Probleme avec Win32:Swizzor [Trj]
TOTOF20
-
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 85985 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
Comme je l'ai soulignre sur la reponse que tu avais fait a une autre personne comme ui j'ai le meme probleme avec se maudit trojan swizzor. A qui a dit qu'il fallait laisser les femme sur les pc en tt les cas c pas moi donc come tu la ecrit sur l'ancien message j'ai telechargé LOP&sd et il ma donner un rapport que je vais te mettre dans se message apres tu me diras se qu'il en est voila merci de l'aide que tu pourrras m'apporté.
Rapport :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 23/08/2008|17:15 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[23/08/2008|16:33] C:\DOCUME~1\tof\APPLIC~1\slow multi build
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[21/08/2008|22:27] C:\Program Files\GalaPlayer
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[21/08/2008|22:27] C:\Program Files\slow multi build
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
C:\Program Files\GalaPlayer
C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BoltBoneAudio]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Send Find"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:18:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:21][D:22]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:132][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1223][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:19:36
Comme je l'ai soulignre sur la reponse que tu avais fait a une autre personne comme ui j'ai le meme probleme avec se maudit trojan swizzor. A qui a dit qu'il fallait laisser les femme sur les pc en tt les cas c pas moi donc come tu la ecrit sur l'ancien message j'ai telechargé LOP&sd et il ma donner un rapport que je vais te mettre dans se message apres tu me diras se qu'il en est voila merci de l'aide que tu pourrras m'apporté.
Rapport :
--------------------\\ Lop S&D 4.2.3-4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
Rev 1.00
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 23-08-2008|10:35 )
Option : [1] ( 23/08/2008|17:15 )
--------------------\\ Listing des dossiers dans APPLIC~1
[12/04/2008|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[12/04/2008|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[12/04/2008|16:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/04/2008|15:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[20/08/2008|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[20/05/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[27/07/2008|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[21/08/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[31/05/2008|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/04/2008|15:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[23/08/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
[23/08/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/07/2008|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[17/05/2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VistaCodecs
[12/04/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/07/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml850.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml851.tmp
[04/05/2008|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml852.tmp
[11/05/2008|19:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\xml853.tmp
[12/04/2008|16:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[12/04/2008|14:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[12/04/2008|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[12/04/2008|14:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[12/04/2008|15:38] C:\DOCUME~1\tof\APPLIC~1\Adobe
[13/04/2008|20:31] C:\DOCUME~1\tof\APPLIC~1\Ahead
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\aignes
[16/05/2008|20:27] C:\DOCUME~1\tof\APPLIC~1\DeepBurner
[12/04/2008|16:14] C:\DOCUME~1\tof\APPLIC~1\desktop.ini
[27/05/2008|19:51] C:\DOCUME~1\tof\APPLIC~1\F-Secure
[18/05/2008|00:17] C:\DOCUME~1\tof\APPLIC~1\Google
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\gtopala
[12/04/2008|14:43] C:\DOCUME~1\tof\APPLIC~1\Identities
[29/04/2008|12:46] C:\DOCUME~1\tof\APPLIC~1\InstallShield
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Macromedia
[21/08/2008|19:26] C:\DOCUME~1\tof\APPLIC~1\Malwarebytes
[12/04/2008|17:38] C:\DOCUME~1\tof\APPLIC~1\Media Player Classic
[23/07/2008|20:06] C:\DOCUME~1\tof\APPLIC~1\Microsoft
