Sujet Précédent Sujet Suivant

Probleme de Trojan

Fermé
schapunk Messages postés 79 Date d'inscription vendredi 3 avril 2009 Statut Membre Dernière intervention 12 août 2012 - 2 nov. 2009 à 15:46
schapunk Messages postés 79 Date d'inscription vendredi 3 avril 2009 Statut Membre Dernière intervention 12 août 2012 - 2 nov. 2009 à 16:52
Bonjour les gens , j'ai besoin de vos talents d'informaticien pour me dépanner.
Il y a deux jours j'ai ouvert un fichier qui contenait malheureusement un trojan , mon antivirus (Avira AntiVir Personal) a tout de suite repéré le virus , cependant il ne la pas vraiment stopper...
Car quand je fais un examen avec Malwarebyte's Anti-malware, il trouve a chaque fois 2 virus nommé Trojan. J'ai déjà supprimé 3 fois ces virus mais a chaque examen Malwarebyte's trouve 2 autres trojan...
Svp quelqu'un peut il m'aider a supprimé ce virus?!

Je viens de faire un examen HiJackThis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:16, on 02/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Alexandre\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Alexandre\AppData\Local\Temp\b.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PopRock] C:\Users\Alexandre\AppData\Local\Temp\b.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\Alexandre\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office CD\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: YouupServiceWinService - Unknown owner - C:\Users\Alexandre\AppData\Local\Temp\YouUpService\YouupService.exe
A voir également:

4 réponses

Réponse 1 / 4
Utilisateur anonyme
2 nov. 2009 à 15:52
O4 - HKCU\..\Run: [PopRock] C:\Users\Alexandre\AppData\Local\Temp\b.exe
bonjour

apparemment, infection LOP
Désactive l'UAC: controle de compte d'utilisateur

Clique sur le menu Démarrer puis sur Panneau de configuration , Comptes d'utilisateurs
Clique sur Activer ou désactiver le contrôle des comptes d'utilisateurs:
Une nouvelle fenêtre s'ouvre,décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur puis OK:
Une demande s'affiche si vous voulez redémarrer votre ordinateur, clique sur redémarrer maintenant

https://forums.cnetfrance.fr


Télécharge Lop S&D(de Eric_71 et Angeldark) sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Clic droit sur le raccourci Lop S&D présent sur ton Bureau, et sur exécuter en tant qu'administrateur
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
1
Réponse 2 / 4
Utilisateur anonyme
2 nov. 2009 à 15:53
Salut ,

apparemment, infection LOP

Non , win32.Renos plutot .

@+
-
Hi ah , Viva España ;) 

@+
0
Utilisateur anonyme
2 nov. 2009 à 15:56
salut
j'avais un doute par rapport au répertoire où se cache le nuisible
0
Réponse 3 / 4
schapunk Messages postés 79 Date d'inscription vendredi 3 avril 2009 Statut Membre Dernière intervention 12 août 2012 3
2 nov. 2009 à 16:26
Merci pour vos réponses si rapide!
J'ai supprimé manuellement les deux fichier suspect , qui étaient tous les deux crées le 31 oct , en plus quand je lancé l'un des fichier .exe mon antivirus me le signalé
J'ai d'abord arrêter le processus dans le gestionnaire de taches de "b.exe" et ensuite j'ai supprimé les 2 fichiers , et vider ma corbeille. Ensuite j'ai refais un examen avec malwarebyte's et il a trouvé aucun résultat positif.

Bon je pense qu'ils sont partis , cependant j'ai quand même fais les instruction de Nathandre après ça.
Voici le rapport de Lop S&D.


