Computer infecté

pinka01 Messages postés 81 Statut Membre -  
pinka01 Messages postés 81 Statut Membre -
Bonjour,
j'ai fais un scan online de kaspersky aprés ke j rend compte ke mon pc est devenuu trés lent et s bloque de temps en temps.
j'espére avoir votre aide pr résoudre ce probléme ca sera trés gentil merci d'avance.
voila le rapport de onlinescanner:

KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, September 3, 2009
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, September 03, 2009 13:46:36
Records in database: 2742384
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Objects scanned: 102370
Threats found: 3
Infected objects found: 2
Suspicious objects found: 1
Scan duration: 03:07:45

File name / Threat / Threats count
D:\logiciel\IDM517\Patch idm.zip Suspicious: Password-protected-EXE 1
D:\logiciel\logic\Web[1].Page.Maker.v3.12.WinAll.Incl.Keygen-CRD.rar Infected: Virus.Win32.Induc.a 1
D:\tof_amis\tkharbi9\idm 5[1][1].15.6 patch.rar Infected: Backdoor.Win32.Bifrose.bmzp 1

Selected area has been scanned.
Configuration: Windows XP Internet Explorer 6.0

9 réponses

  1. Remi2
     
    bonjours,

    Commencez par supprimer tout les fichiers illégals qui sont sur le PC.
    Les infections les plus dommageables viennent de ce genre fichiers.
    D:\logiciel\IDM517\Patch idm.zip
    D:\logiciel\logic\Web[1].Page.Maker.v3.12.WinAll.Incl.Keygen­-CRD.rar
    D:\tof_amis\tkharbi9\idm 5[1][1].15.6 patch.rar

    Ensuite ..

    Téléchargez HijackThis : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
    • Installez et Lancer HijackThis, via le raccourci créé sur votre bureau,
    • Appuyer sur [Do a system scan and save a logfile].
    >> Le bloc-note va s'ouvrir avec un rapport,
    Postez le rapport de HijackThis.
    _____________________________________________________________________________

    Téléchargez Rooter (IDN) sur votre bureau :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/Rooter.exe?attachauth=ANoY7cpzQksLcJt-e1z30LGu7t4JjUhh8amzWs_oSPSJpXbXp8ythGbW2WF8ysioh5NNlarrn7zMnYCRfsT5rCwNrfw5_CZYELApylTiY_MGu0G6uKzWpLEF2YXM3tF7nKZZAWj0JSAajXlZhd8dIyI3MrZ-lAIT5ZrAdcrct9_7bshwVpaZRPizuMTv9SDvmvY31BX4Vvvh2F2Brp1cy_K0jtTTfjttEA%3D%3D&attredirects=2

    /|\ Déconnectez l'Internet et fermez toutes applications en cours /|\

    • Lancez Rooter et laissez le aller,
    Postez le rapport( C:\ Rooter.txt).
    0
  2. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Bonjour,

    Le plus urgent c'est le backdoor.
    0
  3. pinka01 Messages postés 81 Statut Membre
     
    merci bcq pr votre aide .
    voila le rapport de hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:58:45, on 03/09/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\NetSupport\NetSupport School\client32.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\NetSupport\NetSupport School\runplugin.exe
    C:\Program Files\NetSupport\NetSupport School\runplugin.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Software Informer\softinfo.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {F4F10C1D-87C7-404A-B4B3-000000000000} - (no file)
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
    O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\fichiers communs\nsl\nslsp.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u12-windows-i586-jc.cab&AuthParam=1580995027_72a6c87f48db93b4aa689b7c39c67cbb&ext=.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0009AE2F-F588-4C0C-BCF7-CB6FD3C53591}: NameServer = 62.251.229.223 62.251.229.237
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E4EF8FB8-78C1-45D5-9B28-9795B4257E67}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0009AE2F-F588-4C0C-BCF7-CB6FD3C53591}: NameServer = 62.251.229.223 62.251.229.237
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (file missing)
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Client32 - NetSupport Ltd - C:\Program Files\NetSupport\NetSupport School\client32.exe
    O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    0
  4. pinka01 Messages postés 81 Statut Membre
     
    et le 2 eme rapport:

