Suis je toujours inféctés ? Fermé

Question

Bonsoir,

Hier matin j'ai reçus des alertes de mon antivirus (Antivir version gratuite) des trojen on été découvert de ce je l'ai et supprimé.

Certain de mes mot de passe de comptes avait été modifier j'ai pu tous récupérer par chance.

Les deux attaques ->

Dans le fichier 'C:\ProgramData\Atomtonsmags\clock phone bows data.exe'
un virus ou un programme indésirable 'TR/Dldr.Swizzor.Gen2' [trojan] a été détecté.
Action exécutée : Supprimer le fichier

Dans le fichier 'C:\ProgramData\Atomtonsmags\Upload tick.exe'
un virus ou un programme indésirable 'TR/Dldr.Swizzor.Gen2' [trojan] a été détecté.
Action exécutée : Supprimer le fichier

J'ai fait une analyse complète de mon pc avec antivir et spybot rien d'autre n'a été découvert. 

Je me pose la question de savoir si je suis toujours infecté vu que c'est logiciel ne sont pas fiables a 100% .

J'écoute toute vos réponses merci d'avance

plopus · Answer

salut

tu as du installer un de ces logiciel pieger A NE PAS REFAIRE !

    * BitDownload
    * BitGrabber
    * BitRoll
    * MessengerPlus! 3 sous le nom de sponsors
    * Messenger Plus! Live sous le nom de sponsors
    * NetPumper
    * TorrentQ
    * Torrent101


    * Sous VISTA : Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection)https://www.androidworld.fr/

    * Télécharger et enregistrer lopSD sur ton bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
    * Double-clic Lop S&D
    * Faire l'installation
    * Fermer toutes les applications
    * Le lancer par un double-clic sur le raccourci qui est sur le bureau

      * Avec VISTA => clic-droit et => Exécuter en tant qu'administrateur
    * Taper F pour français , puis presser entrée
    * Taper 1
    * Presser Entrée
    * Le PC va redémarrer

      * Note= si l'antivirus annonce une infection dans TEMP , l'ignorer
    * Attendre l'apparition du rapport
    * Copier le rapport et le coller dans la réponse


* le rapport se trouve aussi à C:\lopR

^^Marie^^ · Answer

Lu

Cela fonctionne, un beug passager

gamer83 · Answer

bonsoir,
 essai avec un autre anti-virus et si le verdict est le même normalement il n'y a plus de problème.
PS: méfie toi des anti-virus gratuit, ils peuvent contenir des virus ^^
cordialement

turko1 · Answer

Voila j'ai le rapport ^^


   --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft® Windows Vista(TM) Professionnel  ( v6.0.6002 ) Service Pack 2
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5500  @ 1.66GHz )
   BIOS : Ver 1.00PARTTBL1
   USER : zakire ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:51 Go (Free:8 Go)
   D:\ (Local Disk) - NTFS - Total:51 Go (Free:19 Go)
   E:\ (CD or DVD)
   H:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( dim. 21/03/2010|19:49 )

   [ UAC => 0 ]
 
   --------------------\  Listing des dossiers dans Local

   [28/12/2008|01:34] C:\Users\zakire\AppData\Local\ABBYY
   [23/05/2007|18:21] C:\Users\zakire\AppData\Local\acer eNM
   [21/12/2008|16:18] C:\Users\zakire\AppData\Local\Adobe
   [26/05/2007|17:03] C:\Users\zakire\AppData\Local\Ahead
   [10/02/2010|13:53] C:\Users\zakire\AppData\Local\Apple
   [10/02/2010|22:24] C:\Users\zakire\AppData\Local\Apple Computer
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Application Data 
   [21/03/2010|19:46] C:\Users\zakire\AppData\Local\ApplicationHistory
   [28/12/2007|17:45] C:\Users\zakire\AppData\Local\Apps
   [12/11/2007|19:39] C:\Users\zakire\AppData\Local\capcom
   [12/01/2009|21:20] C:\Users\zakire\AppData\Local\Chat Republic Games
   [15/10/2009|14:44] C:\Users\zakire\AppData\Local\d3d9caps.dat
   [09/03/2010|15:05] C:\Users\zakire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [11/02/2009|19:13] C:\Users\zakire\AppData\Local\Downloaded Installations
   [29/06/2007|18:07] C:\Users\zakire\AppData\Local\fusioncache.dat
   [25/02/2010|06:51] C:\Users\zakire\AppData\Local\GDIPFONTCACHEV1.DAT
   [23/05/2007|21:30] C:\Users\zakire\AppData\Local\GHISLER
   [07/01/2010|21:28] C:\Users\zakire\AppData\Local\Google
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Historique 
   [21/03/2010|19:41] C:\Users\zakire\AppData\Local\IconCache.db
   [13/11/2007|22:34] C:\Users\zakire\AppData\Local\id Software
   [01/10/2008|12:28] C:\Users\zakire\AppData\Local\Introversion
   [02/12/2008|19:14] C:\Users\zakire\AppData\Local\Microsoft
   [24/05/2007|02:40] C:\Users\zakire\AppData\Local\Microsoft Game Studios
   [09/01/2010|15:17] C:\Users\zakire\AppData\Local\Microsoft Help
   [07/01/2008|15:17] C:\Users\zakire\AppData\Local\MigWiz
   [03/06/2007|15:16] C:\Users\zakire\AppData\Local\Mozilla
   [08/11/2008|00:56] C:\Users\zakire\AppData\Local\Stardock
   [15/09/2007|16:23] C:\Users\zakire\AppData\Local\Steam
   [21/03/2010|19:47] C:\Users\zakire\AppData\Local\Temp
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Temporary Internet Files 
   [24/05/2007|14:17] C:\Users\zakire\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [21/03/2010 19:41][--a------] C:\Windows	asks\GoogleUpdateTaskMachineUA.job
   [21/03/2010 19:44][--a------] C:\Windows	asks\GoogleUpdateTaskMachineCore.job
   [20/03/2010 12:33][--a------] C:\Windows	asks\Google Software Updater.job
   [21/03/2010 19:44][--a------] C:\Windows	asks\Maintenance en 1 clic.job
   [21/03/2010 15:10][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{76FAD184-D0C8-41D5-9BC9-F6124D33BB9A}.job
   [21/03/2010 19:44][--ah-----] C:\Windows	asks\SA.DAT
   [21/03/2010 19:42][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [10/02/2010|13:58] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
   [08/09/2008|22:04] C:\ProgramData\ABBYY
   [07/03/2008|13:48] C:\ProgramData\addr_file.html
   [18/11/2009|15:10] C:\ProgramData\Adobe
   [14/01/2008|17:38] C:\ProgramData\Age of Empires 3
   [10/02/2010|13:49] C:\ProgramData\Apple
   [10/02/2010|21:26] C:\ProgramData\Apple Computer
   [02/11/2006|14:02] C:\ProgramData\Application Data 
   [20/03/2010|13:18] C:\ProgramData\Atomtonsmags
   [24/02/2008|04:23] C:\ProgramData\avg7
   [17/05/2009|02:06] C:\ProgramData\Avira
   [27/12/2007|01:22] C:\ProgramData\Azureus
   [05/12/2009|12:42] C:\ProgramData\Bits kind kind.dincj
   [05/12/2009|12:42] C:\ProgramData\Bits kind kind.puf96
   [23/05/2007|17:57] C:\ProgramData\Bureau 
   [03/09/2008|22:40] C:\ProgramData\CanonBJ
   [12/01/2009|21:20] C:\ProgramData\Chat Republic Games
   [24/05/2007|21:45] C:\ProgramData\CyberLink
   [02/11/2006|14:02] C:\ProgramData\Desktop 
   [21/03/2010|15:33] C:\ProgramData\DivX
   [02/11/2006|14:02] C:\ProgramData\Documents 
   [11/02/2009|19:42] C:\ProgramData\Electronic Arts
   [01/03/2008|15:43] C:\ProgramData\ezsid.dat
   [24/06/2008|03:07] C:\ProgramData\ezsidmv.dat
   [23/05/2007|17:57] C:\ProgramData\Favoris 
   [02/11/2006|14:02] C:\ProgramData\Favorites 
   [21/12/2008|15:48] C:\ProgramData\FLEXnet
   [07/01/2010|21:29] C:\ProgramData\Google
   [23/03/2009|00:35] C:\ProgramData\Google Updater
   [26/02/2008|16:03] C:\ProgramData\Grisoft
   [19/01/2009|16:40] C:\ProgramData\HP
   [05/07/2009|01:31] C:\ProgramData\HP Product Assistant
   [19/01/2009|11:50] C:\ProgramData\HPSSUPPLY
   [19/01/2009|11:51] C:\ProgramData\hpzinstall.log
   [23/05/2007|18:04] C:\ProgramData\InstallShield
   [23/05/2007|17:57] C:\ProgramData\Menu D'marrer 
   [14/02/2010|01:38] C:\ProgramData\Messenger Plus!
   [18/02/2009|13:33] C:\ProgramData\Microsoft
   [24/05/2007|02:40] C:\ProgramData\Microsoft Games
   [12/03/2010|09:35] C:\ProgramData\Microsoft Help
   [23/05/2007|17:57] C:\ProgramData\ModSles 
   [23/05/2007|23:53] C:\ProgramData\Nero
   [24/05/2007|13:59] C:\ProgramData\NtiDvdCopy
   [13/02/2009|22:33] C:\ProgramData\NVIDIA
   [21/03/2010|19:45] C:\ProgramData
vModes.001
   [21/03/2010|19:44] C:\ProgramData
vModes.dat
   [02/05/2009|10:57] C:\ProgramData\Office Genuine Advantage
   [13/12/2009|03:39] C:\ProgramData\Skype
   [20/07/2009|01:07] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|14:02] C:\ProgramData\Start Menu 
   [23/05/2007|19:19] C:\ProgramData\Symantec
   [20/12/2008|14:51] C:\ProgramData\TEMP
   [02/11/2006|14:02] C:\ProgramData\Templates 
   [19/01/2009|11:51] C:\ProgramData\WEBREG
   [08/10/2009|18:47] C:\ProgramData\WindowsSearch
   [02/01/2008|18:50] C:\ProgramData\WinZip
   [14/01/2009|21:48] C:\ProgramData\WLInstaller

