Sujet Précédent Sujet Suivant

Rapport hijackthis mon ordi va mourir

Résolu
piotte Messages postés 37 Statut Membre -  
piotte Messages postés 37 Statut Membre -
Bonjour,

voila mon rapport aidez moi les mecs il rame des pub en cid apparaissent et j'ai des iexplorer.exe dans le gestionnaire des taches

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:44, on 07/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: VeriSign Inc. i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [meta setup] C:\DOCUME~1\TEMP\APPLIC~1\KEEPCI~1\body dog.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'Default user')
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
A voir également:

33 réponses

  • 1
  • 2
Réponse 1 / 33
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Bonjour,

Télécharge LopS&D.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Installe le logiciel.
Une icône va apparaitre sur le bureau. Double clique dessus pour lancer le logiciel
Tu choisis la langue et l'option 1 pour effectuer la recherche.
A la fin de la recherche, un rapport LopR.txt apparait. Il se trouve en C:\LopR.txt.
Tu posteras ce rapport dans le prochain message.

A+
0
Réponse 2 / 33
sanaa
 
slt tous le monde jé 1 blem celui des drivers de hp pavillion dv 6670 EF vista ALORS AIDEZ MOI SVP DS L ATTENTE D UNE REPONCE FAVORABLE 1 merci special d avanace
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Sanaa,

Supprime ton message STP.
Tu te trompes de forum et il faut créer ton propre sujet pour que les gens te répondent.
Va dans celui Matériels/hardware.
Crée ton sujet.

Merci.
0
Réponse 3 / 33
piotte Messages postés 37 Statut Membre
 
re merci de repondre si vite voila le rapprot

-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 07/07/2008 | 19:42:29,51 ] [ PC : LAGARDE ]
[ MAJ : 06-07-2008 | 10:55 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\InterTrust
[29/03/2007|19:27] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\VERITAS

[25/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[04/07/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[30/04/2003|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DelFin
[14/12/2003|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/12/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[15/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/02/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[31/05/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/02/2006|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[10/03/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[07/07/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/02/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[28/05/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/03/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[16/12/2002|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
[06/11/2006|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2002|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sbsi
[06/11/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[07/07/2008|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/12/2003|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/06/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/07/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
[30/03/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/02/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\VERITAS

[31/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[20/05/2006|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/03/2007|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2007|19:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/03/2003|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[02/01/2002|03:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[10/04/2003|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\dm.ini
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/06/2004|11:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[25/12/2002|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[04/02/2004|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[14/12/2002|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/04/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/04/2003|18:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/07/2003|23:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[01/01/2002|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[19/12/2002|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[14/12/2002|21:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS

[15/06/2008|20:50] C:\DOCUME~1\TEMP\APPLIC~1\Adobe
[14/09/2006|20:42] C:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[27/12/2007|20:04] C:\DOCUME~1\TEMP\APPLIC~1\AVG7
[14/12/2003|18:51] C:\DOCUME~1\TEMP\APPLIC~1\desktop.ini
[19/02/2007|22:55] C:\DOCUME~1\TEMP\APPLIC~1\DivX
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/11/2006|00:00] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[11/02/2007|00:17] C:\DOCUME~1\TEMP\APPLIC~1\DriveCleaner 2006 Free
[02/06/2008|16:43] C:\DOCUME~1\TEMP\APPLIC~1\GDIPFONTCACHEV1.DAT
[06/07/2008|21:44] C:\DOCUME~1\TEMP\APPLIC~1\GigaTribe
[01/02/2007|17:03] C:\DOCUME~1\TEMP\APPLIC~1\Google
[27/12/2004|19:02] C:\DOCUME~1\TEMP\APPLIC~1\Help
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\TEMP\APPLIC~1\InterTrust
[06/07/2008|16:44] C:\DOCUME~1\TEMP\APPLIC~1\Keep City Wma
[27/12/2007|20:02] C:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[14/09/2006|21:08] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[14/04/2007|11:50] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[27/03/2006|19:01] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft Web Folders
[13/02/2007|21:48] C:\DOCUME~1\TEMP\APPLIC~1\Motive
[19/02/2007|22:48] C:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[17/05/2007|16:50] C:\DOCUME~1\TEMP\APPLIC~1\MSN6
[24/03/2006|18:33] C:\DOCUME~1\TEMP\APPLIC~1\Nullriver
[03/07/2008|14:24] C:\DOCUME~1\TEMP\APPLIC~1\OpenOffice.org2
[05/07/2008|14:28] C:\DOCUME~1\TEMP\APPLIC~1\PC Tools
[30/03/2007|15:17] C:\DOCUME~1\TEMP\APPLIC~1\Real
[19/03/2007|17:33] C:\DOCUME~1\TEMP\APPLIC~1\Screenshot Sender
[25/12/2007|15:02] C:\DOCUME~1\TEMP\APPLIC~1\Sonic
[30/03/2007|15:07] C:\DOCUME~1\TEMP\APPLIC~1\Sun
[01/01/2002|23:24] C:\DOCUME~1\TEMP\APPLIC~1\Symantec
[25/04/2005|19:27] C:\DOCUME~1\TEMP\APPLIC~1\Template
[30/03/2007|15:21] C:\DOCUME~1\TEMP\APPLIC~1\Ulead Systems
[31/05/2008|18:19] C:\DOCUME~1\TEMP\APPLIC~1\Uniblue
[20/11/2004|15:04] C:\DOCUME~1\TEMP\APPLIC~1\VERITAS
[29/11/2007|20:03] C:\DOCUME~1\TEMP\APPLIC~1\Weflirt
[07/07/2008|19:21] C:\DOCUME~1\TEMP\APPLIC~1\WinRAR

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[07/07/2008 19:00][--ah-----] C:\WINDOWS\tasks\A260662E918BE322.job
[28/08/2001 21:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[07/07/2008 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT

A260662E918BE322.job <--> c:\docume~1\temp\applic~1\keepci~1\internetsectpure.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/04/2007|19:15] C:\Program Files\AC3Filter
[04/07/2008|15:37] C:\Program Files\Adobe
[15/02/2006|19:19] C:\Program Files\Ahead
[25/12/2007|16:06] C:\Program Files\Alcohol Soft
[15/11/2007|12:44] C:\Program Files\Alwil Software
[15/02/2006|19:18] C:\Program Files\ArcSoft
[06/07/2008|21:29] C:\Program Files\a-squared Anti-Malware
[07/07/2008|14:44] C:\Program Files\a-squared Free
[27/12/2007|17:41] C:\Program Files\BoontyGames
[09/05/2007|13:22] C:\Program Files\Club-Internet
[31/01/2007|15:08] C:\Program Files\Common Files
[14/12/2003|19:02] C:\Program Files\ComPlus Applications
[31/05/2008|19:49] C:\Program Files\Contig.zip
[25/11/2003|22:11] C:\Program Files\directx
[19/02/2007|22:45] C:\Program Files\DivX
[25/12/2007|15:41] C:\Program Files\Elaborate Bytes
[29/06/2008|17:56] C:\Program Files\eMule
[07/07/2008|15:10] C:\Program Files\Fichiers communs
[07/07/2008|14:49] C:\Program Files\free-downloads.net
[16/03/2008|14:31] C:\Program Files\GigaTribe
[30/03/2007|15:05] C:\Program Files\Google
[01/06/2008|14:18] C:\Program Files\Grisoft
[30/03/2007|15:09] C:\Program Files\Hewlett-Packard
[01/01/2002|17:55] C:\Program Files\Home Media Networks Limited
[16/12/2005|20:36] C:\Program Files\HP
[22/04/2007|19:15] C:\Program Files\IKEA HomePlanner
[23/04/2007|11:17] C:\Program Files\IncrediMail
[07/07/2008|19:01] C:\Program Files\InstallShield Installation Information
[18/02/2005|16:10] C:\Program Files\InterActual
[07/07/2008|13:19] C:\Program Files\Internet Explorer
[13/05/2007|15:43] C:\Program Files\Java
[06/07/2008|16:42] C:\Program Files\Keep City Wma
[07/07/2008|15:14] C:\Program Files\Lavasoft
[15/05/2007|02:29] C:\Program Files\Logitech
[27/12/2007|21:28] C:\Program Files\Mega Bloc Notes
[01/02/2007|22:50] C:\Program Files\Messenger
[29/08/2005|14:46] C:\Program Files\Micro Application
[27/03/2006|19:01] C:\Program Files\microsoft frontpage
[05/03/2007|11:20] C:\Program Files\Microsoft Games
[03/07/2008|13:48] C:\Program Files\Microsoft Office
[09/01/2005|14:23] C:\Program Files\Microsoft Picture It! 2002
[02/08/2007|19:11] C:\Program Files\Microsoft SQL Server
[01/01/2002|18:15] C:\Program Files\Microsoft Works
[01/04/2005|22:53] C:\Program Files\Microsoft Works Suite 2002
[28/12/2003|19:43] C:\Program Files\MobileForcesDemo
[25/04/2007|18:16] C:\Program Files\Motive
[22/04/2007|19:15] C:\Program Files\Motive(2)
[26/09/2006|13:09] C:\Program Files\Movie Maker
[07/07/2008|19:13] C:\Program Files\Mozilla Firefox
[30/01/2008|18:02] C:\Program Files\MSECache
[02/01/2002|03:39] C:\Program Files\MSN Gaming Zone
[07/07/2008|14:50] C:\Program Files\MSN Messenger
[01/02/2007|22:42] C:\Program Files\MSXML 4.0
[08/06/2004|23:44] C:\Program Files\nero 2
[26/09/2006|12:49] C:\Program Files\NetMeeting
[19/12/2002|20:04] C:\Program Files\NovaLogic
[06/03/2007|19:45] C:\Program Files\Oberon Media
[15/03/2007|16:27] C:\Program Files\OpenOffice.org 2.1
[14/06/2007|01:06] C:\Program Files\Outlook Express
[12/12/2003|18:23] C:\Program Files\PC Team
[31/05/2008|19:55] C:\Program Files\PowerDefragmenterGUI
[31/05/2008|19:51] C:\Program Files\PowerDefragmenterGUI.zip
[30/03/2007|15:16] C:\Program Files\QuickTime
[06/02/2003|18:48] C:\Program Files\Real
[19/05/2003|19:29] C:\Program Files\RecordNow
[09/02/2007|23:47] C:\Program Files\ReflexiveArcade
[10/03/2006|20:26] C:\Program Files\RegCleaner
[05/07/2008|14:26] C:\Program Files\Registry Mechanic
[06/11/2006|16:52] C:\Program Files\SAM_USB
[18/12/2002|17:24] C:\Program Files\SCi
[01/01/2002|18:19] C:\Program Files\Services en ligne
[06/11/2006|17:29] C:\Program Files\SmartSound Software
[25/12/2007|14:56] C:\Program Files\Sonic
[27/12/2007|19:31] C:\Program Files\splus
[07/07/2008|14:11] C:\Program Files\Spybot - Search & Destroy
[06/07/2008|14:27] C:\Program Files\Spyware Doctor
[28/01/2003|19:23] C:\Program Files\Thumbs.db
[07/07/2008|19:24] C:\Program Files\Trend Micro
[28/12/2003|19:43] C:\Program Files\Ubi Soft
[31/05/2008|18:19] C:\Program Files\Uniblue
[07/02/2004|21:21] C:\Program Files\Uninstall Information
[14/04/2003|21:11] C:\Program Files\VeriSign
[06/02/2003|18:49] C:\Program Files\Viewpoint
[02/02/2007|15:32] C:\Program Files\VisualRoute
[06/11/2006|17:22] C:\Program Files\Windows Media Components
[01/02/2007|16:01] C:\Program Files\Windows Media Connect 2
[01/02/2007|22:49] C:\Program Files\Windows Media Player
[07/07/2008|14:29] C:\Program Files\Windows NT
[31/01/2007|20:30] C:\Program Files\WindowsUpdate
[07/07/2008|19:20] C:\Program Files\WinRAR
[02/01/2002|03:43] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/07/2008|15:38] C:\Program Files\Fichiers communs\Adobe
[01/01/2002|18:14] C:\Program Files\Fichiers communs\Designer
[18/12/2002|21:25] C:\Program Files\Fichiers communs\DirectX
[15/11/2007|16:23] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[13/03/2005|15:23] C:\Program Files\Fichiers communs\HP
[23/11/2003|15:22] C:\Program Files\Fichiers communs\InstallShield
[13/05/2007|15:40] C:\Program Files\Fichiers communs\Java
[30/01/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[31/01/2007|15:08] C:\Program Files\Fichiers communs\Motive
[02/01/2002|03:41] C:\Program Files\Fichiers communs\MSSoap
[02/01/2002|03:35] C:\Program Files\Fichiers communs\ODBC
[25/12/2007|15:01] C:\Program Files\Fichiers communs\PACE Anti-Piracy
[30/03/2007|15:17] C:\Program Files\Fichiers communs\Real
[27/09/2002|01:11] C:\Program Files\Fichiers communs\Services
[25/12/2007|14:57] C:\Program Files\Fichiers communs\Sonic
[02/01/2002|03:35] C:\Program Files\Fichiers communs\SpeechEngines
[25/12/2007|14:56] C:\Program Files\Fichiers communs\SureThing Shared
[14/12/2003|21:37] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|01:06] C:\Program Files\Fichiers communs\System
[30/03/2007|18:18] C:\Program Files\Fichiers communs\Ulead Systems
[07/07/2008|15:10] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 40

iexplore.exe ~ [1288]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\Stop Defy.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\this fork.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\body dog.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\internet sect pure.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\jrilebel.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\lzfidwtn.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\Move new plan bind.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\qxbsgbzi.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\rkmpmfjc.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\uptekjgt.exe
C:\Program Files\keepci~1
C:\WINDOWS\Prefetch\INTERNET SECT PURE.EXE-058A5433.pf
C:\DOCUME~1\TEMP\Cookies\propriétaire@adin.bigpoint[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@2xmoinscher[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A260662E918BE322.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meta setup"="C:\\DOCUME~1\\TEMP\\APPLIC~1\\KEEPCI~1\\body dog.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 8751 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 19:44:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

[b]! EGDACCESS !/b

[F:524][D:35]-> C:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:382][D:0]-> C:\DOCUME~1\TEMP\Cookies
[F:2149][D:13]-> C:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:45:29,26 ]----------------------
0
Réponse 4 / 33
piotte Messages postés 37 Statut Membre
 
re merci de repondre si vite voila le rapprot

-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 07/07/2008 | 19:42:29,51 ] [ PC : LAGARDE ]
[ MAJ : 06-07-2008 | 10:55 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\InterTrust
[29/03/2007|19:27] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\VERITAS

[25/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[04/07/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[30/04/2003|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DelFin
[14/12/2003|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/12/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[15/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/02/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[31/05/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/02/2006|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[10/03/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[07/07/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/02/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[28/05/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/03/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[16/12/2002|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
[06/11/2006|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2002|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sbsi
[06/11/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[07/07/2008|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/12/2003|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/06/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/07/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
[30/03/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/02/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\VERITAS

[31/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[20/05/2006|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/03/2007|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2007|19:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/03/2003|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[02/01/2002|03:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[10/04/2003|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\dm.ini
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/06/2004|11:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[25/12/2002|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[04/02/2004|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[14/12/2002|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/04/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/04/2003|18:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/07/2003|23:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[01/01/2002|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[19/12/2002|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[14/12/2002|21:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS

[15/06/2008|20:50] C:\DOCUME~1\TEMP\APPLIC~1\Adobe
[14/09/2006|20:42] C:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[27/12/2007|20:04] C:\DOCUME~1\TEMP\APPLIC~1\AVG7
[14/12/2003|18:51] C:\DOCUME~1\TEMP\APPLIC~1\desktop.ini
[19/02/2007|22:55] C:\DOCUME~1\TEMP\APPLIC~1\DivX
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/11/2006|00:00] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[11/02/2007|00:17] C:\DOCUME~1\TEMP\APPLIC~1\DriveCleaner 2006 Free
[02/06/2008|16:43] C:\DOCUME~1\TEMP\APPLIC~1\GDIPFONTCACHEV1.DAT
[06/07/2008|21:44] C:\DOCUME~1\TEMP\APPLIC~1\GigaTribe
[01/02/2007|17:03] C:\DOCUME~1\TEMP\APPLIC~1\Google
[27/12/2004|19:02] C:\DOCUME~1\TEMP\APPLIC~1\Help
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\TEMP\APPLIC~1\InterTrust
[06/07/2008|16:44] C:\DOCUME~1\TEMP\APPLIC~1\Keep City Wma
[27/12/2007|20:02] C:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[14/09/2006|21:08] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[14/04/2007|11:50] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[27/03/2006|19:01] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft Web Folders
[13/02/2007|21:48] C:\DOCUME~1\TEMP\APPLIC~1\Motive
[19/02/2007|22:48] C:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[17/05/2007|16:50] C:\DOCUME~1\TEMP\APPLIC~1\MSN6
[24/03/2006|18:33] C:\DOCUME~1\TEMP\APPLIC~1\Nullriver
[03/07/2008|14:24] C:\DOCUME~1\TEMP\APPLIC~1\OpenOffice.org2
[05/07/2008|14:28] C:\DOCUME~1\TEMP\APPLIC~1\PC Tools
[30/03/2007|15:17] C:\DOCUME~1\TEMP\APPLIC~1\Real
[19/03/2007|17:33] C:\DOCUME~1\TEMP\APPLIC~1\Screenshot Sender
[25/12/2007|15:02] C:\DOCUME~1\TEMP\APPLIC~1\Sonic
[30/03/2007|15:07] C:\DOCUME~1\TEMP\APPLIC~1\Sun
[01/01/2002|23:24] C:\DOCUME~1\TEMP\APPLIC~1\Symantec
[25/04/2005|19:27] C:\DOCUME~1\TEMP\APPLIC~1\Template
[30/03/2007|15:21] C:\DOCUME~1\TEMP\APPLIC~1\Ulead Systems
[31/05/2008|18:19] C:\DOCUME~1\TEMP\APPLIC~1\Uniblue
[20/11/2004|15:04] C:\DOCUME~1\TEMP\APPLIC~1\VERITAS
[29/11/2007|20:03] C:\DOCUME~1\TEMP\APPLIC~1\Weflirt
[07/07/2008|19:21] C:\DOCUME~1\TEMP\APPLIC~1\WinRAR

