Rapport hijackthis
manu_dog
Messages postés
536
Statut
Membre
-
manu_dog Messages postés 536 Statut Membre -
manu_dog Messages postés 536 Statut Membre -
Bonjour,
J'ai fait un rapport avec hijackthis
et j'aimerai savoir si vous voyez quelque chose d'anormale
Merci par avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:37, on 27/09/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
C:\Windows\Philips\SPC500NC\Monitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\ManuDog\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\ie_banner_deny.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\scieplgn.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O23 - Service: Kaspersky Anti-Virus 8.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1ca28eef68c933c) (gupdate1ca28eef68c933c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
End of file - 4047 bytes
http://codeur-discount.com
J'ai fait un rapport avec hijackthis
et j'aimerai savoir si vous voyez quelque chose d'anormale
Merci par avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:37, on 27/09/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
C:\Windows\Philips\SPC500NC\Monitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\ManuDog\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\ie_banner_deny.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\scieplgn.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O23 - Service: Kaspersky Anti-Virus 8.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1ca28eef68c933c) (gupdate1ca28eef68c933c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
End of file - 4047 bytes
http://codeur-discount.com
A voir également:
- Rapport hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
12 réponses
Oui j'ai mon pc qui ralenti beaucoup ainsi que mon antivirus (Kapersky) me bloque des trojans toutes les heures donc j'ai pensé qu'avec un rapport de hijackthis car impossible de le supprimer avec l'antivirus.
ok, donc Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau. :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
--> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
--> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
--> Sélectionne Exécuter un examen complet.
--> Clique sur Rechercher. L'analyse démarre.
Poste le rapport qui s'ouvre.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
--> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
--> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
--> Sélectionne Exécuter un examen complet.
--> Clique sur Rechercher. L'analyse démarre.
Poste le rapport qui s'ouvre.
J'utilise déjà Malwarebytes' Anti-Malware quasiment tous les jours et il ne trouve rien
J'utilise également spybot et cclenear
J'utilise également spybot et cclenear
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Télécharge genproc ici : http://www.genproc.com/GenProc.exe
Tu le lances, tu attends tu réponds oui à la question et poste moi le rapport généré
Tu le lances, tu attends tu réponds oui à la question et poste moi le rapport généré
Voici pour le rapport
Rapport GenProc 2.631 [1] - 27/09/2009 à 14:43:59
@ Windows 7 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
~~ CM DISK ERROR ~~
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:53, on 27/09/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
C:\Windows\Philips\SPC500NC\Monitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\GenProc\outil\ManuDog_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\ie_banner_deny.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\scieplgn.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O23 - Service: Kaspersky Anti-Virus 8.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1ca28eef68c933c) (gupdate1ca28eef68c933c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
Rapport GenProc 2.631 [1] - 27/09/2009 à 14:43:59
@ Windows 7 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
~~ CM DISK ERROR ~~
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:53, on 27/09/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
C:\Windows\Philips\SPC500NC\Monitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conhost.exe
C:\GenProc\outil\ManuDog_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe"
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\Windows\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\ie_banner_deny.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\scieplgn.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0FO\kloehk.dll
O23 - Service: Kaspersky Anti-Virus 8.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 8.0 for Windows Workstations\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1ca28eef68c933c) (gupdate1ca28eef68c933c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
Télécharge :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.
Tu le lances et fais l'option 1, poste le rapport
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.