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz )
BIOS : Default System BIOS
USER : Alexandre ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:221 Go (Free:96 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:232 Go)
E:\ (Local Disk) - NTFS - Total:11 Go (Free:1 Go)
F:\ (CD or DVD)
Z:\ (Network Disk)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/11/2009|16:19 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[09/04/2009|00:41] C:\Users\ALEXAN~1\AppData\Local\Adobe
[08/04/2009|09:37] C:\Users\ALEXAN~1\AppData\Local\Apple
[02/11/2009|13:25] C:\Users\ALEXAN~1\AppData\Local\Apple Computer
[08/04/2009|08:55] C:\Users\ALEXAN~1\AppData\Local\Application Data
[08/04/2009|09:07] C:\Users\ALEXAN~1\AppData\Local\AtStart.txt
[14/10/2009|18:52] C:\Users\ALEXAN~1\AppData\Local\d3d9caps.dat
[13/10/2009|20:57] C:\Users\ALEXAN~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/04/2009|09:07] C:\Users\ALEXAN~1\AppData\Local\DSwitch.txt
[12/06/2009|14:25] C:\Users\ALEXAN~1\AppData\Local\GDIPFONTCACHEV1.DAT
[18/09/2009|18:56] C:\Users\ALEXAN~1\AppData\Local\Google
[08/05/2009|15:21] C:\Users\ALEXAN~1\AppData\Local\Hewlett-Packard
[08/04/2009|08:55] C:\Users\ALEXAN~1\AppData\Local\Historique
[02/11/2009|16:14] C:\Users\ALEXAN~1\AppData\Local\IconCache.db
[24/07/2009|12:30] C:\Users\ALEXAN~1\AppData\Local\kgwoc.bat
[25/10/2009|23:22] C:\Users\ALEXAN~1\AppData\Local\Microsoft
[23/08/2009|21:06] C:\Users\ALEXAN~1\AppData\Local\Microsoft Games
[24/05/2009|16:50] C:\Users\ALEXAN~1\AppData\Local\Microsoft Help
[09/04/2009|00:08] C:\Users\ALEXAN~1\AppData\Local\Mozilla
[24/07/2009|12:45] C:\Users\ALEXAN~1\AppData\Local\oisug.dat
[08/04/2009|09:07] C:\Users\ALEXAN~1\AppData\Local\QSwitch.txt
[11/10/2009|11:24] C:\Users\ALEXAN~1\AppData\Local\Shareaza
[02/11/2009|16:18] C:\Users\ALEXAN~1\AppData\Local\Temp
[08/04/2009|08:55] C:\Users\ALEXAN~1\AppData\Local\Temporary Internet Files
[09/04/2009|18:44] C:\Users\ALEXAN~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[09/10/2009 21:49][--a------] C:\Windows\tasks\HPCeeScheduleForAlexandre.job
[02/11/2009 15:08][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A2B83725-ABA7-45A3-B7CF-FAFE4C5BB6A8}.job
[02/11/2009 16:19][--a------] C:\Windows\tasks\Google Software Updater.job
[02/11/2009 16:15][--ah-----] C:\Windows\tasks\SA.DAT
[02/11/2009 16:14][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[09/02/2009|15:15] C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[22/10/2008|05:40] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[22/10/2008|05:51] C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[09/02/2009|15:14] C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[22/10/2008|05:46] C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[09/02/2009|15:12] C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[15/09/2009|18:20] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[08/04/2009|09:39] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[09/02/2009|15:15] C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[22/10/2008|05:44] C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[22/10/2008|05:51] C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[09/02/2009|15:15] C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[20/10/2009|17:28] C:\ProgramData\Adobe
[08/04/2009|09:36] C:\ProgramData\Apple
[08/04/2009|09:39] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[19/05/2009|18:01] C:\ProgramData\Avira
[08/04/2009|08:54] C:\ProgramData\Bureau
[26/05/2009|15:28] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[08/04/2009|08:54] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[09/04/2009|00:05] C:\ProgramData\Google
[02/11/2009|15:07] C:\ProgramData\Google Updater
[24/05/2009|16:46] C:\ProgramData\Hewlett-Packard
[27/06/2009|21:53] C:\ProgramData\HipSoft
[24/05/2009|18:27] C:\ProgramData\HP
[02/11/2009|15:02] C:\ProgramData\HP Product Assistant
[24/05/2009|18:25] C:\ProgramData\HPSSUPPLY
[29/05/2009|19:14] C:\ProgramData\hpzinstall.log
[08/04/2009|19:26] C:\ProgramData\LightScribe
[24/07/2009|12:39] C:\ProgramData\Malwarebytes
[03/10/2009|10:01] C:\ProgramData\McAfee
[03/10/2009|09:39] C:\ProgramData\McAfee Security Scan
[08/04/2009|08:54] C:\ProgramData\Menu D‚marrer
[05/06/2009|17:03] C:\ProgramData\Microsoft
[16/10/2009|17:03] C:\ProgramData\Microsoft Help
[08/04/2009|08:54] C:\ProgramData\ModŠles
[02/11/2009|11:59] C:\ProgramData\muvee Technologies
[13/08/2009|13:21] C:\ProgramData\Normal_Tanks1.01
[09/04/2009|20:12] C:\ProgramData\Norton
[09/04/2009|20:20] C:\ProgramData\NortonInstaller
[13/06/2009|13:47] C:\ProgramData\NVIDIA
[02/11/2009|16:16] C:\ProgramData\nvModes.001
[28/10/2009|21:11] C:\ProgramData\nvModes.dat
[04/10/2009|16:19] C:\ProgramData\Office Genuine Advantage
[02/11/2006|14:02] C:\ProgramData\Start Menu
[07/08/2009|12:54] C:\ProgramData\Tarma Installer
[09/09/2009|21:17] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[28/06/2009|11:38] C:\ProgramData\WildTangent

