazaa
[19/12/2008|08:18] C:\Program Files\Lavasoft
[12/03/2008|08:14] C:\Program Files\Les Cahiers Maritimes
[19/05/2008|18:23] C:\Program Files\LucasArts
[28/12/2008|20:40] C:\Program Files\Malwarebytes' Anti-Malware
[30/12/2007|09:41] C:\Program Files\Maxis
[10/03/2006|09:52] C:\Program Files\Microsoft AutoRoute
[10/03/2006|09:50] C:\Program Files\Microsoft Encarta
[04/03/2006|16:10] C:\Program Files\microsoft frontpage
[02/01/2008|19:08] C:\Program Files\Microsoft Games
[10/03/2006|11:43] C:\Program Files\Microsoft Money
[13/01/2007|16:16] C:\Program Files\Microsoft Money 2005
[23/01/2008|08:59] C:\Program Files\Microsoft Office
[02/12/2006|11:36] C:\Program Files\Microsoft Works
[10/03/2006|09:44] C:\Program Files\Microsoft Works Suite 2002
[23/01/2008|08:59] C:\Program Files\Microsoft.NET
[28/03/2006|18:11] C:\Program Files\Microtek ScanSuite
[04/03/2006|16:31] C:\Program Files\Movie Maker
[31/12/2008|11:04] C:\Program Files\Mozilla Firefox
[01/02/2008|10:48] C:\Program Files\MP3 Player Utilities 4.18
[04/03/2006|16:06] C:\Program Files\MSN Gaming Zone
[02/01/2008|19:42] C:\Program Files\MSXML 4.0
[31/12/2008|09:05] C:\Program Files\Navilog1
[28/12/2008|10:51] C:\Program Files\Neonumeric
[22/06/2006|21:56] C:\Program Files\Nero
[04/03/2006|16:30] C:\Program Files\NetMeeting
[19/08/2006|09:03] C:\Program Files\Neuf
[19/08/2006|08:53] C:\Program Files\neuf telecom
[05/09/2007|16:44] C:\Program Files\OpenOffice.org 2.0
[05/09/2007|16:45] C:\Program Files\OpenOffice.org 2.2
[13/04/2006|07:40] C:\Program Files\Outlook Express
[26/03/2008|18:36] C:\Program Files\Packlang - Big Challenge 2006
[19/09/2007|20:30] C:\Program Files\Panasonic
[28/12/2008|14:50] C:\Program Files\Panda Security
[21/03/2007|08:36] C:\Program Files\PhotoBox
[23/09/2008|16:29] C:\Program Files\QuickTime
[01/09/2006|18:05] C:\Program Files\Rainbow Technologies
[10/03/2006|11:07] C:\Program Files\Real
[23/03/2006|16:33] C:\Program Files\Recognita Standard OCR 3.2
[20/11/2008|12:57] C:\Program Files\Safari
[04/03/2006|16:06] C:\Program Files\Services en ligne
[06/01/2008|12:23] C:\Program Files\Sony
[19/12/2008|18:15] C:\Program Files\Spybot - Search & Destroy
[27/01/2007|10:48] C:\Program Files\SSC Service Utility
[30/09/2006|14:17] C:\Program Files\Star Downloader
[06/01/2008|12:30] C:\Program Files\StarWarsGalaxies
[17/06/2006|06:51] C:\Program Files\SystemDoctor 2006 Free
[28/12/2008|16:42] C:\Program Files\Trend Micro
[15/04/2006|08:14] C:\Program Files\Ulead PhotoImpact SE
[23/03/2006|16:38] C:\Program Files\Ulead Systems
[03/11/2008|19:23] C:\Program Files\UltimateZip 2007
[10/09/2006|19:15] C:\Program Files\Uninstall Information
[17/12/2008|08:22] C:\Program Files\VeriSTAR Stability
[04/08/2007|09:04] C:\Program Files\VideoLAN
[18/12/2008|19:31] C:\Program Files\Vilma
[28/12/2008|14:44] C:\Program Files\VintaSoft
[06/10/2008|17:40] C:\Program Files\Virtual Skipper 4
[13/03/2006|17:15] C:\Program Files\WinAce
[07/06/2007|04:50] C:\Program Files\WinArgos
[27/01/2007|17:24] C:\Program Files\Windows Media Connect 2
[27/01/2007|17:24] C:\Program Files\Windows Media Player
[04/03/2006|16:30] C:\Program Files\Windows NT
[04/03/2006|16:06] C:\Program Files\WindowsUpdate
[13/03/2006|18:18] C:\Program Files\WinIso 5.3 FR
[03/10/2006|19:29] C:\Program Files\WinZip
[04/03/2006|16:10] C:\Program Files\xerox
[06/01/2008|11:55] C:\Program Files\Xfire
[21/03/2007|08:49] C:\Program Files\Yahoo!