   --------------------\  Listing des dossiers dans C:\Program Files

   [09/01/2010|15:00] C:\Program Files\AbiWord
   [23/05/2007|18:13] C:\Program Files\Acer
   [23/05/2007|18:07] C:\Program Files\Acer Inc
   [26/11/2008|16:32] C:\Program Files\Activision
   [15/01/2009|15:20] C:\Program Files\Adobe
   [13/02/2009|22:26] C:\Program Files\AGEIA Technologies
   [23/06/2007|21:19] C:\Program Files\Alcohol Soft
   [23/05/2007|19:37] C:\Program Files\Alwil Software
   [10/02/2010|13:53] C:\Program Files\Apple Software Update
   [17/05/2009|02:06] C:\Program Files\Avira
   [24/02/2008|02:08] C:\Program Files\CCleaner
   [12/01/2010|11:27] C:\Program Files\Circle Developeent
   [26/11/2008|19:10] C:\Program Files\CodeStuff
   [21/03/2010|15:50] C:\Program Files\Common Files
   [26/12/2008|02:48] C:\Program Files\CyberLink
   [23/05/2007|22:39] C:\Program Files\DAEMON Tools
   [21/03/2010|15:52] C:\Program Files\DivX
   [22/01/2010|20:44] C:\Program Files\Dofus
   [01/03/2010|19:26] C:\Program Files\Dofus 2.0
   [08/03/2009|13:41] C:\Program Files\Feuvert
   [23/05/2007|17:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [07/02/2010|14:50] C:\Program Files\Google
   [27/12/2008|06:33] C:\Program Files\Grisoft
   [29/11/2008|15:22] C:\Program Files\HLSW
   [19/01/2009|11:50] C:\Program Files\HP
   [04/08/2009|14:07] C:\Program Files\InstallShield Installation Information
   [13/12/2006|08:42] C:\Program Files\Intel
   [28/01/2010|11:37] C:\Program Files\Internet Explorer
   [10/02/2010|22:11] C:\Program Files\iPod
   [10/02/2010|22:12] C:\Program Files\iTunes
   [07/01/2010|21:37] C:\Program Files\Java
   [23/05/2007|18:09] C:\Program Files\Launch Manager
   [25/12/2009|11:33] C:\Program Files\LimeWire
   [17/08/2008|22:44] C:\Program Files\Macrogaming
   [05/11/2007|19:23] C:\Program Files\Maxis
   [14/02/2010|01:37] C:\Program Files\Messenger Plus! Live
   [18/02/2009|13:35] C:\Program Files\Microsoft
   [24/05/2007|02:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [05/03/2008|14:32] C:\Program Files\Microsoft Games
   [24/05/2007|00:17] C:\Program Files\Microsoft Office
   [05/10/2009|00:18] C:\Program Files\Microsoft Office Outlook Connector
   [21/01/2010|16:13] C:\Program Files\Microsoft Silverlight
   [11/02/2008|14:36] C:\Program Files\Microsoft SQL Server Compact Edition
   [14/01/2009|22:05] C:\Program Files\Microsoft Sync Framework
   [24/05/2007|00:17] C:\Program Files\Microsoft Visual Studio
   [24/05/2007|00:13] C:\Program Files\Microsoft Visual Studio 8
   [02/05/2009|10:38] C:\Program Files\Microsoft Works
   [24/05/2007|00:16] C:\Program Files\Microsoft.NET
   [13/03/2010|00:08] C:\Program Files\Movie Maker
   [17/03/2010|18:07] C:\Program Files\Mozilla Firefox
   [24/05/2007|00:17] C:\Program Files\MSBuild
   [11/02/2008|14:16] C:\Program Files\MSN Messenger
   [23/05/2007|23:53] C:\Program Files\Nero
   [22/12/2006|16:59] C:\Program Files\NewTech Infosystems
   [08/03/2009|21:54] C:\Program Files\PhotoFiltre Studio
   [20/12/2008|14:50] C:\Program Files\Portrait Professional Max 6
   [10/02/2010|21:27] C:\Program Files\QuickTime
   [03/11/2008|23:49] C:\Program Files\Real
   [13/12/2006|08:51] C:\Program Files\Realtek
   [02/11/2006|13:37] C:\Program Files\Reference Assemblies
   [23/12/2009|14:22] C:\Program Files\Skype
   [08/04/2008|20:54] C:\Program Files\SopCast
   [29/11/2009|03:19] C:\Program Files\Spybot - Search & Destroy
   [08/11/2008|00:56] C:\Program Files\Stardock
   [28/11/2009|18:53] C:\Program Files\Steam
   [13/12/2006|09:04] C:\Program Files\Synaptics
   [13/02/2009|20:58] C:\Program Files\SystemRequirementsLab
   [07/12/2008|14:50] C:\Program Files\TuneUpPortable
   [02/11/2006|14:01] C:\Program Files\Uninstall Information
   [29/12/2007|17:15] C:\Program Files\uTorrent
   [24/05/2007|00:46] C:\Program Files\VideoLAN
   [07/01/2010|21:28] C:\Program Files\Wakfu
   [16/12/2009|02:53] C:\Program Files\Windows Calendar
   [16/12/2009|02:52] C:\Program Files\Windows Collaboration
   [16/12/2009|02:52] C:\Program Files\Windows Defender
   [16/12/2009|02:52] C:\Program Files\Windows Journal
   [14/12/2009|00:34] C:\Program Files\Windows Live
   [11/02/2008|14:34] C:\Program Files\Windows Live Favorites
   [14/01/2009|21:59] C:\Program Files\Windows Live SkyDrive
   [14/01/2009|22:06] C:\Program Files\Windows Live Toolbar
   [13/03/2010|00:08] C:\Program Files\Windows Mail
   [16/12/2009|02:52] C:\Program Files\Windows Media Player
   [23/05/2007|17:57] C:\Program Files\Windows NT
   [16/12/2009|02:52] C:\Program Files\Windows Photo Gallery
   [17/12/2009|13:50] C:\Program Files\Windows Portable Devices
   [16/12/2009|02:52] C:\Program Files\Windows Sidebar
   [03/01/2008|21:28] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [23/05/2007|18:13] C:\Program Files\Common Files\Acer
   [15/01/2009|15:19] C:\Program Files\Common Files\Adobe
   [14/02/2010|11:56] C:\Program Files\Common Files\Adobe AIR
   [24/05/2007|00:00] C:\Program Files\Common Files\Ahead
   [10/02/2010|22:11] C:\Program Files\Common Files\Apple
   [24/05/2007|00:17] C:\Program Files\Common Files\DESIGNER
   [21/03/2010|15:51] C:\Program Files\Common Files\DivX Shared
   [19/01/2009|11:50] C:\Program Files\Common Files\HP
   [08/03/2009|13:41] C:\Program Files\Common Files\InstallShield
   [22/12/2006|16:59] C:\Program Files\Common Files\LightScribe
   [23/05/2007|18:13] C:\Program Files\Common Files\Logitech
   [02/05/2009|10:39] C:\Program Files\Common Files\microsoft shared
   [22/12/2006|16:58] C:\Program Files\Common Files\muvee Technologies
   [22/12/2006|16:59] C:\Program Files\Common Files\NewTech Infosystems
   [21/03/2010|15:51] C:\Program Files\Common Files\PX Storage Engine
   [04/11/2008|18:42] C:\Program Files\Common Files\Real
   [02/11/2006|12:18] C:\Program Files\Common Files\Services
   [13/12/2009|03:39] C:\Program Files\Common Files\Skype
   [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
   [28/11/2009|15:29] C:\Program Files\Common Files\Steam
   [23/05/2007|19:21] C:\Program Files\Common Files\Symantec Shared
   [16/12/2009|02:52] C:\Program Files\Common Files\System
   [14/01/2009|21:50] C:\Program Files\Common Files\Windows Live
   [11/02/2008|14:31] C:\Program Files\Common Files\WindowsLiveInstaller
   [13/02/2009|22:25] C:\Program Files\Common Files\Wise Installation Wizard

