Sujet Précédent Sujet Suivant

SOS !!! infection par de nombreux virus

Maxiking -  
 Maxiking -
Bonjour,

Mes parents m'ont confié leur PC avec la lourde tâche de le désinfecter des nombreux virus qui le gangraine depuis que ma petite soeur passe ses journées sur MSN... Il tourne sur Windows XP SP2 et AVAST détecte de nombreux Virus. J'ai commencé par supprimer tout ce qu'AVAST détectait mais mauvaise surprise, au redémarrage, un écran bleu me disait qu'il ne pouvait plus démarrer le dossier user32dll ayant été supprimé... Grâce aux précieux conseils de ce forum, j'ai pu réparer WIndows, mon pc redémarre mais les virus sont toujours là.

Mes compétences informatiques étant limitées, je lance un SOS sur ce forum... Voici le log Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:40:22, on 30/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Apps\Powercinema\PCMService.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\Sony Handheld\USBSwt.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\explorer.exe
F:\Programmes\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=374
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera LTI301P
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [Flag Owns Live Grim] D:\Documents and Settings\All Users\Application Data\Software rule flag owns\surf dupe.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O21 - SSODL: lLdqffyXPkUp - {F453F03A-5EF9-5A90-60B7-8394C3BFFAEF} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

Merci d'avance pour votre aide
A voir également:

14 réponses

Réponse 1 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Bonsoir

Télécharge Lop S&D.exe sur ton Bureau.

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
0
Maxiking
 
Merci de ton aide Toptibal, voici ce que tu m'as demandé :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 30/01/2009|20:19 )

--------------------\\ Listing des dossiers dans APPLIC~1

[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[04/06/2007|15:24] D:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/12/2005|16:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[10/02/2007|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/02/2008|17:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[03/05/2008|12:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Chinlessdefywarn
[19/01/2006|17:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/03/2007|18:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2009|12:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/01/2009|15:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/01/2008|17:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[25/11/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/03/2006|10:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[31/01/2006|17:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[18/12/2005|17:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[20/06/2008|19:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
[10/06/2008|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/05/2006|10:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/09/2006|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[15/03/2008|16:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[23/04/2007|07:26] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Symantec

[23/01/2006|17:51] D:\DOCUME~1\MARIEC~1\APPLIC~1\Adobe
[26/02/2006|15:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\AdobeUM
[18/02/2007|15:39] D:\DOCUME~1\MARIEC~1\APPLIC~1\Apple Computer
[22/12/2005|13:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\CyberLink
[14/06/2006|16:57] D:\DOCUME~1\MARIEC~1\APPLIC~1\Google
[14/06/2006|16:49] D:\DOCUME~1\MARIEC~1\APPLIC~1\HbTools
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\Identities
[25/11/2006|19:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Lavasoft
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Leadertech
[07/01/2006|12:04] D:\DOCUME~1\MARIEC~1\APPLIC~1\Macromedia
[21/03/2007|17:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Microsoft
[14/06/2006|16:55] D:\DOCUME~1\MARIEC~1\APPLIC~1\MSNInstaller
[19/12/2005|20:07] D:\DOCUME~1\MARIEC~1\APPLIC~1\OD2
[04/06/2007|16:21] D:\DOCUME~1\MARIEC~1\APPLIC~1\Okay Extra
[17/06/2006|11:11] D:\DOCUME~1\MARIEC~1\APPLIC~1\PLAYBASE
[18/01/2006|14:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Real
[10/02/2007|14:48] D:\DOCUME~1\MARIEC~1\APPLIC~1\Samsung
[14/06/2006|16:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\ShopperReports
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sonic
[15/01/2006|14:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sun
[12/03/2006|14:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Symantec
[24/02/2006|17:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Template
[09/02/2006|18:12] D:\DOCUME~1\MARIEC~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