[21/12/2006|08:07] C:\Program Files\Zapu
[03/10/2006|19:40] C:\Program Files\ZipCentral
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/10/2008|15:07] C:\Program Files\Fichiers communs\Adobe
[22/06/2006|21:56] C:\Program Files\Fichiers communs\Ahead
[12/08/2008|10:48] C:\Program Files\Fichiers communs\Apple
[19/09/2007|20:36] C:\Program Files\Fichiers communs\ArcSoft
[11/11/2007|18:04] C:\Program Files\Fichiers communs\Autodesk Shared
[18/04/2006|08:23] C:\Program Files\Fichiers communs\Caere
[10/09/2006|19:14] C:\Program Files\Fichiers communs\DESIGNER
[01/09/2006|19:23] C:\Program Files\Fichiers communs\EPSON
[18/12/2006|18:15] C:\Program Files\Fichiers communs\InstallShield
[20/01/2007|10:25] C:\Program Files\Fichiers communs\Jasc Software Inc
[08/05/2007|07:57] C:\Program Files\Fichiers communs\Java
[11/11/2007|18:05] C:\Program Files\Fichiers communs\Macrovision Shared
[03/10/2007|10:54] C:\Program Files\Fichiers communs\Microsoft Shared
[04/03/2006|16:07] C:\Program Files\Fichiers communs\MSSoap
[04/03/2006|15:50] C:\Program Files\Fichiers communs\ODBC
[08/11/2007|18:41] C:\Program Files\Fichiers communs\Real
[04/03/2006|16:07] C:\Program Files\Fichiers communs\Services
[04/03/2006|15:50] C:\Program Files\Fichiers communs\SpeechEngines
[23/01/2008|08:58] C:\Program Files\Fichiers communs\System
[19/12/2008|08:17] C:\Program Files\Fichiers communs\Wise Installation Wizard
[08/11/2007|18:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\Nael\APPLIC~1\GREATB~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Nael\APPLIC~1\greatb~1
C:\Program Files\BitDownload
C:\Program Files\BitDownload\ZM
C:\WINDOWS\Tasks\A66A1CA891C19C1C.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Skip bolt bin]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Nael\\APPLIC~1\\GREATB~1\\funk camp.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
--------------------\\ ROGUES ..