   --------------------\  Process

   ( 88 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   C:\ProgramData\Bits kind kind.dincj
   C:\ProgramData\Bits kind kind.puf96
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\ProgramData\Atomtonsmags
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "CakeActive"="\"C:\ProgramData\Bits kind kind.dincj\""

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2010-03-21 19:49:21
   Windows 6.0.6002 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 4
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\zakire\AppData\Roaming\BitTorrent\incomplete\a61f0051-c681\Empire Earth 2 French Crack
   C:\Users\zakire\AppData\Roaming\BitTorrent\incomplete\a61f0051-c681\Empire Earth 2 French Crack\EE2.exe


   [F:39][D:8]-> C:\Users\zakire\AppData\Local\Temp
   [F:10][D:1]-> C:\Users\zakire\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:6][D:4]-> C:\Users\zakire\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:4][D:3]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - dim. 21/03/2010|19:40 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - dim. 21/03/2010|19:53 - Option : [1]

turko1 · Answer

Le rapport de l'option 2 et j'ai supprimé le crak je te poste la suite apres installations.


   --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft® Windows Vista(TM) Professionnel  ( v6.0.6002 ) Service Pack 2
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5500  @ 1.66GHz )
   BIOS : Ver 1.00PARTTBL1
   USER : zakire ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:51 Go (Free:8 Go)
   D:\ (Local Disk) - NTFS - Total:51 Go (Free:19 Go)
   E:\ (CD or DVD)
   H:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( dim. 21/03/2010|20:18 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\ProgramData\Bits kind kind.dincj
   Supprime! - C:\ProgramData\Bits kind kind.puf96
   Supprime! - C:\ProgramData\Atomtonsmags
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local

   [28/12/2008|01:34] C:\Users\zakire\AppData\Local\ABBYY
   [23/05/2007|18:21] C:\Users\zakire\AppData\Local\acer eNM
   [21/12/2008|16:18] C:\Users\zakire\AppData\Local\Adobe
   [26/05/2007|17:03] C:\Users\zakire\AppData\Local\Ahead
   [10/02/2010|13:53] C:\Users\zakire\AppData\Local\Apple
   [10/02/2010|22:24] C:\Users\zakire\AppData\Local\Apple Computer
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Application Data 
   [21/03/2010|19:47] C:\Users\zakire\AppData\Local\ApplicationHistory
   [28/12/2007|17:45] C:\Users\zakire\AppData\Local\Apps
   [12/11/2007|19:39] C:\Users\zakire\AppData\Local\capcom
   [12/01/2009|21:20] C:\Users\zakire\AppData\Local\Chat Republic Games
   [15/10/2009|14:44] C:\Users\zakire\AppData\Local\d3d9caps.dat
   [09/03/2010|15:05] C:\Users\zakire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [11/02/2009|19:13] C:\Users\zakire\AppData\Local\Downloaded Installations
   [29/06/2007|18:07] C:\Users\zakire\AppData\Local\fusioncache.dat
   [25/02/2010|06:51] C:\Users\zakire\AppData\Local\GDIPFONTCACHEV1.DAT
   [23/05/2007|21:30] C:\Users\zakire\AppData\Local\GHISLER
   [07/01/2010|21:28] C:\Users\zakire\AppData\Local\Google
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Historique 
   [21/03/2010|19:41] C:\Users\zakire\AppData\Local\IconCache.db
   [13/11/2007|22:34] C:\Users\zakire\AppData\Local\id Software
   [01/10/2008|12:28] C:\Users\zakire\AppData\Local\Introversion
   [02/12/2008|19:14] C:\Users\zakire\AppData\Local\Microsoft
   [24/05/2007|02:40] C:\Users\zakire\AppData\Local\Microsoft Game Studios
   [09/01/2010|15:17] C:\Users\zakire\AppData\Local\Microsoft Help
   [07/01/2008|15:17] C:\Users\zakire\AppData\Local\MigWiz
   [03/06/2007|15:16] C:\Users\zakire\AppData\Local\Mozilla
   [08/11/2008|00:56] C:\Users\zakire\AppData\Local\Stardock
   [15/09/2007|16:23] C:\Users\zakire\AppData\Local\Steam
   [21/03/2010|20:18] C:\Users\zakire\AppData\Local\Temp
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Temporary Internet Files 
   [24/05/2007|14:17] C:\Users\zakire\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [21/03/2010 19:41][--a------] C:\Windows	asks\GoogleUpdateTaskMachineUA.job
   [21/03/2010 19:44][--a------] C:\Windows	asks\GoogleUpdateTaskMachineCore.job
   [20/03/2010 12:33][--a------] C:\Windows	asks\Google Software Updater.job
   [21/03/2010 20:00][--a------] C:\Windows	asks\Maintenance en 1 clic.job
   [21/03/2010 15:10][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{76FAD184-D0C8-41D5-9BC9-F6124D33BB9A}.job
   [21/03/2010 19:44][--ah-----] C:\Windows	asks\SA.DAT
   [21/03/2010 19:42][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [10/02/2010|13:58] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
   [08/09/2008|22:04] C:\ProgramData\ABBYY
   [07/03/2008|13:48] C:\ProgramData\addr_file.html
   [18/11/2009|15:10] C:\ProgramData\Adobe
   [14/01/2008|17:38] C:\ProgramData\Age of Empires 3
   [10/02/2010|13:49] C:\ProgramData\Apple
   [10/02/2010|21:26] C:\ProgramData\Apple Computer
   [02/11/2006|14:02] C:\ProgramData\Application Data 
   [24/02/2008|04:23] C:\ProgramData\avg7
   [17/05/2009|02:06] C:\ProgramData\Avira
   [27/12/2007|01:22] C:\ProgramData\Azureus
   [23/05/2007|17:57] C:\ProgramData\Bureau 
   [03/09/2008|22:40] C:\ProgramData\CanonBJ
   [12/01/2009|21:20] C:\ProgramData\Chat Republic Games
   [24/05/2007|21:45] C:\ProgramData\CyberLink
   [02/11/2006|14:02] C:\ProgramData\Desktop 
   [21/03/2010|15:33] C:\ProgramData\DivX
   [02/11/2006|14:02] C:\ProgramData\Documents 
   [11/02/2009|19:42] C:\ProgramData\Electronic Arts
   [01/03/2008|15:43] C:\ProgramData\ezsid.dat
   [24/06/2008|03:07] C:\ProgramData\ezsidmv.dat
   [23/05/2007|17:57] C:\ProgramData\Favoris 
   [02/11/2006|14:02] C:\ProgramData\Favorites 
   [21/12/2008|15:48] C:\ProgramData\FLEXnet
   [07/01/2010|21:29] C:\ProgramData\Google
   [23/03/2009|00:35] C:\ProgramData\Google Updater
   [26/02/2008|16:03] C:\ProgramData\Grisoft
   [19/01/2009|16:40] C:\ProgramData\HP
   [05/07/2009|01:31] C:\ProgramData\HP Product Assistant
   [19/01/2009|11:50] C:\ProgramData\HPSSUPPLY
   [19/01/2009|11:51] C:\ProgramData\hpzinstall.log
   [23/05/2007|18:04] C:\ProgramData\InstallShield
   [23/05/2007|17:57] C:\ProgramData\Menu D'marrer 
   [14/02/2010|01:38] C:\ProgramData\Messenger Plus!
   [18/02/2009|13:33] C:\ProgramData\Microsoft
   [24/05/2007|02:40] C:\ProgramData\Microsoft Games
   [12/03/2010|09:35] C:\ProgramData\Microsoft Help
   [23/05/2007|17:57] C:\ProgramData\ModSles 
   [23/05/2007|23:53] C:\ProgramData\Nero
   [24/05/2007|13:59] C:\ProgramData\NtiDvdCopy
   [13/02/2009|22:33] C:\ProgramData\NVIDIA
   [21/03/2010|19:54] C:\ProgramData
vModes.001
   [21/03/2010|19:44] C:\ProgramData
vModes.dat
   [02/05/2009|10:57] C:\ProgramData\Office Genuine Advantage
   [13/12/2009|03:39] C:\ProgramData\Skype
   [20/07/2009|01:07] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|14:02] C:\ProgramData\Start Menu 
   [23/05/2007|19:19] C:\ProgramData\Symantec
   [20/12/2008|14:51] C:\ProgramData\TEMP
   [02/11/2006|14:02] C:\ProgramData\Templates 
   [19/01/2009|11:51] C:\ProgramData\WEBREG
   [08/10/2009|18:47] C:\ProgramData\WindowsSearch
   [02/01/2008|18:50] C:\ProgramData\WinZip
   [14/01/2009|21:48] C:\ProgramData\WLInstaller

