PB PUB + MISE A JOUR

julieee Messages postés 56 Statut Membre -  
 V-X -
Bonjour,

Ça fait un moment que je galère avec mon pc, nombreuses pub s'affiche sous firefox ainsi que sur explorer, les mises a jours automatiques se sont bloquées mon antivirus est panda j'ai aussi utilisé c cleaner et la je suis en train d'analyser avec malwarebytes ça fait + d'1 heure et 45 éléments infectés alors que l'analyse n'est pas terminée.
Je ne sais plus quoi faire je l'emmène en réparation très souvent mais rien n'est résolu pouvait vous m'aider?

Ca fait 2 fois que je pose cette question mes personnes ne me repond?
SVP aidez moi!

MERCI
Configuration: Windows XP
Firefox 3.0.5

68 réponses

  • 1
  • 2
  • 3
  • 4
Résumé de la discussion

Plusieurs publicités apparaissent dans Firefox et Explorer et les mises à jour automatiques sont bloquées, l'antivirus Panda semblant insuffisant tandis que Malwarebytes analyse longtemps et détecte de nombreux éléments infectés sur Windows XP. Parmi les solutions proposées, utiliser Kaspersky Online Scanner via Internet Explorer pour un scan en ligne, enregistrer le rapport texte et vérifier les contrôles ActiveX si nécessaire. D'autres recommandations évoquent des outils comme RSIT et HijackThis, puis poster les rapports (log et info) et supprimer ce qui est détecté, tout en réexécutant les analyses après nettoyage. En cas de reprise d'infection, la consolidation des rapports et le redémarrage des outils avec une vérification des éléments systèmes peut prévenir les récurrences à long terme.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. V-X
     
    Salut,

    Dés que le scan de malwarebyte et fini tu poste le rapport sur le forum.

    Supprime bien ce qu'il trouve.

    A++
    0
  2. julieee Messages postés 56 Statut Membre
     
    16/01/2009 14:37:28
    mbam-log-2009-01-16 (14-37-28).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 169413
    Temps écoulé: 8 hour(s), 3 minute(s), 54 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 14
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 218

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\ddcDuVnL.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\iifecaYR.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\bipdac.dll (Trojan.Vundo) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{508e980c-f09f-4908-bcc6-f4c533a15ea6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifecayr (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{508e980c-f09f-4908-bcc6-f4c533a15ea6} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a0758cab-6b0c-4eba-aeb5-5d94694568e2} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a0758cab-6b0c-4eba-aeb5-5d94694568e2} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e49df6ea-1989-4ec5-9549-eda4dd32a173} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{e49df6ea-1989-4ec5-9549-eda4dd32a173} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{508e980c-f09f-4908-bcc6-f4c533a15ea6} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a0758cab-6b0c-4eba-aeb5-5d94694568e2} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e49df6ea-1989-4ec5-9549-eda4dd32a173} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f0d29b1f (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{508e980c-f09f-4908-bcc6-f4c533a15ea6} (Trojan.Vundo) -> Delete on reboot.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ddcduvnl -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ddcduvnl -> Delete on reboot.

    Dossier(s) infecté(s):
    C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\iifecaYR.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\bipdac.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\ddcDuVnL.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\LnVuDcdd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\LnVuDcdd.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\byaibhxk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\kxhbiayb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cpjlwotn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ntowljpc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ddcBRjIY.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\YIjRBcdd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\YIjRBcdd.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\giaokqor.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\roqkoaig.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\klyiisyn.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nysiiylk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lashxter.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\retxhsal.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\urqRlLET.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\TELlRqru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\TELlRqru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\DOomi\Local Settings\Temporary Internet Files\Content.IE5\A5PIMM7E\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\DOomi\Local Settings\Temporary Internet Files\Content.IE5\A5PIMM7E\zc113432[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\DOomi\Local Settings\Temporary Internet Files\Content.IE5\WW9RT5K8\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Local Settings\Temp\ejtwkr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Local Settings\Temp\hamlkkrg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Local Settings\Temp\tqjqfgcl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Invité\Local Settings\Temporary Internet Files\Content.IE5\IUEDLDD3\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\RiCaRdoo\Local Settings\Temporary Internet Files\Content.IE5\2T252H4W\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\RiCaRdoo\Local Settings\Temporary Internet Files\Content.IE5\MB6FE3ER\upd105320[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0092652.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0092676.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093674.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093675.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093676.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093677.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093678.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093679.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093680.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093681.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093682.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093683.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP121\A0093684.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP122\A0093696.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP122\A0094713.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP123\A0095748.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP123\A0095774.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP124\A0095794.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP124\A0095795.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP124\A0095818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP124\A0095819.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP126\A0095896.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP126\A0095909.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP127\A0095947.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP128\A0095980.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP130\A0100171.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP130\A0100172.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP130\A0100173.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP130\A0100174.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP130\A0100175.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP131\A0100262.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP131\A0100263.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081886.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081906.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081907.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081908.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081909.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081910.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081912.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081945.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP113\A0081911.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP114\A0084048.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088085.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088106.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088113.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088128.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088127.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088178.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088179.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088180.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0088181.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0089205.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0089224.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP115\A0089229.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0089276.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0089242.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0089255.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0090291.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0090292.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0090293.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0090294.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP116\A0090295.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP117\A0090302.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP118\A0090506.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP119\A0090531.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP119\A0090550.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP119\A0090553.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP150\A0100787.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP150\A0100799.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP151\A0101824.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP154\A0101912.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP154\A0101913.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP154\A0102990.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP154\A0101974.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105058.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0104018.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105056.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105057.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105059.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105060.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP156\A0105061.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP157\A0105085.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP157\A0105141.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP157\A0105191.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105207.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105219.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105220.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105221.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105222.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105224.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105225.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105226.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105227.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105228.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105229.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105230.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105231.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP158\A0105232.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP161\A0105293.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP120\A0090603.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP162\A0105308.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP162\A0105309.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP162\A0105313.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP162\A0106313.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP163\A0108343.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0111115.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0113141.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0113142.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0113145.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0113148.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP169\A0113156.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP170\A0113280.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP170\A0113282.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP170\A0113283.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP170\A0113288.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113415.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113416.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113417.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113418.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113419.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113420.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP175\A0113421.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP178\A0114699.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP179\A0114732.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{ED9CCE0F-1DCE-4134-8166-E69AEFC70BA3}\RP180\A0115759.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\cijqosaf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\dvajomui.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fkhrge.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\meubqsjl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\pmnnMecc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\sgmysp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tefouyvx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ukygce.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wifhmdhi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uuewdreg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uykaapeo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\awtQJcCR.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\bpsmwm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\fvubzm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ggaroa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\gvnwiust.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mgwgji.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\nilnnmuo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\okqurq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\puumgxfl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\rezacy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\skasycjy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\iudpuifm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jflpxabd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drawlohw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hdowkq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hmoshz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\csisrr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\snmaonjf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\alynreau.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wqijfa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xpcdbz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yckdbh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\yqeuac.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\zlaawr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\zlcfgd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\zseajt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jmctodsi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jnlyxktf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\trrbfu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qeqaekyl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qmzpjm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qoMeFuur.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\qqlxhn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vdqoqibu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vftqihjr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vhyrgbib.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\krjbmkin.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\hojcjjll.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\htwdiyus.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lnekouur.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\exiljwvd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\xmyrmh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\laurie.STEF-75DCECBE7F\Local Settings\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    0
  3. V-X
     