    Rooter.exe (v1.0.2) by Eric_71
    .
    SeDebugPrivilege granted successfully ...
    .
    Windows XP . (5.1.2600) Service Pack 2
    [32_bits] - x86 Family 6 Model 15 Stepping 6, GenuineIntel
    .
    [wscsvc] (Security Center) RUNNING (state:4)
    [SharedAccess] RUNNING (state:4)
    Windows Firewall -> Disabled !
    .
    Internet Explorer 6.0.2900.2180
    .
    C:\ [Fixed-FAT32] .. ( Total:29 Go - Free:7 Go )
    D:\ [Fixed-NTFS] .. ( Total:58 Go - Free:0 Go )
    E:\ [Fixed-NTFS] .. ( Total:61 Go - Free:5 Go )
    F:\ [CD_Rom]
    .
    Scan : 17:54.17
    Path : C:\Documents and Settings\fati\Bureau\Rooter.exe
    User : fati ( Administrator -> YES )
    .
    ----------------------\\ Processes
    .
    Locked [System Process] (0)
    ______ System (4)
    ______ \SystemRoot\System32\smss.exe (856)
    ______ \??\C:\WINDOWS\system32\csrss.exe (924)
    ______ \??\C:\WINDOWS\system32\winlogon.exe (948)
    ______ C:\WINDOWS\system32\services.exe (992)
    ______ C:\WINDOWS\system32\lsass.exe (1004)
    ______ C:\WINDOWS\system32\svchost.exe (1156)
    ______ C:\WINDOWS\system32\svchost.exe (1216)
    ______ C:\WINDOWS\System32\svchost.exe (1256)
    ______ C:\WINDOWS\system32\svchost.exe (1432)
    ______ C:\WINDOWS\system32\svchost.exe (1476)
    ______ C:\WINDOWS\system32\spoolsv.exe (1772)
    ______ C:\WINDOWS\system32\svchost.exe (1852)
    ______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (528)
    ______ C:\Program Files\NetSupport\NetSupport School\client32.exe (540)
    ______ C:\Program Files\Java\jre6\bin\jqs.exe (604)
    ______ C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (652)
    ______ C:\WINDOWS\Explorer.EXE (908)
    ______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (1372)
    ______ C:\PROGRA~1\AVG\AVG8\avgemc.exe (1396)
    ______ C:\PROGRA~1\AVG\AVG8\avgnsx.exe (1408)
    ______ C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (1552)
    ______ C:\Program Files\NetSupport\NetSupport School\runplugin.exe (1708)
    ______ C:\Program Files\NetSupport\NetSupport School\runplugin.exe (1968)
    ______ C:\Program Files\AVG\AVG8\avgcsrvx.exe (2016)
    ______ C:\WINDOWS\System32\alg.exe (564)
    ______ C:\WINDOWS\system32\wscntfy.exe (1932)
    ______ C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (2128)
    ______ C:\Program Files\Java\jre6\bin\jusched.exe (2200)
    ______ C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (2212)
    ______ C:\WINDOWS\system32\wbem\wmiprvse.exe (2260)
    ______ C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe (2276)
    ______ C:\WINDOWS\system32\ctfmon.exe (2320)
    ______ C:\Program Files\MSN Messenger\MsnMsgr.Exe (2328)
    ______ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (2364)
    ______ C:\Program Files\Software Informer\softinfo.exe (2384)
    ______ C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe (2428)
    ______ C:\WINDOWS\system32\wbem\wmiapsrv.exe (2692)
    ______ C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (2824)
    ______ C:\Program Files\Internet Explorer\iexplore.exe (3532)
    ______ C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe (3676)
    ______ C:\Program Files\AVG\AVG8\avgtray.exe (1208)
    ______ C:\Documents and Settings\fati\Bureau\Rooter.exe (3840)
    .
    ----------------------\\ Device\Harddisk0\
    .
    \Device\Harddisk0 [Sectors : 63 x 512 Bytes]
    .
    \Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:31453438464)
    \Device\Harddisk0\Partition0 (Start_Offset:31453470720 | Length:128577576960)
    \Device\Harddisk0\Partition2 (Start_Offset:31453502976 | Length:62914650624)
    \Device\Harddisk0\Partition0 (Start_Offset:94368153600 | Length:65662894080)
    \Device\Harddisk0\Partition3 (Start_Offset:94368185856 | Length:65662861824)
    .
    ----------------------\\ Scheduled Tasks
    .
    C:\WINDOWS\Tasks\desktop.ini
    C:\WINDOWS\Tasks\SA.DAT
    C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    .
    ----------------------\\ Registry
    .
    .
    ----------------------\\ Files & Folders
    .
    C:\PROGRA~1\Circle Developement
    [b]==> Lop <==/b
    .
    ----------------------\\ Scan completed at 17:54.26
    .
    C:\Rooter$\Rooter_1.txt - (03/09/2009 | 17:54.26)
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Remi2
     