   --------------------\  Listing des dossiers dans C:\Program Files

   [09/01/2010|15:00] C:\Program Files\AbiWord
   [23/05/2007|18:13] C:\Program Files\Acer
   [23/05/2007|18:07] C:\Program Files\Acer Inc
   [26/11/2008|16:32] C:\Program Files\Activision
   [15/01/2009|15:20] C:\Program Files\Adobe
   [13/02/2009|22:26] C:\Program Files\AGEIA Technologies
   [23/06/2007|21:19] C:\Program Files\Alcohol Soft
   [23/05/2007|19:37] C:\Program Files\Alwil Software
   [10/02/2010|13:53] C:\Program Files\Apple Software Update
   [17/05/2009|02:06] C:\Program Files\Avira
   [24/02/2008|02:08] C:\Program Files\CCleaner
   [12/01/2010|11:27] C:\Program Files\Circle Developeent
   [26/11/2008|19:10] C:\Program Files\CodeStuff
   [21/03/2010|15:50] C:\Program Files\Common Files
   [26/12/2008|02:48] C:\Program Files\CyberLink
   [23/05/2007|22:39] C:\Program Files\DAEMON Tools
   [21/03/2010|15:52] C:\Program Files\DivX
   [22/01/2010|20:44] C:\Program Files\Dofus
   [01/03/2010|19:26] C:\Program Files\Dofus 2.0
   [08/03/2009|13:41] C:\Program Files\Feuvert
   [23/05/2007|17:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [07/02/2010|14:50] C:\Program Files\Google
   [27/12/2008|06:33] C:\Program Files\Grisoft
   [29/11/2008|15:22] C:\Program Files\HLSW
   [19/01/2009|11:50] C:\Program Files\HP
   [04/08/2009|14:07] C:\Program Files\InstallShield Installation Information
   [13/12/2006|08:42] C:\Program Files\Intel
   [28/01/2010|11:37] C:\Program Files\Internet Explorer
   [10/02/2010|22:11] C:\Program Files\iPod
   [10/02/2010|22:12] C:\Program Files\iTunes
   [07/01/2010|21:37] C:\Program Files\Java
   [23/05/2007|18:09] C:\Program Files\Launch Manager
   [25/12/2009|11:33] C:\Program Files\LimeWire
   [17/08/2008|22:44] C:\Program Files\Macrogaming
   [05/11/2007|19:23] C:\Program Files\Maxis
   [14/02/2010|01:37] C:\Program Files\Messenger Plus! Live
   [18/02/2009|13:35] C:\Program Files\Microsoft
   [24/05/2007|02:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [05/03/2008|14:32] C:\Program Files\Microsoft Games
   [24/05/2007|00:17] C:\Program Files\Microsoft Office
   [05/10/2009|00:18] C:\Program Files\Microsoft Office Outlook Connector
   [21/01/2010|16:13] C:\Program Files\Microsoft Silverlight
   [11/02/2008|14:36] C:\Program Files\Microsoft SQL Server Compact Edition
   [14/01/2009|22:05] C:\Program Files\Microsoft Sync Framework
   [24/05/2007|00:17] C:\Program Files\Microsoft Visual Studio
   [24/05/2007|00:13] C:\Program Files\Microsoft Visual Studio 8
   [02/05/2009|10:38] C:\Program Files\Microsoft Works
   [24/05/2007|00:16] C:\Program Files\Microsoft.NET
   [13/03/2010|00:08] C:\Program Files\Movie Maker
   [17/03/2010|18:07] C:\Program Files\Mozilla Firefox
   [24/05/2007|00:17] C:\Program Files\MSBuild
   [11/02/2008|14:16] C:\Program Files\MSN Messenger
   [23/05/2007|23:53] C:\Program Files\Nero
   [22/12/2006|16:59] C:\Program Files\NewTech Infosystems
   [08/03/2009|21:54] C:\Program Files\PhotoFiltre Studio
   [20/12/2008|14:50] C:\Program Files\Portrait Professional Max 6
   [10/02/2010|21:27] C:\Program Files\QuickTime
   [03/11/2008|23:49] C:\Program Files\Real
   [13/12/2006|08:51] C:\Program Files\Realtek
   [02/11/2006|13:37] C:\Program Files\Reference Assemblies
   [23/12/2009|14:22] C:\Program Files\Skype
   [08/04/2008|20:54] C:\Program Files\SopCast
   [29/11/2009|03:19] C:\Program Files\Spybot - Search & Destroy
   [08/11/2008|00:56] C:\Program Files\Stardock
   [28/11/2009|18:53] C:\Program Files\Steam
   [13/12/2006|09:04] C:\Program Files\Synaptics
   [13/02/2009|20:58] C:\Program Files\SystemRequirementsLab
   [07/12/2008|14:50] C:\Program Files\TuneUpPortable
   [02/11/2006|14:01] C:\Program Files\Uninstall Information
   [29/12/2007|17:15] C:\Program Files\uTorrent
   [24/05/2007|00:46] C:\Program Files\VideoLAN
   [07/01/2010|21:28] C:\Program Files\Wakfu
   [16/12/2009|02:53] C:\Program Files\Windows Calendar
   [16/12/2009|02:52] C:\Program Files\Windows Collaboration
   [16/12/2009|02:52] C:\Program Files\Windows Defender
   [16/12/2009|02:52] C:\Program Files\Windows Journal
   [14/12/2009|00:34] C:\Program Files\Windows Live
   [11/02/2008|14:34] C:\Program Files\Windows Live Favorites
   [14/01/2009|21:59] C:\Program Files\Windows Live SkyDrive
   [14/01/2009|22:06] C:\Program Files\Windows Live Toolbar
   [13/03/2010|00:08] C:\Program Files\Windows Mail
   [16/12/2009|02:52] C:\Program Files\Windows Media Player
   [23/05/2007|17:57] C:\Program Files\Windows NT
   [16/12/2009|02:52] C:\Program Files\Windows Photo Gallery
   [17/12/2009|13:50] C:\Program Files\Windows Portable Devices
   [16/12/2009|02:52] C:\Program Files\Windows Sidebar
   [03/01/2008|21:28] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [23/05/2007|18:13] C:\Program Files\Common Files\Acer
   [15/01/2009|15:19] C:\Program Files\Common Files\Adobe
   [14/02/2010|11:56] C:\Program Files\Common Files\Adobe AIR
   [24/05/2007|00:00] C:\Program Files\Common Files\Ahead
   [10/02/2010|22:11] C:\Program Files\Common Files\Apple
   [24/05/2007|00:17] C:\Program Files\Common Files\DESIGNER
   [21/03/2010|15:51] C:\Program Files\Common Files\DivX Shared
   [19/01/2009|11:50] C:\Program Files\Common Files\HP
   [08/03/2009|13:41] C:\Program Files\Common Files\InstallShield
   [22/12/2006|16:59] C:\Program Files\Common Files\LightScribe
   [23/05/2007|18:13] C:\Program Files\Common Files\Logitech
   [02/05/2009|10:39] C:\Program Files\Common Files\microsoft shared
   [22/12/2006|16:58] C:\Program Files\Common Files\muvee Technologies
   [22/12/2006|16:59] C:\Program Files\Common Files\NewTech Infosystems
   [21/03/2010|15:51] C:\Program Files\Common Files\PX Storage Engine
   [04/11/2008|18:42] C:\Program Files\Common Files\Real
   [02/11/2006|12:18] C:\Program Files\Common Files\Services
   [13/12/2009|03:39] C:\Program Files\Common Files\Skype
   [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
   [28/11/2009|15:29] C:\Program Files\Common Files\Steam
   [23/05/2007|19:21] C:\Program Files\Common Files\Symantec Shared
   [16/12/2009|02:52] C:\Program Files\Common Files\System
   [14/01/2009|21:50] C:\Program Files\Common Files\Windows Live
   [11/02/2008|14:31] C:\Program Files\Common Files\WindowsLiveInstaller
   [13/02/2009|22:25] C:\Program Files\Common Files\Wise Installation Wizard

   --------------------\  Process

   ( 87 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2010-03-21 20:18:28
   Windows 6.0.6002 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 4
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\zakire\AppData\Roaming\BitTorrent\incomplete\a61f0051-c681\Empire Earth 2 French Crack
   C:\Users\zakire\AppData\Roaming\BitTorrent\incomplete\a61f0051-c681\Empire Earth 2 French Crack\EE2.exe


   [F:40][D:8]-> C:\Users\zakire\AppData\Local\Temp
   [F:10][D:1]-> C:\Users\zakire\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:8][D:4]-> C:\Users\zakire\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:4][D:3]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - dim. 21/03/2010|19:40 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - dim. 21/03/2010|19:53 - Option : [1]
   3 - "C:\Lop SD\LopR_3.txt" - dim. 21/03/2010|20:21 - Option : [2]

   --------------------\  Fin du rapport a 20:21:20
   [ UAC => 1 ]

turko1 · Answer

J'attend la fin de l'analyse et je te poste tous ca et surtout merci pour le coup de main plopus ^^

turko1 · Answer

Voila après l'examen complet rien a été détectés.   