[19/03/2006|12:34] D:\DOCUME~1\YVESCA~1\APPLIC~1\Adobe
[11/01/2007|21:31] D:\DOCUME~1\YVESCA~1\APPLIC~1\AdobeUM
[01/05/2008|18:21] D:\DOCUME~1\YVESCA~1\APPLIC~1\Apple Computer
[11/02/2008|17:43] D:\DOCUME~1\YVESCA~1\APPLIC~1\Azureus
[30/12/2007|08:39] D:\DOCUME~1\YVESCA~1\APPLIC~1\CyberLink
[25/06/2006|08:44] D:\DOCUME~1\YVESCA~1\APPLIC~1\Google
[18/12/2005|17:00] D:\DOCUME~1\YVESCA~1\APPLIC~1\Help
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Identities
[25/11/2006|20:30] D:\DOCUME~1\YVESCA~1\APPLIC~1\Lavasoft
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Leadertech
[17/05/2007|16:16] D:\DOCUME~1\YVESCA~1\APPLIC~1\LimeWire
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Macromedia
[25/01/2009|15:38] D:\DOCUME~1\YVESCA~1\APPLIC~1\Malwarebytes
[22/01/2008|18:01] D:\DOCUME~1\YVESCA~1\APPLIC~1\Micro Application
[04/06/2007|19:15] D:\DOCUME~1\YVESCA~1\APPLIC~1\Microsoft
[23/03/2008|19:53] D:\DOCUME~1\YVESCA~1\APPLIC~1\Mozilla
[18/12/2005|18:02] D:\DOCUME~1\YVESCA~1\APPLIC~1\OD2
[30/01/2009|13:26] D:\DOCUME~1\YVESCA~1\APPLIC~1\PLAYBASE
[04/02/2006|08:35] D:\DOCUME~1\YVESCA~1\APPLIC~1\Real
[18/12/2005|17:06] D:\DOCUME~1\YVESCA~1\APPLIC~1\Skype
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sonic
[18/12/2005|17:08] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sun
[18/12/2005|17:03] D:\DOCUME~1\YVESCA~1\APPLIC~1\Symantec
[27/03/2006|19:25] D:\DOCUME~1\YVESCA~1\APPLIC~1\Template
[09/02/2006|20:36] D:\DOCUME~1\YVESCA~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/01/2009 19:49][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/06/2008 20:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/12/2005 16:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[30/01/2009 12:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2005|14:25] C:\Program Files\Adobe
[22/03/2007|19:27] C:\Program Files\Alwil Software
[05/12/2005|14:25] C:\Program Files\AMD
[18/01/2007|20:16] C:\Program Files\AnglaisFacile.com
[18/12/2005|17:00] C:\Program Files\AOL 9.0
[05/12/2005|14:25] C:\Program Files\AOL Compagnon
[10/02/2007|19:41] C:\Program Files\Apple Software Update
[05/04/2006|11:13] C:\Program Files\Ares
[14/05/2006|14:23] C:\Program Files\AWS
[19/03/2006|15:12] C:\Program Files\bleucanard
[22/03/2007|20:03] C:\Program Files\CCleaner
[05/12/2005|14:25] C:\Program Files\ComPlus Applications
[05/12/2005|14:25] C:\Program Files\CyberLink
[19/05/2006|16:57] C:\Program Files\DIFX
[04/06/2007|16:21] C:\Program Files\eChanblard
[05/04/2006|11:11] C:\Program Files\eMule
[30/01/2009|13:35] C:\Program Files\ewido anti-malware
[30/04/2008|15:44] C:\Program Files\Fichiers communs
[05/12/2005|14:25] C:\Program Files\GMixon
[30/01/2009|12:45] C:\Program Files\Google
[05/12/2005|14:25] C:\Program Files\Goto Software
[13/10/2007|11:02] C:\Program Files\InstallShield Installation Information
[25/01/2009|18:17] C:\Program Files\Internet Explorer
[07/01/2007|12:53] C:\Program Files\Inventel
[10/02/2007|19:44] C:\Program Files\iPod
[10/02/2007|19:44] C:\Program Files\iTunes
[27/05/2008|05:31] C:\Program Files\Java
[13/04/2006|15:16] C:\Program Files\Kazaa
[25/11/2006|19:35] C:\Program Files\Lavasoft
[05/12/2005|14:25] C:\Program Files\Learn2.com
[15/05/2007|07:57] C:\Program Files\LimeWire
[25/01/2009|15:38] C:\Program Files\Malwarebytes' Anti-Malware
[26/05/2008|16:53] C:\Program Files\Messenger
[25/05/2008|17:05] C:\Program Files\Messenger Plus! Live
[20/07/2007|11:22] C:\Program Files\MessengerPlus! 3
[22/01/2008|17:54] C:\Program Files\Micro Application
[19/05/2007|02:06] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/12/2005|14:25] C:\Program Files\microsoft frontpage
[18/01/2006|12:26] C:\Program Files\Microsoft Office
[01/01/2006|09:34] C:\Program Files\Microsoft Visual Studio
[18/01/2006|12:26] C:\Program Files\Microsoft Works
[01/01/2006|09:33] C:\Program Files\Microsoft.NET
[26/05/2008|16:52] C:\Program Files\Movie Maker
[25/01/2009|15:24] C:\Program Files\Mozilla Firefox
[14/06/2006|16:55] C:\Program Files\MSN
[05/12/2005|14:25] C:\Program Files\MSN Gaming Zone
[12/05/2008|09:48] C:\Program Files\MSN Messenger
[16/10/2006|18:41] C:\Program Files\MSXML 4.0
[26/05/2008|16:50] C:\Program Files\NetMeeting
[01/05/2008|18:14] C:\Program Files\Norton Internet Security
[05/12/2005|14:28] C:\Program Files\Online Services
[26/05/2008|16:50] C:\Program Files\Outlook Express
[25/01/2009|15:07] C:\Program Files\Panda Security
[09/04/2007|16:12] C:\Program Files\Piolet
[20/06/2008|19:23] C:\Program Files\PLAYBASE
[10/02/2007|19:43] C:\Program Files\QuickTime
[05/12/2005|14:25] C:\Program Files\Real
[10/02/2007|14:39] C:\Program Files\Samsung
[05/12/2005|14:29] C:\Program Files\Services en ligne
[05/12/2005|14:29] C:\Program Files\ShowTime
[09/07/2006|18:32] C:\Program Files\SM
[05/12/2005|14:25] C:\Program Files\Sonic
[18/02/2007|15:37] C:\Program Files\Sony
[07/11/2006|21:06] C:\Program Files\Sony Handheld
[10/06/2008|20:35] C:\Program Files\Spybot - Search & Destroy
[05/12/2005|14:25] C:\Program Files\Ulead Systems
[13/10/2007|11:02] C:\Program Files\Uninstall Information
[30/01/2009|12:43] C:\Program Files\Wanadoo
[10/06/2008|18:25] C:\Program Files\Windows Live
[21/03/2007|17:58] C:\Program Files\Windows Live Toolbar
[05/12/2005|14:25] C:\Program Files\Windows Media Components
[26/05/2008|16:52] C:\Program Files\Windows Media Player
[26/05/2008|16:50] C:\Program Files\Windows NT
[05/12/2005|14:25] C:\Program Files\WindowsUpdate
[05/12/2005|14:25] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2005|14:25] C:\Program Files\Fichiers communs\Adobe
[05/12/2005|14:27] C:\Program Files\Fichiers communs\AOL
[05/12/2005|14:27] C:\Program Files\Fichiers communs\aolshare
[01/01/2006|09:34] C:\Program Files\Fichiers communs\DESIGNER
[26/02/2006|09:01] C:\Program Files\Fichiers communs\InstallShield
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Java
[15/03/2008|16:09] C:\Program Files\Fichiers communs\Microsoft Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\MSSoap
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Nullsoft
[05/12/2005|14:25] C:\Program Files\Fichiers communs\ODBC
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Real
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Services
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Sonic Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\SpeechEngines
[05/12/2005|14:27] C:\Program Files\Fichiers communs\SureThing Shared
[01/05/2008|18:14] C:\Program Files\Fichiers communs\Symantec Shared
[26/05/2008|16:53] C:\Program Files\Fichiers communs\System
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Ulead Systems
[15/03/2008|16:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/12/2005|14:25] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 14 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\surf dupe.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Flag Owns Live Grim"="D:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\surf dupe.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-30 20:20:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\YVESCA~1\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1][D:1]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\Temp
[F:2][D:0]-> D:\DOCUME~1\YVESCA~1\Cookies
[F:6][D:4]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 30/01/2009|20:22 - Option : [1]