    re,

    >> Par mesure de sécurité, après la désinfection.
    >> Vous changerez tout vos mots de passes d'Institions financières et autre.

    ___________________________________________________________

    Téléchargez Lop S&D sur votre Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    Désactivez votre antivirus,

    • Installez et Lancer Lop S&D.exe
    • Choisissez la langue ici F pour Français puis validez par Entrée.
    • Sélectionner l'option 1 - Recherche et valider
    • >>> Patientez scan en cours. <<<
    • Lorsque le scan est terminé, le Bloc-note va s'ouvrir avec un rapport
    Postez le rapport (C:\LopR.txt).

    (Si le Bureau ne réapparaît pas appuyer sur Ctrl-lt-Suppr,
    -> Fichier -> Nouvelle tâche, entrez explorer et validez

    Réactivez votre antivirus,
    ___________________________________________________________

    Vérification d'un processus de programme.

    • Faites Ctrl-Alt-Supp et allez dans [Processus]
    • Rechercher et faites un clic-droit sur softinfo.exe --> [terminer]

    • Allez chez scanner ce fichier chez virus total : https://www.virustotal.com/gui/
    C:\Program Files\Software Informer\softinfo.exe

    ► Postez l'adresse http//....... de la page contenant le résultat su Scan.
    ___________________________________________________________

    Compléter la désinstallation d'Antivir.
    • Avec ceci : http://dlpro.antivir.com/down/windows/tool_en.exe
    0
  7. pinka01 Messages postés 81 Statut Membre
     
    reslt;