Tu le lances et fais l'option 1, poste le rapport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows 7 Édition Intégrale ( v6.1.7100 )
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : ManuDog ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:93 Go (Free:51 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 27/09/2009|18:01 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[05/06/2009|09:29] C:\Users\ManuDog\AppData\Local\Adobe
[30/05/2009|15:45] C:\Users\ManuDog\AppData\Local\Apple
[30/08/2009|12:02] C:\Users\ManuDog\AppData\Local\Apple Computer
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Application Data
[14/09/2009|14:39] C:\Users\ManuDog\AppData\Local\Diagnostics
[21/06/2009|13:34] C:\Users\ManuDog\AppData\Local\ElevatedDiagnostics
[12/09/2009|14:32] C:\Users\ManuDog\AppData\Local\GDIPFONTCACHEV1.DAT
[29/08/2009|23:29] C:\Users\ManuDog\AppData\Local\Google
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Historique
[27/09/2009|02:01] C:\Users\ManuDog\AppData\Local\IconCache.db
[24/08/2009|14:15] C:\Users\ManuDog\AppData\Local\Microsoft
[19/05/2009|18:35] C:\Users\ManuDog\AppData\Local\Microsoft Games
[06/05/2009|17:34] C:\Users\ManuDog\AppData\Local\Mozilla
[27/09/2009|18:00] C:\Users\ManuDog\AppData\Local\Temp
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Temporary Internet Files
[11/08/2009|23:11] C:\Users\ManuDog\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[27/09/2009 17:41][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[27/09/2009 12:14][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[27/09/2009 12:13][--ah-----] C:\Windows\tasks\SA.DAT
[15/08/2009 22:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[30/05/2009|15:51] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[04/07/2009|17:59] C:\ProgramData\Adobe
[30/05/2009|15:44] C:\ProgramData\Apple
[13/07/2009|12:22] C:\ProgramData\Apple Computer
[22/04/2009|10:27] C:\ProgramData\Application Data
[06/05/2009|16:53] C:\ProgramData\Bureau
[22/04/2009|10:27] C:\ProgramData\Desktop
[22/04/2009|10:27] C:\ProgramData\Documents
[12/08/2009|17:28] C:\ProgramData\ezsidmv.dat
[06/05/2009|16:53] C:\ProgramData\Favoris
[22/04/2009|10:27] C:\ProgramData\Favorites
[17/05/2009|23:09] C:\ProgramData\FLEXnet
[27/09/2009|12:15] C:\ProgramData\Kaspersky Lab
[06/05/2009|23:48] C:\ProgramData\Malwarebytes
[06/05/2009|16:53] C:\ProgramData\Menu D‚marrer
[17/06/2009|13:21] C:\ProgramData\Microsoft
[06/05/2009|16:53] C:\ProgramData\ModŠles
[10/05/2009|15:24] C:\ProgramData\Seiz System Engineering
[12/08/2009|17:22] C:\ProgramData\Skype
[27/09/2009|14:34] C:\ProgramData\Spybot - Search & Destroy
[22/04/2009|10:27] C:\ProgramData\Start Menu
[15/06/2009|00:35] C:\ProgramData\TEMP
[22/04/2009|10:27] C:\ProgramData\Templates
--------------------\\ Listing des dossiers dans C:\Program Files
[10/05/2009|00:39] C:\Program Files\7-Zip
[26/09/2009|16:26] C:\Program Files\ActiveState Komodo Edit 5
[04/07/2009|18:12] C:\Program Files\Adobe
[30/05/2009|15:45] C:\Program Files\Apple Software Update
[30/05/2009|15:48] C:\Program Files\Bonjour
[08/07/2009|21:22] C:\Program Files\Capturino V2
[04/07/2009|17:48] C:\Program Files\CCleaner
[29/08/2009|23:25] C:\Program Files\Common Files
[30/08/2009|01:33] C:\Program Files\DivX
[22/04/2009|12:12] C:\Program Files\DVD Maker