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[07/07/2008 19:00][--ah-----] C:\WINDOWS\tasks\A260662E918BE322.job
[28/08/2001 21:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[07/07/2008 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT

A260662E918BE322.job <--> c:\docume~1\temp\applic~1\keepci~1\internetsectpure.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/04/2007|19:15] C:\Program Files\AC3Filter
[04/07/2008|15:37] C:\Program Files\Adobe
[15/02/2006|19:19] C:\Program Files\Ahead
[25/12/2007|16:06] C:\Program Files\Alcohol Soft
[15/11/2007|12:44] C:\Program Files\Alwil Software
[15/02/2006|19:18] C:\Program Files\ArcSoft
[06/07/2008|21:29] C:\Program Files\a-squared Anti-Malware
[07/07/2008|14:44] C:\Program Files\a-squared Free
[27/12/2007|17:41] C:\Program Files\BoontyGames
[09/05/2007|13:22] C:\Program Files\Club-Internet
[31/01/2007|15:08] C:\Program Files\Common Files
[14/12/2003|19:02] C:\Program Files\ComPlus Applications
[31/05/2008|19:49] C:\Program Files\Contig.zip
[25/11/2003|22:11] C:\Program Files\directx
[19/02/2007|22:45] C:\Program Files\DivX
[25/12/2007|15:41] C:\Program Files\Elaborate Bytes
[29/06/2008|17:56] C:\Program Files\eMule
[07/07/2008|15:10] C:\Program Files\Fichiers communs
[07/07/2008|14:49] C:\Program Files\free-downloads.net
[16/03/2008|14:31] C:\Program Files\GigaTribe
[30/03/2007|15:05] C:\Program Files\Google
[01/06/2008|14:18] C:\Program Files\Grisoft
[30/03/2007|15:09] C:\Program Files\Hewlett-Packard
[01/01/2002|17:55] C:\Program Files\Home Media Networks Limited
[16/12/2005|20:36] C:\Program Files\HP
[22/04/2007|19:15] C:\Program Files\IKEA HomePlanner
[23/04/2007|11:17] C:\Program Files\IncrediMail
[07/07/2008|19:01] C:\Program Files\InstallShield Installation Information
[18/02/2005|16:10] C:\Program Files\InterActual
[07/07/2008|13:19] C:\Program Files\Internet Explorer
[13/05/2007|15:43] C:\Program Files\Java
[06/07/2008|16:42] C:\Program Files\Keep City Wma
[07/07/2008|15:14] C:\Program Files\Lavasoft
[15/05/2007|02:29] C:\Program Files\Logitech
[27/12/2007|21:28] C:\Program Files\Mega Bloc Notes
[01/02/2007|22:50] C:\Program Files\Messenger
[29/08/2005|14:46] C:\Program Files\Micro Application
[27/03/2006|19:01] C:\Program Files\microsoft frontpage
[05/03/2007|11:20] C:\Program Files\Microsoft Games
[03/07/2008|13:48] C:\Program Files\Microsoft Office
[09/01/2005|14:23] C:\Program Files\Microsoft Picture It! 2002
[02/08/2007|19:11] C:\Program Files\Microsoft SQL Server
[01/01/2002|18:15] C:\Program Files\Microsoft Works
[01/04/2005|22:53] C:\Program Files\Microsoft Works Suite 2002
[28/12/2003|19:43] C:\Program Files\MobileForcesDemo
[25/04/2007|18:16] C:\Program Files\Motive
[22/04/2007|19:15] C:\Program Files\Motive(2)
[26/09/2006|13:09] C:\Program Files\Movie Maker
[07/07/2008|19:13] C:\Program Files\Mozilla Firefox
[30/01/2008|18:02] C:\Program Files\MSECache
[02/01/2002|03:39] C:\Program Files\MSN Gaming Zone
[07/07/2008|14:50] C:\Program Files\MSN Messenger
[01/02/2007|22:42] C:\Program Files\MSXML 4.0
[08/06/2004|23:44] C:\Program Files\nero 2
[26/09/2006|12:49] C:\Program Files\NetMeeting
[19/12/2002|20:04] C:\Program Files\NovaLogic
[06/03/2007|19:45] C:\Program Files\Oberon Media
[15/03/2007|16:27] C:\Program Files\OpenOffice.org 2.1
[14/06/2007|01:06] C:\Program Files\Outlook Express
[12/12/2003|18:23] C:\Program Files\PC Team
[31/05/2008|19:55] C:\Program Files\PowerDefragmenterGUI
[31/05/2008|19:51] C:\Program Files\PowerDefragmenterGUI.zip
[30/03/2007|15:16] C:\Program Files\QuickTime
[06/02/2003|18:48] C:\Program Files\Real
[19/05/2003|19:29] C:\Program Files\RecordNow
[09/02/2007|23:47] C:\Program Files\ReflexiveArcade
[10/03/2006|20:26] C:\Program Files\RegCleaner
[05/07/2008|14:26] C:\Program Files\Registry Mechanic
[06/11/2006|16:52] C:\Program Files\SAM_USB
[18/12/2002|17:24] C:\Program Files\SCi
[01/01/2002|18:19] C:\Program Files\Services en ligne
[06/11/2006|17:29] C:\Program Files\SmartSound Software
[25/12/2007|14:56] C:\Program Files\Sonic
[27/12/2007|19:31] C:\Program Files\splus
[07/07/2008|14:11] C:\Program Files\Spybot - Search & Destroy
[06/07/2008|14:27] C:\Program Files\Spyware Doctor
[28/01/2003|19:23] C:\Program Files\Thumbs.db
[07/07/2008|19:24] C:\Program Files\Trend Micro
[28/12/2003|19:43] C:\Program Files\Ubi Soft
[31/05/2008|18:19] C:\Program Files\Uniblue
[07/02/2004|21:21] C:\Program Files\Uninstall Information
[14/04/2003|21:11] C:\Program Files\VeriSign
[06/02/2003|18:49] C:\Program Files\Viewpoint
[02/02/2007|15:32] C:\Program Files\VisualRoute
[06/11/2006|17:22] C:\Program Files\Windows Media Components
[01/02/2007|16:01] C:\Program Files\Windows Media Connect 2
[01/02/2007|22:49] C:\Program Files\Windows Media Player
[07/07/2008|14:29] C:\Program Files\Windows NT
[31/01/2007|20:30] C:\Program Files\WindowsUpdate
[07/07/2008|19:20] C:\Program Files\WinRAR
[02/01/2002|03:43] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/07/2008|15:38] C:\Program Files\Fichiers communs\Adobe
[01/01/2002|18:14] C:\Program Files\Fichiers communs\Designer
[18/12/2002|21:25] C:\Program Files\Fichiers communs\DirectX
[15/11/2007|16:23] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[13/03/2005|15:23] C:\Program Files\Fichiers communs\HP
[23/11/2003|15:22] C:\Program Files\Fichiers communs\InstallShield
[13/05/2007|15:40] C:\Program Files\Fichiers communs\Java
[30/01/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[31/01/2007|15:08] C:\Program Files\Fichiers communs\Motive
[02/01/2002|03:41] C:\Program Files\Fichiers communs\MSSoap
[02/01/2002|03:35] C:\Program Files\Fichiers communs\ODBC
[25/12/2007|15:01] C:\Program Files\Fichiers communs\PACE Anti-Piracy
[30/03/2007|15:17] C:\Program Files\Fichiers communs\Real
[27/09/2002|01:11] C:\Program Files\Fichiers communs\Services
[25/12/2007|14:57] C:\Program Files\Fichiers communs\Sonic
[02/01/2002|03:35] C:\Program Files\Fichiers communs\SpeechEngines
[25/12/2007|14:56] C:\Program Files\Fichiers communs\SureThing Shared
[14/12/2003|21:37] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|01:06] C:\Program Files\Fichiers communs\System
[30/03/2007|18:18] C:\Program Files\Fichiers communs\Ulead Systems
[07/07/2008|15:10] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 40

iexplore.exe ~ [1288]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\Stop Defy.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\this fork.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\body dog.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\internet sect pure.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\jrilebel.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\lzfidwtn.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\Move new plan bind.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\qxbsgbzi.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\rkmpmfjc.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\uptekjgt.exe
C:\Program Files\keepci~1
C:\WINDOWS\Prefetch\INTERNET SECT PURE.EXE-058A5433.pf
C:\DOCUME~1\TEMP\Cookies\propriétaire@adin.bigpoint[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@2xmoinscher[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A260662E918BE322.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meta setup"="C:\\DOCUME~1\\TEMP\\APPLIC~1\\KEEPCI~1\\body dog.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 8751 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 19:44:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

[b]! EGDACCESS !/b

[F:524][D:35]-> C:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:382][D:0]-> C:\DOCUME~1\TEMP\Cookies
[F:2149][D:13]-> C:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:45:29,26 ]----------------------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 33
piotte Messages postés 37 Statut Membre
 
re merci de repondre si vite voila le rapprot

-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 07/07/2008 | 19:42:29,51 ] [ PC : LAGARDE ]
[ MAJ : 06-07-2008 | 10:55 ]