Malwarebytes' Anti-Malware 1.44 
Version de la base de données: 3894 
Windows 6.0.6002 Service Pack 2 
Internet Explorer 8.0.6001.18882 

21/03/2010 21:42:47 
mbam-log-2010-03-21 (21-42-46).txt 

Type de recherche: Examen complet (C:\|D:\|) 
Eléments examinés: 279424 
Temps écoulé: 1 hour(s), 13 minute(s), 0 second(s) 

Processus mémoire infecté(s): 0 
Module(s) mémoire infecté(s): 0 
Clé(s) du Registre infectée(s): 0 
Valeur(s) du Registre infectée(s): 0 
Elément(s) de données du Registre infecté(s): 0 
Dossier(s) infecté(s): 0 
Fichier(s) infecté(s): 0 

Processus mémoire infecté(s): 
(Aucun élément nuisible détecté) 

Module(s) mémoire infecté(s): 
(Aucun élément nuisible détecté) 

Clé(s) du Registre infectée(s): 
(Aucun élément nuisible détecté) 

Valeur(s) du Registre infectée(s): 
(Aucun élément nuisible détecté) 

Elément(s) de données du Registre infecté(s): 
(Aucun élément nuisible détecté) 

Dossier(s) infecté(s): 
(Aucun élément nuisible détecté) 

Fichier(s) infecté(s): 
(Aucun élément nuisible détecté)

gamer83 · Answer

au vue du résultat de ton analyse, ton virus s'est volatilisé ^^
cordialement

turko1 · Answer

A ca fait plaisir merci en tous cas pour ton aide poplus  <3

Bon je me sens déjà mieux sans cette saleté de virus ^^

Je pense qu'on en a finis ^^ donc je vous souhaite une


Bonne soirée :)

turko1 · Answer

Bonsoir,

Plopus suite à ta réponse voila l'analyse que tu m'as demandé. Je me connecterais demain pour voir ta réponse. 

Merci et bonne soirée.

ComboFix 10-03-23.03 - zakire 23/03/2010  23:25:54.1.2 - x86
Microsoft® Windows Vista(TM) Professionnel   6.0.6002.2.1252.32.1036.18.1021.374 [GMT 1:00]
Lancé depuis: C:\Users\zakire\Desktop
onono.exe
SP: AVG Anti-Spyware *disabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\install.exe

.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


(((((((((((((((((((((((((((((   Fichiers créés du 2010-02-23 au 2010-03-23  ))))))))))))))))))))))))))))))))))))
.

2010-03-23 00:30:34 . 2010-03-23 00:30:34	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Intel
2010-03-23 00:30:31 . 2010-03-23 00:30:31	--------	d-----w-	C:\Users\zakire\Roaming
2010-03-23 00:30:30 . 2010-03-23 00:30:30	--------	d-----w-	C:\Users\Public\Roaming
2010-03-23 00:30:29 . 2010-03-23 00:30:29	--------	d-----w-	C:\Users\Default\Roaming
2010-03-23 00:30:29 . 2010-03-23 00:30:29	--------	d-----w-	C:\ProgramData\Roaming
2010-03-23 00:27:53 . 2010-03-23 00:27:53	--------	d-----w-	C:\Program Files\Cisco
2010-03-23 00:27:46 . 2010-03-23 00:27:46	--------	d-----w-	C:\Program Files\Common Files\Intel
2010-03-23 00:27:44 . 2010-03-23 00:27:44	--------	d-----w-	C:\ProgramData\Intel
2010-03-23 00:26:52 . 2009-06-03 23:56:18	675152	----a-w-	C:\Windows\system32\gpprefcl.dll
2010-03-21 19:27:32 . 2010-03-21 19:27:32	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Malwarebytes
2010-03-21 19:27:27 . 2010-01-07 15:07:14	38224	----a-w-	C:\Windows\system32\drivers\mbamswissarmy.sys
2010-03-21 19:27:24 . 2010-03-21 19:27:24	--------	d-----w-	C:\ProgramData\Malwarebytes
2010-03-21 19:27:22 . 2010-03-21 19:27:31	--------	d-----w-	C:\Program Files\Malwarebytes' Anti-Malware
2010-03-21 19:27:22 . 2010-01-07 15:07:04	19160	----a-w-	C:\Windows\system32\drivers\mbam.sys
2010-03-21 18:29:59 . 2010-03-21 19:21:20	--------	d-----w-	C:\Lop SD
2010-03-21 14:50:44 . 2010-03-21 14:51:23	--------	d-----w-	C:\Program Files\Common Files\DivX Shared
2010-03-21 14:11:35 . 2010-03-21 14:33:51	--------	d-----w-	C:\ProgramData\DivX
2010-03-20 17:37:58 . 2010-03-20 17:37:59	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-03-20 17:34:59 . 2010-03-20 17:34:59	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-03-20 17:32:41 . 2010-03-23 17:02:39	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Dofus 2.0
2010-03-20 17:32:41 . 2010-03-20 17:32:42	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-03-20 16:00:08 . 2010-03-20 16:00:08	--------	d-----w-	C:\Users\zakire\AppData\Roaming\TuneUp Software
2010-03-12 08:27:30 . 2010-02-20 23:06:41	24064	----a-w-	C:\Windows\system32
shhttp.dll
2010-03-12 08:27:26 . 2010-02-20 20:53:34	411648	----a-w-	C:\Windows\system32\drivers\http.sys
2010-03-12 08:27:25 . 2010-02-20 23:05:14	30720	----a-w-	C:\Windows\system32\httpapi.dll
2010-03-04 08:35:50 . 2010-02-12 10:32:56	293376	----a-w-	C:\Windows\system32\browserchoice.exe
2010-03-01 18:26:16 . 2010-03-01 18:26:50	--------	d-----w-	C:\Program Files\Dofus 2.0
2010-03-01 18:01:12 . 2010-03-01 18:01:12	--------	d-----w-	C:\Users\zakire\AppData\Roaming\RegTesting.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-24 12:38:43 . 2010-01-23 09:26:13	2048	----a-w-	C:\Windows\system32	zres.dll
2010-02-24 12:37:26 . 2010-01-25 12:00:35	471552	----a-w-	C:\Windows\system32\secproc_isv.dll
2010-02-24 12:37:25 . 2010-01-25 12:00:22	471552	----a-w-	C:\Windows\system32\secproc.dll
2010-02-24 12:37:22 . 2010-01-25 08:21:20	526336	----a-w-	C:\Windows\system32\RMActivate_isv.exe
2010-02-24 12:37:21 . 2010-01-25 08:21:20	346624	----a-w-	C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 12:37:21 . 2010-01-25 08:21:18	518144	----a-w-	C:\Windows\system32\RMActivate.exe
2010-02-24 12:37:21 . 2010-01-25 08:21:18	347136	----a-w-	C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 12:37:20 . 2010-01-25 12:00:35	152576	----a-w-	C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 12:37:20 . 2010-01-25 12:00:35	152064	----a-w-	C:\Windows\system32\secproc_ssp.dll
2010-02-24 12:37:20 . 2010-01-25 11:58:52	332288	----a-w-	C:\Windows\system32\msdrm.dll
2010-02-24 12:37:12 . 2010-01-06 15:39:38	1696256	----a-w-	C:\Windows\system32\gameux.dll
2010-02-24 12:37:09 . 2010-01-06 15:38:47	28672	----a-w-	C:\Windows\system32\Apphlpdm.dll
2010-02-24 12:37:06 . 2010-01-06 13:30:41	4240384	----a-w-	C:\Windows\system32\GameUXLegacyGDFs.dll