    Re,

    Redémarre ton pc normalement et fait ce qui suit:

    ▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

    ▶ Double clique sur RSIT.exe pour lancer l'outil.

    ▶ Clique sur ' continue ' à l'écran Disclaimer.

    Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

    ▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
    ( log.txt & info.txt )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  4. julieee Messages postés 56 Statut Membre
     
    Il c'est déjà redémarré je le refait?

    MERCI
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. julieee Messages postés 56 Statut Membre
     
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by laurie at 2009-01-16 15:06:13
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 94 GB (72%) free of 130 GB
    Total RAM: 510 MB (48% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:06:22, on 16/01/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2009\WebProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
    C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Security\Panda Antivirus Pro 2009\ApvxdWin.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\Documents and Settings\laurie.STEF-75DCECBE7F\Bureau\RSIT(2).exe
    C:\Program Files\Trend Micro\HijackThis\laurie.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: {c1733788-b381-8a2a-c794-2c4dbb217f0d} - {d0f712bb-d4c2-497c-a2a8-183b8873371c} - C:\WINDOWS\system32\wlpqjx.dll
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [meet great active lies] C:\Documents and Settings\All Users\Application Data\soft chic meet great\soap base.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - AppInit_DLLs: wlpqjx.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsCtrls.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Fichiers communs\Panda Security\PavShld\pavprsrv.exe
    O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\pavsrv51.exe
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
    O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\PskSvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
    0
  7. julieee Messages postés 56 Statut Membre
     
    info.txt logfile of random's system information tool 1.05 2009-01-16 15:06:25

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{685A56F8-75B6-44AD-B3DA-FB0A3266B47C}
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
    Agere Systems PCI Soft Modem-->agrsmdel
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Ask Toolbar-->rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    hp psc 2170 series-->MsiExec.exe /X{93FB47FB-4FDF-4131-B5FD-7A37883868E7}
    hp psc 2170 series-->rundll32 hpzcon07.dll,VendorJettison hp psc 2170 series
    iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
    Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    JavaScript Maker-->"C:\Program Files\JavaScript Maker\IsStub32.exe" -f"C:\Program Files\JavaScript Maker\DeIsL1.isu" -c"C:\Program Files\JavaScript Maker\_ISREG32.DLL"
    K-Lite Codec Pack 2.75 Full (Beta 3)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Navilog1 3.6.9-->"C:\Program Files\Navilog1\unins000.exe"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NETGEAR GA511 Smart Wizard Utility-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    Panda Antivirus Pro 2009-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E55FB276-73C9-4776-AB53-BC028C0509ED}\SETUP.EXE" -l0x40c -removeonly
    Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
    Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
    Photo et imagerie HP 2.0 - hp psc 2170 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
    PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
    SiSAGP driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x40c
    SiSRaidPackage-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13D41D72-0284-4931-A261-F86F6565D4B4}\setup.exe" -l0x40c
    TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

    ======Security center information======

    AV: Panda Antivirus Pro 2009

    System event log

    Computer Name: STEF-75DCECBE7F
    Event Code: 7036
    Message: Le service Mises à jour automatiques est entré dans l'état : en cours d'exécution.

    Record Number: 9952
    Source Name: Service Control Manager
    Time Written: 20090108185432.000000+060
    Event Type: Informations
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Mises à jour automatiques.

    Record Number: 9951
    Source Name: Service Control Manager
    Time Written: 20090108185432.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: STEF-75DCECBE7F
    Event Code: 7036
    Message: Le service Mises à jour automatiques est entré dans l'état : arrêté.

    Record Number: 9950
    Source Name: Service Control Manager
    Time Written: 20090108185431.000000+060
    Event Type: Informations
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 7035
    Message: Un contrôle Arrêter a correctement été envoyé au service Mises à jour automatiques.

    Record Number: 9949
    Source Name: Service Control Manager
    Time Written: 20090108185431.000000+060
    Event Type: Informations
    User: STEF-75DCECBE7F\RiCaRdoo

    Computer Name: STEF-75DCECBE7F
    Event Code: 7036
    Message: Le service Mises à jour automatiques est entré dans l'état : en cours d'exécution.

    Record Number: 9948
    Source Name: Service Control Manager
    Time Written: 20090108185431.000000+060
    Event Type: Informations
    User:

    Application event log

    Computer Name: STEF-75DCECBE7F
    Event Code: 102
    Message: msnmsgr (252) \\.\C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Messenger\lorinette3413@hotmail.com\SharingMetadata\Working\database_8CF0_D2AC_F0D2_9BB0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

    Record Number: 2285
    Source Name: ESENT
    Time Written: 20080828195459.000000+120
    Event Type: Informations
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 100
    Message: msnmsgr (252) Le moteur de base de données 5.01.2600.5512 est démarré.