-------------[ Listing des dossiers dans Application Data ]------------

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\InterTrust
[29/03/2007|19:27] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\VERITAS

[25/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[04/07/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[30/04/2003|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DelFin
[14/12/2003|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/12/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[15/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/02/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[31/05/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/02/2006|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[10/03/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[07/07/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/02/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[28/05/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/03/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[16/12/2002|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
[06/11/2006|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2002|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sbsi
[06/11/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[07/07/2008|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/12/2003|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/06/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[06/07/2008|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
[30/03/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/02/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\VERITAS

[31/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[20/05/2006|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/03/2007|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2007|19:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/03/2003|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[02/01/2002|03:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[10/04/2003|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\dm.ini
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/06/2004|11:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[25/12/2002|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[04/02/2004|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[14/12/2002|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/04/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/04/2003|18:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/07/2003|23:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[01/01/2002|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[19/12/2002|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[14/12/2002|21:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS

[15/06/2008|20:50] C:\DOCUME~1\TEMP\APPLIC~1\Adobe
[14/09/2006|20:42] C:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[27/12/2007|20:04] C:\DOCUME~1\TEMP\APPLIC~1\AVG7
[14/12/2003|18:51] C:\DOCUME~1\TEMP\APPLIC~1\desktop.ini
[19/02/2007|22:55] C:\DOCUME~1\TEMP\APPLIC~1\DivX
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/11/2006|00:00] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[11/02/2007|00:17] C:\DOCUME~1\TEMP\APPLIC~1\DriveCleaner 2006 Free
[02/06/2008|16:43] C:\DOCUME~1\TEMP\APPLIC~1\GDIPFONTCACHEV1.DAT
[06/07/2008|21:44] C:\DOCUME~1\TEMP\APPLIC~1\GigaTribe
[01/02/2007|17:03] C:\DOCUME~1\TEMP\APPLIC~1\Google
[27/12/2004|19:02] C:\DOCUME~1\TEMP\APPLIC~1\Help
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\TEMP\APPLIC~1\InterTrust
[06/07/2008|16:44] C:\DOCUME~1\TEMP\APPLIC~1\Keep City Wma
[27/12/2007|20:02] C:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[14/09/2006|21:08] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[14/04/2007|11:50] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[27/03/2006|19:01] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft Web Folders
[13/02/2007|21:48] C:\DOCUME~1\TEMP\APPLIC~1\Motive
[19/02/2007|22:48] C:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[17/05/2007|16:50] C:\DOCUME~1\TEMP\APPLIC~1\MSN6
[24/03/2006|18:33] C:\DOCUME~1\TEMP\APPLIC~1\Nullriver
[03/07/2008|14:24] C:\DOCUME~1\TEMP\APPLIC~1\OpenOffice.org2
[05/07/2008|14:28] C:\DOCUME~1\TEMP\APPLIC~1\PC Tools
[30/03/2007|15:17] C:\DOCUME~1\TEMP\APPLIC~1\Real
[19/03/2007|17:33] C:\DOCUME~1\TEMP\APPLIC~1\Screenshot Sender
[25/12/2007|15:02] C:\DOCUME~1\TEMP\APPLIC~1\Sonic
[30/03/2007|15:07] C:\DOCUME~1\TEMP\APPLIC~1\Sun
[01/01/2002|23:24] C:\DOCUME~1\TEMP\APPLIC~1\Symantec
[25/04/2005|19:27] C:\DOCUME~1\TEMP\APPLIC~1\Template
[30/03/2007|15:21] C:\DOCUME~1\TEMP\APPLIC~1\Ulead Systems
[31/05/2008|18:19] C:\DOCUME~1\TEMP\APPLIC~1\Uniblue
[20/11/2004|15:04] C:\DOCUME~1\TEMP\APPLIC~1\VERITAS
[29/11/2007|20:03] C:\DOCUME~1\TEMP\APPLIC~1\Weflirt
[07/07/2008|19:21] C:\DOCUME~1\TEMP\APPLIC~1\WinRAR

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[07/07/2008 19:00][--ah-----] C:\WINDOWS\tasks\A260662E918BE322.job
[28/08/2001 21:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[07/07/2008 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT

A260662E918BE322.job <--> c:\docume~1\temp\applic~1\keepci~1\internetsectpure.exe

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/04/2007|19:15] C:\Program Files\AC3Filter
[04/07/2008|15:37] C:\Program Files\Adobe
[15/02/2006|19:19] C:\Program Files\Ahead
[25/12/2007|16:06] C:\Program Files\Alcohol Soft
[15/11/2007|12:44] C:\Program Files\Alwil Software
[15/02/2006|19:18] C:\Program Files\ArcSoft
[06/07/2008|21:29] C:\Program Files\a-squared Anti-Malware
[07/07/2008|14:44] C:\Program Files\a-squared Free
[27/12/2007|17:41] C:\Program Files\BoontyGames
[09/05/2007|13:22] C:\Program Files\Club-Internet
[31/01/2007|15:08] C:\Program Files\Common Files
[14/12/2003|19:02] C:\Program Files\ComPlus Applications
[31/05/2008|19:49] C:\Program Files\Contig.zip
[25/11/2003|22:11] C:\Program Files\directx
[19/02/2007|22:45] C:\Program Files\DivX
[25/12/2007|15:41] C:\Program Files\Elaborate Bytes
[29/06/2008|17:56] C:\Program Files\eMule
[07/07/2008|15:10] C:\Program Files\Fichiers communs
[07/07/2008|14:49] C:\Program Files\free-downloads.net
[16/03/2008|14:31] C:\Program Files\GigaTribe
[30/03/2007|15:05] C:\Program Files\Google
[01/06/2008|14:18] C:\Program Files\Grisoft
[30/03/2007|15:09] C:\Program Files\Hewlett-Packard
[01/01/2002|17:55] C:\Program Files\Home Media Networks Limited
[16/12/2005|20:36] C:\Program Files\HP
[22/04/2007|19:15] C:\Program Files\IKEA HomePlanner
[23/04/2007|11:17] C:\Program Files\IncrediMail
[07/07/2008|19:01] C:\Program Files\InstallShield Installation Information
[18/02/2005|16:10] C:\Program Files\InterActual
[07/07/2008|13:19] C:\Program Files\Internet Explorer
[13/05/2007|15:43] C:\Program Files\Java
[06/07/2008|16:42] C:\Program Files\Keep City Wma
[07/07/2008|15:14] C:\Program Files\Lavasoft
[15/05/2007|02:29] C:\Program Files\Logitech
[27/12/2007|21:28] C:\Program Files\Mega Bloc Notes
[01/02/2007|22:50] C:\Program Files\Messenger
[29/08/2005|14:46] C:\Program Files\Micro Application
[27/03/2006|19:01] C:\Program Files\microsoft frontpage
[05/03/2007|11:20] C:\Program Files\Microsoft Games
[03/07/2008|13:48] C:\Program Files\Microsoft Office
[09/01/2005|14:23] C:\Program Files\Microsoft Picture It! 2002
[02/08/2007|19:11] C:\Program Files\Microsoft SQL Server
[01/01/2002|18:15] C:\Program Files\Microsoft Works
[01/04/2005|22:53] C:\Program Files\Microsoft Works Suite 2002
[28/12/2003|19:43] C:\Program Files\MobileForcesDemo
[25/04/2007|18:16] C:\Program Files\Motive
[22/04/2007|19:15] C:\Program Files\Motive(2)
[26/09/2006|13:09] C:\Program Files\Movie Maker
[07/07/2008|19:13] C:\Program Files\Mozilla Firefox
[30/01/2008|18:02] C:\Program Files\MSECache
[02/01/2002|03:39] C:\Program Files\MSN Gaming Zone
[07/07/2008|14:50] C:\Program Files\MSN Messenger
[01/02/2007|22:42] C:\Program Files\MSXML 4.0
[08/06/2004|23:44] C:\Program Files\nero 2
[26/09/2006|12:49] C:\Program Files\NetMeeting
[19/12/2002|20:04] C:\Program Files\NovaLogic
[06/03/2007|19:45] C:\Program Files\Oberon Media
[15/03/2007|16:27] C:\Program Files\OpenOffice.org 2.1
[14/06/2007|01:06] C:\Program Files\Outlook Express
[12/12/2003|18:23] C:\Program Files\PC Team
[31/05/2008|19:55] C:\Program Files\PowerDefragmenterGUI
[31/05/2008|19:51] C:\Program Files\PowerDefragmenterGUI.zip
[30/03/2007|15:16] C:\Program Files\QuickTime
[06/02/2003|18:48] C:\Program Files\Real
[19/05/2003|19:29] C:\Program Files\RecordNow
[09/02/2007|23:47] C:\Program Files\ReflexiveArcade
[10/03/2006|20:26] C:\Program Files\RegCleaner
[05/07/2008|14:26] C:\Program Files\Registry Mechanic
[06/11/2006|16:52] C:\Program Files\SAM_USB
[18/12/2002|17:24] C:\Program Files\SCi
[01/01/2002|18:19] C:\Program Files\Services en ligne
[06/11/2006|17:29] C:\Program Files\SmartSound Software
[25/12/2007|14:56] C:\Program Files\Sonic
[27/12/2007|19:31] C:\Program Files\splus
[07/07/2008|14:11] C:\Program Files\Spybot - Search & Destroy
[06/07/2008|14:27] C:\Program Files\Spyware Doctor
[28/01/2003|19:23] C:\Program Files\Thumbs.db
[07/07/2008|19:24] C:\Program Files\Trend Micro
[28/12/2003|19:43] C:\Program Files\Ubi Soft
[31/05/2008|18:19] C:\Program Files\Uniblue
[07/02/2004|21:21] C:\Program Files\Uninstall Information
[14/04/2003|21:11] C:\Program Files\VeriSign
[06/02/2003|18:49] C:\Program Files\Viewpoint
[02/02/2007|15:32] C:\Program Files\VisualRoute
[06/11/2006|17:22] C:\Program Files\Windows Media Components
[01/02/2007|16:01] C:\Program Files\Windows Media Connect 2
[01/02/2007|22:49] C:\Program Files\Windows Media Player
[07/07/2008|14:29] C:\Program Files\Windows NT
[31/01/2007|20:30] C:\Program Files\WindowsUpdate
[07/07/2008|19:20] C:\Program Files\WinRAR
[02/01/2002|03:43] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/07/2008|15:38] C:\Program Files\Fichiers communs\Adobe
[01/01/2002|18:14] C:\Program Files\Fichiers communs\Designer
[18/12/2002|21:25] C:\Program Files\Fichiers communs\DirectX
[15/11/2007|16:23] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[13/03/2005|15:23] C:\Program Files\Fichiers communs\HP
[23/11/2003|15:22] C:\Program Files\Fichiers communs\InstallShield
[13/05/2007|15:40] C:\Program Files\Fichiers communs\Java
[30/01/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[31/01/2007|15:08] C:\Program Files\Fichiers communs\Motive
[02/01/2002|03:41] C:\Program Files\Fichiers communs\MSSoap
[02/01/2002|03:35] C:\Program Files\Fichiers communs\ODBC
[25/12/2007|15:01] C:\Program Files\Fichiers communs\PACE Anti-Piracy
[30/03/2007|15:17] C:\Program Files\Fichiers communs\Real
[27/09/2002|01:11] C:\Program Files\Fichiers communs\Services
[25/12/2007|14:57] C:\Program Files\Fichiers communs\Sonic
[02/01/2002|03:35] C:\Program Files\Fichiers communs\SpeechEngines
[25/12/2007|14:56] C:\Program Files\Fichiers communs\SureThing Shared
[14/12/2003|21:37] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|01:06] C:\Program Files\Fichiers communs\System
[30/03/2007|18:18] C:\Program Files\Fichiers communs\Ulead Systems
[07/07/2008|15:10] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 40