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-23 18:21:21 . 2009-02-13 21:25:30	47820	----a-w-	C:\ProgramData
vModes.dat
2010-03-23 00:34:04 . 2006-12-23 00:46:50	678956	----a-w-	C:\Windows\system32\perfh00C.dat
2010-03-23 00:34:03 . 2006-12-23 00:46:50	128004	----a-w-	C:\Windows\system32\perfc00C.dat
2010-03-23 00:27:44 . 2006-12-13 07:42:31	--------	d-----w-	C:\Program Files\Intel
2010-03-21 14:52:08 . 2007-09-02 16:00:22	--------	d-----w-	C:\Program Files\DivX
2010-03-21 14:51:54 . 2009-11-28 00:44:10	--------	d-----w-	C:\Program Files\Common Files\PX Storage Engine
2010-03-21 14:14:50 . 2009-11-28 00:45:26	--------	d-----w-	C:\Users\zakire\AppData\Roaming\DivX
2010-03-21 14:11:37 . 2010-03-21 14:14:54	986904	----a-w-	C:\ProgramData\DivX\Setup\DivXSetup.exe
2010-03-12 23:08:02 . 2006-11-02 11:18:33	--------	d-----w-	C:\Program Files\Windows Mail
2010-03-12 08:35:07 . 2007-05-23 23:12:47	--------	d-----w-	C:\ProgramData\Microsoft Help
2010-02-25 05:51:02 . 2007-05-23 17:02:30	102784	----a-w-	C:\Users\zakire\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 09:16:06 . 2009-10-02 19:06:15	181632	------w-	C:\Windows\system32\MpSigStub.exe
2010-02-17 20:16:53 . 2008-04-12 18:25:27	--------	d-----w-	C:\Users\zakire\AppData\Roaming\dvdcss
2010-02-14 10:56:21 . 2009-11-18 14:10:01	--------	d-----w-	C:\Program Files\Common Files\Adobe AIR
2010-02-14 10:55:52 . 2010-03-22 18:44:29	38784	----a-w-	C:\Users\zakire\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-14 10:55:52 . 2009-11-18 14:10:04	38784	----a-w-	C:\Users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-02-14 00:38:20 . 2009-06-28 00:54:33	--------	d-----w-	C:\ProgramData\Messenger Plus!
2010-02-14 00:37:52 . 2009-06-27 10:20:08	--------	d-----w-	C:\Program Files\Messenger Plus! Live
2010-02-10 21:12:29 . 2010-02-10 21:11:02	--------	d-----w-	C:\Program Files\iTunes
2010-02-10 21:11:04 . 2010-02-10 21:11:04	--------	d-----w-	C:\Program Files\iPod
2010-02-10 21:11:03 . 2010-02-10 12:49:14	--------	d-----w-	C:\Program Files\Common Files\Apple
2010-02-10 20:27:14 . 2010-02-10 20:26:39	--------	d-----w-	C:\Program Files\QuickTime
2010-02-10 20:26:38 . 2010-02-10 12:54:19	--------	d-----w-	C:\ProgramData\Apple Computer
2010-02-10 13:01:09 . 2010-02-10 12:58:45	--------	d-----w-	C:\Users\zakire\AppData\Roaming\Apple Computer
2010-02-10 12:58:06 . 2010-02-10 12:56:58	--------	d-----w-	C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-02-10 12:53:29 . 2010-02-10 12:53:26	--------	d-----w-	C:\Program Files\Apple Software Update
2010-02-10 12:49:14 . 2010-02-10 12:49:14	--------	d-----w-	C:\ProgramData\Apple
2010-02-07 13:50:09 . 2007-10-09 11:10:58	--------	d-----w-	C:\Program Files\Google
2010-01-22 18:51:36 . 2010-01-22 18:51:36	72488	----a-w-	C:\ProgramData\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-07 20:37:18 . 2008-12-20 18:45:06	411368	----a-w-	C:\Windows\system32\deploytk.dll
2010-01-02 06:38:20 . 2010-01-22 16:04:27	916480	----a-w-	C:\Windows\system32\wininet.dll
2010-01-02 06:32:33 . 2010-01-22 16:04:25	71680	----a-w-	C:\Windows\system32\iesetup.dll
2010-01-02 06:32:33 . 2010-01-22 16:04:25	109056	----a-w-	C:\Windows\system32\iesysprep.dll
2010-01-02 04:57:00 . 2010-01-22 16:04:25	133632	----a-w-	C:\Windows\system32\ieUnatt.exe
2009-09-25 16:41:48 . 2009-09-25 16:41:48	1044480	----a-w-	C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41:48 . 2009-09-25 16:41:48	200704	----a-w-	C:\Program Files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 14:44:52 3883856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 15:07:20 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 07:38:38 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 18:57:52 3784704]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 19:00:36 815104]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [2005-07-25 11:36:40 32768]
"LManager"="C:\Program Files\Launch Manager\HotkeyApp.exe" [2007-01-10 09:34:18 200704]
"LMgrOSD"="C:\Program Files\Launch Manager\OSDCtrl.exe" [2006-08-29 07:26:32 241664]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [2006-11-09 12:37:52 86016]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 23:06:20 304664]
"AcerOrbicamRibbon"="C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-28 16:43:36 754712]
"LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-28 16:38:18 244512]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 19:48:22 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-14 18:38:48 151552]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 10:48:46 157592]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 13:40:44 155648]
"SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [2009-01-26 14:31:12 5365592]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 16:58:50 464168]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52:38 49152]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2009-01-30 08:12:00 13605408]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2009-01-30 08:12:00 92704]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 11:08:11 209153]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2010-01-07 20:37:20 149280]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2009-11-10 22:08:18 417792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2010-01-22 18:16:42 141608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 14:44:52 3883856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-22 528384]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
2007-06-11 09:25:42	6731312	----a-w-	C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun-]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):8b,e3,9c,63,38,7e,ca,01

R1 mailKmd;mailKmd; [x]
R2 gupdate1c9a4b387af2d59;Service Google Update (gupdate1c9a4b387af2d59);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 14:45:25 133104]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2007-06-23 20:16:00 639224]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-14 00:22:37 108289]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 14:31:10 1153368]
S3 lv321av;Logitech USB PC Camera (VC0321);C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-29 01:36:12 847392]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 06:40:22 3668480]
S3 WisLMSvc;WisLMSvc;C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 18:45:26 118784]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2010-03-20 C:\Windows\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-01 22:40:46 . 2009-03-24 01:20:10]

2010-03-23 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 14:45:33 . 2009-03-14 14:45:25]

2010-03-23 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-14 14:45:33 . 2009-03-14 14:45:25]

2010-03-23 C:\Windows\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUpPortable\App\TuneUp\OneClickStarter.exe [2008-11-21 11:14:56 . 2008-11-21 11:14:56]

2010-03-23 C:\Windows\Tasks\User_Feed_Synchronization-{76FAD184-D0C8-41D5-9BC9-F6124D33BB9A}.job
- C:\Windows\system32\msfeedssync.exe [2010-01-22 16:04:25 . 2010-01-02 04:56:14]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.plusnetwork.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - C:\Users\zakire\AppData\Roaming\Mozilla\Firefox\Profiles\w613bchb.Noyan\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: C:\Program Files\Google\Google Earth\plugin
pgeplugin.dll
FF - plugin: C:\Program Files\Google\Google Updater\2.4.1508.6312
pCIDetect13.dll
FF - plugin: C:\Program Files\Google\Update\1.2.183.23
pGoogleOneClick8.dll
FF - plugin: C:\Program Files\Microsoft\Office Live
pOLW.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins
p-mswmp.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins
pOGAPlugin.dll
FF - plugin: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
 C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.mozilla.org/en-US/firefox/new/?redirect_source=firefox-com");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-AVG Anti-Spyware Driver

plopus · Answer

salut GEN : a ouais pas fait gaffe pas trop grave encore mais ce que je comprends pas c'est sa : 

--------------------\ Recherche de fichiers avec Catchme 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net 
Rootkit scan 2010-03-21 20:18:28 
Windows 6.0.6002 Service Pack 2 NTFS 
scanning hidden processes ... 
scanning hidden files ... 
scan completed successfully 
hidden processes: 0 

hidden files: 4

elles sont pas lister !?

gen-hackman · Answer

ca a pas l'air ^^

le catchme integré dans LOP SD est obsolète , gMer en est a la version 0.3.1398

turko1 · Answer

Salut,

Je vien de vérifier le fichier texte de  et je peux te dire que celui que je t'ai poster est bien entier.

turko1 · Answer

Aufaite quand je recherche des erreurs avec cleaner j'ai cette clef de registre qui réapparait chaque fois même quand je repare l'erreur.

HKEY_CLASSES_ROOT\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}

C'est normal ca ?

Amicaze95 · Answer

Heuuuuu.... c'est a dire les règles de prudences disent de télécharger d'installer PUIS de désactiver nan. 
Imagine que plopus soit un méchant hacker et qu'il t'ait infecté.....

turko1 · Answer

Amincaze vu les + de 3500 message d'aide posté par plopus ca m'étonnerais fort qu'il essaye de m'infecter.   
Et de plus sur le 2em rapport on peut remarquer que j'ai pu supprimé des fichier infectés.  
Prudence oui mais le logiciel de scan proposer me semble correct.

plopus · Answer

re

turko, tu es sur concernant le rapport combofix ? sa me parait EXTREMENT BIZARRE qu'il n'y ai pas la fin...

fait sa alors si il est pas entier  :

/!\ Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme/!\

* Rends toi sur cette page, et clique sur "Download EXE" pour télécharger Gmer (sous un nom aléatoire, pour éviter qu'il soit bloqué par une infection)
http://www.gmer.net/
* Lance Gmer
* Dans l'onglet "Rootkit", clique sur "Scan" puis patiente.
* A la fin, clique sur "Save" et enregistre le rapport sur ton Bureau.

