Pub CID rapport à exploiter

Voila le rapport obtenu avec Lop S&D
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Administrateur ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08/06/2008 | 19:00:04,08 ] [ PC : MAISON ]
[ MAJ : 07-06-2008 | 22:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[04/08/2004|00:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\addon.dat
[26/08/2007|17:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[15/09/2006|08:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[07/05/2008|17:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[08/02/2007|17:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[15/05/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\CDRusersDB.v12
[01/07/2005|13:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[11/01/2008|21:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[04/09/2006|18:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[28/01/2006|23:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[02/11/2007|16:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[01/07/2005|11:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[31/08/2006|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\ispnews
[11/01/2008|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[11/12/2006|18:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[02/07/2005|08:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
[02/07/2005|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[09/12/2005|22:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nvu
[02/07/2005|05:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\PDFCreator
[31/08/2006|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[07/05/2007|20:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\questdb.v12
[03/07/2007|12:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[19/01/2007|18:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\SecondLife
[12/04/2007|11:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[02/07/2005|05:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[02/07/2005|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[04/06/2008|19:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Transthat
[22/01/2007|19:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc

[23/02/2008|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/10/2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[07/05/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/03/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/07/2005|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[21/05/2007|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
[03/10/2007|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/06/2008|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[05/06/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/06/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/09/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/09/2005|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[07/05/2008|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[11/11/2005|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[04/06/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SITE ONLINE DOWNLOAD BAT
[13/09/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[10/05/2006|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/07/2005|13:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/07/2005|11:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[01/07/2005|11:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/07/2005|11:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[08/06/2008 19:00][--ah-----] C:\WINDOWS\tasks\B1E9FCE7901A72BB.job
[07/05/2008 17:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/05/2008 02:03][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[08/06/2008 16:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