iexplore.exe ~ [1288]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\Stop Defy.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\this fork.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\body dog.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\internet sect pure.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\jrilebel.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\lzfidwtn.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\Move new plan bind.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\qxbsgbzi.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\rkmpmfjc.exe
C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\uptekjgt.exe
C:\Program Files\keepci~1
C:\WINDOWS\Prefetch\INTERNET SECT PURE.EXE-058A5433.pf
C:\DOCUME~1\TEMP\Cookies\propriétaire@adin.bigpoint[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@cotedazurpalace[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@2xmoinscher[1].txt
C:\DOCUME~1\TEMP\Cookies\propriétaire@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A260662E918BE322.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"meta setup"="C:\\DOCUME~1\\TEMP\\APPLIC~1\\KEEPCI~1\\body dog.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 8751 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 19:44:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode Load Mpeg Less"="C:\\Documents and Settings\\All Users\\Application Data\\two setup mode load\\Stop Defy.exe"

[b]! EGDACCESS !/b

[F:524][D:35]-> C:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:382][D:0]-> C:\DOCUME~1\TEMP\Cookies
[F:2149][D:13]-> C:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:45:29,26 ]----------------------
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Relance le logiciel LopS&D.
Choisist l'option 2 pour supprimer l'infection et réinitialiser le fichier Hosts.
A la fin du nettoyage, un rapport LopR.txt apparait. Il se trouve en C:\LopR.txt. Tu posteras ce rapport dans le prochain message.

Désinstalle LopS&D par la panneau de configuration et Ajout/Suppression de programmes.
Puis redémarre l'ordinateur.
0
Réponse 6 / 33
piotte Messages postés 37 Statut Membre
 
voici mon rapport apres avoir effectué le nettoyage mais au risque de paraitre bete comment malgre l'antivirus et a jour j'ai recupere c'est virus merci encore au fait

-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 07/07/2008 | 19:53:23,45 ] [ PC : LAGARDE ]
[ MAJ : 06-07-2008 | 10:55 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\Stop Defy.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load\this fork.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\body dog.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\internet sect pure.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\jrilebel.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\lzfidwtn.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\Move new plan bind.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\qxbsgbzi.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\rkmpmfjc.exe
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1\uptekjgt.exe
Supprime! - C:\WINDOWS\Prefetch\INTERNET SECT PURE.EXE-058A5433.pf
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@bigpoint[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@32vegas[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\TEMP\Cookies\propriétaire@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\A260662E918BE322.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\two setup mode load
Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\keepci~1
Supprime! - C:\Program Files\keepci~1
RestaurÚ! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprime! - C:\DOCUME~1\TEMP\APPLIC~1\DriveCleaner 2006 Free
Supprime! - C:\Program Files\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans APPLIC~1 ]------------

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\InterTrust
[29/03/2007|19:27] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\VERITAS

[25/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[04/07/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[30/04/2003|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DelFin
[14/12/2003|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/12/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[15/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/02/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[31/05/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/02/2006|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[10/03/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[07/07/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/02/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[28/05/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/03/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[16/12/2002|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
[06/11/2006|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2002|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sbsi
[06/11/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[07/07/2008|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/12/2003|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/06/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/03/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/02/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\VERITAS

[31/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[20/05/2006|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/03/2007|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2007|19:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/03/2003|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[02/01/2002|03:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[10/04/2003|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\dm.ini
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/06/2004|11:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[25/12/2002|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[04/02/2004|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[14/12/2002|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/04/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/04/2003|18:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/07/2003|23:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[01/01/2002|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[19/12/2002|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[14/12/2002|21:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS

[15/06/2008|20:50] C:\DOCUME~1\TEMP\APPLIC~1\Adobe
[14/09/2006|20:42] C:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[27/12/2007|20:04] C:\DOCUME~1\TEMP\APPLIC~1\AVG7
[14/12/2003|18:51] C:\DOCUME~1\TEMP\APPLIC~1\desktop.ini
[19/02/2007|22:55] C:\DOCUME~1\TEMP\APPLIC~1\DivX
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/11/2006|00:00] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[02/06/2008|16:43] C:\DOCUME~1\TEMP\APPLIC~1\GDIPFONTCACHEV1.DAT
[06/07/2008|21:44] C:\DOCUME~1\TEMP\APPLIC~1\GigaTribe
[01/02/2007|17:03] C:\DOCUME~1\TEMP\APPLIC~1\Google
[27/12/2004|19:02] C:\DOCUME~1\TEMP\APPLIC~1\Help
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\TEMP\APPLIC~1\InterTrust
[27/12/2007|20:02] C:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[14/09/2006|21:08] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[14/04/2007|11:50] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[27/03/2006|19:01] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft Web Folders
[13/02/2007|21:48] C:\DOCUME~1\TEMP\APPLIC~1\Motive
[19/02/2007|22:48] C:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[17/05/2007|16:50] C:\DOCUME~1\TEMP\APPLIC~1\MSN6
[24/03/2006|18:33] C:\DOCUME~1\TEMP\APPLIC~1\Nullriver
[03/07/2008|14:24] C:\DOCUME~1\TEMP\APPLIC~1\OpenOffice.org2
[05/07/2008|14:28] C:\DOCUME~1\TEMP\APPLIC~1\PC Tools
[30/03/2007|15:17] C:\DOCUME~1\TEMP\APPLIC~1\Real
[19/03/2007|17:33] C:\DOCUME~1\TEMP\APPLIC~1\Screenshot Sender
[25/12/2007|15:02] C:\DOCUME~1\TEMP\APPLIC~1\Sonic
[30/03/2007|15:07] C:\DOCUME~1\TEMP\APPLIC~1\Sun
[01/01/2002|23:24] C:\DOCUME~1\TEMP\APPLIC~1\Symantec
[25/04/2005|19:27] C:\DOCUME~1\TEMP\APPLIC~1\Template
[30/03/2007|15:21] C:\DOCUME~1\TEMP\APPLIC~1\Ulead Systems
[31/05/2008|18:19] C:\DOCUME~1\TEMP\APPLIC~1\Uniblue
[20/11/2004|15:04] C:\DOCUME~1\TEMP\APPLIC~1\VERITAS
[29/11/2007|20:03] C:\DOCUME~1\TEMP\APPLIC~1\Weflirt
[07/07/2008|19:21] C:\DOCUME~1\TEMP\APPLIC~1\WinRAR