    Record Number: 2284
    Source Name: ESENT
    Time Written: 20080828195459.000000+120
    Event Type: Informations
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 12001
    Message: The Messenger Sharing USN Journal Reader service started successfully.

    Record Number: 2283
    Source Name: usnjsvc
    Time Written: 20080828195451.000000+120
    Event Type:
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 1000
    Message: Application défaillante iexplore.exe, version 7.0.6000.16705, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0xaa019b10.

    Record Number: 2282
    Source Name: Application Error
    Time Written: 20080828195239.000000+120
    Event Type: erreur
    User:

    Computer Name: STEF-75DCECBE7F
    Event Code: 11728
    Message: Produit : hp psc 2170 series -- La configuration s'est terminée correctement.

    Record Number: 2281
    Source Name: MsiInstaller
    Time Written: 20080828195019.000000+120
    Event Type: Informations
    User: STEF-75DCECBE7F\julie

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\Program Files\Panda Security\Panda Antivirus Pro 2009\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
    "PROCESSOR_REVISION"=0401
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------
    0
  8. julieee Messages postés 56 Statut Membre
     
    Voici les 2 analyses.
    0
  9. V-X
     
    Re,

    Combofix. Attention, ce logiciel est très puissant, une mauvaise utilisation peut faire des dégâts...

    Fais exactement ce qui suit :

    Télécharge ComboFix (de sUBs) sur ton Bureau (et pas ailleurs !) :
    Fais un clic droit sur ce lien et choisis "enregistrer la cible sous ... " : dans la fenêtre qui s'ouvre tape C-Fix, choisis le bureau comme destination et valide :

    --------------------------------------------- [ ! ATTENTION ! ] ----------------------------------------------------------
    !! déconnecte toi, ferme toutes tes applications en cours et DESACTIVE TOUTES TES DEFENCES (anti-virus, antispyware, pare-feu) le temps de la manipulation (si jamais tu en as et que je ne les ai pas vu sur le rapport hijackthis....)

    ---> Surtout, si tu rencontres des difficultés à ce niveau là, dis le moi avant de poursuivre...

    --->Je te conseil d'installer la console de récupération.(Voir le tutoriel).

    Tuto ici : TUTO
    ---------------------------------------------------------------------------------------------------------------------------------

    Ensuite :

    Double-clique sur C-Fix.exe (= combofix.exe ) .

    Appuie sur une touche pour démarrer le scan .

    Attention : n'utilise pas ta souris ni ton clavier pendant que le programme tourne. Cela pourrait figer l'ordi ---> si un message d'erreur windows apparait à un moment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer

    Le rapport sera crée dans: C:\Combofix.txt , poste le ici stp

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  10. julieee Messages postés 56 Statut Membre
     
    je vois pas enregistrer la cible sous en faisant clique droit!
    0
  11. V-X
     
    Re,

    Clic droit sur ComboFix (de sUBs)

    Ensuite "enregistre la cible sous........"

    Et tu le met sur ton bureau.

    Ou tu configure ton navigateur pour le télécharger directement sur ton bureau.
    0
  12. julieee Messages postés 56 Statut Membre
     
    ComboFix 09-01-15.01 - laurie 2009-01-16 15:23:47.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.510.276 [GMT 1:00]
    Lancé depuis: c:\documents and settings\laurie.STEF-75DCECBE7F\Bureau\C-Fix.exe
    AV: Panda Antivirus Pro 2009 *On-access scanning disabled* (Outdated)
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\Instafinder
    c:\windows\system32\akbviuhx.ini
    c:\windows\system32\awerkpnm.dll
    c:\windows\system32\aypnyrxj.ini
    c:\windows\system32\bdedumoc.ini
    c:\windows\system32\benepmlm.ini
    c:\windows\system32\bgrdtnyg.ini
    c:\windows\system32\dgmlftil.ini
    c:\windows\system32\dhqyfhpg.ini
    c:\windows\system32\dhvtgfly.ini
    c:\windows\system32\dsdefrid.dll
    c:\windows\system32\edhrhjif.dll
    c:\windows\system32\efpditoj.ini
    c:\windows\system32\ehiqitva.dll
    c:\windows\system32\ejdswtyq.ini
    c:\windows\system32\evrrsbxx.dll
    c:\windows\system32\fcgyioiy.ini
    c:\windows\system32\fhibaerw.ini
    c:\windows\system32\fkgihrce.ini
    c:\windows\system32\gcpkkioy.ini
    c:\windows\system32\gddfxhxt.dll
    c:\windows\system32\ghdsrhka.ini
    c:\windows\system32\gmgxoqys.ini
    c:\windows\system32\hfsismjy.ini
    c:\windows\system32\hfygpxbu.ini
    c:\windows\system32\iiguulgv.ini
    c:\windows\system32\ikrkvvof.ini
    c:\windows\system32\jfaaytbb.ini
    c:\windows\system32\jfdaicvx.dll
    c:\windows\system32\jfyiitma.dll
    c:\windows\system32\jhgdgnfk.ini
    c:\windows\system32\jtripsjc.dll
    c:\windows\system32\ktkxpwvh.ini
    c:\windows\system32\lmaumhkr.ini
    c:\windows\system32\lwyukxgi.ini
    c:\windows\system32\miphithd.ini
    c:\windows\system32\mjodilbo.ini
    c:\windows\system32\nhfdjxdx.ini
    c:\windows\system32\nhokhlta.ini
    c:\windows\system32\nrbwmrlx.ini
    c:\windows\system32\nswkbjgy.ini
    c:\windows\system32\nupajbbi.ini
    c:\windows\system32\nwjljwqh.ini
    c:\windows\system32\nywqndcq.ini
    c:\windows\system32\oflegrao.ini
    c:\windows\system32\pbbnzj.dll
    c:\windows\system32\pqqkxooa.ini
    c:\windows\system32\pwmyhrqh.ini
    c:\windows\system32\qicmbkcp.ini
    c:\windows\system32\qikyquqj.ini
    c:\windows\system32\qixanxoy.ini
    c:\windows\system32\qytwsdje.dll
    c:\windows\system32\rpoayldm.ini
    c:\windows\system32\rtcjdgto.ini
    c:\windows\system32\sbfnlnsq.ini
    c:\windows\system32\sgtpcegc.ini
    c:\windows\system32\sqmhgdaa.ini
    c:\windows\system32\tfmavuno.ini
    c:\windows\system32\tkdbbtwj.ini
    c:\windows\system32\tmkwuaag.ini
    c:\windows\system32\tmxdpkyp.ini
    c:\windows\system32\twifvwwu.ini
    c:\windows\system32\uuwadfhx.ini
    c:\windows\system32\vshkoqrp.ini
    c:\windows\system32\wclravwx.ini
    c:\windows\system32\wlpqjx.dll
    c:\windows\system32\wyumcffl.dll
    c:\windows\system32\xcinmahd.ini
    c:\windows\system32\xfmcwrcs.ini
    c:\windows\system32\xhlkfijn.ini
    c:\windows\system32\xvkwkaam.ini
    c:\windows\system32\xyewdydy.ini
    c:\windows\system32\yfhmsbtn.ini
    c:\windows\system32\ylfnhnpj.ini
    c:\windows\system32\ynvboesh.ini
    c:\windows\system32\ywdrrjqu.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-16 au 2009-01-16 ))))))))))))))))))))))))))))))))))))
    .