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz )
    BIOS : KBC Version 82.15
    USER : fati ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    C:\ (Local Disk) - FAT32 - Total:29 Go (Free:8 Go)
    D:\ (Local Disk) - NTFS - Total:58 Go (Free:0 Go)
    E:\ (Local Disk) - NTFS - Total:61 Go (Free:5 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 03/09/2009|20:03 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [01/02/2009|23:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [05/02/2009|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/03/2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [06/03/2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/07/2009|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
    [06/07/2009|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [18/03/2009|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [04/02/2009|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/02/2009|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [02/02/2009|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/03/2009|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/02/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [02/02/2009|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [16/03/2009|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NetSupport
    [12/03/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
    [12/03/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [26/01/2009|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [04/03/2009|23:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [01/02/2009|23:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/02/2009|23:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/02/2009|17:35] C:\DOCUME~1\fati\APPLIC~1\Adobe
    [03/02/2009|17:35] C:\DOCUME~1\fati\APPLIC~1\AdobeUM
    [06/03/2009|21:18] C:\DOCUME~1\fati\APPLIC~1\Apple Computer
    [06/07/2009|22:57] C:\DOCUME~1\fati\APPLIC~1\AVG8
    [10/01/2009|17:22] C:\DOCUME~1\fati\APPLIC~1\BITS
    [02/03/2009|17:52] C:\DOCUME~1\fati\APPLIC~1\DAEMON Tools Lite
    [02/02/2009|20:19] C:\DOCUME~1\fati\APPLIC~1\DMCache
    [08/02/2009|13:32] C:\DOCUME~1\fati\APPLIC~1\dvdcss
    [20/03/2009|13:29] C:\DOCUME~1\fati\APPLIC~1\EuroTalk
    [26/01/2009|16:59] C:\DOCUME~1\fati\APPLIC~1\Free Download Manager
    [04/02/2009|15:23] C:\DOCUME~1\fati\APPLIC~1\Google
    [24/07/2009|03:28] C:\DOCUME~1\fati\APPLIC~1\Help
    [01/02/2009|23:41] C:\DOCUME~1\fati\APPLIC~1\Identities
    [26/01/2009|16:51] C:\DOCUME~1\fati\APPLIC~1\IDM
    [04/02/2009|14:40] C:\DOCUME~1\fati\APPLIC~1\InstallShield
    [23/02/2009|08:41] C:\DOCUME~1\fati\APPLIC~1\LimeWire
    [04/02/2009|15:14] C:\DOCUME~1\fati\APPLIC~1\Macromedia
    [02/02/2009|17:19] C:\DOCUME~1\fati\APPLIC~1\Malwarebytes
    [27/06/2009|17:50] C:\DOCUME~1\fati\APPLIC~1\Media Player Classic
    [01/02/2009|23:26] C:\DOCUME~1\fati\APPLIC~1\Microsoft
    [16/03/2009|17:18] C:\DOCUME~1\fati\APPLIC~1\NetSupport
    [05/02/2009|18:59] C:\DOCUME~1\fati\APPLIC~1\Real
    [26/01/2009|16:59] C:\DOCUME~1\fati\APPLIC~1\Software Informer
    [21/02/2009|23:30] C:\DOCUME~1\fati\APPLIC~1\Sun
    [10/02/2009|19:27] C:\DOCUME~1\fati\APPLIC~1\Thinstall
    [09/02/2009|23:23] C:\DOCUME~1\fati\APPLIC~1\U3
    [08/02/2009|13:57] C:\DOCUME~1\fati\APPLIC~1\vlc
    [23/02/2009|14:53] C:\DOCUME~1\fati\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [19/08/2009 07:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/09/2009 19:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/09/2001 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [03/02/2009|17:23] C:\Program Files\Adobe
    [19/03/2009|15:24] C:\Program Files\Ahead
    [06/03/2009|21:15] C:\Program Files\Apple Software Update
    [06/07/2009|23:31] C:\Program Files\AVG
    [05/02/2009|23:52] C:\Program Files\Avira
    [04/02/2009|14:40] C:\Program Files\Broadcom
    [23/02/2009|14:53] C:\Program Files\CCleaner
    [13/03/2009|02:23] C:\Program Files\Circle Developement
    [01/02/2009|23:31] C:\Program Files\ComPlus Applications
    [03/02/2009|21:54] C:\Program Files\CONEXANT
    [12/03/2009|20:29] C:\Program Files\DAP