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/08/2001 21:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[07/07/2008 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/04/2007|19:15] C:\Program Files\AC3Filter
[04/07/2008|15:37] C:\Program Files\Adobe
[15/02/2006|19:19] C:\Program Files\Ahead
[25/12/2007|16:06] C:\Program Files\Alcohol Soft
[15/11/2007|12:44] C:\Program Files\Alwil Software
[15/02/2006|19:18] C:\Program Files\ArcSoft
[06/07/2008|21:29] C:\Program Files\a-squared Anti-Malware
[07/07/2008|14:44] C:\Program Files\a-squared Free
[27/12/2007|17:41] C:\Program Files\BoontyGames
[09/05/2007|13:22] C:\Program Files\Club-Internet
[31/01/2007|15:08] C:\Program Files\Common Files
[14/12/2003|19:02] C:\Program Files\ComPlus Applications
[31/05/2008|19:49] C:\Program Files\Contig.zip
[25/11/2003|22:11] C:\Program Files\directx
[19/02/2007|22:45] C:\Program Files\DivX
[25/12/2007|15:41] C:\Program Files\Elaborate Bytes
[29/06/2008|17:56] C:\Program Files\eMule
[07/07/2008|15:10] C:\Program Files\Fichiers communs
[07/07/2008|14:49] C:\Program Files\free-downloads.net
[16/03/2008|14:31] C:\Program Files\GigaTribe
[30/03/2007|15:05] C:\Program Files\Google
[01/06/2008|14:18] C:\Program Files\Grisoft
[30/03/2007|15:09] C:\Program Files\Hewlett-Packard
[01/01/2002|17:55] C:\Program Files\Home Media Networks Limited
[16/12/2005|20:36] C:\Program Files\HP
[22/04/2007|19:15] C:\Program Files\IKEA HomePlanner
[23/04/2007|11:17] C:\Program Files\IncrediMail
[07/07/2008|19:01] C:\Program Files\InstallShield Installation Information
[18/02/2005|16:10] C:\Program Files\InterActual
[07/07/2008|13:19] C:\Program Files\Internet Explorer
[13/05/2007|15:43] C:\Program Files\Java
[07/07/2008|15:14] C:\Program Files\Lavasoft
[15/05/2007|02:29] C:\Program Files\Logitech
[27/12/2007|21:28] C:\Program Files\Mega Bloc Notes
[01/02/2007|22:50] C:\Program Files\Messenger
[29/08/2005|14:46] C:\Program Files\Micro Application
[27/03/2006|19:01] C:\Program Files\microsoft frontpage
[05/03/2007|11:20] C:\Program Files\Microsoft Games
[03/07/2008|13:48] C:\Program Files\Microsoft Office
[09/01/2005|14:23] C:\Program Files\Microsoft Picture It! 2002
[02/08/2007|19:11] C:\Program Files\Microsoft SQL Server
[01/01/2002|18:15] C:\Program Files\Microsoft Works
[01/04/2005|22:53] C:\Program Files\Microsoft Works Suite 2002
[28/12/2003|19:43] C:\Program Files\MobileForcesDemo
[25/04/2007|18:16] C:\Program Files\Motive
[22/04/2007|19:15] C:\Program Files\Motive(2)
[26/09/2006|13:09] C:\Program Files\Movie Maker
[07/07/2008|19:13] C:\Program Files\Mozilla Firefox
[30/01/2008|18:02] C:\Program Files\MSECache
[02/01/2002|03:39] C:\Program Files\MSN Gaming Zone
[07/07/2008|14:50] C:\Program Files\MSN Messenger
[01/02/2007|22:42] C:\Program Files\MSXML 4.0
[08/06/2004|23:44] C:\Program Files\nero 2
[26/09/2006|12:49] C:\Program Files\NetMeeting
[19/12/2002|20:04] C:\Program Files\NovaLogic
[06/03/2007|19:45] C:\Program Files\Oberon Media
[15/03/2007|16:27] C:\Program Files\OpenOffice.org 2.1
[14/06/2007|01:06] C:\Program Files\Outlook Express
[12/12/2003|18:23] C:\Program Files\PC Team
[31/05/2008|19:55] C:\Program Files\PowerDefragmenterGUI
[31/05/2008|19:51] C:\Program Files\PowerDefragmenterGUI.zip
[30/03/2007|15:16] C:\Program Files\QuickTime
[06/02/2003|18:48] C:\Program Files\Real
[19/05/2003|19:29] C:\Program Files\RecordNow
[09/02/2007|23:47] C:\Program Files\ReflexiveArcade
[10/03/2006|20:26] C:\Program Files\RegCleaner
[05/07/2008|14:26] C:\Program Files\Registry Mechanic
[06/11/2006|16:52] C:\Program Files\SAM_USB
[18/12/2002|17:24] C:\Program Files\SCi
[01/01/2002|18:19] C:\Program Files\Services en ligne
[06/11/2006|17:29] C:\Program Files\SmartSound Software
[25/12/2007|14:56] C:\Program Files\Sonic
[27/12/2007|19:31] C:\Program Files\splus
[07/07/2008|14:11] C:\Program Files\Spybot - Search & Destroy
[06/07/2008|14:27] C:\Program Files\Spyware Doctor
[28/01/2003|19:23] C:\Program Files\Thumbs.db
[07/07/2008|19:24] C:\Program Files\Trend Micro
[28/12/2003|19:43] C:\Program Files\Ubi Soft
[31/05/2008|18:19] C:\Program Files\Uniblue
[07/02/2004|21:21] C:\Program Files\Uninstall Information
[14/04/2003|21:11] C:\Program Files\VeriSign
[02/02/2007|15:32] C:\Program Files\VisualRoute
[06/11/2006|17:22] C:\Program Files\Windows Media Components
[01/02/2007|16:01] C:\Program Files\Windows Media Connect 2
[01/02/2007|22:49] C:\Program Files\Windows Media Player
[07/07/2008|14:29] C:\Program Files\Windows NT
[31/01/2007|20:30] C:\Program Files\WindowsUpdate
[07/07/2008|19:20] C:\Program Files\WinRAR
[02/01/2002|03:43] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/07/2008|15:38] C:\Program Files\Fichiers communs\Adobe
[01/01/2002|18:14] C:\Program Files\Fichiers communs\Designer
[18/12/2002|21:25] C:\Program Files\Fichiers communs\DirectX
[15/11/2007|16:23] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[13/03/2005|15:23] C:\Program Files\Fichiers communs\HP
[23/11/2003|15:22] C:\Program Files\Fichiers communs\InstallShield
[13/05/2007|15:40] C:\Program Files\Fichiers communs\Java
[30/01/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[31/01/2007|15:08] C:\Program Files\Fichiers communs\Motive
[02/01/2002|03:41] C:\Program Files\Fichiers communs\MSSoap
[02/01/2002|03:35] C:\Program Files\Fichiers communs\ODBC
[25/12/2007|15:01] C:\Program Files\Fichiers communs\PACE Anti-Piracy
[30/03/2007|15:17] C:\Program Files\Fichiers communs\Real
[27/09/2002|01:11] C:\Program Files\Fichiers communs\Services
[25/12/2007|14:57] C:\Program Files\Fichiers communs\Sonic
[02/01/2002|03:35] C:\Program Files\Fichiers communs\SpeechEngines
[25/12/2007|14:56] C:\Program Files\Fichiers communs\SureThing Shared
[14/12/2003|21:37] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|01:06] C:\Program Files\Fichiers communs\System
[30/03/2007|18:18] C:\Program Files\Fichiers communs\Ulead Systems
[07/07/2008|15:10] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 40

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 19:54:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

[F:524][D:35]-> C:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:373][D:0]-> C:\DOCUME~1\TEMP\Cookies
[F:2191][D:13]-> C:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:55:59,28 ]----------------------
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
On attrape ces pubs via justement des bannières de publicités sur des pages Webs ou en installant certains logiciels comme :
* BitDownload
* BitGrabber
* BitRoll
* MessengerPlus! 3 sous le nom de sponsors
* Messenger Plus! Live sous le nom de sponsors
* NetPumper
* TorrentQ
* Torrent101

Pourrais-tu poster un autre rapport Hijackthis ?
0
Réponse 7 / 33
piotte Messages postés 37 Statut Membre
 
ah oui aussi durant la manip spy bot m'a demandé si je voulais accepter la modification du registre j'ai accepté pensant que ca venait de ton logiciel j'avais juste?????
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Tu as bien fait.
0
Réponse 8 / 33
piotte Messages postés 37 Statut Membre
 
okj'ai repris donc depuis le debut dsl pour la faute de frappe et voila mon nouveau rapport ce coup ce sans interpellation de la part de spy bot alors il dit qoit doc????? c'est bon je l'ai eu??

dit moi oui lol
-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 07/07/2008 | 20:02:33,48 ] [ PC : LAGARDE ]
[ MAJ : 06-07-2008 | 10:55 ]

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans APPLIC~1 ]------------

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\VERITAS

[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\InterTrust
[29/03/2007|19:27] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\ADMINI~1.PEA\APPLIC~1\VERITAS