--------------------\\ Fin du rapport a 20:22:13
0
Réponse 2 / 14
kanada91 Messages postés 330 Statut Membre 24
 
Bonsoir
tant a des choses ! mais si t'as des virus ! autant nous montrer le rapport d'avast !!!!
0
Réponse 3 / 14
roul347 Messages postés 369 Statut Membre 35
 
il on oublier de te donner un conseille c de changer cette anti-virus je te conseille avgfree un bien mieux que avast (source de problème) le lien garantit sans virus https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/24345.html
0
Maxiking
 
Bonsoir,
Merci du conseil, je changerai de crèmerie...si j'arrive à me débarasser de ces cochoncetées !
0
Réponse 4 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Relance Lop S&D

* Choisis cette fois ci l'Option 2 (Suppression)

* Ne ferme pas la fenêtre lors de la suppression !

* Poste le rapport généré (C:\lopR.txt)
0
Maxiking
 
Précision importante: je travaille en mode sans échec, car je n'ai pas pu redémarrer windows... :(
J'ai fait ce que tu m'as demandé :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 30/01/2009|20:19 )

--------------------\\ Listing des dossiers dans APPLIC~1

[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[04/06/2007|15:24] D:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/12/2005|16:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[10/02/2007|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/02/2008|17:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[03/05/2008|12:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Chinlessdefywarn
[19/01/2006|17:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/03/2007|18:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2009|12:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/01/2009|15:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/01/2008|17:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[25/11/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/03/2006|10:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[31/01/2006|17:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[18/12/2005|17:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[20/06/2008|19:24] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
[10/06/2008|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/05/2006|10:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/09/2006|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[15/03/2008|16:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[23/04/2007|07:26] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Symantec

[23/01/2006|17:51] D:\DOCUME~1\MARIEC~1\APPLIC~1\Adobe
[26/02/2006|15:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\AdobeUM
[18/02/2007|15:39] D:\DOCUME~1\MARIEC~1\APPLIC~1\Apple Computer
[22/12/2005|13:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\CyberLink
[14/06/2006|16:57] D:\DOCUME~1\MARIEC~1\APPLIC~1\Google
[14/06/2006|16:49] D:\DOCUME~1\MARIEC~1\APPLIC~1\HbTools
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\Identities
[25/11/2006|19:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Lavasoft
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Leadertech
[07/01/2006|12:04] D:\DOCUME~1\MARIEC~1\APPLIC~1\Macromedia
[21/03/2007|17:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Microsoft
[14/06/2006|16:55] D:\DOCUME~1\MARIEC~1\APPLIC~1\MSNInstaller
[19/12/2005|20:07] D:\DOCUME~1\MARIEC~1\APPLIC~1\OD2
[04/06/2007|16:21] D:\DOCUME~1\MARIEC~1\APPLIC~1\Okay Extra
[17/06/2006|11:11] D:\DOCUME~1\MARIEC~1\APPLIC~1\PLAYBASE
[18/01/2006|14:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Real
[10/02/2007|14:48] D:\DOCUME~1\MARIEC~1\APPLIC~1\Samsung
[14/06/2006|16:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\ShopperReports
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sonic
[15/01/2006|14:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sun
[12/03/2006|14:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Symantec
[24/02/2006|17:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Template
[09/02/2006|18:12] D:\DOCUME~1\MARIEC~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