B1E9FCE7901A72BB.job <--> c:\docume~1\admini~1\applic~1\transt~1\AtomEqFind.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[23/02/2008|13:31] C:\Program Files\Adobe
[02/07/2005|05:13] C:\Program Files\Ahead
[07/12/2005|19:45] C:\Program Files\AIDA32 - Enterprise System Information
[19/02/2007|09:50] C:\Program Files\Alwil Software
[30/08/2006|19:32] C:\Program Files\antivirus
[19/04/2008|14:12] C:\Program Files\AntivirusFirewall
[07/05/2008|17:07] C:\Program Files\Apple Software Update
[07/05/2008|17:10] C:\Program Files\Bonjour
[10/03/2008|18:32] C:\Program Files\Ciel
[04/06/2008|19:08] C:\Program Files\Circle Developement
[05/10/2005|13:08] C:\Program Files\Common Files
[01/07/2005|11:27] C:\Program Files\ComPlus Applications
[19/09/2007|18:29] C:\Program Files\DivX
[02/12/2007|15:06] C:\Program Files\EA GAMES
[03/08/2005|11:04] C:\Program Files\EPSON
[31/01/2007|14:27] C:\Program Files\Ethnos
[07/05/2008|17:06] C:\Program Files\Fichiers communs
[08/02/2007|12:24] C:\Program Files\Free_PDF
[29/02/2008|18:15] C:\Program Files\GeoGebra
[20/01/2007|00:02] C:\Program Files\GlobFX Technologies
[03/12/2007|22:22] C:\Program Files\Google
[10/03/2008|18:32] C:\Program Files\InstallShield Installation Information
[21/01/2007|14:12] C:\Program Files\Internet Explorer
[07/05/2008|17:10] C:\Program Files\iPod
[07/05/2008|17:10] C:\Program Files\iTunes
[02/12/2006|18:09] C:\Program Files\Java
[08/02/2007|16:56] C:\Program Files\jv16 PowerTools
[04/06/2008|19:08] C:\Program Files\Messenger Plus! Live
[03/07/2006|19:28] C:\Program Files\Microsoft AntiSpyware
[02/07/2005|08:55] C:\Program Files\microsoft frontpage
[02/07/2005|08:55] C:\Program Files\Microsoft Office
[05/10/2005|13:08] C:\Program Files\Microsoft R‚f‚rence
[02/07/2005|08:56] C:\Program Files\Microsoft Visual Studio
[01/07/2005|11:28] C:\Program Files\Movie Maker
[27/03/2008|17:49] C:\Program Files\Mozilla Firefox
[11/12/2006|18:48] C:\Program Files\MP3 Player Utilities
[01/07/2005|11:26] C:\Program Files\MSN Gaming Zone
[04/06/2008|19:08] C:\Program Files\MSN Messenger
[08/06/2008|18:41] C:\Program Files\Navilog1
[01/07/2005|11:29] C:\Program Files\NetMeeting
[04/09/2005|16:16] C:\Program Files\OLYMPUS
[21/01/2007|14:03] C:\Program Files\Outlook Express
[27/10/2006|17:18] C:\Program Files\PDFCreator
[15/05/2008|16:25] C:\Program Files\Powerball
[07/05/2008|17:09] C:\Program Files\QuickTime
[03/07/2007|12:03] C:\Program Files\Real
[02/07/2005|16:54] C:\Program Files\SAGEM
[13/09/2007|17:13] C:\Program Files\Skype
[10/08/2005|09:28] C:\Program Files\Snapshot Viewer
[02/07/2005|05:45] C:\Program Files\ToniArts
[04/06/2008|19:09] C:\Program Files\Transthat
[01/07/2005|11:42] C:\Program Files\Uninstall Information
[22/01/2007|19:23] C:\Program Files\VideoLAN
[15/02/2007|11:39] C:\Program Files\Wanadoo
[21/09/2005|13:47] C:\Program Files\WinAce
[03/07/2006|19:28] C:\Program Files\Windows Defender
[04/06/2008|19:08] C:\Program Files\Windows Live
[28/04/2008|14:02] C:\Program Files\Windows Live Safety Center
[21/01/2007|14:07] C:\Program Files\Windows Media Player
[01/07/2005|11:26] C:\Program Files\Windows NT
[01/07/2005|11:30] C:\Program Files\WindowsUpdate
[02/07/2005|05:48] C:\Program Files\WinRAR
[25/04/2008|16:03] C:\Program Files\WinZip 8.1 Fr
[01/07/2005|11:33] C:\Program Files\xerox
[29/02/2008|18:15] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[23/02/2008|13:32] C:\Program Files\Fichiers communs\Adobe
[02/07/2005|05:13] C:\Program Files\Fichiers communs\Ahead
[07/05/2008|17:06] C:\Program Files\Fichiers communs\Apple
[31/01/2007|14:26] C:\Program Files\Fichiers communs\Borland Shared
[10/03/2008|18:29] C:\Program Files\Fichiers communs\Ciel
[02/07/2005|08:56] C:\Program Files\Fichiers communs\Designer
[14/10/2005|18:16] C:\Program Files\Fichiers communs\DirectX
[10/03/2008|18:27] C:\Program Files\Fichiers communs\InstallShield
[02/07/2005|05:07] C:\Program Files\Fichiers communs\Java
[01/09/2007|18:09] C:\Program Files\Fichiers communs\Microsoft Shared
[01/07/2005|11:29] C:\Program Files\Fichiers communs\MSSoap
[01/07/2005|13:21] C:\Program Files\Fichiers communs\ODBC
[13/09/2007|17:11] C:\Program Files\Fichiers communs\Real
[10/03/2008|18:29] C:\Program Files\Fichiers communs\Sage
[01/07/2005|11:29] C:\Program Files\Fichiers communs\Services
[13/09/2007|17:13] C:\Program Files\Fichiers communs\Skype
[01/07/2005|13:20] C:\Program Files\Fichiers communs\SpeechEngines
[24/05/2008|13:34] C:\Program Files\Fichiers communs\System
[28/08/2006|19:50] C:\Program Files\Fichiers communs\TI Shared
[02/07/2005|05:35] C:\Program Files\Fichiers communs\Vbox
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Wise Installation Wizard
[13/09/2007|17:12] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 38

IEXPLORE.EXE ~ [1968]
IEXPLORE.EXE ~ [1980]
IEXPLORE.EXE ~ [3084]
IEXPLORE.EXE ~ [2060]

----------------------[ Recherche avec S_Lop ]---------------------

C:\TEMP\bis8.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1
C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\Atom Eq Find.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\boredashcoal.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\debug ball cdrom frag.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\vmjydpgp.exe
C:\Program Files\transt~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Prefetch\ATOM EQ FIND.EXE-13D6686A.pf
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@www.adserver5[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adopt.euroclick[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@32vegas[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.32vegas[2].txt
C:\WINDOWS\Tasks\B1E9FCE7901A72BB.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Love sect"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\TRANST~1\\boredashcoal.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 19:02:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\d-mininova.org-b Need for Speed Carbon [Keygenerator & NO-CD Crack].rar.torrent
=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\d-mininova.org-b Need for Speed Carbon [Keygenerator & NO-CD Crack].rar.torrent
=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\Need For Speed Carbon Keygen Razo 1911 Exe [-www.meganova.org-].torrent


[F:5172][D:47]-> C:\TEMP
[F:155][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:575][D:5]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:03:03,97 ]----------------------

ui tu as raison en fait je m'en suis rendu compte un peu après que je n'avais pas fais le bon truc...voila le rapport en appuyant sur le choix 2 le bon cette fois...