    [21/01/2009|00:00] C:\Program Files\DatawareGames
    [11/01/2009|01:40] C:\Program Files\Everstrike Software
    [01/02/2009|23:27] C:\Program Files\Fichiers communs
    [10/01/2009|17:21] C:\Program Files\FlashGet Network
    [26/01/2009|16:59] C:\Program Files\Free Download Manager
    [04/02/2009|15:14] C:\Program Files\Google
    [29/01/2009|11:20] C:\Program Files\GVR
    [02/02/2009|17:23] C:\Program Files\Hewlett-Packard
    [02/02/2009|13:04] C:\Program Files\HSDPA USB MODEM
    [01/07/2009|20:42] C:\Program Files\Huawei technologies
    [25/04/2009|17:24] C:\Program Files\Incomplete
    [01/02/2009|23:45] C:\Program Files\InstallShield Installation Information
    [01/02/2009|23:32] C:\Program Files\Internet Explorer
    [21/02/2009|23:33] C:\Program Files\Java
    [27/06/2009|17:42] C:\Program Files\K-Lite Codec Pack
    [21/02/2009|23:28] C:\Program Files\LimeWire
    [02/02/2009|22:33] C:\Program Files\ma-config.com
    [01/02/2009|23:31] C:\Program Files\Messenger
    [13/03/2009|02:23] C:\Program Files\Messenger Plus! Live
    [21/01/2009|00:01] C:\Program Files\Micro Scrabble
    [01/02/2009|23:35] C:\Program Files\microsoft frontpage
    [02/02/2009|17:57] C:\Program Files\Microsoft Office
    [02/02/2009|18:01] C:\Program Files\Microsoft Visual Studio
    [02/02/2009|18:01] C:\Program Files\Microsoft Works
    [06/02/2009|10:09] C:\Program Files\Microsoft.NET
    [01/02/2009|23:32] C:\Program Files\Movie Maker
    [09/04/2009|12:47] C:\Program Files\MP3Gain
    [02/02/2009|18:01] C:\Program Files\MSBuild
    [01/02/2009|23:30] C:\Program Files\MSN
    [01/02/2009|23:31] C:\Program Files\MSN Gaming Zone
    [02/02/2009|17:20] C:\Program Files\MSN Messenger
    [14/01/2009|21:31] C:\Program Files\Multimedia Builder
    [01/02/2009|23:32] C:\Program Files\NetMeeting
    [16/03/2009|17:16] C:\Program Files\NetSupport
    [01/02/2009|23:31] C:\Program Files\Online Services
    [01/02/2009|23:32] C:\Program Files\Outlook Express
    [12/03/2009|22:22] C:\Program Files\Paltalk Messenger
    [12/02/2009|20:53] C:\Program Files\Publication Web
    [03/03/2009|12:15] C:\Program Files\QuickTime
    [05/02/2009|18:59] C:\Program Files\Real
    [01/02/2009|23:45] C:\Program Files\SAGEM
    [15/02/2009|17:58] C:\Program Files\scrabbleproB
    [01/02/2009|23:34] C:\Program Files\Services en ligne
    [26/01/2009|16:59] C:\Program Files\Software Informer
    [12/03/2009|20:29] C:\Program Files\SpeedBit Video Downloader
    [22/02/2009|18:22] C:\Program Files\trend micro
    [20/01/2009|23:49] C:\Program Files\Ubisoft
    [01/02/2009|23:41] C:\Program Files\Uninstall Information
    [08/02/2009|13:31] C:\Program Files\VideoLAN
    [13/03/2009|02:23] C:\Program Files\Windows Live
    [01/02/2009|23:31] C:\Program Files\Windows Media Player
    [01/02/2009|23:30] C:\Program Files\Windows NT
    [01/02/2009|23:34] C:\Program Files\WindowsUpdate
    [16/01/2009|21:47] C:\Program Files\WinPcap
    [03/02/2009|17:23] C:\Program Files\WinRAR
    [24/07/2009|03:24] C:\Program Files\WinZip
    [01/02/2009|23:35] C:\Program Files\xerox
    [23/02/2009|14:53] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [03/02/2009|17:35] C:\Program Files\Fichiers communs\Adobe
    [19/03/2009|15:24] C:\Program Files\Fichiers communs\Ahead
    [02/02/2009|18:01] C:\Program Files\Fichiers communs\DESIGNER
    [11/01/2009|01:40] C:\Program Files\Fichiers communs\Everstrike Software
    [01/02/2009|23:45] C:\Program Files\Fichiers communs\InstallShield
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/02/2009|23:33] C:\Program Files\Fichiers communs\MSSoap
    [27/06/2009|12:28] C:\Program Files\Fichiers communs\NSL
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\ODBC
    [05/02/2009|18:59] C:\Program Files\Fichiers communs\Real
    [01/02/2009|23:33] C:\Program Files\Fichiers communs\Services
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\SpeechEngines
    [01/02/2009|23:32] C:\Program Files\Fichiers communs\System
    [08/03/2009|18:09] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 44 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\Program Files\Circle Developement