[19/03/2006|12:34] D:\DOCUME~1\YVESCA~1\APPLIC~1\Adobe
[11/01/2007|21:31] D:\DOCUME~1\YVESCA~1\APPLIC~1\AdobeUM
[01/05/2008|18:21] D:\DOCUME~1\YVESCA~1\APPLIC~1\Apple Computer
[11/02/2008|17:43] D:\DOCUME~1\YVESCA~1\APPLIC~1\Azureus
[30/12/2007|08:39] D:\DOCUME~1\YVESCA~1\APPLIC~1\CyberLink
[25/06/2006|08:44] D:\DOCUME~1\YVESCA~1\APPLIC~1\Google
[18/12/2005|17:00] D:\DOCUME~1\YVESCA~1\APPLIC~1\Help
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Identities
[25/11/2006|20:30] D:\DOCUME~1\YVESCA~1\APPLIC~1\Lavasoft
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Leadertech
[17/05/2007|16:16] D:\DOCUME~1\YVESCA~1\APPLIC~1\LimeWire
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Macromedia
[25/01/2009|15:38] D:\DOCUME~1\YVESCA~1\APPLIC~1\Malwarebytes
[22/01/2008|18:01] D:\DOCUME~1\YVESCA~1\APPLIC~1\Micro Application
[04/06/2007|19:15] D:\DOCUME~1\YVESCA~1\APPLIC~1\Microsoft
[23/03/2008|19:53] D:\DOCUME~1\YVESCA~1\APPLIC~1\Mozilla
[18/12/2005|18:02] D:\DOCUME~1\YVESCA~1\APPLIC~1\OD2
[30/01/2009|13:26] D:\DOCUME~1\YVESCA~1\APPLIC~1\PLAYBASE
[04/02/2006|08:35] D:\DOCUME~1\YVESCA~1\APPLIC~1\Real
[18/12/2005|17:06] D:\DOCUME~1\YVESCA~1\APPLIC~1\Skype
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sonic
[18/12/2005|17:08] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sun
[18/12/2005|17:03] D:\DOCUME~1\YVESCA~1\APPLIC~1\Symantec
[27/03/2006|19:25] D:\DOCUME~1\YVESCA~1\APPLIC~1\Template
[09/02/2006|20:36] D:\DOCUME~1\YVESCA~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/01/2009 19:49][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/06/2008 20:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/12/2005 16:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[30/01/2009 12:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2005|14:25] C:\Program Files\Adobe
[22/03/2007|19:27] C:\Program Files\Alwil Software
[05/12/2005|14:25] C:\Program Files\AMD
[18/01/2007|20:16] C:\Program Files\AnglaisFacile.com
[18/12/2005|17:00] C:\Program Files\AOL 9.0
[05/12/2005|14:25] C:\Program Files\AOL Compagnon
[10/02/2007|19:41] C:\Program Files\Apple Software Update
[05/04/2006|11:13] C:\Program Files\Ares
[14/05/2006|14:23] C:\Program Files\AWS
[19/03/2006|15:12] C:\Program Files\bleucanard
[22/03/2007|20:03] C:\Program Files\CCleaner
[05/12/2005|14:25] C:\Program Files\ComPlus Applications
[05/12/2005|14:25] C:\Program Files\CyberLink
[19/05/2006|16:57] C:\Program Files\DIFX
[04/06/2007|16:21] C:\Program Files\eChanblard
[05/04/2006|11:11] C:\Program Files\eMule
[30/01/2009|13:35] C:\Program Files\ewido anti-malware
[30/04/2008|15:44] C:\Program Files\Fichiers communs
[05/12/2005|14:25] C:\Program Files\GMixon
[30/01/2009|12:45] C:\Program Files\Google
[05/12/2005|14:25] C:\Program Files\Goto Software
[13/10/2007|11:02] C:\Program Files\InstallShield Installation Information
[25/01/2009|18:17] C:\Program Files\Internet Explorer
[07/01/2007|12:53] C:\Program Files\Inventel
[10/02/2007|19:44] C:\Program Files\iPod
[10/02/2007|19:44] C:\Program Files\iTunes
[27/05/2008|05:31] C:\Program Files\Java
[13/04/2006|15:16] C:\Program Files\Kazaa
[25/11/2006|19:35] C:\Program Files\Lavasoft
[05/12/2005|14:25] C:\Program Files\Learn2.com
[15/05/2007|07:57] C:\Program Files\LimeWire
[25/01/2009|15:38] C:\Program Files\Malwarebytes' Anti-Malware
[26/05/2008|16:53] C:\Program Files\Messenger
[25/05/2008|17:05] C:\Program Files\Messenger Plus! Live
[20/07/2007|11:22] C:\Program Files\MessengerPlus! 3
[22/01/2008|17:54] C:\Program Files\Micro Application
[19/05/2007|02:06] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/12/2005|14:25] C:\Program Files\microsoft frontpage
[18/01/2006|12:26] C:\Program Files\Microsoft Office
[01/01/2006|09:34] C:\Program Files\Microsoft Visual Studio
[18/01/2006|12:26] C:\Program Files\Microsoft Works
[01/01/2006|09:33] C:\Program Files\Microsoft.NET
[26/05/2008|16:52] C:\Program Files\Movie Maker
[25/01/2009|15:24] C:\Program Files\Mozilla Firefox
[14/06/2006|16:55] C:\Program Files\MSN
[05/12/2005|14:25] C:\Program Files\MSN Gaming Zone
[12/05/2008|09:48] C:\Program Files\MSN Messenger
[16/10/2006|18:41] C:\Program Files\MSXML 4.0
[26/05/2008|16:50] C:\Program Files\NetMeeting
[01/05/2008|18:14] C:\Program Files\Norton Internet Security
[05/12/2005|14:28] C:\Program Files\Online Services
[26/05/2008|16:50] C:\Program Files\Outlook Express
[25/01/2009|15:07] C:\Program Files\Panda Security
[09/04/2007|16:12] C:\Program Files\Piolet
[20/06/2008|19:23] C:\Program Files\PLAYBASE
[10/02/2007|19:43] C:\Program Files\QuickTime
[05/12/2005|14:25] C:\Program Files\Real
[10/02/2007|14:39] C:\Program Files\Samsung
[05/12/2005|14:29] C:\Program Files\Services en ligne
[05/12/2005|14:29] C:\Program Files\ShowTime
[09/07/2006|18:32] C:\Program Files\SM
[05/12/2005|14:25] C:\Program Files\Sonic
[18/02/2007|15:37] C:\Program Files\Sony
[07/11/2006|21:06] C:\Program Files\Sony Handheld
[10/06/2008|20:35] C:\Program Files\Spybot - Search & Destroy
[05/12/2005|14:25] C:\Program Files\Ulead Systems
[13/10/2007|11:02] C:\Program Files\Uninstall Information
[30/01/2009|12:43] C:\Program Files\Wanadoo
[10/06/2008|18:25] C:\Program Files\Windows Live
[21/03/2007|17:58] C:\Program Files\Windows Live Toolbar
[05/12/2005|14:25] C:\Program Files\Windows Media Components
[26/05/2008|16:52] C:\Program Files\Windows Media Player
[26/05/2008|16:50] C:\Program Files\Windows NT
[05/12/2005|14:25] C:\Program Files\WindowsUpdate
[05/12/2005|14:25] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2005|14:25] C:\Program Files\Fichiers communs\Adobe
[05/12/2005|14:27] C:\Program Files\Fichiers communs\AOL
[05/12/2005|14:27] C:\Program Files\Fichiers communs\aolshare
[01/01/2006|09:34] C:\Program Files\Fichiers communs\DESIGNER
[26/02/2006|09:01] C:\Program Files\Fichiers communs\InstallShield
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Java
[15/03/2008|16:09] C:\Program Files\Fichiers communs\Microsoft Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\MSSoap
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Nullsoft
[05/12/2005|14:25] C:\Program Files\Fichiers communs\ODBC
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Real
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Services
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Sonic Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\SpeechEngines
[05/12/2005|14:27] C:\Program Files\Fichiers communs\SureThing Shared
[01/05/2008|18:14] C:\Program Files\Fichiers communs\Symantec Shared
[26/05/2008|16:53] C:\Program Files\Fichiers communs\System
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Ulead Systems
[15/03/2008|16:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/12/2005|14:25] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 14 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\surf dupe.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Flag Owns Live Grim"="D:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\surf dupe.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-30 20:20:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\YVESCA~1\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1][D:1]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\Temp
[F:2][D:0]-> D:\DOCUME~1\YVESCA~1\Cookies
[F:6][D:4]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 30/01/2009|20:22 - Option : [1]