[06/05/2009|16:53] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/08/2009|11:55] C:\Program Files\FileZilla FTP Client
[29/08/2009|23:29] C:\Program Files\Google
[26/08/2009|15:59] C:\Program Files\Internet Explorer
[13/07/2009|12:22] C:\Program Files\iPod
[13/07/2009|12:23] C:\Program Files\iTunes
[09/05/2009|10:53] C:\Program Files\Java
[07/09/2009|12:39] C:\Program Files\JRE
[06/05/2009|17:04] C:\Program Files\Kaspersky Lab
[03/06/2009|12:13] C:\Program Files\LimeWire
[11/09/2009|11:25] C:\Program Files\Malwarebytes' Anti-Malware
[06/05/2009|17:10] C:\Program Files\Microsoft
[22/04/2009|12:12] C:\Program Files\Microsoft Games
[10/09/2009|23:34] C:\Program Files\Mozilla Firefox
[22/04/2009|10:55] C:\Program Files\MSBuild
[06/05/2009|18:00] C:\Program Files\Notepad++
[26/08/2009|15:31] C:\Program Files\Objectif Tarot
[07/09/2009|12:38] C:\Program Files\OpenOffice.org 3
[13/07/2009|12:13] C:\Program Files\QuickTime
[22/04/2009|10:55] C:\Program Files\Reference Assemblies
[30/08/2009|12:02] C:\Program Files\Safari
[15/08/2009|18:01] C:\Program Files\Skype
[27/09/2009|13:03] C:\Program Files\Spybot - Search & Destroy
[11/08/2009|22:48] C:\Program Files\Trend Micro
[22/04/2009|10:27] C:\Program Files\Uninstall Information
[22/04/2009|12:01] C:\Program Files\Windows Defender
[22/04/2009|12:12] C:\Program Files\Windows Journal
[06/05/2009|17:13] C:\Program Files\Windows Live
[06/05/2009|17:09] C:\Program Files\Windows Live SkyDrive
[22/04/2009|12:01] C:\Program Files\Windows Mail
[22/04/2009|12:01] C:\Program Files\Windows Media Player
[06/05/2009|16:53] C:\Program Files\Windows NT
[22/04/2009|12:01] C:\Program Files\Windows Photo Viewer
[22/04/2009|12:01] C:\Program Files\Windows Sidebar
[11/09/2009|00:52] C:\Program Files\WinHTTrack
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[04/07/2009|18:30] C:\Program Files\Common Files\Adobe
[11/08/2009|22:59] C:\Program Files\Common Files\Apple
[29/08/2009|23:24] C:\Program Files\Common Files\DivX Shared
[09/05/2009|00:45] C:\Program Files\Common Files\Macrovision Shared
[06/05/2009|17:09] C:\Program Files\Common Files\microsoft shared
[29/08/2009|23:25] C:\Program Files\Common Files\PX Storage Engine
[22/04/2009|08:17] C:\Program Files\Common Files\Services
[12/08/2009|17:22] C:\Program Files\Common Files\Skype
[22/04/2009|08:17] C:\Program Files\Common Files\SpeechEngines
[22/04/2009|12:01] C:\Program Files\Common Files\System
[06/05/2009|17:02] C:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 43 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-27 18:01:48
Windows 6.1.7100 NTFS
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:108][D:4]-> C:\Users\ManuDog\AppData\Local\Temp
[F:12][D:1]-> C:\Users\ManuDog\AppData\Roaming\MICROS~1\Windows\Cookies
[F:199][D:4]-> C:\Users\ManuDog\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:2][D:2]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 27/09/2009|18:02 - Option : [1]
--------------------\\ Fin du rapport a 18:02:42
[ UAC => 1
http://codeur-discount.com
Microsoft Windows 7 Édition Intégrale ( v6.1.7100 )
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : ManuDog ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:93 Go (Free:51 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 27/09/2009|18:01 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[05/06/2009|09:29] C:\Users\ManuDog\AppData\Local\Adobe