--------------------\\ Listing des dossiers dans C:\Program Files

[22/10/2008|05:40] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[16/04/2009|13:44] C:\Program Files\Adobe
[19/09/2009|12:03] C:\Program Files\AGEIA Technologies
[31/10/2009|00:31] C:\Program Files\Apowersoft
[08/04/2009|09:37] C:\Program Files\Apple Software Update
[19/05/2009|18:01] C:\Program Files\Avira
[26/07/2009|08:05] C:\Program Files\BitComet
[08/04/2009|09:38] C:\Program Files\Bonjour
[09/02/2009|14:21] C:\Program Files\Broadcom
[09/04/2009|18:26] C:\Program Files\CCleaner
[25/07/2009|15:34] C:\Program Files\Common Files
[22/10/2008|05:52] C:\Program Files\CyberLink
[07/08/2009|12:54] C:\Program Files\Data Design Interactive
[09/02/2009|14:26] C:\Program Files\DIFX
[25/07/2009|15:38] C:\Program Files\DivX
[08/08/2009|11:07] C:\Program Files\EA GAMES
[14/04/2009|01:09] C:\Program Files\Easy MP3 Cutter
[26/05/2009|17:21] C:\Program Files\EasyBits For Kids
[16/10/2009|17:31] C:\Program Files\Electronic Arts
[08/04/2009|08:54] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[08/04/2009|20:25] C:\Program Files\Free Audio Pack
[05/06/2009|17:44] C:\Program Files\GameSpy Arcade
[24/05/2009|12:16] C:\Program Files\Google
[09/04/2009|12:35] C:\Program Files\Hewlett-Packard
[22/10/2008|04:51] C:\Program Files\Hewlett-Packard Company
[24/05/2009|18:25] C:\Program Files\HP
[09/04/2009|18:47] C:\Program Files\HP Games
[09/02/2009|14:30] C:\Program Files\IDT
[12/06/2009|22:45] C:\Program Files\InstallShield Installation Information
[09/02/2009|14:22] C:\Program Files\Intel
[31/10/2009|11:02] C:\Program Files\Internet Explorer
[29/09/2009|18:52] C:\Program Files\iPod
[29/09/2009|18:53] C:\Program Files\iTunes
[20/10/2009|21:13] C:\Program Files\Java
[24/05/2009|12:10] C:\Program Files\LightScribe
[24/07/2009|12:39] C:\Program Files\Malwarebytes' Anti-Malware
[04/10/2009|15:12] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[22/10/2008|05:39] C:\Program Files\Microsoft Office
[16/04/2009|19:39] C:\Program Files\Microsoft Office CD
[11/09/2009|23:14] C:\Program Files\Microsoft Silverlight
[08/04/2009|11:21] C:\Program Files\Microsoft SQL Server Compact Edition
[12/06/2009|22:27] C:\Program Files\Microsoft Works
[22/10/2008|05:39] C:\Program Files\Microsoft.NET
[13/06/2009|13:38] C:\Program Files\Movie Maker
[02/11/2009|16:17] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[08/04/2009|09:29] C:\Program Files\MSXML 4.0
[09/02/2009|15:16] C:\Program Files\muvee Technologies
[13/08/2009|12:08] C:\Program Files\Normal Tanks
[08/04/2009|08:57] C:\Program Files\Online Services
[15/09/2009|18:17] C:\Program Files\QuickTime
[09/02/2009|14:25] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[19/04/2009|19:03] C:\Program Files\RegCure
[13/06/2009|11:04] C:\Program Files\Replay Converter 3
[15/09/2009|18:25] C:\Program Files\Safari
[11/10/2009|11:24] C:\Program Files\Shareaza
[08/04/2009|09:06] C:\Program Files\SMINST
[08/05/2009|11:46] C:\Program Files\SoundSpectrum
[09/09/2009|21:16] C:\Program Files\SpywareBlaster
[09/02/2009|14:25] C:\Program Files\Synaptics
[02/11/2009|15:31] C:\Program Files\Trend Micro
[23/09/2009|17:41] C:\Program Files\Ubisoft
[09/06/2009|21:30] C:\Program Files\Ulead Systems
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[15/09/2009|18:25] C:\Program Files\Utilitaire de configuration iPhone
[01/09/2009|23:35] C:\Program Files\VideoLAN
[14/05/2009|08:41] C:\Program Files\VirtualDJ
[13/06/2009|13:38] C:\Program Files\Windows Calendar
[13/06/2009|13:38] C:\Program Files\Windows Collaboration
[13/06/2009|13:38] C:\Program Files\Windows Defender
[13/06/2009|13:38] C:\Program Files\Windows Journal
[04/10/2009|15:16] C:\Program Files\Windows Live
[08/04/2009|11:19] C:\Program Files\Windows Live SkyDrive
[16/10/2009|17:18] C:\Program Files\Windows Mail
[31/10/2009|11:02] C:\Program Files\Windows Media Player
[08/04/2009|08:54] C:\Program Files\Windows NT
[13/06/2009|13:38] C:\Program Files\Windows Photo Gallery
[13/06/2009|13:38] C:\Program Files\Windows Sidebar
[10/04/2009|20:25] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[17/10/2009|11:30] C:\Program Files\Common Files\Adobe
[29/09/2009|18:51] C:\Program Files\Common Files\Apple
[22/10/2008|05:39] C:\Program Files\Common Files\DESIGNER
[25/07/2009|15:38] C:\Program Files\Common Files\DivX Shared
[24/05/2009|16:47] C:\Program Files\Common Files\Hewlett-Packard
[24/05/2009|18:24] C:\Program Files\Common Files\HP
[05/06/2009|17:42] C:\Program Files\Common Files\InstallShield
[22/10/2008|05:55] C:\Program Files\Common Files\Java
[24/05/2009|11:47] C:\Program Files\Common Files\LightScribe
[03/07/2009|10:22] C:\Program Files\Common Files\microsoft shared
[09/02/2009|15:16] C:\Program Files\Common Files\muvee Technologies
[25/07/2009|15:38] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[13/06/2009|13:38] C:\Program Files\Common Files\System
[09/06/2009|21:33] C:\Program Files\Common Files\Ulead Systems
[08/04/2009|11:03] C:\Program Files\Common Files\Windows Live