C:\PROGRA~1\SystemDoctor 2006 Free
[F:9][D:3]-> C:\DOCUME~1\Nael\LOCALS~1\Temp
[F:18][D:0]-> C:\DOCUME~1\Nael\Cookies
[F:99][D:6]-> C:\DOCUME~1\Nael\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 31/12/2008|11:43 - Option : [1]
--------------------\\ Fin du rapport a 11:43:38
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Default System BIOS
USER : Nael ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:13 Go)
D:\ (Local Disk) - NTFS - Total:58 Go (Free:4 Go)
E:\ (Local Disk) - NTFS - Total:94 Go (Free:78 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB) - FAT32 - Total:8089 Mo (Free:5 Go)
I:\ (USB) - FAT32 - Total:3921 Mo (Free:2 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 31/12/2008|11:38 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/12/2008|09:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[20/11/2008|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/10/2008|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2008|10:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[12/08/2008|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/02/2007|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[18/12/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/03/2007|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast Locks Debug Kind
[18/12/2008|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CrucialSoft Ltd
[04/03/2006|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[05/03/2007|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[16/06/2006|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[01/09/2006|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/10/2006|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/12/2008|08:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[28/12/2008|17:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/12/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/03/2006|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[19/12/2008|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/12/2008|09:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/04/2006|08:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help
[10/03/2006|11:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/11/2007|15:26] C:\DOCUME~1\Nael\APPLIC~1\Adobe
[16/05/2008|07:15] C:\DOCUME~1\Nael\APPLIC~1\AdobeUM
[22/06/2006|22:00] C:\DOCUME~1\Nael\APPLIC~1\Ahead
[19/12/2008|07:42] C:\DOCUME~1\Nael\APPLIC~1\Apple Computer
[19/01/2008|14:39] C:\DOCUME~1\Nael\APPLIC~1\ArcSoft
[11/11/2007|18:03] C:\DOCUME~1\Nael\APPLIC~1\Autodesk
[18/04/2006|08:25] C:\DOCUME~1\Nael\APPLIC~1\Caere
[28/06/2006|16:28] C:\DOCUME~1\Nael\APPLIC~1\CyberLink
[11/03/2006|09:41] C:\DOCUME~1\Nael\APPLIC~1\DassaultSystemes
[11/03/2006|16:48] C:\DOCUME~1\Nael\APPLIC~1\DeepBurner
[05/02/2007|14:03] C:\DOCUME~1\Nael\APPLIC~1\DivX
[07/12/2008|15:49] C:\DOCUME~1\Nael\APPLIC~1\dvdcss
[15/09/2006|06:50] C:\DOCUME~1\Nael\APPLIC~1\Google
[02/03/2007|08:46] C:\DOCUME~1\Nael\APPLIC~1\GreatBindDead
[23/03/2006|16:38] C:\DOCUME~1\Nael\APPLIC~1\Help
[31/03/2006|07:49] C:\DOCUME~1\Nael\APPLIC~1\Identities
[19/09/2007|20:29] C:\DOCUME~1\Nael\APPLIC~1\InstallShield
[20/01/2007|10:25] C:\DOCUME~1\Nael\APPLIC~1\Jasc Software Inc
[28/12/2008|10:53] C:\DOCUME~1\Nael\APPLIC~1\Kptic