[30/05/2009|15:45] C:\Users\ManuDog\AppData\Local\Apple
[30/08/2009|12:02] C:\Users\ManuDog\AppData\Local\Apple Computer
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Application Data
[14/09/2009|14:39] C:\Users\ManuDog\AppData\Local\Diagnostics
[21/06/2009|13:34] C:\Users\ManuDog\AppData\Local\ElevatedDiagnostics
[12/09/2009|14:32] C:\Users\ManuDog\AppData\Local\GDIPFONTCACHEV1.DAT
[29/08/2009|23:29] C:\Users\ManuDog\AppData\Local\Google
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Historique
[27/09/2009|02:01] C:\Users\ManuDog\AppData\Local\IconCache.db
[24/08/2009|14:15] C:\Users\ManuDog\AppData\Local\Microsoft
[19/05/2009|18:35] C:\Users\ManuDog\AppData\Local\Microsoft Games
[06/05/2009|17:34] C:\Users\ManuDog\AppData\Local\Mozilla
[27/09/2009|18:00] C:\Users\ManuDog\AppData\Local\Temp
[06/05/2009|16:53] C:\Users\ManuDog\AppData\Local\Temporary Internet Files
[11/08/2009|23:11] C:\Users\ManuDog\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[27/09/2009 17:41][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[27/09/2009 12:14][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[27/09/2009 12:13][--ah-----] C:\Windows\tasks\SA.DAT
[15/08/2009 22:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[30/05/2009|15:51] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[04/07/2009|17:59] C:\ProgramData\Adobe
[30/05/2009|15:44] C:\ProgramData\Apple
[13/07/2009|12:22] C:\ProgramData\Apple Computer
[22/04/2009|10:27] C:\ProgramData\Application Data
[06/05/2009|16:53] C:\ProgramData\Bureau
[22/04/2009|10:27] C:\ProgramData\Desktop
[22/04/2009|10:27] C:\ProgramData\Documents
[12/08/2009|17:28] C:\ProgramData\ezsidmv.dat
[06/05/2009|16:53] C:\ProgramData\Favoris
[22/04/2009|10:27] C:\ProgramData\Favorites
[17/05/2009|23:09] C:\ProgramData\FLEXnet
[27/09/2009|12:15] C:\ProgramData\Kaspersky Lab
[06/05/2009|23:48] C:\ProgramData\Malwarebytes
[06/05/2009|16:53] C:\ProgramData\Menu D‚marrer
[17/06/2009|13:21] C:\ProgramData\Microsoft
[06/05/2009|16:53] C:\ProgramData\ModŠles
[10/05/2009|15:24] C:\ProgramData\Seiz System Engineering
[12/08/2009|17:22] C:\ProgramData\Skype
[27/09/2009|14:34] C:\ProgramData\Spybot - Search & Destroy
[22/04/2009|10:27] C:\ProgramData\Start Menu
[15/06/2009|00:35] C:\ProgramData\TEMP
[22/04/2009|10:27] C:\ProgramData\Templates
--------------------\\ Listing des dossiers dans C:\Program Files
[10/05/2009|00:39] C:\Program Files\7-Zip
[26/09/2009|16:26] C:\Program Files\ActiveState Komodo Edit 5
[04/07/2009|18:12] C:\Program Files\Adobe
[30/05/2009|15:45] C:\Program Files\Apple Software Update
[30/05/2009|15:48] C:\Program Files\Bonjour
[08/07/2009|21:22] C:\Program Files\Capturino V2
[04/07/2009|17:48] C:\Program Files\CCleaner
[29/08/2009|23:25] C:\Program Files\Common Files
[30/08/2009|01:33] C:\Program Files\DivX
[22/04/2009|12:12] C:\Program Files\DVD Maker
[06/05/2009|16:53] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[29/08/2009|11:55] C:\Program Files\FileZilla FTP Client
[29/08/2009|23:29] C:\Program Files\Google
[26/08/2009|15:59] C:\Program Files\Internet Explorer
[13/07/2009|12:22] C:\Program Files\iPod
[13/07/2009|12:23] C:\Program Files\iTunes
[09/05/2009|10:53] C:\Program Files\Java
[07/09/2009|12:39] C:\Program Files\JRE
[06/05/2009|17:04] C:\Program Files\Kaspersky Lab