--------------------\\ Process

( 95 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Users\ALEXAN~1\AppData\Roaming\MICROS~1\Windows\Cookies\alexandre@adultfriendfinder[2].txt
C:\Users\ALEXAN~1\AppData\Roaming\MICROS~1\Windows\Cookies\alexandre@ero-advertising[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-02 16:20:03
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\ALEXAN~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GDMLDUQ3\likecrackvid[1].jpg


[F:158][D:23]-> C:\Users\ALEXAN~1\AppData\Local\Temp
[F:202][D:1]-> C:\Users\ALEXAN~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3451][D:4]-> C:\Users\ALEXAN~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/11/2009|16:23 - Option : [1]

--------------------\\ Fin du rapport a 16:23:52
[ UAC => 1 ]
0
Réponse 4 / 4
schapunk Messages postés 79 Date d'inscription vendredi 3 avril 2009 Statut Membre Dernière intervention 12 août 2012 3
2 nov. 2009 à 16:52
est ce que je peux réactiver la fonction "Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur"?
D'après vous je n'ai plus rien sur mon ordi?
0

Discussions similaires

Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Virus : trojan:win32/wacatac.h!ml
Alky09 -
bazfile -

8 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses
Comment éliminer manuellement virus trojan?
ballag -
RClog -

12 réponses