-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Administrateur ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 08/06/2008 | 19:07:10,48 ] [ PC : MAISON ]
[ MAJ : 07-06-2008 | 22:15 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\Atom Eq Find.exe
Supprimé! - C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\boredashcoal.exe
Supprimé! - C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\debug ball cdrom frag.exe
Supprimé! - C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1\vmjydpgp.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Prefetch\ATOM EQ FIND.EXE-13D6686A.pf
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@www.adserver5[1].txt
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[2].txt
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@adopt.euroclick[2].txt
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@32vegas[1].txt
Supprimé! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.32vegas[2].txt
Supprimé! - C:\WINDOWS\Tasks\B1E9FCE7901A72BB.job
Supprimé! - C:\TEMP\bis8.exe
Supprimé! - C:\DOCUME~1\ADMINI~1\APPLIC~1\transt~1
Supprimé! - C:\Program Files\transt~1
Supprimé! - C:\Program Files\Circle Developement

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[04/08/2004|00:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\addon.dat
[26/08/2007|17:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[15/09/2006|08:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[07/05/2008|17:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[08/02/2007|17:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[15/05/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\CDRusersDB.v12
[01/07/2005|13:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[11/01/2008|21:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[04/09/2006|18:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[28/01/2006|23:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[02/11/2007|16:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[01/07/2005|11:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[31/08/2006|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\ispnews
[11/01/2008|21:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[11/12/2006|18:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[02/07/2005|08:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
[02/07/2005|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[09/12/2005|22:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nvu
[02/07/2005|05:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\PDFCreator
[31/08/2006|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[07/05/2007|20:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\questdb.v12
[03/07/2007|12:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[19/01/2007|18:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\SecondLife
[12/04/2007|11:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[02/07/2005|05:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[02/07/2005|05:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[22/01/2007|19:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc

[23/02/2008|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/10/2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[07/05/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/03/2008|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/07/2005|13:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[21/05/2007|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
[03/10/2007|18:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/06/2008|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[05/06/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/06/2007|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/09/2007|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/09/2005|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OLYMPUS
[07/05/2008|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[11/11/2005|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[04/06/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SITE ONLINE DOWNLOAD BAT
[13/09/2007|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[10/05/2006|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/07/2005|13:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/07/2005|11:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[01/07/2005|11:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/07/2005|11:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[07/05/2008 17:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/05/2008 02:03][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[08/06/2008 16:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[23/02/2008|13:31] C:\Program Files\Adobe
[02/07/2005|05:13] C:\Program Files\Ahead
[07/12/2005|19:45] C:\Program Files\AIDA32 - Enterprise System Information
[19/02/2007|09:50] C:\Program Files\Alwil Software
[30/08/2006|19:32] C:\Program Files\antivirus
[19/04/2008|14:12] C:\Program Files\AntivirusFirewall
[07/05/2008|17:07] C:\Program Files\Apple Software Update
[07/05/2008|17:10] C:\Program Files\Bonjour
[10/03/2008|18:32] C:\Program Files\Ciel
[05/10/2005|13:08] C:\Program Files\Common Files
[01/07/2005|11:27] C:\Program Files\ComPlus Applications
[19/09/2007|18:29] C:\Program Files\DivX
[02/12/2007|15:06] C:\Program Files\EA GAMES
[03/08/2005|11:04] C:\Program Files\EPSON
[31/01/2007|14:27] C:\Program Files\Ethnos
[07/05/2008|17:06] C:\Program Files\Fichiers communs
[08/02/2007|12:24] C:\Program Files\Free_PDF
[29/02/2008|18:15] C:\Program Files\GeoGebra
[20/01/2007|00:02] C:\Program Files\GlobFX Technologies
[03/12/2007|22:22] C:\Program Files\Google
[10/03/2008|18:32] C:\Program Files\InstallShield Installation Information
[21/01/2007|14:12] C:\Program Files\Internet Explorer
[07/05/2008|17:10] C:\Program Files\iPod
[07/05/2008|17:10] C:\Program Files\iTunes
[02/12/2006|18:09] C:\Program Files\Java
[08/02/2007|16:56] C:\Program Files\jv16 PowerTools
[04/06/2008|19:08] C:\Program Files\Messenger Plus! Live
[03/07/2006|19:28] C:\Program Files\Microsoft AntiSpyware
[02/07/2005|08:55] C:\Program Files\microsoft frontpage
[02/07/2005|08:55] C:\Program Files\Microsoft Office
[05/10/2005|13:08] C:\Program Files\Microsoft R‚f‚rence
[02/07/2005|08:56] C:\Program Files\Microsoft Visual Studio
[01/07/2005|11:28] C:\Program Files\Movie Maker
[27/03/2008|17:49] C:\Program Files\Mozilla Firefox
[11/12/2006|18:48] C:\Program Files\MP3 Player Utilities
[01/07/2005|11:26] C:\Program Files\MSN Gaming Zone
[04/06/2008|19:08] C:\Program Files\MSN Messenger
[08/06/2008|18:41] C:\Program Files\Navilog1
[01/07/2005|11:29] C:\Program Files\NetMeeting
[04/09/2005|16:16] C:\Program Files\OLYMPUS
[21/01/2007|14:03] C:\Program Files\Outlook Express
[27/10/2006|17:18] C:\Program Files\PDFCreator
[15/05/2008|16:25] C:\Program Files\Powerball
[07/05/2008|17:09] C:\Program Files\QuickTime
[03/07/2007|12:03] C:\Program Files\Real
[02/07/2005|16:54] C:\Program Files\SAGEM
[13/09/2007|17:13] C:\Program Files\Skype
[10/08/2005|09:28] C:\Program Files\Snapshot Viewer
[02/07/2005|05:45] C:\Program Files\ToniArts
[01/07/2005|11:42] C:\Program Files\Uninstall Information
[22/01/2007|19:23] C:\Program Files\VideoLAN
[15/02/2007|11:39] C:\Program Files\Wanadoo
[21/09/2005|13:47] C:\Program Files\WinAce
[03/07/2006|19:28] C:\Program Files\Windows Defender
[04/06/2008|19:08] C:\Program Files\Windows Live
[28/04/2008|14:02] C:\Program Files\Windows Live Safety Center
[21/01/2007|14:07] C:\Program Files\Windows Media Player
[01/07/2005|11:26] C:\Program Files\Windows NT
[01/07/2005|11:30] C:\Program Files\WindowsUpdate
[02/07/2005|05:48] C:\Program Files\WinRAR
[25/04/2008|16:03] C:\Program Files\WinZip 8.1 Fr
[01/07/2005|11:33] C:\Program Files\xerox
[29/02/2008|18:15] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[23/02/2008|13:32] C:\Program Files\Fichiers communs\Adobe
[02/07/2005|05:13] C:\Program Files\Fichiers communs\Ahead
[07/05/2008|17:06] C:\Program Files\Fichiers communs\Apple
[31/01/2007|14:26] C:\Program Files\Fichiers communs\Borland Shared
[10/03/2008|18:29] C:\Program Files\Fichiers communs\Ciel
[02/07/2005|08:56] C:\Program Files\Fichiers communs\Designer
[14/10/2005|18:16] C:\Program Files\Fichiers communs\DirectX
[10/03/2008|18:27] C:\Program Files\Fichiers communs\InstallShield
[02/07/2005|05:07] C:\Program Files\Fichiers communs\Java
[01/09/2007|18:09] C:\Program Files\Fichiers communs\Microsoft Shared
[01/07/2005|11:29] C:\Program Files\Fichiers communs\MSSoap
[01/07/2005|13:21] C:\Program Files\Fichiers communs\ODBC
[13/09/2007|17:11] C:\Program Files\Fichiers communs\Real
[10/03/2008|18:29] C:\Program Files\Fichiers communs\Sage
[01/07/2005|11:29] C:\Program Files\Fichiers communs\Services
[13/09/2007|17:13] C:\Program Files\Fichiers communs\Skype
[01/07/2005|13:20] C:\Program Files\Fichiers communs\SpeechEngines
[24/05/2008|13:34] C:\Program Files\Fichiers communs\System
[28/08/2006|19:50] C:\Program Files\Fichiers communs\TI Shared
[02/07/2005|05:35] C:\Program Files\Fichiers communs\Vbox
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Wise Installation Wizard
[13/09/2007|17:12] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 33

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-08 19:08:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\d-mininova.org-b Need for Speed Carbon [Keygenerator & NO-CD Crack].rar.torrent
=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\d-mininova.org-b Need for Speed Carbon [Keygenerator & NO-CD Crack].rar.torrent
=> C:\Documents and Settings\Administrateur\Application Data\Azureus\torrents\Need For Speed Carbon Keygen Razo 1911 Exe [-www.meganova.org-].torrent


[F:5171][D:47]-> C:\TEMP
[F:149][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:740][D:5]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:09:20,46 ]----------------------

Voila j'ai fais le combo fix sans trop de probleme je crois ^^
voici le rapport
J'ai juste besoin que tu me racontes ce que ca veut dire^^...