[03/06/2009|12:13] C:\Program Files\LimeWire
[11/09/2009|11:25] C:\Program Files\Malwarebytes' Anti-Malware
[06/05/2009|17:10] C:\Program Files\Microsoft
[22/04/2009|12:12] C:\Program Files\Microsoft Games
[10/09/2009|23:34] C:\Program Files\Mozilla Firefox
[22/04/2009|10:55] C:\Program Files\MSBuild
[06/05/2009|18:00] C:\Program Files\Notepad++
[26/08/2009|15:31] C:\Program Files\Objectif Tarot
[07/09/2009|12:38] C:\Program Files\OpenOffice.org 3
[13/07/2009|12:13] C:\Program Files\QuickTime
[22/04/2009|10:55] C:\Program Files\Reference Assemblies
[30/08/2009|12:02] C:\Program Files\Safari
[15/08/2009|18:01] C:\Program Files\Skype
[27/09/2009|13:03] C:\Program Files\Spybot - Search & Destroy
[11/08/2009|22:48] C:\Program Files\Trend Micro
[22/04/2009|10:27] C:\Program Files\Uninstall Information
[22/04/2009|12:01] C:\Program Files\Windows Defender
[22/04/2009|12:12] C:\Program Files\Windows Journal
[06/05/2009|17:13] C:\Program Files\Windows Live
[06/05/2009|17:09] C:\Program Files\Windows Live SkyDrive
[22/04/2009|12:01] C:\Program Files\Windows Mail
[22/04/2009|12:01] C:\Program Files\Windows Media Player
[06/05/2009|16:53] C:\Program Files\Windows NT
[22/04/2009|12:01] C:\Program Files\Windows Photo Viewer
[22/04/2009|12:01] C:\Program Files\Windows Sidebar
[11/09/2009|00:52] C:\Program Files\WinHTTrack
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[04/07/2009|18:30] C:\Program Files\Common Files\Adobe
[11/08/2009|22:59] C:\Program Files\Common Files\Apple
[29/08/2009|23:24] C:\Program Files\Common Files\DivX Shared
[09/05/2009|00:45] C:\Program Files\Common Files\Macrovision Shared
[06/05/2009|17:09] C:\Program Files\Common Files\microsoft shared
[29/08/2009|23:25] C:\Program Files\Common Files\PX Storage Engine
[22/04/2009|08:17] C:\Program Files\Common Files\Services
[12/08/2009|17:22] C:\Program Files\Common Files\Skype
[22/04/2009|08:17] C:\Program Files\Common Files\SpeechEngines
[22/04/2009|12:01] C:\Program Files\Common Files\System
[06/05/2009|17:02] C:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 43 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-27 18:01:48
Windows 6.1.7100 NTFS
detected NTDLL code modification:
ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:108][D:4]-> C:\Users\ManuDog\AppData\Local\Temp
[F:12][D:1]-> C:\Users\ManuDog\AppData\Roaming\MICROS~1\Windows\Cookies
[F:199][D:4]-> C:\Users\ManuDog\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:2][D:2]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 27/09/2009|18:02 - Option : [1]
--------------------\\ Fin du rapport a 18:02:42
[ UAC => 1
http://codeur-discount.com
j'ai l'impression que t'as un rootkit, c'est lui qui fais tes soucis, c'est pour ça que ton antivirus te trouve des trojans, il faudrait utiliser gmer je pense mais là je ne suis vraiment pas un spécialiste dans ce domaine.
regarde ce tuto : https://www.commentcamarche.net/faq/14963-supprimer-les-rootkits
1ere méthode.
Avant de l'utiliser n'oublie pas de fermer toutes les fenêtres tous les programmes, et de désactiver antivirus, antispyware, pare-feu
regarde ce tuto : https://www.commentcamarche.net/faq/14963-supprimer-les-rootkits
1ere méthode.
Avant de l'utiliser n'oublie pas de fermer toutes les fenêtres tous les programmes, et de désactiver antivirus, antispyware, pare-feu