    2009-01-16 15:06 . 2009-01-16 15:06 <REP> d-------- C:\rsit
    2009-01-15 17:42 . 2009-01-15 17:42 0 --a------ c:\windows\Irremote.ini
    2009-01-15 17:34 . 2009-01-15 17:34 <REP> d-------- c:\windows\SxsCaPendDel
    2009-01-15 14:33 . 2009-01-15 14:35 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2009-01-15 14:33 . 2009-01-15 14:33 <REP> d-------- c:\documents and settings\laurie.STEF-75DCECBE7F\Application Data\Malwarebytes
    2009-01-15 14:33 . 2009-01-15 14:33 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-01-15 14:33 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2009-01-15 14:33 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2009-01-15 14:13 . 2009-01-15 14:13 <REP> d-------- c:\program files\QUAD Utilities
    2009-01-15 11:47 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
    2009-01-15 11:29 . 2009-01-15 11:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
    2009-01-11 12:51 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
    2008-12-18 12:11 . 2008-12-22 16:12 3,532 --a------ C:\drmHeader.bin

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-16 14:27 13,880 ----a-w c:\windows\system32\drivers\COMFiltr.sys
    2009-01-15 16:50 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-08 16:58 --------- d-----w c:\documents and settings\All Users\Application Data\soft chic meet great
    2008-12-22 15:35 --------- d-----w c:\documents and settings\laurie.STEF-75DCECBE7F\Application Data\Azureus
    2008-12-12 14:39 --------- d-----w c:\program files\Azureus
    2008-12-11 16:46 --------- d-----w c:\documents and settings\laurie.STEF-75DCECBE7F\Application Data\Ahead
    2008-12-11 15:33 --------- d-----w c:\program files\Windows Live
    2008-12-11 15:31 --------- d-----w c:\program files\Hewlett-Packard
    2008-12-11 15:02 --------- d-----w c:\program files\PhotoFiltre
    2008-12-10 12:37 --------- d-----w c:\program files\Trend Micro
    2008-12-10 12:31 --------- d-----w c:\program files\Navilog1
    2008-11-21 14:59 --------- d-----w c:\documents and settings\Invité\Application Data\Azureus
    2008-11-16 15:09 --------- d-----w c:\documents and settings\Laurie\Application Data\ProxyBoob
    2008-06-26 14:52 169 ---ha-w c:\documents and settings\laurie.STEF-75DCECBE7F\hpothb07.dat
    2008-06-26 14:52 169 ---ha-w c:\documents and settings\Invité\hpothb07.dat
    2008-06-26 14:52 169 ---ha-w c:\documents and settings\Invité\hpothb07.dat
    2008-06-26 14:52 169 ---ha-w c:\documents and settings\Default User\hpothb07.dat
    2008-06-26 14:52 169 ---ha-w c:\documents and settings\Administrateur\hpothb07.dat
    2008-05-20 11:26 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008042820080505\index.dat
    2008-05-20 11:26 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008052020080521\index.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "APVXDWIN"="c:\program files\Panda Security\Panda Antivirus Pro 2009\APVXDWIN.EXE" [2008-12-03 869632]
    "SCANINICIO"="c:\program files\Panda Security\Panda Antivirus Pro 2009\Inicio.exe" [2008-07-07 50432]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]
    "meet great active lies"="c:\documents and settings\All Users\Application Data\soft chic meet great\soap base.exe" [2009-01-16 757760]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2008-03-18 15:58 58672 c:\windows\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=wlpqjx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.X264"= x264vfw.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
    @="Service"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Azureus\\Azureus.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2008-09-13 28544]
    R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-09-13 41144]
    R3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [2008-09-13 13880]
    R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
    R4 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?]
    R4 LANPkt;Realtek LANPkt Protocol;c:\windows\system32\drivers\LANPkt.sys [2006-11-28 8440]
    R4 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-09-13 179640]
    S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2006-11-28 11237]