[25/12/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[04/07/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2007|20:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[30/04/2003|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DelFin
[14/12/2003|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/12/2007|15:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[15/02/2007|14:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/02/2007|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[31/05/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[15/02/2006|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[10/03/2006|21:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[07/07/2008|15:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/02/2007|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[28/05/2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/03/2007|12:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[16/12/2002|18:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[25/12/2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
[06/11/2006|17:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[01/01/2002|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sbsi
[06/11/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[07/07/2008|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[14/12/2003|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/06/2008|00:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/03/2007|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/02/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[14/12/2003|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/01/2002|03:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[01/01/2002|18:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/01/2002|23:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[01/01/2002|17:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\VERITAS

[31/01/2007|17:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[20/05/2006|12:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/03/2007|19:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[29/03/2007|19:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[01/03/2003|12:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[02/01/2002|03:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[10/04/2003|16:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\dm.ini
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/12/2002|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[03/06/2004|11:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
[25/12/2002|13:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[04/02/2004|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[14/12/2002|17:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\InterVideo
[28/04/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/04/2003|18:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[10/07/2003|23:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSN6
[01/01/2002|23:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[19/12/2002|14:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Template
[14/12/2002|21:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\VERITAS

[15/06/2008|20:50] C:\DOCUME~1\TEMP\APPLIC~1\Adobe
[14/09/2006|20:42] C:\DOCUME~1\TEMP\APPLIC~1\AdobeUM
[27/12/2007|20:04] C:\DOCUME~1\TEMP\APPLIC~1\AVG7
[14/12/2003|18:51] C:\DOCUME~1\TEMP\APPLIC~1\desktop.ini
[19/02/2007|22:55] C:\DOCUME~1\TEMP\APPLIC~1\DivX
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[29/11/2006|00:00] C:\DOCUME~1\TEMP\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[02/06/2008|16:43] C:\DOCUME~1\TEMP\APPLIC~1\GDIPFONTCACHEV1.DAT
[06/07/2008|21:44] C:\DOCUME~1\TEMP\APPLIC~1\GigaTribe
[01/02/2007|17:03] C:\DOCUME~1\TEMP\APPLIC~1\Google
[27/12/2004|19:02] C:\DOCUME~1\TEMP\APPLIC~1\Help
[12/09/2004|18:25] C:\DOCUME~1\TEMP\APPLIC~1\Identities
[01/01/2002|18:06] C:\DOCUME~1\TEMP\APPLIC~1\InterTrust
[27/12/2007|20:02] C:\DOCUME~1\TEMP\APPLIC~1\Lavasoft
[14/09/2006|21:08] C:\DOCUME~1\TEMP\APPLIC~1\Macromedia
[14/04/2007|11:50] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft
[27/03/2006|19:01] C:\DOCUME~1\TEMP\APPLIC~1\Microsoft Web Folders
[13/02/2007|21:48] C:\DOCUME~1\TEMP\APPLIC~1\Motive
[19/02/2007|22:48] C:\DOCUME~1\TEMP\APPLIC~1\Mozilla
[17/05/2007|16:50] C:\DOCUME~1\TEMP\APPLIC~1\MSN6
[24/03/2006|18:33] C:\DOCUME~1\TEMP\APPLIC~1\Nullriver
[03/07/2008|14:24] C:\DOCUME~1\TEMP\APPLIC~1\OpenOffice.org2
[05/07/2008|14:28] C:\DOCUME~1\TEMP\APPLIC~1\PC Tools
[30/03/2007|15:17] C:\DOCUME~1\TEMP\APPLIC~1\Real
[19/03/2007|17:33] C:\DOCUME~1\TEMP\APPLIC~1\Screenshot Sender
[25/12/2007|15:02] C:\DOCUME~1\TEMP\APPLIC~1\Sonic
[30/03/2007|15:07] C:\DOCUME~1\TEMP\APPLIC~1\Sun
[01/01/2002|23:24] C:\DOCUME~1\TEMP\APPLIC~1\Symantec
[25/04/2005|19:27] C:\DOCUME~1\TEMP\APPLIC~1\Template
[30/03/2007|15:21] C:\DOCUME~1\TEMP\APPLIC~1\Ulead Systems
[31/05/2008|18:19] C:\DOCUME~1\TEMP\APPLIC~1\Uniblue
[20/11/2004|15:04] C:\DOCUME~1\TEMP\APPLIC~1\VERITAS
[29/11/2007|20:03] C:\DOCUME~1\TEMP\APPLIC~1\Weflirt
[07/07/2008|19:21] C:\DOCUME~1\TEMP\APPLIC~1\WinRAR

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/08/2001 21:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
[07/07/2008 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[22/04/2007|19:15] C:\Program Files\AC3Filter
[04/07/2008|15:37] C:\Program Files\Adobe
[15/02/2006|19:19] C:\Program Files\Ahead
[25/12/2007|16:06] C:\Program Files\Alcohol Soft
[15/11/2007|12:44] C:\Program Files\Alwil Software
[15/02/2006|19:18] C:\Program Files\ArcSoft
[06/07/2008|21:29] C:\Program Files\a-squared Anti-Malware
[07/07/2008|14:44] C:\Program Files\a-squared Free
[27/12/2007|17:41] C:\Program Files\BoontyGames
[09/05/2007|13:22] C:\Program Files\Club-Internet
[31/01/2007|15:08] C:\Program Files\Common Files
[14/12/2003|19:02] C:\Program Files\ComPlus Applications
[31/05/2008|19:49] C:\Program Files\Contig.zip
[25/11/2003|22:11] C:\Program Files\directx
[19/02/2007|22:45] C:\Program Files\DivX
[25/12/2007|15:41] C:\Program Files\Elaborate Bytes
[29/06/2008|17:56] C:\Program Files\eMule
[07/07/2008|15:10] C:\Program Files\Fichiers communs
[07/07/2008|14:49] C:\Program Files\free-downloads.net
[16/03/2008|14:31] C:\Program Files\GigaTribe
[30/03/2007|15:05] C:\Program Files\Google
[01/06/2008|14:18] C:\Program Files\Grisoft
[30/03/2007|15:09] C:\Program Files\Hewlett-Packard
[01/01/2002|17:55] C:\Program Files\Home Media Networks Limited
[16/12/2005|20:36] C:\Program Files\HP
[22/04/2007|19:15] C:\Program Files\IKEA HomePlanner
[23/04/2007|11:17] C:\Program Files\IncrediMail
[07/07/2008|19:01] C:\Program Files\InstallShield Installation Information
[18/02/2005|16:10] C:\Program Files\InterActual
[07/07/2008|13:19] C:\Program Files\Internet Explorer
[13/05/2007|15:43] C:\Program Files\Java
[07/07/2008|15:14] C:\Program Files\Lavasoft
[15/05/2007|02:29] C:\Program Files\Logitech
[27/12/2007|21:28] C:\Program Files\Mega Bloc Notes
[01/02/2007|22:50] C:\Program Files\Messenger
[29/08/2005|14:46] C:\Program Files\Micro Application
[27/03/2006|19:01] C:\Program Files\microsoft frontpage
[05/03/2007|11:20] C:\Program Files\Microsoft Games
[03/07/2008|13:48] C:\Program Files\Microsoft Office
[09/01/2005|14:23] C:\Program Files\Microsoft Picture It! 2002
[02/08/2007|19:11] C:\Program Files\Microsoft SQL Server
[01/01/2002|18:15] C:\Program Files\Microsoft Works
[01/04/2005|22:53] C:\Program Files\Microsoft Works Suite 2002
[28/12/2003|19:43] C:\Program Files\MobileForcesDemo
[25/04/2007|18:16] C:\Program Files\Motive
[22/04/2007|19:15] C:\Program Files\Motive(2)
[26/09/2006|13:09] C:\Program Files\Movie Maker
[07/07/2008|19:13] C:\Program Files\Mozilla Firefox
[30/01/2008|18:02] C:\Program Files\MSECache
[02/01/2002|03:39] C:\Program Files\MSN Gaming Zone
[07/07/2008|14:50] C:\Program Files\MSN Messenger
[01/02/2007|22:42] C:\Program Files\MSXML 4.0
[08/06/2004|23:44] C:\Program Files\nero 2
[26/09/2006|12:49] C:\Program Files\NetMeeting
[19/12/2002|20:04] C:\Program Files\NovaLogic
[06/03/2007|19:45] C:\Program Files\Oberon Media
[15/03/2007|16:27] C:\Program Files\OpenOffice.org 2.1
[14/06/2007|01:06] C:\Program Files\Outlook Express
[12/12/2003|18:23] C:\Program Files\PC Team
[31/05/2008|19:55] C:\Program Files\PowerDefragmenterGUI
[31/05/2008|19:51] C:\Program Files\PowerDefragmenterGUI.zip
[30/03/2007|15:16] C:\Program Files\QuickTime
[06/02/2003|18:48] C:\Program Files\Real
[19/05/2003|19:29] C:\Program Files\RecordNow
[09/02/2007|23:47] C:\Program Files\ReflexiveArcade
[10/03/2006|20:26] C:\Program Files\RegCleaner
[05/07/2008|14:26] C:\Program Files\Registry Mechanic
[06/11/2006|16:52] C:\Program Files\SAM_USB
[18/12/2002|17:24] C:\Program Files\SCi
[01/01/2002|18:19] C:\Program Files\Services en ligne
[06/11/2006|17:29] C:\Program Files\SmartSound Software
[25/12/2007|14:56] C:\Program Files\Sonic
[27/12/2007|19:31] C:\Program Files\splus
[07/07/2008|14:11] C:\Program Files\Spybot - Search & Destroy
[06/07/2008|14:27] C:\Program Files\Spyware Doctor
[28/01/2003|19:23] C:\Program Files\Thumbs.db
[07/07/2008|19:24] C:\Program Files\Trend Micro
[28/12/2003|19:43] C:\Program Files\Ubi Soft
[31/05/2008|18:19] C:\Program Files\Uniblue
[07/02/2004|21:21] C:\Program Files\Uninstall Information
[14/04/2003|21:11] C:\Program Files\VeriSign
[02/02/2007|15:32] C:\Program Files\VisualRoute
[06/11/2006|17:22] C:\Program Files\Windows Media Components
[01/02/2007|16:01] C:\Program Files\Windows Media Connect 2
[01/02/2007|22:49] C:\Program Files\Windows Media Player
[07/07/2008|14:29] C:\Program Files\Windows NT
[31/01/2007|20:30] C:\Program Files\WindowsUpdate
[07/07/2008|19:20] C:\Program Files\WinRAR
[02/01/2002|03:43] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/07/2008|15:38] C:\Program Files\Fichiers communs\Adobe
[01/01/2002|18:14] C:\Program Files\Fichiers communs\Designer
[18/12/2002|21:25] C:\Program Files\Fichiers communs\DirectX
[15/11/2007|16:23] C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
[13/03/2005|15:23] C:\Program Files\Fichiers communs\HP
[23/11/2003|15:22] C:\Program Files\Fichiers communs\InstallShield
[13/05/2007|15:40] C:\Program Files\Fichiers communs\Java
[30/01/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[31/01/2007|15:08] C:\Program Files\Fichiers communs\Motive
[02/01/2002|03:41] C:\Program Files\Fichiers communs\MSSoap
[02/01/2002|03:35] C:\Program Files\Fichiers communs\ODBC
[25/12/2007|15:01] C:\Program Files\Fichiers communs\PACE Anti-Piracy
[30/03/2007|15:17] C:\Program Files\Fichiers communs\Real
[27/09/2002|01:11] C:\Program Files\Fichiers communs\Services
[25/12/2007|14:57] C:\Program Files\Fichiers communs\Sonic
[02/01/2002|03:35] C:\Program Files\Fichiers communs\SpeechEngines
[25/12/2007|14:56] C:\Program Files\Fichiers communs\SureThing Shared
[14/12/2003|21:37] C:\Program Files\Fichiers communs\Symantec Shared
[14/06/2007|01:06] C:\Program Files\Fichiers communs\System
[30/03/2007|18:18] C:\Program Files\Fichiers communs\Ulead Systems
[07/07/2008|15:10] C:\Program Files\Fichiers communs\Wise Installation Wizard