ComboFix 08-06-20.4 - Administrateur 2008-06-21 14:44:46.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.150 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\mdm.exe
C:\WINDOWS\system32\MSINET.oca

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-21 to 2008-06-21 ))))))))))))))))))))))))))))))))))))
.

2008-06-21 14:46 . 2008-06-21 14:46 53,248 --a------ C:\TEMP\catchme.dll
2008-06-21 12:16 . 2008-06-21 12:16 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-06-21 12:15 . 2008-06-21 12:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-21 12:15 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-21 12:15 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-21 12:02 . 2008-06-21 12:02 16,384 --a----t- C:\TEMP\Perflib_Perfdata_470.dat
2008-06-21 11:37 . 2008-06-21 11:37 <REP> d-------- C:\WINDOWS\ERUNT
2008-06-10 15:22 . 2008-06-10 15:22 <REP> d-------- C:\Program Files\Maxis
2008-06-08 19:15 . 2008-06-08 19:15 <REP> d-------- C:\Program Files\Trend Micro
2008-06-08 18:59 . 2008-06-21 11:12 <REP> d-------- C:\Lop SD
2008-06-08 18:23 . 2008-06-08 18:41 <REP> d-------- C:\Program Files\Navilog1
2008-06-04 19:09 . 2008-06-04 19:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SITE ONLINE DOWNLOAD BAT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 12:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-06-09 11:05 --------- d-----w C:\Program Files\MSN Messenger
2008-05-07 15:11 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-05-07 15:10 --------- d-----w C:\Program Files\iTunes
2008-05-07 15:10 --------- d-----w C:\Program Files\iPod
2008-05-07 15:10 --------- d-----w C:\Program Files\Bonjour
2008-05-07 15:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-07 15:09 --------- d-----w C:\Program Files\QuickTime
2008-05-07 15:07 --------- d-----w C:\Program Files\Apple Software Update
2008-05-07 15:06 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-04-25 14:03 --------- d-----w C:\Program Files\WinZip 8.1 Fr
2006-08-31 09:42 343,552 -c--a-w C:\Documents and Settings\Administrateur\remote.exe
2006-05-07 18:19 4,096 -c--a-w C:\Documents and Settings\Administrateur\log.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 17:10 185632]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"DOWNLOAD BAT SCR 1"="C:\Documents and Settings\All Users\Application Data\SITE ONLINE DOWNLOAD BAT\Intra Mail.exe" [2008-06-21 13:51 2612736]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:54 160768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:54 15360]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
La Solution Ciel.lnk - C:\CIEL\STARTER.EXE [2008-03-10 18:25:57 524288]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Ciel Serveur.lnk - C:\Program Files\Ciel\Serveur\WSRV.exe [2005-11-23 17:57:28 172032]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe [2005-07-02 16:54:04 938055]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-03 12:00:11 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessagerStarter Wanadoo]
C:\PROGRA~1\MESSAG~1\StartMessager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2004-12-20 20:41 33792 D:\vincent\Logiciel\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2006-04-03 18:12 777424 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WooCnxMon]
C:\PROGRA~1\Wanadoo\CnxMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\vincent\\Logiciel\\eMule\\emule.exe"=
"C:\\Program Files\\Maxis\\SimCity 3000 World Edition\\Apps\\Updater\\UPDATER.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 TICalc;TICalc;C:\WINDOWS\system32\drivers\TICalc.sys [1999-08-30 15:51]
S3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b50df482-ea1f-11d9-a43b-806d6172696f}]
\shell\Rip\Command - "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:3 /RipAudioCD "%L"


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BA8E97E2-CC5E-35C5-6A6F-6BEF23395712}]
C:\Program Files\Free_PDF\spooler.exe s
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-07 15:07:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-01 00:03:02 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-21 14:46:36
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-21 14:49:15
ComboFix-quarantined-files.txt 2008-06-21 12:48:12

Pre-Run: 3,037,425,664 octets libres
Post-Run: 3,051,917,312 octets libres

131