    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - Netman
    *Deregistered* - Nla
    *Deregistered* - NVSvc
    *Deregistered* - Panda Software Controller
    *Deregistered* - PAVFNSVR
    *Deregistered* - PavPrSrv
    *Deregistered* - PAVSRV
    *Deregistered* - PolicyAgent
    *Deregistered* - ProtectedStorage
    *Deregistered* - PSIMSVC
    *Deregistered* - PskSvcRetail
    *Deregistered* - RasMan
    *Deregistered* - RichVideo
    *Deregistered* - RpcSs
    *Deregistered* - SamSs
    *Deregistered* - Schedule
    *Deregistered* - seclogon
    *Deregistered* - SENS
    *Deregistered* - SharedAccess
    *Deregistered* - ShellHWDetection
    *Deregistered* - Spooler
    *Deregistered* - srservice
    *Deregistered* - SSDPSRV
    *Deregistered* - stisvc
    *Deregistered* - TapiSrv
    *Deregistered* - TermService
    *Deregistered* - Themes
    *Deregistered* - TPSrv
    *Deregistered* - TrkWks
    *Deregistered* - W32Time
    *Deregistered* - WebClient
    *Deregistered* - winmgmt
    *Deregistered* - wscsvc
    *Deregistered* - wuauserv
    *Deregistered* - WudfSvc
    *Deregistered* - WZCSVC

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    panda REG_MULTI_SZ Gwmsrv
    .
    Contenu du dossier 'Tâches planifiées'

    2009-01-16 c:\windows\Tasks\A9440CD3918F8187.job
    - c:\docume~1\ricardoo\applic~1\proxyb~1\file build bind.exe []

    2008-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
    BHO-{d0f712bb-d4c2-497c-a2a8-183b8873371c} - c:\windows\system32\wlpqjx.dll

    .
    ------- Examen supplémentaire -------
    .
    uStart Page = about:blank
    mStart Page = about:blank
    FF - ProfilePath - c:\documents and settings\laurie.STEF-75DCECBE7F\Application Data\Mozilla\Firefox\Profiles\lhbukbmh.default\
    FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
    .
    .
    ------- Associations de fichier -------
    .
    JSEFile=c:\progra~1\PANDAS~1\PANDAA~2\PAVSCRIP.EXE "%1" %*
    VBEFile=c:\progra~1\PANDAS~1\PANDAA~2\PAVSCRIP.EXE "%1" %*
    VBSFile=c:\progra~1\PANDAS~1\PANDAA~2\PAVSCRIP.EXE "%1" %*
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-16 15:27:38
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(656)
    c:\windows\system32\avldr.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Panda Security\Panda Antivirus Pro 2009\TPSrv.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\WebProxy.exe
    c:\windows\system32\agrsmsvc.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\PsCtrlS.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\PavFnSvr.exe
    c:\program files\Fichiers communs\Panda Security\PavShld\PavPrSrv.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\PsImSvc.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\psksvc.exe
    c:\program files\CyberLink\Shared files\RichVideo.exe
    c:\program files\Panda Security\Panda Antivirus Pro 2009\PAVSRV51.EXE
    c:\program files\Panda Security\Panda Antivirus Pro 2009\AVENGINE.EXE
    c:\program files\Internet Explorer\iexplore.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-01-16 15:32:14 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-01-16 14:32:09

    Avant-CF: 97 954 263 040 octets libres
    Après-CF: 98,185,723,904 octets libres

    WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

    275 --- E O F --- 2008-09-12 14:02:35
    0
  13. V-X
     
    Re,

    Télécharge Lop S&D

    ▶ Double-clique dessus pour lancer l'installation

    ▶ Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

    ▶ Séléctionne la langue souhaitée

    ▶ Puis choisis l'Option 1 ( Recherche )

    ▶ Patiente jusqu'à la fin du scan

    ▶ Poste le rapport généré ( C:lopR.txt )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  14. julieee Messages postés 56 Statut Membre
     
    je n'arrive po a le telecharger
    0
  15. julieee Messages postés 56 Statut Membre
     
    J'ai redemarrer et ca ne marche tjr pas il me dit la conexion avec le serveur à été réinitialisé.
    0
  16. V-X
     
    Re,

    Essai celui la:

    Télécharger Lopxp : (by Moe)

    Double-cliquer sur Lopxpsetup.exe pour lancer l'installation

    ▶ Au menu, choisir l'option 1

    ▶ Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !

    ▶ Le contenu du rapport est situé dans : C:\Programfiles\Lopxp\cid.txt
    0
  17. julieee Messages postés 56 Statut Membre
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : laurie ( Administrator )
    BOOT : Normal boot
    Antivirus : Panda Antivirus Pro 2009 8.00.00 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:126 Go (Free:91 Go)
    H:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 16/01/2009|15:56 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [12/09/2008|17:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [21/05/2008|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
    [30/05/2008|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/05/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [02/09/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/09/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [21/05/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [03/05/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [28/05/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [03/05/2008|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [21/05/2008|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [15/01/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [19/09/2008|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/01/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [13/09/2008|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Security
    [10/11/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Software
    [03/05/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
    [08/01/2009|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
    [15/08/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [20/05/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [07/12/2007|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [12/09/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [03/05/2008|17:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [03/12/2008|13:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [21/11/2008|15:59] C:\DOCUME~1\INVIT~1\APPLIC~1\Azureus
    [02/08/2008|16:06] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [19/11/2008|13:27] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [29/11/2008|18:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [19/11/2008|13:26] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [19/11/2008|14:34] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun

    [07/05/2008|19:50] C:\DOCUME~1\Laurie\APPLIC~1\Adobe
    [02/06/2008|18:25] C:\DOCUME~1\Laurie\APPLIC~1\Ahead
    [02/06/2008|13:26] C:\DOCUME~1\Laurie\APPLIC~1\Azureus
    [31/05/2008|20:15] C:\DOCUME~1\Laurie\APPLIC~1\DivX
    [04/05/2008|15:58] C:\DOCUME~1\Laurie\APPLIC~1\Google
    [04/05/2008|15:54] C:\DOCUME~1\Laurie\APPLIC~1\Identities
    [07/05/2008|19:52] C:\DOCUME~1\Laurie\APPLIC~1\Macromedia
    [01/06/2008|17:47] C:\DOCUME~1\Laurie\APPLIC~1\Microsoft
    [24/05/2008|11:20] C:\DOCUME~1\Laurie\APPLIC~1\Mozilla
    [16/11/2008|16:09] C:\DOCUME~1\Laurie\APPLIC~1\ProxyBoob
    [04/05/2008|16:28] C:\DOCUME~1\Laurie\APPLIC~1\Windows Live Writer
    [25/05/2008|18:03] C:\DOCUME~1\Laurie\APPLIC~1\WinRAR