---------------------------[ Process ]--------------------------

... 38

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 20:05:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

[F:524][D:35]-> C:\DOCUME~1\TEMP\LOCALS~1\Temp
[F:373][D:0]-> C:\DOCUME~1\TEMP\Cookies
[F:2211][D:13]-> C:\DOCUME~1\TEMP\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:06:19,62 ]----------------------
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Oui, tu l'as eu.

Poste un rapport Hijackthis, STP.

A+
0
Réponse 9 / 33
piotte Messages postés 37 Statut Membre
 
voila je comprends pas comment dechiffre tout ca mais j'aimerais bien un cours merci verni

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:17, on 07/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: VeriSign Inc. i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'Default user')
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Bizarre,

Il reste une ligne dans le rapport Hijackthis qui concerne cette infection.
Peux-tu aller vérifier si le fichier Stop Defy.exe est présent ?

C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe

Il a pourtant été supprimé ainsi que le répertoire.
0
al4az Messages postés 47 Statut Membre > verni29 Messages postés 6805 Statut Contributeur sécurité
 
bonjour mon pc beug peut tu maider merci de me repondre
0
Réponse 10 / 33
piotte Messages postés 37 Statut Membre
 
alors au risque de paraitre idiote je trouve pas application data c document setting je trouve ok apres all user je trouve mais application data jtrouve pas c'est où??
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
C'est normal que tu ne vois pas ce dossier. Il est caché.

dans le poste de travail : menu Outils --> Options des dossier --> Onglet Affichage
Déroule jusqu'à afficher les dossiers cachés que tu sélectionnes.

retourne dans C: pour voir si le fichier est là.
0
Réponse 11 / 33
al4az Messages postés 47 Statut Membre
 
bonjour mon pc beug peut tu maider ??
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
crée ton propre sujet pour que quelqu'un te réponde.
Tu supprimes ton message, STP.
0
Réponse 12 / 33
piotte Messages postés 37 Statut Membre
 
verni je trouve pas je fais quoi ,par la recherche peut etre ????
0
Réponse 13 / 33
piotte Messages postés 37 Statut Membre
 
voila je comprends pas comment dechiffre tout ca mais j'aimerais bien un cours merci verni

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:17, on 07/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: VeriSign Inc. i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'Default user')
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
Réponse 14 / 33
piotte Messages postés 37 Statut Membre
 
bon ce coup ci je crois juste qu'il y est pas je trouve data mais pas tow set mode load c'est normal ??
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Tout a fait normal. Il a bien été supprimé. Il ne reste que la ligne dans Hijackthis.

On va justement nettoyer ce rapport.
Pour cela, tu fermes ton navigateur.
Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :
Tu choisis l'option " Fixchecked" en bas de la page.

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)

Il reste deux choses à faire ensuite.
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180 > verni29 Messages postés 6805 Statut Contributeur sécurité
 
J'oubliais justement cette fameuse ligne :

O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
0
Réponse 15 / 33
piotte Messages postés 37 Statut Membre
 
ok je fais ca et je reviens de suite
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Attends un instant, il y a une ligne que tu ne dois pas supprimer/

O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
0
Réponse 16 / 33
piotte Messages postés 37 Statut Membre
 
euh merde enfin je sais les lignes que j'ai coché ce sont celles que j' ai supprimé attend je te met un scan si tu veux?
0
Réponse 17 / 33
piotte Messages postés 37 Statut Membre
 
je confirme j'ai supprimé aîe ??????
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Pas grave, on va rattraper le coup.

On va recréer le raccourci dans le menu démarrage.
pour cela tu vas dans le poste de travail et à :

C:\documents and settings\all users\menu demarrer\programmes\démarrage\

Click droit --> nouveau --> raccourci

Pour l'emplacement, clique sur parcourir et va à :

C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe

Suivant --> appelle le club-internet.

Tu poste un rapport Hijackthis après cà.
0
Réponse 18 / 33
piotte Messages postés 37 Statut Membre
 
on fait quoi la???,
0
Réponse 19 / 33
piotte Messages postés 37 Statut Membre
 
tu disais il reste Il reste deux choses à faire ensuite c'était quoi tu peux me dire ????
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Recrée le raccourci comme indiqué dans le message précédent.

On en reparle après.
0
Réponse 20 / 33
piotte Messages postés 37 Statut Membre
 
ok j'ai recré le raccourci et voila le scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:19, on 07/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: VeriSign Inc. i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Suite] regedit -s c:\windows\temp\adj_hp.reg (User 'Default user')
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O4 - Global Startup: matcli.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_3_0_1.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
verni29 Messages postés 6805 Statut Contributeur sécurité 180
 
Piotte,


1) Certaines lignes sont encore présentes dans le rapport d'Hijackthis.
Je te remets la manip de suppression des lignes de HIjackthis.

Tu fermes le navigateur. Note auparavant ou imprime le texte suivant pour savoir quelles lignes il faudra supprimer :
tu ouvres Hijackthis.
Tu choisis l'option Do a system scan only.
Tu sélectionnes les lignes suivantes :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Stop Defy.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - S-1-5-18 Startup: ddrive.js (User 'SYSTEM')
O4 - .DEFAULT Startup: ddrive.js (User 'Default user')
O4 - .DEFAULT User Startup: ddrive.js (User 'Default user')
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

2) On va vérifier la présence d'autres infections.
Tu télécharges MalwareBytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes. Choisis les options par défaut.
A la fin de l’installation, il te sera demandé de mettre à jour MalwareBytes et de l’éxecuter .
Après la, mise à jour, le logiciel va s’ouvrir.
Dans l’onglet Recherche, sélectionne Exécuter un examen complet.
Clique sur recherche. Tu ne sélectionnes que les disques durs de l’ordinateur.
Clique sur lancer l’examen.
Comme il est demandé, clique sur afficher les résultats pour obtenir le rapport.
Tu postes le rapport dans ton prochain message.

3) Tu as trop d'antispywares sur ton PC. UN seul doit être actif, les autres tu peux les garder.
Dis-moi lequel tu utilises.
Si tu as des questions, n'hésite pas.

J'attends ton rapport de MalwareBYtes et on en discute.
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses