Sujet Précédent Sujet Suivant

PC infesté de chevaux de troie, HELP

Fermé
NEWman - 17 août 2008 à 23:08
 NEWman - 20 août 2008 à 20:55
Bonsoir à tous,
J'aurai besoin d'aide, mon pc est infecté par un ou plusieurs chevaux de troie, Avast les détecte mais est imcapable de les supprimer, si quelqu'un pouvait m'aider ce seria super sympa, merci pour vos réponses, voici déjà mon rapport hijack this


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:30, on 17/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NettoyeurTitan] C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [LVCOMSX] "C:\WINDOWS\system32\LVCOMSX.EXE"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [CoolSwitch] "C:\WINDOWS\system32\taskswitch.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: ieraxtdk - ieraxtdk.dll (file missing)
O20 - Winlogon Notify: opnkkhi - opnkkhi.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:

70 réponses

Réponse 1 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
17 août 2008 à 23:10
Salut,

On va commencer par s'occuper de Vundo/Virtumonde.

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt
0
Réponse 2 / 70
Hadrienen Messages postés 716 Date d'inscription mercredi 31 octobre 2007 Statut Membre Dernière intervention 23 décembre 2010 25
17 août 2008 à 23:11
BOnsoir,

Apparemment, pas trop ;


Telecharge malwarebytes

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
Réponse 3 / 70
funfiles Messages postés 135 Date d'inscription samedi 13 octobre 2007 Statut Membre Dernière intervention 2 juin 2020 8
17 août 2008 à 23:14
avg free edition=TRES BONNE SOLUTION
0
Réponse 4 / 70
Utilisateur anonyme
17 août 2008 à 23:14
Bonsoir
commence par supprimer ça :
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 70
NEWman
18 août 2008 à 00:32
voila, c'est fait, voici le rapport combofix
Seul problème, je n'ai pas réussi a réactiver avast

ComboFix 08-08-17.01 - Jason 2008-08-17 23:14:49.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.32.1036.18.234 [GMT 2:00]
Endroit: C:\Documents and Settings\Jason\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - ntoskrnl.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - explorer.exe: deleted 132 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Jason\UserData
C:\Documents and Settings\Jason\UserData\AZ6FULY5\advstNetId[1].xml
C:\Documents and Settings\Jason\UserData\IBINBVBU\historySitePos[1].xml
C:\Documents and Settings\Jason\UserData\index.dat
C:\Documents and Settings\Jason\UserData\SP49SNQB\historySearchPos[1].xml
C:\Documents and Settings\Jason\UserData\SP49SNQB\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\megan\Cookies\megan@ad.yieldmanager[1].txt
C:\Documents and Settings\megan\Cookies\megan@serving-sys[2].txt
C:\Documents and Settings\megan\Cookies\megan@tradedoubler[1].txt
C:\Documents and Settings\megan\UserData
C:\Documents and Settings\megan\UserData\11KQINXY\Tdy58[1].xml
C:\Documents and Settings\megan\UserData\index.dat
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com\ud.sol
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Quodbach\Cookies\quodbach@89.188.16[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antispywaremaster[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusfiable[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusordi[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@avsystemcare[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bestsellerantivirus[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bluestreak[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@conducteurprive[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@defensenetsurfage[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@disqudurprotection[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@erreurchasseur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@europacasino[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@libresystem[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettoyeurdepc[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@network.adsmarket[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@news.fr.be.msn[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@performanceoptimizer[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionassuree[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionconue[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@reparateurdesysteme[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[7].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@search[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@solutionreg[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sprinterfacile[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sysdepannage[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@titanpoker[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@viruseffaceur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@virusgarde[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@winanonymous[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.amateur-hard[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.mypornmotion[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.passionbassin[1].txt
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
C:\Documents and Settings\Quodbach\UserData
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\index.dat
C:\Documents and Settings\Quodbach\UserData\O5A74TER\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\showHideState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[2].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\showHideState[1].xml
C:\Program Files\Fichiers communs\BestsellerAntivirus
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\aowegekc.ini
C:\WINDOWS\system32\bailnobx.ini
C:\WINDOWS\system32\bfauwnwp.ini
C:\WINDOWS\system32\bkmspcva.ini
C:\WINDOWS\system32\flhjxlnm.ini
C:\WINDOWS\system32\ftbiqdbb.ini
C:\WINDOWS\system32\gbfrwthp.ini
C:\WINDOWS\system32\gjpixetu.ini
C:\WINDOWS\system32\gkuotrlh.ini
C:\WINDOWS\system32\iemqsfob.ini
C:\WINDOWS\system32\ilkkj.ini
C:\WINDOWS\system32\ilkkj.ini2
C:\WINDOWS\system32\iwkenmdq.ini
C:\WINDOWS\system32\k4
C:\WINDOWS\system32\lbiavgdy.ini
C:\WINDOWS\system32\lmducxoi.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nexviugb.ini
C:\WINDOWS\system32\nyoyrkyv.ini
C:\WINDOWS\system32\okjvhmww.ini
C:\WINDOWS\system32\phfnonrm.ini
C:\WINDOWS\system32\qycwwivm.ini
C:\WINDOWS\system32\rnqmahji.ini
C:\WINDOWS\system32\ssnukhqh.ini
C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\svvwa.ini2
C:\WINDOWS\system32\uhccobei.ini
C:\WINDOWS\system32\umpspcso.ini
C:\WINDOWS\system32\vmetmcyi.ini
C:\WINDOWS\system32\wyofptgv.ini
C:\WINDOWS\system32\xevopvks.ini
C:\WINDOWS\system32\xglqlxml.ini
C:\WINDOWS\system32\xylxhubu.ini
C:\WINDOWS\system32\yrctxxwp.ini
C:\WINDOWS\system32\ytnrntcw.ini
C:\WINDOWS\system32\yycdd.ini
C:\WINDOWS\system32\yycdd.ini2

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_PERFORMANCE_MONITOR
-------\Legacy_USERINIT_LOGON_APPLICATION


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-17 to 2008-08-17 ))))))))))))))))))))))))))))))))))))
.

2008-08-17 23:01 . 2008-08-17 23:01 <REP> d-------- C:\Program Files\Trend Micro
2008-08-12 22:55 . 2008-08-12 22:55 <REP> d-------- C:\VundoFix Backups
2008-08-12 22:31 . 2005-07-09 21:40 46,080 --a------ C:\WINDOWS\system32\dllcache\ftp.exe
2008-08-12 22:31 . 2005-07-09 21:40 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2008-08-12 22:30 . 2008-08-12 22:30 578,048 --a------ C:\WINDOWS\system32\dllcache\user32.dll
2008-08-12 22:29 . 2008-08-12 22:29 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-12 22:23 . 2008-08-11 03:44 <REP> d-------- C:\SDFix
2008-08-12 22:10 . 2008-08-12 22:10 <REP> d-------- C:\Program Files\CCleaner
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\Jason\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-12 20:47 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-12 20:33 . 2006-09-01 02:11 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-12 20:33 . 2006-09-01 00:18 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-12 20:33 . 2008-08-12 20:33 <REP> d-------- C:\Documents and Settings\Administrateur

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 21:29 373,004 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-17 21:29 31,741,984 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-17 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-12 21:00 --------- d-----w C:\Documents and Settings\Jason\Application Data\1logofunk
2008-08-12 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Audio 4 part browse
2008-07-27 21:27 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-20 14:00 --------- d-----w C:\Documents and Settings\Quodbach\Application Data\1logofunk
2008-06-28 11:25 --------- d-----w C:\Program Files\1logofunk
.

------- Sigcheck -------

2005-07-09 21:40 359040 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys

2005-07-05 19:54 1242112 d061a74aed7a5ac09e9422757628db16 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-10-22 18:25 36864]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 20:43 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-03-01 19:43 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NettoyeurTitan"="C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe" [2005-06-14 21:41 16384]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43 86016]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 13:24 217088]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-12 13:12 1836544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54 919016]
"nwiz"="nwiz.exe" [2006-08-11 21:43 1519616 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 15:00 81920 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BearShare"="C:\Program Files\BearShare\BearShare.ex_" /pause
"KAZAA"="C:\Program Files\Kazaa\kazaa.ex_" /SYSTRAY

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 Vqtfk;Vqtfk;C:\WINDOWS\system32\Vqtfk.sys [1999-08-11 11:49]
.
- - - - ORPHANS REMOVED - - - -

BHO-{9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll
BHO-{E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll
HKCU-Run-PlaySafe - C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
HKLM-Run-d0804923 - C:\WINDOWS\system32\pwnwuafb.dll
HKLM-Run-Device Detector - DevDetect.exe
Notify-ieraxtdk - ieraxtdk.dll
Notify-opnkkhi - opnkkhi.dll


.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.msn.be/
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:05:30
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-18 0:11:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-17 22:11:00

Pre-Run: 65,454,780,416 octets libres
Post-Run: 67,288,887,296 octets libres

274
0
Réponse 6 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 00:35
Très très bien.

On va s'occuper de l'infection Lop/Swizzor. Elle affiche des pubs CID.

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
0
Réponse 7 / 70
NEWman
18 août 2008 à 00:37
et pour l'antivirus que je ne sais pas réactiver ?
0
Réponse 8 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 00:42
Pas grave.
0
Réponse 9 / 70
NEWman
18 août 2008 à 00:45
ok, voila le rapport lop s&d


--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla


[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft

[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype

[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"


--------------------\\ Listing des dossiers dans C:\Program Files

[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 42 Processus )

IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 0:41:05,64
0
Réponse 10 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 00:47
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
0
Réponse 11 / 70
NEWman
18 août 2008 à 00:52
voila le rapport


--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]

--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla


[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft

[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype

[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"


--------------------\\ Listing des dossiers dans C:\Program Files

[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 42 Processus )

IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 0:41:05,64
0
Réponse 12 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 00:53
Ce n'est pas le bon rapport.

Il faut faire l'option 2.
0
Réponse 13 / 70
NEWman
18 août 2008 à 00:56
y me semblait que c'est ce que j'avais fait, enfin soit, je recommence
0
Réponse 14 / 70
NEWman
18 août 2008 à 01:04
voila le rapport et là je suis sur que c'est l'option 2


--------------------\\ Lop S&D 4.2.3-0 XP/Vista

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 18/08/2008 | 0:54:05 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla


[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft

[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype

[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 41 Processus )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:57:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:965][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5

--------------------\\ Fin du rapport a 0:58:49,10
0
Réponse 15 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 01:07
---> Désinstalle Lop S&D

---> Mets à jour Internet Explorer :
https://support.microsoft.com/fr-fr/allproducts

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Poste un nouveau rapport HijackThis
0
Réponse 16 / 70
NEWman
18 août 2008 à 01:12
y a pas moyen de supprimer lop séd
0
Réponse 17 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 01:13
Dans Ajout/Suppression des programmes.
0
Réponse 18 / 70
NEWman
18 août 2008 à 01:13
j'ai été par là mais il n'est pas dans la liste
0
Réponse 19 / 70
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 294
18 août 2008 à 01:14
Vire le dossier Lop S&D situé dans C:\
0
Réponse 20 / 70
NEWman
18 août 2008 à 01:17
y a pas moyen, j'ai un message d'erreur qui dit que le prog est utilisé par une autre personne ou par un autre prog.
0