[30/05/2006|17:06] C:\DOCUME~1\Nael\APPLIC~1\Leadertech
[10/03/2006|08:51] C:\DOCUME~1\Nael\APPLIC~1\Macromedia
[01/02/2008|10:50] C:\DOCUME~1\Nael\APPLIC~1\Microsoft
[03/01/2008|13:54] C:\DOCUME~1\Nael\APPLIC~1\Mindscape
[31/08/2008|09:09] C:\DOCUME~1\Nael\APPLIC~1\Mozilla
[16/12/2008|21:24] C:\DOCUME~1\Nael\APPLIC~1\OpenOffice.org2
[21/09/2007|09:57] C:\DOCUME~1\Nael\APPLIC~1\Panasonic
[06/01/2008|19:04] C:\DOCUME~1\Nael\APPLIC~1\Petroglyph
[10/03/2006|11:11] C:\DOCUME~1\Nael\APPLIC~1\Real
[30/12/2007|10:14] C:\DOCUME~1\Nael\APPLIC~1\SecuROM
[01/08/2006|19:36] C:\DOCUME~1\Nael\APPLIC~1\SendPix
[08/05/2007|07:46] C:\DOCUME~1\Nael\APPLIC~1\Sun
[11/05/2008|10:45] C:\DOCUME~1\Nael\APPLIC~1\TaoUSign
[04/08/2007|09:06] C:\DOCUME~1\Nael\APPLIC~1\vlc
[06/01/2008|11:55] C:\DOCUME~1\Nael\APPLIC~1\Xfire
[10/03/2006|11:31] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[11/12/2008 12:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[31/12/2008 10:00][--ah-----] C:\WINDOWS\tasks\A66A1CA891C19C1C.job
[31/12/2008 11:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A66A1CA891C19C1C.job )=( c:\docume~1\nael\applic~1\greatb~1\cakemagssize.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[15/10/2008|15:07] C:\Program Files\Adobe
[22/06/2006|21:54] C:\Program Files\Ahead
[11/11/2007|18:04] C:\Program Files\AnswerWorks 4.0
[12/08/2008|20:10] C:\Program Files\Apple Software Update
[19/09/2007|20:34] C:\Program Files\ArcSoft
[30/09/2006|15:23] C:\Program Files\Astonsoft
[11/11/2007|18:06] C:\Program Files\AutoCAD 2004
[11/11/2007|18:05] C:\Program Files\Autodesk
[18/12/2008|19:55] C:\Program Files\Avira
[19/12/2006|08:40] C:\Program Files\Axis Communications
[10/03/2006|07:51] C:\Program Files\BeWAN ADSL V1.9.0.3
[20/01/2007|15:39] C:\Program Files\BitDownload
[23/09/2008|16:24] C:\Program Files\Bonjour
[17/12/2008|08:22] C:\Program Files\Bureau_Veritas_Conditions
[18/04/2006|08:22] C:\Program Files\Caere
[30/07/2006|11:13] C:\Program Files\CCleaner
[10/09/2006|18:18] C:\Program Files\CDBurnerXP Pro 3
[03/01/2008|15:26] C:\Program Files\Cryo
[04/03/2006|17:44] C:\Program Files\CyberLink
[05/03/2007|18:51] C:\Program Files\Dassault Systemes
[16/10/2008|13:14] C:\Program Files\DivX
[16/06/2006|20:00] C:\Program Files\DVD Decrypter
[16/06/2006|20:31] C:\Program Files\DVD Shrink
[03/01/2008|16:20] C:\Program Files\EA Games
[18/12/2006|18:15] C:\Program Files\Electronic Arts
[16/10/2008|16:41] C:\Program Files\Empire Interactive
[19/12/2008|14:52] C:\Program Files\eMule
[01/09/2006|19:22] C:\Program Files\EPSON
[19/12/2008|08:17] C:\Program Files\Fichiers communs
[31/12/2008|08:48] C:\Program Files\FindyKill
[06/01/2008|12:25] C:\Program Files\GameSpy Arcade
[19/02/2007|11:42] C:\Program Files\Google
[29/12/2008|08:57] C:\Program Files\Grisoft
[16/10/2008|16:41] C:\Program Files\InstallShield Installation Information
[18/10/2007|13:44] C:\Program Files\InterActual
[19/12/2008|09:57] C:\Program Files\Internet Explorer
[20/11/2008|13:09] C:\Program Files\iPod
[20/11/2008|13:09] C:\Program Files\iTunes
[20/01/2007|10:25] C:\Program Files\Jasc Software Inc
[31/12/2008|10:39] C:\Program Files\Java
[30/09/2006|15:20] C:\Program Files\Kazaa
[19/12/2008|08:18] C:\Program Files\Lavasoft
[12/03/2008|08:14] C:\Program Files\Les Cahiers Maritimes