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-03 20:04:16
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:1583][D:11]-> C:\DOCUME~1\fati\LOCALS~1\Temp
    [F:49][D:0]-> C:\DOCUME~1\fati\Cookies
    [F:729][D:6]-> C:\DOCUME~1\fati\LOCALS~1\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - 03/09/2009|20:05 - Option : [1]

    --------------------\\ Fin du rapport a 20:05:18
    0
  8. pinka01 Messages postés 81 Statut Membre
     
    le lien:

    http://www.virustotal.com/fr/reanalisis.html?8c5a6950c3c6ef8f7c27312ade679a5939c39e30fd924210d072a054a93eec09-1252008969

    http://www.virustotal.com/fr/reanalisis.html?8c5a6950c3c6ef8f7c27312ade679a5939c39e30fd924210d072a054a93eec09-1252008969
    0
  9. Remi2
     
    re,

    Avez vous scanner (softinfo.exe) chez virus Total
    C:\Program Files\Software Informer\softinfo.exe

    ________________________________________________________________

    Désactivez votre antivirus,

    • Relancer Lop SD,
    • Sélectionner l'option 3 - Suppression sans toucher au fichier Hosts.
    • Lorsque le scan est terminé, le Bloc-note va s'ouvrir avec un rapport
    ► Postez le rapport.