    [10/09/2008|11:47] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Adobe
    [11/12/2008|17:46] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Ahead
    [22/12/2008|16:35] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Azureus
    [01/08/2008|16:35] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Google
    [01/08/2008|16:27] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Identities
    [09/08/2008|14:04] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Macromedia
    [15/01/2009|14:33] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Malwarebytes
    [05/11/2008|16:05] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Microsoft
    [18/11/2008|17:09] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Mozilla
    [07/11/2008|17:42] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\OpenOffice.org2
    [01/08/2008|16:34] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\ProxyBoob
    [17/09/2008|10:25] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Sun
    [18/09/2008|13:25] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\WinRAR

    [21/05/2008|14:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/05/2008|17:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [16/01/2009 15:00][--ah-----] C:\WINDOWS\tasks\A9440CD3918F8187.job
    [10/12/2008 12:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [16/01/2009 15:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( A9440CD3918F8187.job )=( c:\docume~1\ricardoo\applic~1\proxyb~1\filebuildbind.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [30/05/2008|12:24] C:\Program Files\Adobe
    [02/09/2008|18:01] C:\Program Files\Apple Software Update
    [18/09/2008|12:06] C:\Program Files\AskSBar
    [03/05/2008|19:22] C:\Program Files\ASUSTeK
    [12/12/2008|15:39] C:\Program Files\Azureus
    [02/09/2008|18:03] C:\Program Files\Bonjour
    [12/09/2008|16:11] C:\Program Files\CCleaner
    [07/05/2008|12:32] C:\Program Files\C-Media
    [03/05/2008|17:04] C:\Program Files\ComPlus Applications
    [03/05/2008|18:03] C:\Program Files\CyberLink
    [31/05/2008|19:51] C:\Program Files\DivX
    [16/01/2009|15:24] C:\Program Files\Fichiers communs
    [03/05/2008|19:17] C:\Program Files\Google
    [11/12/2008|16:31] C:\Program Files\Hewlett-Packard
    [07/05/2008|11:59] C:\Program Files\HP
    [15/01/2009|17:50] C:\Program Files\InstallShield Installation Information
    [02/09/2008|18:02] C:\Program Files\Internet Explorer
    [01/08/2008|15:49] C:\Program Files\Java
    [01/08/2008|15:40] C:\Program Files\JavaScript Maker
    [03/05/2008|18:16] C:\Program Files\K-Lite Codec Pack
    [14/10/2008|09:24] C:\Program Files\Logitech
    [21/05/2008|05:15] C:\Program Files\ma-config.com
    [15/01/2009|14:35] C:\Program Files\Malwarebytes' Anti-Malware
    [14/08/2008|11:08] C:\Program Files\Messenger
    [07/12/2007|13:19] C:\Program Files\Messenger Plus! Live
    [19/09/2008|10:55] C:\Program Files\Microsoft ActiveSync
    [03/05/2008|17:07] C:\Program Files\microsoft frontpage
    [19/09/2008|10:52] C:\Program Files\Microsoft Office
    [19/08/2008|14:49] C:\Program Files\Microsoft Silverlight
    [04/05/2008|16:24] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/09/2008|10:51] C:\Program Files\Microsoft.NET
    [20/05/2008|12:07] C:\Program Files\Movie Maker
    [16/01/2009|15:52] C:\Program Files\Mozilla Firefox
    [26/06/2008|16:46] C:\Program Files\MSECache
    [28/08/2008|12:23] C:\Program Files\MSN
    [03/05/2008|17:03] C:\Program Files\MSN Gaming Zone
    [10/12/2008|13:31] C:\Program Files\Navilog1
    [21/05/2008|05:03] C:\Program Files\NETGEAR GA511 Adapter
    [20/05/2008|12:02] C:\Program Files\NetMeeting
    [31/07/2008|10:56] C:\Program Files\Neuf
    [03/05/2008|17:04] C:\Program Files\Online Services
    [20/05/2008|12:02] C:\Program Files\Outlook Express
    [13/09/2008|10:26] C:\Program Files\Panda Security
    [11/12/2008|16:02] C:\Program Files\PhotoFiltre
    [02/06/2008|17:58] C:\Program Files\Pvm
    [15/01/2009|14:13] C:\Program Files\QUAD Utilities
    [21/05/2008|05:04] C:\Program Files\Realtek
    [03/05/2008|17:06] C:\Program Files\Services en ligne
    [21/05/2008|04:59] C:\Program Files\sisagp
    [15/08/2008|10:10] C:\Program Files\TomTom HOME 2
    [10/12/2008|13:37] C:\Program Files\Trend Micro
    [03/05/2008|17:14] C:\Program Files\Uninstall Information
    [11/12/2008|16:33] C:\Program Files\Windows Live
    [14/11/2008|11:02] C:\Program Files\Windows Live Toolbar
    [20/05/2008|12:43] C:\Program Files\Windows Media Connect 2
    [28/08/2008|09:56] C:\Program Files\Windows Media Player
    [20/05/2008|12:02] C:\Program Files\Windows NT
    [03/05/2008|17:06] C:\Program Files\WindowsUpdate
    [07/05/2008|11:27] C:\Program Files\WinRAR
    [03/05/2008|17:07] C:\Program Files\xerox
    [12/09/2008|16:11] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [30/05/2008|12:24] C:\Program Files\Fichiers communs\Adobe
    [19/09/2008|10:54] C:\Program Files\Fichiers communs\DESIGNER
    [26/06/2008|13:29] C:\Program Files\Fichiers communs\Hewlett-Packard
    [03/05/2008|19:20] C:\Program Files\Fichiers communs\InstallShield
    [03/05/2008|17:35] C:\Program Files\Fichiers communs\Java
    [02/06/2008|19:39] C:\Program Files\Fichiers communs\Logitech
    [19/09/2008|10:55] C:\Program Files\Fichiers communs\Microsoft Shared
    [03/05/2008|17:05] C:\Program Files\Fichiers communs\MSSoap
    [03/05/2008|18:56] C:\Program Files\Fichiers communs\ODBC
    [13/09/2008|09:50] C:\Program Files\Fichiers communs\Panda Security
    [12/09/2008|17:16] C:\Program Files\Fichiers communs\Panda Software
    [03/05/2008|17:05] C:\Program Files\Fichiers communs\Services
    [03/05/2008|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [19/09/2008|10:51] C:\Program Files\Fichiers communs\System
    [04/05/2008|16:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 39 Processes )