Amicaze95 · Answer

Non mais je disais "SI". Bien sur que plopus n'est pas un méchant pirate (quoique) mais si il en étais un, tu étais chocolat.

turko1 · Answer

Plopus j'ai fait le scan rootkit j'ai bien désactiver tous les protections pour éviter les conflits avec le logiciel.

Mais après +35 min d'analyse le logiciel a stopper sur un fichier je n'est pas pu noter lequelles :x et pour éviter les problèmes le scan c'est arretez automatiquement et le pc a redémarrer.

Perso je pense que je vais m'arretez la ce rootkit et trop compliquer à trouver =x

plopus · Answer

salut

turko1 fait sa stp et laisse tomber la manip de GEN on va faire autrement.

redemarre ton PC au bip tapote F8 et choisit mode sans echec


ensuite supprime ce dossier   C:\Program Files\Circle Developement 

puis relance GMEr et enregistre bien le rapport et poste une fois redemarre en mode normal

turko1 · Answer

re,

J'ai fait l'analyse avec Lop S&D et je ferais gmer plutard vu que c est plus long et que je suis presser je re ce soir.

Ps: L'analyse n'a pas pu terminer car a la recherche dautre infections le programme a cesser de fonctionner.


 --------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft® Windows Vista(TM) Professionnel  ( v6.0.6002 ) Service Pack 2
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5500  @ 1.66GHz )
   BIOS : Ver 1.00PARTTBL1
   USER : zakire ( Administrator )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total:51 Go (Free:5 Go)
   D:\ (Local Disk) - NTFS - Total:51 Go (Free:19 Go)
   E:\ (CD or DVD)
   H:\ (CD or DVD)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [4] ( ven. 26/03/2010|17:34 )

   [ UAC => 1 ]

   \\\\\\\\\\\\\\\ Lop Script

   C:\Program Files\Circle Developeent 


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\Program Files\Circle Developeent
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local

   [28/12/2008|01:34] C:\Users\zakire\AppData\Local\ABBYY
   [23/05/2007|18:21] C:\Users\zakire\AppData\Local\acer eNM
   [21/12/2008|16:18] C:\Users\zakire\AppData\Local\Adobe
   [26/05/2007|17:03] C:\Users\zakire\AppData\Local\Ahead
   [10/02/2010|13:53] C:\Users\zakire\AppData\Local\Apple
   [10/02/2010|22:24] C:\Users\zakire\AppData\Local\Apple Computer
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Application Data 
   [25/03/2010|17:50] C:\Users\zakire\AppData\Local\ApplicationHistory
   [28/12/2007|17:45] C:\Users\zakire\AppData\Local\Apps
   [12/11/2007|19:39] C:\Users\zakire\AppData\Local\capcom
   [12/01/2009|21:20] C:\Users\zakire\AppData\Local\Chat Republic Games
   [15/10/2009|14:44] C:\Users\zakire\AppData\Local\d3d9caps.dat
   [09/03/2010|15:05] C:\Users\zakire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [11/02/2009|19:13] C:\Users\zakire\AppData\Local\Downloaded Installations
   [29/06/2007|18:07] C:\Users\zakire\AppData\Local\fusioncache.dat
   [25/02/2010|06:51] C:\Users\zakire\AppData\Local\GDIPFONTCACHEV1.DAT
   [23/05/2007|21:30] C:\Users\zakire\AppData\Local\GHISLER
   [07/01/2010|21:28] C:\Users\zakire\AppData\Local\Google
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Historique 
   [25/03/2010|15:19] C:\Users\zakire\AppData\Local\IconCache.db
   [13/11/2007|22:34] C:\Users\zakire\AppData\Local\id Software
   [01/10/2008|12:28] C:\Users\zakire\AppData\Local\Introversion
   [02/12/2008|19:14] C:\Users\zakire\AppData\Local\Microsoft
   [24/05/2007|02:40] C:\Users\zakire\AppData\Local\Microsoft Game Studios
   [09/01/2010|15:17] C:\Users\zakire\AppData\Local\Microsoft Help
   [07/01/2008|15:17] C:\Users\zakire\AppData\Local\MigWiz
   [03/06/2007|15:16] C:\Users\zakire\AppData\Local\Mozilla
   [08/11/2008|00:56] C:\Users\zakire\AppData\Local\Stardock
   [15/09/2007|16:23] C:\Users\zakire\AppData\Local\Steam
   [26/03/2010|17:34] C:\Users\zakire\AppData\Local	emp
   [23/05/2007|18:01] C:\Users\zakire\AppData\Local\Temporary Internet Files 
   [24/05/2007|14:17] C:\Users\zakire\AppData\Local\VirtualStore
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [26/03/2010 16:41][--a------] C:\Windows	asks\GoogleUpdateTaskMachineUA.job
   [26/03/2010 14:23][--a------] C:\Windows	asks\GoogleUpdateTaskMachineCore.job
   [20/03/2010 12:33][--a------] C:\Windows	asks\Google Software Updater.job
   [26/03/2010 17:15][--a------] C:\Windows	asks\Maintenance en 1 clic.job
   [26/03/2010 16:36][--ah-----] C:\Windows	asks\User_Feed_Synchronization-{76FAD184-D0C8-41D5-9BC9-F6124D33BB9A}.job
   [25/03/2010 17:48][--ah-----] C:\Windows	asks\SA.DAT
   [25/03/2010 15:20][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [10/02/2010|13:58] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
   [08/09/2008|22:04] C:\ProgramData\ABBYY
   [07/03/2008|13:48] C:\ProgramData\addr_file.html
   [18/11/2009|15:10] C:\ProgramData\Adobe
   [10/02/2010|13:49] C:\ProgramData\Apple
   [10/02/2010|21:26] C:\ProgramData\Apple Computer
   [02/11/2006|14:02] C:\ProgramData\Application Data 
   [24/02/2008|04:23] C:\ProgramData\avg7
   [17/05/2009|02:06] C:\ProgramData\Avira
   [27/12/2007|01:22] C:\ProgramData\Azureus
   [23/05/2007|17:57] C:\ProgramData\Bureau 
   [03/09/2008|22:40] C:\ProgramData\CanonBJ
   [12/01/2009|21:20] C:\ProgramData\Chat Republic Games
   [24/05/2007|21:45] C:\ProgramData\CyberLink
   [02/11/2006|14:02] C:\ProgramData\Desktop 
   [21/03/2010|15:33] C:\ProgramData\DivX
   [02/11/2006|14:02] C:\ProgramData\Documents 
   [11/02/2009|19:42] C:\ProgramData\Electronic Arts
   [01/03/2008|15:43] C:\ProgramData\ezsid.dat
   [24/06/2008|03:07] C:\ProgramData\ezsidmv.dat
   [23/05/2007|17:57] C:\ProgramData\Favoris 
   [02/11/2006|14:02] C:\ProgramData\Favorites 
   [21/12/2008|15:48] C:\ProgramData\FLEXnet
   [07/01/2010|21:29] C:\ProgramData\Google
   [23/03/2009|00:35] C:\ProgramData\Google Updater
   [26/02/2008|16:03] C:\ProgramData\Grisoft
   [19/01/2009|16:40] C:\ProgramData\HP
   [05/07/2009|01:31] C:\ProgramData\HP Product Assistant
   [19/01/2009|11:50] C:\ProgramData\HPSSUPPLY
   [19/01/2009|11:51] C:\ProgramData\hpzinstall.log
   [23/05/2007|18:04] C:\ProgramData\InstallShield
   [23/03/2010|01:27] C:\ProgramData\Intel
   [21/03/2010|20:27] C:\ProgramData\Malwarebytes
   [23/05/2007|17:57] C:\ProgramData\Menu Démarrer 
   [14/02/2010|01:38] C:\ProgramData\Messenger Plus!
   [18/02/2009|13:33] C:\ProgramData\Microsoft
   [24/05/2007|02:40] C:\ProgramData\Microsoft Games
   [12/03/2010|09:35] C:\ProgramData\Microsoft Help
   [23/05/2007|17:57] C:\ProgramData\Modèles 
   [23/05/2007|23:53] C:\ProgramData\Nero
   [24/05/2007|13:59] C:\ProgramData\NtiDvdCopy
   [13/02/2009|22:33] C:\ProgramData\NVIDIA
   [26/03/2010|16:35] C:\ProgramData
vModes.001
   [26/03/2010|16:35] C:\ProgramData
vModes.dat
   [02/05/2009|10:57] C:\ProgramData\Office Genuine Advantage
   [23/03/2010|01:30] C:\ProgramData\Roaming
   [13/12/2009|03:39] C:\ProgramData\Skype
   [20/07/2009|01:07] C:\ProgramData\Spybot - Search & Destroy
   [02/11/2006|14:02] C:\ProgramData\Start Menu 
   [23/05/2007|19:19] C:\ProgramData\Symantec
   [20/12/2008|14:51] C:\ProgramData\TEMP
   [02/11/2006|14:02] C:\ProgramData\Templates 
   [19/01/2009|11:51] C:\ProgramData\WEBREG
   [08/10/2009|18:47] C:\ProgramData\WindowsSearch
   [02/01/2008|18:50] C:\ProgramData\WinZip
   [14/01/2009|21:48] C:\ProgramData\WLInstaller