[19/05/2008|18:23] C:\Program Files\LucasArts
[28/12/2008|20:40] C:\Program Files\Malwarebytes' Anti-Malware
[30/12/2007|09:41] C:\Program Files\Maxis
[10/03/2006|09:52] C:\Program Files\Microsoft AutoRoute
[10/03/2006|09:50] C:\Program Files\Microsoft Encarta
[04/03/2006|16:10] C:\Program Files\microsoft frontpage
[02/01/2008|19:08] C:\Program Files\Microsoft Games
[10/03/2006|11:43] C:\Program Files\Microsoft Money
[13/01/2007|16:16] C:\Program Files\Microsoft Money 2005
[23/01/2008|08:59] C:\Program Files\Microsoft Office
[02/12/2006|11:36] C:\Program Files\Microsoft Works
[10/03/2006|09:44] C:\Program Files\Microsoft Works Suite 2002
[23/01/2008|08:59] C:\Program Files\Microsoft.NET
[28/03/2006|18:11] C:\Program Files\Microtek ScanSuite
[04/03/2006|16:31] C:\Program Files\Movie Maker
[31/12/2008|11:04] C:\Program Files\Mozilla Firefox
[01/02/2008|10:48] C:\Program Files\MP3 Player Utilities 4.18
[04/03/2006|16:06] C:\Program Files\MSN Gaming Zone
[02/01/2008|19:42] C:\Program Files\MSXML 4.0
[31/12/2008|09:05] C:\Program Files\Navilog1
[28/12/2008|10:51] C:\Program Files\Neonumeric
[22/06/2006|21:56] C:\Program Files\Nero
[04/03/2006|16:30] C:\Program Files\NetMeeting
[19/08/2006|09:03] C:\Program Files\Neuf
[19/08/2006|08:53] C:\Program Files\neuf telecom
[05/09/2007|16:44] C:\Program Files\OpenOffice.org 2.0
[05/09/2007|16:45] C:\Program Files\OpenOffice.org 2.2
[13/04/2006|07:40] C:\Program Files\Outlook Express
[26/03/2008|18:36] C:\Program Files\Packlang - Big Challenge 2006
[19/09/2007|20:30] C:\Program Files\Panasonic
[28/12/2008|14:50] C:\Program Files\Panda Security
[21/03/2007|08:36] C:\Program Files\PhotoBox
[23/09/2008|16:29] C:\Program Files\QuickTime
[01/09/2006|18:05] C:\Program Files\Rainbow Technologies
[10/03/2006|11:07] C:\Program Files\Real
[23/03/2006|16:33] C:\Program Files\Recognita Standard OCR 3.2
[20/11/2008|12:57] C:\Program Files\Safari
[04/03/2006|16:06] C:\Program Files\Services en ligne
[06/01/2008|12:23] C:\Program Files\Sony
[19/12/2008|18:15] C:\Program Files\Spybot - Search & Destroy
[27/01/2007|10:48] C:\Program Files\SSC Service Utility
[30/09/2006|14:17] C:\Program Files\Star Downloader
[06/01/2008|12:30] C:\Program Files\StarWarsGalaxies
[17/06/2006|06:51] C:\Program Files\SystemDoctor 2006 Free
[28/12/2008|16:42] C:\Program Files\Trend Micro
[15/04/2006|08:14] C:\Program Files\Ulead PhotoImpact SE
[23/03/2006|16:38] C:\Program Files\Ulead Systems
[03/11/2008|19:23] C:\Program Files\UltimateZip 2007
[10/09/2006|19:15] C:\Program Files\Uninstall Information
[17/12/2008|08:22] C:\Program Files\VeriSTAR Stability
[04/08/2007|09:04] C:\Program Files\VideoLAN
[18/12/2008|19:31] C:\Program Files\Vilma
[28/12/2008|14:44] C:\Program Files\VintaSoft
[06/10/2008|17:40] C:\Program Files\Virtual Skipper 4
[13/03/2006|17:15] C:\Program Files\WinAce
[07/06/2007|04:50] C:\Program Files\WinArgos
[27/01/2007|17:24] C:\Program Files\Windows Media Connect 2
[27/01/2007|17:24] C:\Program Files\Windows Media Player
[04/03/2006|16:30] C:\Program Files\Windows NT
[04/03/2006|16:06] C:\Program Files\WindowsUpdate
[13/03/2006|18:18] C:\Program Files\WinIso 5.3 FR
[03/10/2006|19:29] C:\Program Files\WinZip
[04/03/2006|16:10] C:\Program Files\xerox
[06/01/2008|11:55] C:\Program Files\Xfire
[21/03/2007|08:49] C:\Program Files\Yahoo!