    Si le Bureau ne réapparaît pas appuyer sur Ctrl-Alt-Suppr,
    -> Fichier -> Nouvelle tâche, entrez explorer et validez
    Réactivez votre antivirus,

    ________________________________________________________________

    Optimisation des ressources système.
    Plusieurs modules de programmes placés à l'installation de leurs logiciels, sont lancés inutilement au démarrage du PC. Lorsqu'ils y en a plusieurs, cela peut altérer les performances d'un PC. Ces objets inutiles peuvent très bien être désactivés/supprimés au démarrage du PC. De ces suppressions faites avec HijackThis(pour les lignes 04-), quelque unes pourraient aussi être faites avec MsConfig, à vérifier..

    Dans le cas où un objet supprimé est utilisé fréquemment.
    Il est alors possible de lui créer un raccourci, placé sur le bureau pour une utilisation au besoin.

    Relancez HijackThis,
    • Appuyer sur [Do a scan system only]
    • Fermer les navigateurs et autre applications,
    • Cochez toutes les lignes suivantes (de 02 à 04)
    • Et appuyer sur [Fix Checked]

    O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    Pouvez créer des raccourci pour ces programmes
    O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = ?
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe

    Redémarrer le PC.

    _________________________________________________________________

    Vous avez plusieurs de toolbars.
    Ce qui prend en ressource systèmes aux performances du PC.

    Pour ceux-ci : &Yahoo! Toolbar et Google Toolbar
    Si comme la majorité des utilisateurs, vous ne les utilisez jamais.
    Vous pouvez les désinstaller dans Ajouts/Suppressions des prorgammes du Panneau de config.
    0
  10. pinka01 Messages postés 81 Statut Membre
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz )
    BIOS : KBC Version 82.15
    USER : fati ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.5 (Activated)
    C:\ (Local Disk) - FAT32 - Total:29 Go (Free:8 Go)
    D:\ (Local Disk) - NTFS - Total:58 Go (Free:0 Go)
    E:\ (Local Disk) - NTFS - Total:61 Go (Free:5 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [3] ( 03/09/2009|20:48 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [01/02/2009|23:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [05/02/2009|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [06/03/2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [06/03/2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/07/2009|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG Security Toolbar
    [06/07/2009|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [18/03/2009|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [04/02/2009|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [02/02/2009|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [02/02/2009|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/03/2009|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [01/02/2009|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [02/02/2009|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [16/03/2009|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NetSupport
    [12/03/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
    [12/03/2009|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [26/01/2009|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    [04/03/2009|23:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [01/02/2009|23:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [01/02/2009|23:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/02/2009|17:35] C:\DOCUME~1\fati\APPLIC~1\Adobe
    [03/02/2009|17:35] C:\DOCUME~1\fati\APPLIC~1\AdobeUM
    [06/03/2009|21:18] C:\DOCUME~1\fati\APPLIC~1\Apple Computer
    [06/07/2009|22:57] C:\DOCUME~1\fati\APPLIC~1\AVG8
    [10/01/2009|17:22] C:\DOCUME~1\fati\APPLIC~1\BITS
    [02/03/2009|17:52] C:\DOCUME~1\fati\APPLIC~1\DAEMON Tools Lite
    [02/02/2009|20:19] C:\DOCUME~1\fati\APPLIC~1\DMCache
    [08/02/2009|13:32] C:\DOCUME~1\fati\APPLIC~1\dvdcss
    [20/03/2009|13:29] C:\DOCUME~1\fati\APPLIC~1\EuroTalk
    [26/01/2009|16:59] C:\DOCUME~1\fati\APPLIC~1\Free Download Manager
    [04/02/2009|15:23] C:\DOCUME~1\fati\APPLIC~1\Google
    [24/07/2009|03:28] C:\DOCUME~1\fati\APPLIC~1\Help
    [01/02/2009|23:41] C:\DOCUME~1\fati\APPLIC~1\Identities
    [26/01/2009|16:51] C:\DOCUME~1\fati\APPLIC~1\IDM
    [04/02/2009|14:40] C:\DOCUME~1\fati\APPLIC~1\InstallShield
    [23/02/2009|08:41] C:\DOCUME~1\fati\APPLIC~1\LimeWire
    [04/02/2009|15:14] C:\DOCUME~1\fati\APPLIC~1\Macromedia
    [02/02/2009|17:19] C:\DOCUME~1\fati\APPLIC~1\Malwarebytes
    [27/06/2009|17:50] C:\DOCUME~1\fati\APPLIC~1\Media Player Classic
    [01/02/2009|23:26] C:\DOCUME~1\fati\APPLIC~1\Microsoft
    [16/03/2009|17:18] C:\DOCUME~1\fati\APPLIC~1\NetSupport
    [05/02/2009|18:59] C:\DOCUME~1\fati\APPLIC~1\Real
    [26/01/2009|16:59] C:\DOCUME~1\fati\APPLIC~1\Software Informer
    [21/02/2009|23:30] C:\DOCUME~1\fati\APPLIC~1\Sun
    [10/02/2009|19:27] C:\DOCUME~1\fati\APPLIC~1\Thinstall
    [09/02/2009|23:23] C:\DOCUME~1\fati\APPLIC~1\U3
    [08/02/2009|13:57] C:\DOCUME~1\fati\APPLIC~1\vlc
    [23/02/2009|14:53] C:\DOCUME~1\fati\APPLIC~1\Yahoo!