    IEXPLORE.EXE ~ [PID:2112]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Admin Move.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\save dart.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\soap base.dat
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\soap base.exe
    C:\DOCUME~1\Laurie\APPLIC~1\proxyb~1
    C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\proxyb~1
    C:\DOCUME~1\LAURIE~1.STE\Cookies\laurie@fr.thepimps.bigpoint[2].txt
    C:\DOCUME~1\LAURIE~1.STE\Cookies\laurie@partypoker[2].txt
    C:\WINDOWS\Tasks\A9440CD3918F8187.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "meet great active lies"="C:\\Documents and Settings\\All Users\\Application Data\\soft chic meet great\\soap base.exe"

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-16 15:57:59
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:1][D:0]-> C:\DOCUME~1\LAURIE~1.STE\LOCALS~1\Temp
    [F:30][D:0]-> C:\DOCUME~1\LAURIE~1.STE\Cookies
    [F:580][D:4]-> C:\DOCUME~1\LAURIE~1.STE\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 16/01/2009|15:59 - Option : [1]

    --------------------\\ Fin du rapport a 15:59:08
    0
  18. V-X
     
    Re,

    ▶ Relance Lop S&D

    ▶ Choisis cette fois ci l'Option 2 ( Suppression )

    ▶ Ne ferme pas la fenêtre lors de la suppression !

    ▶ Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

    Nouvelle tâche, tape explorer.exe et valide )

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    0
  19. julieee Messages postés 56 Statut Membre
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.93GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : laurie ( Administrator )
    BOOT : Normal boot
    Antivirus : Panda Antivirus Pro 2009 8.00.00 (Not Activated)
    C:\ (Local Disk) - NTFS - Total:126 Go (Free:91 Go)
    H:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 16/01/2009|16:02 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\Admin Move.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\save dart.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\soap base.dat
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great\soap base.exe
    Supprime! - C:\DOCUME~1\LAURIE~1.STE\Cookies\laurie@fr.thepimps.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\LAURIE~1.STE\Cookies\laurie@partypoker[2].txt
    Supprime! - C:\WINDOWS\Tasks\A9440CD3918F8187.job
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\soft chic meet great
    Supprime! - C:\DOCUME~1\Laurie\APPLIC~1\proxyb~1
    Supprime! - C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\proxyb~1

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [12/09/2008|17:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

    [21/05/2008|05:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
    [30/05/2008|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/05/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [02/09/2008|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [02/09/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [21/05/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [03/05/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [28/05/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [03/05/2008|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [21/05/2008|05:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [15/01/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [19/09/2008|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [15/01/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
    [13/09/2008|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Security
    [10/11/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Panda Software
    [03/05/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
    [15/08/2008|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
    [20/05/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [07/12/2007|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [12/09/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [03/05/2008|17:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [03/12/2008|13:40] C:\DOCUME~1\INVIT~1\APPLIC~1\Adobe
    [21/11/2008|15:59] C:\DOCUME~1\INVIT~1\APPLIC~1\Azureus
    [02/08/2008|16:06] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
    [19/11/2008|13:27] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
    [29/11/2008|18:18] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
    [19/11/2008|13:26] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
    [19/11/2008|14:34] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun

    [07/05/2008|19:50] C:\DOCUME~1\Laurie\APPLIC~1\Adobe
    [02/06/2008|18:25] C:\DOCUME~1\Laurie\APPLIC~1\Ahead
    [02/06/2008|13:26] C:\DOCUME~1\Laurie\APPLIC~1\Azureus
    [31/05/2008|20:15] C:\DOCUME~1\Laurie\APPLIC~1\DivX
    [04/05/2008|15:58] C:\DOCUME~1\Laurie\APPLIC~1\Google
    [04/05/2008|15:54] C:\DOCUME~1\Laurie\APPLIC~1\Identities
    [07/05/2008|19:52] C:\DOCUME~1\Laurie\APPLIC~1\Macromedia
    [01/06/2008|17:47] C:\DOCUME~1\Laurie\APPLIC~1\Microsoft
    [24/05/2008|11:20] C:\DOCUME~1\Laurie\APPLIC~1\Mozilla
    [04/05/2008|16:28] C:\DOCUME~1\Laurie\APPLIC~1\Windows Live Writer
    [25/05/2008|18:03] C:\DOCUME~1\Laurie\APPLIC~1\WinRAR

    [10/09/2008|11:47] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Adobe
    [11/12/2008|17:46] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Ahead
    [22/12/2008|16:35] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Azureus
    [01/08/2008|16:35] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Google
    [01/08/2008|16:27] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Identities
    [09/08/2008|14:04] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Macromedia
    [15/01/2009|14:33] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Malwarebytes
    [05/11/2008|16:05] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Microsoft
    [18/11/2008|17:09] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Mozilla
    [07/11/2008|17:42] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\OpenOffice.org2
    [17/09/2008|10:25] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\Sun
    [18/09/2008|13:25] C:\DOCUME~1\LAURIE~1.STE\APPLIC~1\WinRAR