--------------------\\ Fin du rapport a 20:22:13
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Tu as remis le rapport de l'option 1
Je voudrais le rapport de l'option 2 ;-)
0
Maxiking
 
oups :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 30/01/2009|20:28 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\surf dupe.exe
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[04/06/2007|15:24] D:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/12/2005|16:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[10/02/2007|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/02/2008|17:30] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[03/05/2008|12:55] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Chinlessdefywarn
[19/01/2006|17:43] D:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[21/03/2007|18:17] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2009|12:56] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[25/01/2009|15:38] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[22/01/2008|17:54] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
[25/11/2006|19:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/03/2006|10:20] D:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[31/01/2006|17:39] D:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[18/12/2005|17:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[10/06/2008|19:41] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[31/05/2006|10:35] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/09/2006|17:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[15/03/2008|16:08] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[24/11/2005|13:21] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/12/2005|14:33] D:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[23/04/2007|07:26] D:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Symantec

[23/01/2006|17:51] D:\DOCUME~1\MARIEC~1\APPLIC~1\Adobe
[26/02/2006|15:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\AdobeUM
[18/02/2007|15:39] D:\DOCUME~1\MARIEC~1\APPLIC~1\Apple Computer
[22/12/2005|13:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\CyberLink
[14/06/2006|16:57] D:\DOCUME~1\MARIEC~1\APPLIC~1\Google
[14/06/2006|16:49] D:\DOCUME~1\MARIEC~1\APPLIC~1\HbTools
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\Identities
[25/11/2006|19:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Lavasoft
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Leadertech
[07/01/2006|12:04] D:\DOCUME~1\MARIEC~1\APPLIC~1\Macromedia
[21/03/2007|17:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Microsoft
[14/06/2006|16:55] D:\DOCUME~1\MARIEC~1\APPLIC~1\MSNInstaller
[19/12/2005|20:07] D:\DOCUME~1\MARIEC~1\APPLIC~1\OD2
[04/06/2007|16:21] D:\DOCUME~1\MARIEC~1\APPLIC~1\Okay Extra
[17/06/2006|11:11] D:\DOCUME~1\MARIEC~1\APPLIC~1\PLAYBASE
[18/01/2006|14:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Real
[10/02/2007|14:48] D:\DOCUME~1\MARIEC~1\APPLIC~1\Samsung
[14/06/2006|16:52] D:\DOCUME~1\MARIEC~1\APPLIC~1\ShopperReports
[22/12/2005|13:45] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sonic
[15/01/2006|14:58] D:\DOCUME~1\MARIEC~1\APPLIC~1\Sun
[12/03/2006|14:35] D:\DOCUME~1\MARIEC~1\APPLIC~1\Symantec
[24/02/2006|17:20] D:\DOCUME~1\MARIEC~1\APPLIC~1\Template
[09/02/2006|18:12] D:\DOCUME~1\MARIEC~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\MARIEC~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[05/12/2005|14:33] D:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft

[19/03/2006|12:34] D:\DOCUME~1\YVESCA~1\APPLIC~1\Adobe
[11/01/2007|21:31] D:\DOCUME~1\YVESCA~1\APPLIC~1\AdobeUM
[01/05/2008|18:21] D:\DOCUME~1\YVESCA~1\APPLIC~1\Apple Computer
[11/02/2008|17:43] D:\DOCUME~1\YVESCA~1\APPLIC~1\Azureus
[30/12/2007|08:39] D:\DOCUME~1\YVESCA~1\APPLIC~1\CyberLink
[25/06/2006|08:44] D:\DOCUME~1\YVESCA~1\APPLIC~1\Google
[18/12/2005|17:00] D:\DOCUME~1\YVESCA~1\APPLIC~1\Help
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Identities
[25/11/2006|20:30] D:\DOCUME~1\YVESCA~1\APPLIC~1\Lavasoft
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Leadertech
[17/05/2007|16:16] D:\DOCUME~1\YVESCA~1\APPLIC~1\LimeWire
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\Macromedia
[25/01/2009|15:38] D:\DOCUME~1\YVESCA~1\APPLIC~1\Malwarebytes
[22/01/2008|18:01] D:\DOCUME~1\YVESCA~1\APPLIC~1\Micro Application
[04/06/2007|19:15] D:\DOCUME~1\YVESCA~1\APPLIC~1\Microsoft
[23/03/2008|19:53] D:\DOCUME~1\YVESCA~1\APPLIC~1\Mozilla
[18/12/2005|18:02] D:\DOCUME~1\YVESCA~1\APPLIC~1\OD2
[30/01/2009|13:26] D:\DOCUME~1\YVESCA~1\APPLIC~1\PLAYBASE
[04/02/2006|08:35] D:\DOCUME~1\YVESCA~1\APPLIC~1\Real
[18/12/2005|17:06] D:\DOCUME~1\YVESCA~1\APPLIC~1\Skype
[02/04/2006|16:59] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sonic
[18/12/2005|17:08] D:\DOCUME~1\YVESCA~1\APPLIC~1\Sun
[18/12/2005|17:03] D:\DOCUME~1\YVESCA~1\APPLIC~1\Symantec
[27/03/2006|19:25] D:\DOCUME~1\YVESCA~1\APPLIC~1\Template
[09/02/2006|20:36] D:\DOCUME~1\YVESCA~1\APPLIC~1\Ulead Systems
[05/12/2005|14:33] D:\DOCUME~1\YVESCA~1\APPLIC~1\You've Got Pictures Screensaver