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [19/08/2009 07:26][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [03/09/2009 19:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/09/2001 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [03/02/2009|17:23] C:\Program Files\Adobe
    [19/03/2009|15:24] C:\Program Files\Ahead
    [06/03/2009|21:15] C:\Program Files\Apple Software Update
    [06/07/2009|23:31] C:\Program Files\AVG
    [05/02/2009|23:52] C:\Program Files\Avira
    [04/02/2009|14:40] C:\Program Files\Broadcom
    [23/02/2009|14:53] C:\Program Files\CCleaner
    [01/02/2009|23:31] C:\Program Files\ComPlus Applications
    [03/02/2009|21:54] C:\Program Files\CONEXANT
    [12/03/2009|20:29] C:\Program Files\DAP
    [21/01/2009|00:00] C:\Program Files\DatawareGames
    [11/01/2009|01:40] C:\Program Files\Everstrike Software
    [01/02/2009|23:27] C:\Program Files\Fichiers communs
    [10/01/2009|17:21] C:\Program Files\FlashGet Network
    [26/01/2009|16:59] C:\Program Files\Free Download Manager
    [04/02/2009|15:14] C:\Program Files\Google
    [29/01/2009|11:20] C:\Program Files\GVR
    [02/02/2009|17:23] C:\Program Files\Hewlett-Packard
    [02/02/2009|13:04] C:\Program Files\HSDPA USB MODEM
    [01/07/2009|20:42] C:\Program Files\Huawei technologies
    [25/04/2009|17:24] C:\Program Files\Incomplete
    [01/02/2009|23:45] C:\Program Files\InstallShield Installation Information
    [01/02/2009|23:32] C:\Program Files\Internet Explorer
    [21/02/2009|23:33] C:\Program Files\Java
    [27/06/2009|17:42] C:\Program Files\K-Lite Codec Pack
    [21/02/2009|23:28] C:\Program Files\LimeWire
    [02/02/2009|22:33] C:\Program Files\ma-config.com
    [01/02/2009|23:31] C:\Program Files\Messenger
    [13/03/2009|02:23] C:\Program Files\Messenger Plus! Live
    [21/01/2009|00:01] C:\Program Files\Micro Scrabble
    [01/02/2009|23:35] C:\Program Files\microsoft frontpage
    [02/02/2009|17:57] C:\Program Files\Microsoft Office
    [02/02/2009|18:01] C:\Program Files\Microsoft Visual Studio
    [02/02/2009|18:01] C:\Program Files\Microsoft Works
    [06/02/2009|10:09] C:\Program Files\Microsoft.NET
    [01/02/2009|23:32] C:\Program Files\Movie Maker
    [09/04/2009|12:47] C:\Program Files\MP3Gain
    [02/02/2009|18:01] C:\Program Files\MSBuild
    [01/02/2009|23:30] C:\Program Files\MSN
    [01/02/2009|23:31] C:\Program Files\MSN Gaming Zone
    [02/02/2009|17:20] C:\Program Files\MSN Messenger
    [14/01/2009|21:31] C:\Program Files\Multimedia Builder
    [01/02/2009|23:32] C:\Program Files\NetMeeting
    [16/03/2009|17:16] C:\Program Files\NetSupport
    [01/02/2009|23:31] C:\Program Files\Online Services
    [01/02/2009|23:32] C:\Program Files\Outlook Express
    [12/03/2009|22:22] C:\Program Files\Paltalk Messenger
    [12/02/2009|20:53] C:\Program Files\Publication Web
    [03/03/2009|12:15] C:\Program Files\QuickTime
    [05/02/2009|18:59] C:\Program Files\Real
    [01/02/2009|23:45] C:\Program Files\SAGEM
    [15/02/2009|17:58] C:\Program Files\scrabbleproB
    [01/02/2009|23:34] C:\Program Files\Services en ligne
    [26/01/2009|16:59] C:\Program Files\Software Informer
    [12/03/2009|20:29] C:\Program Files\SpeedBit Video Downloader
    [22/02/2009|18:22] C:\Program Files\trend micro
    [20/01/2009|23:49] C:\Program Files\Ubisoft
    [01/02/2009|23:41] C:\Program Files\Uninstall Information
    [08/02/2009|13:31] C:\Program Files\VideoLAN
    [13/03/2009|02:23] C:\Program Files\Windows Live
    [01/02/2009|23:31] C:\Program Files\Windows Media Player
    [01/02/2009|23:30] C:\Program Files\Windows NT
    [01/02/2009|23:34] C:\Program Files\WindowsUpdate
    [16/01/2009|21:47] C:\Program Files\WinPcap
    [03/02/2009|17:23] C:\Program Files\WinRAR
    [24/07/2009|03:24] C:\Program Files\WinZip
    [01/02/2009|23:35] C:\Program Files\xerox
    [23/02/2009|14:53] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [03/02/2009|17:35] C:\Program Files\Fichiers communs\Adobe
    [19/03/2009|15:24] C:\Program Files\Fichiers communs\Ahead
    [02/02/2009|18:01] C:\Program Files\Fichiers communs\DESIGNER
    [11/01/2009|01:40] C:\Program Files\Fichiers communs\Everstrike Software
    [01/02/2009|23:45] C:\Program Files\Fichiers communs\InstallShield
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/02/2009|23:33] C:\Program Files\Fichiers communs\MSSoap
    [27/06/2009|12:28] C:\Program Files\Fichiers communs\NSL
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\ODBC
    [05/02/2009|18:59] C:\Program Files\Fichiers communs\Real
    [01/02/2009|23:33] C:\Program Files\Fichiers communs\Services
    [01/02/2009|23:27] C:\Program Files\Fichiers communs\SpeechEngines
    [01/02/2009|23:32] C:\Program Files\Fichiers communs\System
    [08/03/2009|18:09] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 43 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-03 20:49:47
    Windows 5.1.2600 Service Pack 2 FAT NTAPI
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:13][D:1]-> C:\DOCUME~1\fati\LOCALS~1\Temp
    [F:35][D:0]-> C:\DOCUME~1\fati\Cookies
    [F:919][D:4]-> C:\DOCUME~1\fati\LOCALS~1\TEMPOR~1\content.IE5
    [F:2][D:0]-> C:\Recycled

    1 - "C:\Lop SD\LopR_1.txt" - 03/09/2009|20:05 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 03/09/2009|20:50 - Option : [3]

    --------------------\\ Fin du rapport a 20:50:02
    0