   --------------------\  Listing des dossiers dans C:\Program Files

   [09/01/2010|15:00] C:\Program Files\AbiWord
   [23/05/2007|18:13] C:\Program Files\Acer
   [23/05/2007|18:07] C:\Program Files\Acer Inc
   [26/11/2008|16:32] C:\Program Files\Activision
   [15/01/2009|15:20] C:\Program Files\Adobe
   [13/02/2009|22:26] C:\Program Files\AGEIA Technologies
   [23/06/2007|21:19] C:\Program Files\Alcohol Soft
   [23/05/2007|19:37] C:\Program Files\Alwil Software
   [10/02/2010|13:53] C:\Program Files\Apple Software Update
   [17/05/2009|02:06] C:\Program Files\Avira
   [24/02/2008|02:08] C:\Program Files\CCleaner
   [23/03/2010|01:27] C:\Program Files\Cisco
   [26/11/2008|19:10] C:\Program Files\CodeStuff
   [23/03/2010|23:32] C:\Program Files\Common Files
   [26/12/2008|02:48] C:\Program Files\CyberLink
   [23/05/2007|22:39] C:\Program Files\DAEMON Tools
   [21/03/2010|15:52] C:\Program Files\DivX
   [22/01/2010|20:44] C:\Program Files\Dofus
   [01/03/2010|19:26] C:\Program Files\Dofus 2.0
   [08/03/2009|13:41] C:\Program Files\Feuvert
   [23/05/2007|17:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [07/02/2010|14:50] C:\Program Files\Google
   [27/12/2008|06:33] C:\Program Files\Grisoft
   [29/11/2008|15:22] C:\Program Files\HLSW
   [19/01/2009|11:50] C:\Program Files\HP
   [04/08/2009|14:07] C:\Program Files\InstallShield Installation Information
   [23/03/2010|01:27] C:\Program Files\Intel
   [26/03/2010|14:16] C:\Program Files\Internet Explorer
   [10/02/2010|22:11] C:\Program Files\iPod
   [10/02/2010|22:12] C:\Program Files\iTunes
   [07/01/2010|21:37] C:\Program Files\Java
   [23/05/2007|18:09] C:\Program Files\Launch Manager
   [25/12/2009|11:33] C:\Program Files\LimeWire
   [17/08/2008|22:44] C:\Program Files\Macrogaming
   [21/03/2010|20:27] C:\Program Files\Malwarebytes' Anti-Malware
   [05/11/2007|19:23] C:\Program Files\Maxis
   [14/02/2010|01:37] C:\Program Files\Messenger Plus! Live
   [18/02/2009|13:35] C:\Program Files\Microsoft
   [24/05/2007|02:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [05/03/2008|14:32] C:\Program Files\Microsoft Games
   [24/05/2007|00:17] C:\Program Files\Microsoft Office
   [05/10/2009|00:18] C:\Program Files\Microsoft Office Outlook Connector
   [21/01/2010|16:13] C:\Program Files\Microsoft Silverlight
   [11/02/2008|14:36] C:\Program Files\Microsoft SQL Server Compact Edition
   [14/01/2009|22:05] C:\Program Files\Microsoft Sync Framework
   [24/05/2007|00:17] C:\Program Files\Microsoft Visual Studio
   [24/05/2007|00:13] C:\Program Files\Microsoft Visual Studio 8
   [02/05/2009|10:38] C:\Program Files\Microsoft Works
   [24/05/2007|00:16] C:\Program Files\Microsoft.NET
   [13/03/2010|00:08] C:\Program Files\Movie Maker
   [23/03/2010|23:09] C:\Program Files\Mozilla Firefox
   [24/05/2007|00:17] C:\Program Files\MSBuild
   [11/02/2008|14:16] C:\Program Files\MSN Messenger
   [23/05/2007|23:53] C:\Program Files\Nero
   [22/12/2006|16:59] C:\Program Files\NewTech Infosystems
   [08/03/2009|21:54] C:\Program Files\PhotoFiltre Studio
   [20/12/2008|14:50] C:\Program Files\Portrait Professional Max 6
   [10/02/2010|21:27] C:\Program Files\QuickTime
   [03/11/2008|23:49] C:\Program Files\Real
   [13/12/2006|08:51] C:\Program Files\Realtek
   [02/11/2006|13:37] C:\Program Files\Reference Assemblies
   [23/12/2009|14:22] C:\Program Files\Skype
   [08/04/2008|20:54] C:\Program Files\SopCast
   [29/11/2009|03:19] C:\Program Files\Spybot - Search & Destroy
   [08/11/2008|00:56] C:\Program Files\Stardock
   [28/11/2009|18:53] C:\Program Files\Steam
   [13/12/2006|09:04] C:\Program Files\Synaptics
   [13/02/2009|20:58] C:\Program Files\SystemRequirementsLab
   [07/12/2008|14:50] C:\Program Files\TuneUpPortable
   [02/11/2006|14:01] C:\Program Files\Uninstall Information
   [29/12/2007|17:15] C:\Program Files\uTorrent
   [24/05/2007|00:46] C:\Program Files\VideoLAN
   [07/01/2010|21:28] C:\Program Files\Wakfu
   [16/12/2009|02:53] C:\Program Files\Windows Calendar
   [16/12/2009|02:52] C:\Program Files\Windows Collaboration
   [16/12/2009|02:52] C:\Program Files\Windows Defender
   [16/12/2009|02:52] C:\Program Files\Windows Journal
   [14/12/2009|00:34] C:\Program Files\Windows Live
   [11/02/2008|14:34] C:\Program Files\Windows Live Favorites
   [14/01/2009|21:59] C:\Program Files\Windows Live SkyDrive
   [14/01/2009|22:06] C:\Program Files\Windows Live Toolbar
   [13/03/2010|00:08] C:\Program Files\Windows Mail
   [16/12/2009|02:52] C:\Program Files\Windows Media Player
   [23/05/2007|17:57] C:\Program Files\Windows NT
   [16/12/2009|02:52] C:\Program Files\Windows Photo Gallery
   [17/12/2009|13:50] C:\Program Files\Windows Portable Devices
   [16/12/2009|02:52] C:\Program Files\Windows Sidebar
   [03/01/2008|21:28] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [23/05/2007|18:13] C:\Program Files\Common Files\Acer
   [15/01/2009|15:19] C:\Program Files\Common Files\Adobe
   [14/02/2010|11:56] C:\Program Files\Common Files\Adobe AIR
   [24/05/2007|00:00] C:\Program Files\Common Files\Ahead
   [10/02/2010|22:11] C:\Program Files\Common Files\Apple
   [24/05/2007|00:17] C:\Program Files\Common Files\DESIGNER
   [21/03/2010|15:51] C:\Program Files\Common Files\DivX Shared
   [19/01/2009|11:50] C:\Program Files\Common Files\HP
   [08/03/2009|13:41] C:\Program Files\Common Files\InstallShield
   [23/03/2010|01:27] C:\Program Files\Common Files\Intel
   [22/12/2006|16:59] C:\Program Files\Common Files\LightScribe
   [23/05/2007|18:13] C:\Program Files\Common Files\Logitech
   [23/03/2010|01:22] C:\Program Files\Common Files\microsoft shared
   [22/12/2006|16:58] C:\Program Files\Common Files\muvee Technologies
   [22/12/2006|16:59] C:\Program Files\Common Files\NewTech Infosystems
   [21/03/2010|15:51] C:\Program Files\Common Files\PX Storage Engine
   [04/11/2008|18:42] C:\Program Files\Common Files\Real
   [02/11/2006|12:18] C:\Program Files\Common Files\Services
   [13/12/2009|03:39] C:\Program Files\Common Files\Skype
   [02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
   [28/11/2009|15:29] C:\Program Files\Common Files\Steam
   [23/05/2007|19:21] C:\Program Files\Common Files\Symantec Shared
   [16/12/2009|02:52] C:\Program Files\Common Files\System
   [14/01/2009|21:50] C:\Program Files\Common Files\Windows Live
   [11/02/2008|14:31] C:\Program Files\Common Files\WindowsLiveInstaller
   [13/02/2009|22:25] C:\Program Files\Common Files\Wise Installation Wizard

   --------------------\  Process

   ( 94 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2010-03-26 17:45:25
   Windows 6.0.6002 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 4
 
   --------------------\  Recherche d'autres infections

Suis je toujours inféctés ?

21 réponses

Discussions similaires