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[30/01/2009 19:49][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[10/06/2008 20:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18/12/2005 16:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
[30/01/2009 12:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/12/2005|14:25] C:\Program Files\Adobe
[22/03/2007|19:27] C:\Program Files\Alwil Software
[05/12/2005|14:25] C:\Program Files\AMD
[18/01/2007|20:16] C:\Program Files\AnglaisFacile.com
[18/12/2005|17:00] C:\Program Files\AOL 9.0
[05/12/2005|14:25] C:\Program Files\AOL Compagnon
[10/02/2007|19:41] C:\Program Files\Apple Software Update
[05/04/2006|11:13] C:\Program Files\Ares
[14/05/2006|14:23] C:\Program Files\AWS
[19/03/2006|15:12] C:\Program Files\bleucanard
[22/03/2007|20:03] C:\Program Files\CCleaner
[05/12/2005|14:25] C:\Program Files\ComPlus Applications
[05/12/2005|14:25] C:\Program Files\CyberLink
[19/05/2006|16:57] C:\Program Files\DIFX
[04/06/2007|16:21] C:\Program Files\eChanblard
[05/04/2006|11:11] C:\Program Files\eMule
[30/01/2009|13:35] C:\Program Files\ewido anti-malware
[30/04/2008|15:44] C:\Program Files\Fichiers communs
[05/12/2005|14:25] C:\Program Files\GMixon
[30/01/2009|12:45] C:\Program Files\Google
[05/12/2005|14:25] C:\Program Files\Goto Software
[13/10/2007|11:02] C:\Program Files\InstallShield Installation Information
[25/01/2009|18:17] C:\Program Files\Internet Explorer
[07/01/2007|12:53] C:\Program Files\Inventel
[10/02/2007|19:44] C:\Program Files\iPod
[10/02/2007|19:44] C:\Program Files\iTunes
[27/05/2008|05:31] C:\Program Files\Java
[13/04/2006|15:16] C:\Program Files\Kazaa
[25/11/2006|19:35] C:\Program Files\Lavasoft
[05/12/2005|14:25] C:\Program Files\Learn2.com
[15/05/2007|07:57] C:\Program Files\LimeWire
[25/01/2009|15:38] C:\Program Files\Malwarebytes' Anti-Malware
[26/05/2008|16:53] C:\Program Files\Messenger
[25/05/2008|17:05] C:\Program Files\Messenger Plus! Live
[20/07/2007|11:22] C:\Program Files\MessengerPlus! 3
[22/01/2008|17:54] C:\Program Files\Micro Application
[19/05/2007|02:06] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/12/2005|14:25] C:\Program Files\microsoft frontpage
[18/01/2006|12:26] C:\Program Files\Microsoft Office
[01/01/2006|09:34] C:\Program Files\Microsoft Visual Studio
[18/01/2006|12:26] C:\Program Files\Microsoft Works
[01/01/2006|09:33] C:\Program Files\Microsoft.NET
[26/05/2008|16:52] C:\Program Files\Movie Maker
[25/01/2009|15:24] C:\Program Files\Mozilla Firefox
[14/06/2006|16:55] C:\Program Files\MSN
[05/12/2005|14:25] C:\Program Files\MSN Gaming Zone
[12/05/2008|09:48] C:\Program Files\MSN Messenger
[16/10/2006|18:41] C:\Program Files\MSXML 4.0
[26/05/2008|16:50] C:\Program Files\NetMeeting
[01/05/2008|18:14] C:\Program Files\Norton Internet Security
[05/12/2005|14:28] C:\Program Files\Online Services
[26/05/2008|16:50] C:\Program Files\Outlook Express
[25/01/2009|15:07] C:\Program Files\Panda Security
[09/04/2007|16:12] C:\Program Files\Piolet
[20/06/2008|19:23] C:\Program Files\PLAYBASE
[10/02/2007|19:43] C:\Program Files\QuickTime
[05/12/2005|14:25] C:\Program Files\Real
[10/02/2007|14:39] C:\Program Files\Samsung
[05/12/2005|14:29] C:\Program Files\Services en ligne
[05/12/2005|14:29] C:\Program Files\ShowTime
[09/07/2006|18:32] C:\Program Files\SM
[05/12/2005|14:25] C:\Program Files\Sonic
[18/02/2007|15:37] C:\Program Files\Sony
[07/11/2006|21:06] C:\Program Files\Sony Handheld
[10/06/2008|20:35] C:\Program Files\Spybot - Search & Destroy
[05/12/2005|14:25] C:\Program Files\Ulead Systems
[13/10/2007|11:02] C:\Program Files\Uninstall Information
[30/01/2009|12:43] C:\Program Files\Wanadoo
[10/06/2008|18:25] C:\Program Files\Windows Live
[21/03/2007|17:58] C:\Program Files\Windows Live Toolbar
[05/12/2005|14:25] C:\Program Files\Windows Media Components
[26/05/2008|16:52] C:\Program Files\Windows Media Player
[26/05/2008|16:50] C:\Program Files\Windows NT
[05/12/2005|14:25] C:\Program Files\WindowsUpdate
[05/12/2005|14:25] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[05/12/2005|14:25] C:\Program Files\Fichiers communs\Adobe
[05/12/2005|14:27] C:\Program Files\Fichiers communs\AOL
[05/12/2005|14:27] C:\Program Files\Fichiers communs\aolshare
[01/01/2006|09:34] C:\Program Files\Fichiers communs\DESIGNER
[26/02/2006|09:01] C:\Program Files\Fichiers communs\InstallShield
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Java
[15/03/2008|16:09] C:\Program Files\Fichiers communs\Microsoft Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\MSSoap
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Nullsoft
[05/12/2005|14:25] C:\Program Files\Fichiers communs\ODBC
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Real
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Services
[05/12/2005|14:27] C:\Program Files\Fichiers communs\Sonic Shared
[05/12/2005|14:25] C:\Program Files\Fichiers communs\SpeechEngines
[05/12/2005|14:27] C:\Program Files\Fichiers communs\SureThing Shared
[01/05/2008|18:14] C:\Program Files\Fichiers communs\Symantec Shared
[26/05/2008|16:53] C:\Program Files\Fichiers communs\System
[05/12/2005|14:25] C:\Program Files\Fichiers communs\Ulead Systems
[15/03/2008|16:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/12/2005|14:25] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 14 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-30 20:29:46
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
folder error: D:\DOCUME~1\YVESCA~1\LOCALS~1\APPLIC~1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:1][D:1]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\Temp
[F:2][D:0]-> D:\DOCUME~1\YVESCA~1\Cookies
[F:6][D:4]-> D:\DOCUME~1\YVESCA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 30/01/2009|20:22 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 30/01/2009|20:30 - Option : [2]

--------------------\\ Fin du rapport a 20:30:58
0
Réponse 6 / 14
kanada91 Messages postés 330 Statut Membre 24
 
ce qui se lance dans le run de la base de registre :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Flag Owns Live Grim"="D:\\Documents and Settings\\All Users\\Application Data\\Software rule flag owns\\surf dupe.exe"
ça faut le dégager !
0
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Faut lire :

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns\surf dupe.exe
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Software rule flag owns
-
0
Réponse 7 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Maxiking
 