    [21/05/2008|14:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/05/2008|17:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [10/12/2008 12:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [16/01/2009 15:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [30/05/2008|12:24] C:\Program Files\Adobe
    [02/09/2008|18:01] C:\Program Files\Apple Software Update
    [18/09/2008|12:06] C:\Program Files\AskSBar
    [03/05/2008|19:22] C:\Program Files\ASUSTeK
    [12/12/2008|15:39] C:\Program Files\Azureus
    [02/09/2008|18:03] C:\Program Files\Bonjour
    [12/09/2008|16:11] C:\Program Files\CCleaner
    [07/05/2008|12:32] C:\Program Files\C-Media
    [03/05/2008|17:04] C:\Program Files\ComPlus Applications
    [03/05/2008|18:03] C:\Program Files\CyberLink
    [31/05/2008|19:51] C:\Program Files\DivX
    [16/01/2009|15:24] C:\Program Files\Fichiers communs
    [03/05/2008|19:17] C:\Program Files\Google
    [11/12/2008|16:31] C:\Program Files\Hewlett-Packard
    [07/05/2008|11:59] C:\Program Files\HP
    [15/01/2009|17:50] C:\Program Files\InstallShield Installation Information
    [02/09/2008|18:02] C:\Program Files\Internet Explorer
    [01/08/2008|15:49] C:\Program Files\Java
    [01/08/2008|15:40] C:\Program Files\JavaScript Maker
    [03/05/2008|18:16] C:\Program Files\K-Lite Codec Pack
    [14/10/2008|09:24] C:\Program Files\Logitech
    [21/05/2008|05:15] C:\Program Files\ma-config.com
    [15/01/2009|14:35] C:\Program Files\Malwarebytes' Anti-Malware
    [14/08/2008|11:08] C:\Program Files\Messenger
    [07/12/2007|13:19] C:\Program Files\Messenger Plus! Live
    [19/09/2008|10:55] C:\Program Files\Microsoft ActiveSync
    [03/05/2008|17:07] C:\Program Files\microsoft frontpage
    [19/09/2008|10:52] C:\Program Files\Microsoft Office
    [19/08/2008|14:49] C:\Program Files\Microsoft Silverlight
    [04/05/2008|16:24] C:\Program Files\Microsoft SQL Server Compact Edition
    [19/09/2008|10:51] C:\Program Files\Microsoft.NET
    [20/05/2008|12:07] C:\Program Files\Movie Maker
    [16/01/2009|15:52] C:\Program Files\Mozilla Firefox
    [26/06/2008|16:46] C:\Program Files\MSECache
    [28/08/2008|12:23] C:\Program Files\MSN
    [03/05/2008|17:03] C:\Program Files\MSN Gaming Zone
    [10/12/2008|13:31] C:\Program Files\Navilog1
    [21/05/2008|05:03] C:\Program Files\NETGEAR GA511 Adapter
    [20/05/2008|12:02] C:\Program Files\NetMeeting
    [31/07/2008|10:56] C:\Program Files\Neuf
    [03/05/2008|17:04] C:\Program Files\Online Services
    [20/05/2008|12:02] C:\Program Files\Outlook Express
    [13/09/2008|10:26] C:\Program Files\Panda Security
    [11/12/2008|16:02] C:\Program Files\PhotoFiltre
    [02/06/2008|17:58] C:\Program Files\Pvm
    [15/01/2009|14:13] C:\Program Files\QUAD Utilities
    [21/05/2008|05:04] C:\Program Files\Realtek
    [03/05/2008|17:06] C:\Program Files\Services en ligne
    [21/05/2008|04:59] C:\Program Files\sisagp
    [15/08/2008|10:10] C:\Program Files\TomTom HOME 2
    [10/12/2008|13:37] C:\Program Files\Trend Micro
    [03/05/2008|17:14] C:\Program Files\Uninstall Information
    [11/12/2008|16:33] C:\Program Files\Windows Live
    [14/11/2008|11:02] C:\Program Files\Windows Live Toolbar
    [20/05/2008|12:43] C:\Program Files\Windows Media Connect 2
    [28/08/2008|09:56] C:\Program Files\Windows Media Player
    [20/05/2008|12:02] C:\Program Files\Windows NT
    [03/05/2008|17:06] C:\Program Files\WindowsUpdate
    [07/05/2008|11:27] C:\Program Files\WinRAR
    [03/05/2008|17:07] C:\Program Files\xerox
    [12/09/2008|16:11] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [30/05/2008|12:24] C:\Program Files\Fichiers communs\Adobe
    [19/09/2008|10:54] C:\Program Files\Fichiers communs\DESIGNER
    [26/06/2008|13:29] C:\Program Files\Fichiers communs\Hewlett-Packard
    [03/05/2008|19:20] C:\Program Files\Fichiers communs\InstallShield
    [03/05/2008|17:35] C:\Program Files\Fichiers communs\Java
    [02/06/2008|19:39] C:\Program Files\Fichiers communs\Logitech
    [19/09/2008|10:55] C:\Program Files\Fichiers communs\Microsoft Shared
    [03/05/2008|17:05] C:\Program Files\Fichiers communs\MSSoap
    [03/05/2008|18:56] C:\Program Files\Fichiers communs\ODBC
    [13/09/2008|09:50] C:\Program Files\Fichiers communs\Panda Security
    [12/09/2008|17:16] C:\Program Files\Fichiers communs\Panda Software
    [03/05/2008|17:05] C:\Program Files\Fichiers communs\Services
    [03/05/2008|18:56] C:\Program Files\Fichiers communs\SpeechEngines
    [19/09/2008|10:51] C:\Program Files\Fichiers communs\System
    [04/05/2008|16:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 37 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-16 16:04:34
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:1][D:0]-> C:\DOCUME~1\LAURIE~1.STE\LOCALS~1\Temp
    [F:31][D:0]-> C:\DOCUME~1\LAURIE~1.STE\Cookies
    [F:617][D:4]-> C:\DOCUME~1\LAURIE~1.STE\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 16/01/2009|15:59 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 16/01/2009|16:05 - Option : [2]

    --------------------\\ Fin du rapport a 16:05:23
    0
  • 1
  • 2
  • 3
  • 4