[21/12/2006|08:07] C:\Program Files\Zapu
[03/10/2006|19:40] C:\Program Files\ZipCentral
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/10/2008|15:07] C:\Program Files\Fichiers communs\Adobe
[22/06/2006|21:56] C:\Program Files\Fichiers communs\Ahead
[12/08/2008|10:48] C:\Program Files\Fichiers communs\Apple
[19/09/2007|20:36] C:\Program Files\Fichiers communs\ArcSoft
[11/11/2007|18:04] C:\Program Files\Fichiers communs\Autodesk Shared
[18/04/2006|08:23] C:\Program Files\Fichiers communs\Caere
[10/09/2006|19:14] C:\Program Files\Fichiers communs\DESIGNER
[01/09/2006|19:23] C:\Program Files\Fichiers communs\EPSON
[18/12/2006|18:15] C:\Program Files\Fichiers communs\InstallShield
[20/01/2007|10:25] C:\Program Files\Fichiers communs\Jasc Software Inc
[08/05/2007|07:57] C:\Program Files\Fichiers communs\Java
[11/11/2007|18:05] C:\Program Files\Fichiers communs\Macrovision Shared
[03/10/2007|10:54] C:\Program Files\Fichiers communs\Microsoft Shared
[04/03/2006|16:07] C:\Program Files\Fichiers communs\MSSoap
[04/03/2006|15:50] C:\Program Files\Fichiers communs\ODBC
[08/11/2007|18:41] C:\Program Files\Fichiers communs\Real
[04/03/2006|16:07] C:\Program Files\Fichiers communs\Services
[04/03/2006|15:50] C:\Program Files\Fichiers communs\SpeechEngines
[23/01/2008|08:58] C:\Program Files\Fichiers communs\System
[19/12/2008|08:17] C:\Program Files\Fichiers communs\Wise Installation Wizard
[08/11/2007|18:41] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\Nael\APPLIC~1\GREATB~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Nael\APPLIC~1\greatb~1
C:\Program Files\BitDownload
C:\Program Files\BitDownload\ZM
C:\WINDOWS\Tasks\A66A1CA891C19C1C.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Skip bolt bin]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Nael\\APPLIC~1\\GREATB~1\\funk camp.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
--------------------\\ ROGUES ..
C:\PROGRA~1\SystemDoctor 2006 Free
[F:9][D:3]-> C:\DOCUME~1\Nael\LOCALS~1\Temp
[F:18][D:0]-> C:\DOCUME~1\Nael\Cookies
[F:99][D:6]-> C:\DOCUME~1\Nael\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 31/12/2008|11:43 - Option : [1]
--------------------\\ Fin du rapport a 11:43:38
Voici le rapport Navilog1. antivir ne trouve plus de virus et je n'ai pas l'ancien. Je met jour java et internet explorer.
Search Navipromo version 3.7.0 commencé le 31/12/2008 à 9:05:00.50
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.20GHz )
BIOS : Default System BIOS
USER : Nael ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:13 Go)
D:\ (Local Disk) - NTFS - Total:58 Go (Free:4 Go)
E:\ (Local Disk) - NTFS - Total:94 Go (Free:78 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (USB) - FAT32 - Total:8089 Mo (Free:5 Go)
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Nael\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Nael\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Nael\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Nael\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Nael\locals~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
A66A1CA891C19C1C.job trouvé ! Infection Lop possible non traitée par cet outil !
*** Analyse terminée le 31/12/2008 à 9:05:46.90 ***
j'ai installé java mais par contre je ne peux pas mettre à jour internet explorer !!!