Voilà :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 30/01/2009|20:52 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\KaZaA
C:\Program Files\KaZaA\data
C:\Program Files\KaZaA\licenses
C:\Program Files\KaZaA\My Shared Folder
C:\Program Files\KaZaA\data\{2358CC3A-8336-645C-3275-E985A0E0C1DC}
C:\Program Files\KaZaA\data\{44EBB79C-7E1A-6777-3D7E-61AFD5740BF9}
C:\Program Files\KaZaA\data\{63F99483-F25D-C8E7-96DA-9B368A0541A4}
C:\Program Files\KaZaA\data\{C45CF92C-D663-FDBD-04EE-9FEBA4462301}
C:\Program Files\Piolet
C:\Program Files\Piolet\default.m3u

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 30/01/2009|20:54 - Option : [1]

-----------\\ Fin du rapport a 20:54:01,71
0
Réponse 8 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
0
Maxiking
 
Voilà chef :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 30/01/2009|20:52 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\KaZaA
C:\Program Files\KaZaA\data
C:\Program Files\KaZaA\licenses
C:\Program Files\KaZaA\My Shared Folder
C:\Program Files\KaZaA\data\{2358CC3A-8336-645C-3275-E985A0E0C1DC}
C:\Program Files\KaZaA\data\{44EBB79C-7E1A-6777-3D7E-61AFD5740BF9}
C:\Program Files\KaZaA\data\{63F99483-F25D-C8E7-96DA-9B368A0541A4}
C:\Program Files\KaZaA\data\{C45CF92C-D663-FDBD-04EE-9FEBA4462301}
C:\Program Files\Piolet
C:\Program Files\Piolet\default.m3u

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 30/01/2009|20:54 - Option : [1]

-----------\\ Fin du rapport a 20:54:01,71
0
Réponse 9 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
C'est le rapport de l'option 1
Poste le rapport de l'option 2 stp.
0
Maxiking
 
je suis désespérement pas doué :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : BIOS Date: 06/20/05 17:50:54 Ver: 08.00.12
USER : YVES CARPENTIER ( Administrator )
BOOT : Fail-safe boot
Antivirus : avast! antivirus 4.8.1201 [VPS 090125-0] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:29 Go (Free:21 Go)
D:\ (Local Disk) - NTFS - Total:111 Go (Free:107 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT32 - Total:7828 Mo (Free:2 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 30/01/2009|21:11 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\KaZaA\data
Supprime! - C:\Program Files\KaZaA\licenses
Supprime! - C:\Program Files\KaZaA\My Shared Folder
Supprime! - C:\Program Files\Piolet\default.m3u
Supprime! - C:\Program Files\KaZaA
Supprime! - C:\Program Files\Piolet

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 30/01/2009|20:54 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/01/2009|21:12 - Option : [2]

-----------\\ Fin du rapport a 21:12:03,21
0
Réponse 10 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Parfait, fais un nouvel Hijackthis stp.
0
Maxiking
 
Voilà le nouveau rapport Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37:38, on 30/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
F:\Programmes\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=374
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera LTI301P
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: SonyPDA USB Switcher.lnk = C:\Program Files\Sony Handheld\USBSwt.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O21 - SSODL: lLdqffyXPkUp - {F453F03A-5EF9-5A90-60B7-8394C3BFFAEF} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 11 / 14
jojo
 
tu devrai pas mettre a jour toute c information a t risque et péril ca sera pas des virus la
0
Maxiking
 
Bonsoir,
Je ne comprends pas trop ce que tu veux que je fasse, ni pourquoi?
0
Réponse 12 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
Imprime ces instructions ou sauvegarde les sur ton Bureau car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton bureau à partir de ce lien :

https://download.cnet.com/Malwarebytes/3000-8022_4-10804572.html

A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

MBAM analyse ton ordinateur. L'analyse peut prendre un certain teps. Il suffit de vérifier de temps en temps son avancement.

A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

MBAM va ouvrir le bloc-notes et y copier le rapport d'analyse. Ferme le bloc-note. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

Ferme MBAM en cliquant sur Quitter.

Poste le rapport sur le forum.

0
Maxiking
 
Ok,

Je te poste ça emain matin. Merci pour ton aide. Bonne nuit
0
Maxiking
 
désolé pour le retard, je bossais hier...Voilà ce que tu m'a demandé l'ami:
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1691
Windows 5.1.2600 Service Pack 2

01/02/2009 09:10:51
mbam-log-2009-02-01 (09-10-51).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 135894
Temps écoulé: 2 hour(s), 47 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 13 / 14
jojo
 
il y a des information priver a ne pas montrer en publique voila et avast et pas terrible comme anti vir pense a le changer
0
Réponse 14 / 14
toptitbal Messages postés 26224 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 232
 
OK, où en es(tu ?
As-tu encore des problèmes ?
0
Maxiking
 
Au redémarrage du PC j'ai eu un écran bleu avec une erreur 0x0000007e
J'ai redémarré en mose sans echec puis redémarrer et ça à l'air d'aller normal.
J'ai refait un scan complet avast qui me détecte tjs des virus que j'ai mis en quarantaine :
win32:Trojan-gen
Win32:Swizzor
Win32:SysPatch

Etant placés dans le dossier Windows system32 je n'ose pas les supprimer. Que faire docteur Toptibal?
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Créer un compte google sans donner de numéro de téléphone
Polcop945 -
Roza -

6 réponses