[12/04/2008|15:21] C:\DOCUME~1\tof\APPLIC~1\Mozilla
[23/07/2008|20:10] C:\DOCUME~1\tof\APPLIC~1\Opera
[22/04/2008|20:35] C:\DOCUME~1\tof\APPLIC~1\Samsung
[23/08/2008|16:33] C:\DOCUME~1\tof\APPLIC~1\slow multi build
[12/04/2008|14:39] C:\DOCUME~1\tof\APPLIC~1\Sun
[27/07/2008|21:30] C:\DOCUME~1\tof\APPLIC~1\teamspeak2
[22/08/2008|14:11] C:\DOCUME~1\tof\APPLIC~1\uTorrent
[12/04/2008|15:08] C:\DOCUME~1\tof\APPLIC~1\vlc
[30/04/2008|15:27] C:\DOCUME~1\tof\APPLIC~1\Winamp
[02/05/2008|00:40] C:\DOCUME~1\tof\APPLIC~1\Windows Live Writer
[12/04/2008|20:08] C:\DOCUME~1\tof\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[23/08/2008 16:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 22:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/08/2008|10:22] C:\Program Files\Alwil Software
[30/05/2008|13:50] C:\Program Files\America's Army
[12/04/2008|14:55] C:\Program Files\Analog Devices
[23/08/2008|16:20] C:\Program Files\a-squared Free
[12/04/2008|14:19] C:\Program Files\ComPlus Applications
[11/08/2008|15:50] C:\Program Files\DEXXON
[23/08/2008|13:54] C:\Program Files\eMule
[11/08/2008|16:21] C:\Program Files\Fichiers communs
[21/08/2008|22:27] C:\Program Files\GalaPlayer
[13/05/2008|20:25] C:\Program Files\Google
[11/08/2008|16:21] C:\Program Files\InstallShield Installation Information
[12/04/2008|14:54] C:\Program Files\Intel
[13/04/2008|06:14] C:\Program Files\Internet Explorer
[12/04/2008|14:39] C:\Program Files\Java
[12/04/2008|14:27] C:\Program Files\JEUX
[02/05/2008|14:49] C:\Program Files\Kit ADSL
[15/08/2008|19:05] C:\Program Files\LunaPlayer
[23/08/2008|14:55] C:\Program Files\Malwarebytes' Anti-Malware
[12/04/2008|15:00] C:\Program Files\Marvell
[06/07/2008|12:51] C:\Program Files\McDonaldsFairies
[23/07/2008|23:32] C:\Program Files\Messenger
[12/04/2008|14:22] C:\Program Files\microsoft frontpage
[12/04/2008|14:37] C:\Program Files\Microsoft Office
[12/04/2008|16:13] C:\Program Files\Microsoft SQL Server Compact Edition
[12/04/2008|14:20] C:\Program Files\Movie Maker
[23/08/2008|10:20] C:\Program Files\Mozilla Firefox
[12/04/2008|14:19] C:\Program Files\MSN Gaming Zone
[12/04/2008|14:28] C:\Program Files\MSXML 4.0
[13/04/2008|06:14] C:\Program Files\MSXML 6.0
[12/04/2008|14:20] C:\Program Files\NetMeeting
[21/08/2008|19:14] C:\Program Files\Opera
[13/04/2008|06:14] C:\Program Files\Outlook Express
[12/04/2008|16:55] C:\Program Files\Pack Securite
[02/08/2008|19:56] C:\Program Files\Samsung
[12/04/2008|17:15] C:\Program Files\SLD Codec Pack
[21/08/2008|22:27] C:\Program Files\slow multi build
[23/08/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[02/08/2008|19:57] C:\Program Files\Uninstall Information
[12/04/2008|14:27] C:\Program Files\UTILS
[17/08/2008|10:59] C:\Program Files\uTorrent
[30/05/2008|21:11] C:\Program Files\VGA USB Camera
[17/05/2008|16:27] C:\Program Files\VistaCodecPack
[23/07/2008|22:54] C:\Program Files\Windows Live
[06/07/2008|12:54] C:\Program Files\Windows Live Toolbar
[12/04/2008|14:37] C:\Program Files\Windows Media Connect 2
[12/04/2008|14:38] C:\Program Files\Windows Media Player
[12/04/2008|14:19] C:\Program Files\Windows NT
[12/04/2008|14:21] C:\Program Files\WindowsUpdate
[12/04/2008|14:38] C:\Program Files\WMV9_VCM
[12/04/2008|14:27] C:\Program Files\WSTARTUP
[12/04/2008|14:22] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|20:27] C:\Program Files\Fichiers communs\Adobe
[12/04/2008|17:19] C:\Program Files\Fichiers communs\Ahead
[19/07/2008|15:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
[02/08/2008|19:56] C:\Program Files\Fichiers communs\InstallShield
[12/04/2008|14:39] C:\Program Files\Fichiers communs\Java
[15/08/2008|15:40] C:\Program Files\Fichiers communs\Macromedia
[02/08/2008|19:57] C:\Program Files\Fichiers communs\Microsoft Shared
[12/04/2008|14:20] C:\Program Files\Fichiers communs\MSSoap
[11/08/2008|16:21] C:\Program Files\Fichiers communs\NewSoft
[12/04/2008|16:14] C:\Program Files\Fichiers communs\ODBC
[12/04/2008|14:20] C:\Program Files\Fichiers communs\Services
[12/04/2008|16:14] C:\Program Files\Fichiers communs\SpeechEngines
[13/04/2008|06:14] C:\Program Files\Fichiers communs\System
[12/04/2008|15:37] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 56 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\tof\APPLIC~1\SLOWMU~1
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\GalaPlayer.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\HomePage.lnk
C:\DOCUME~1\tof\MENUDM~1\PROGRA~1\GalaPlayer\Uninstall.lnk
C:\Program Files\GalaPlayer
C:\DOCUME~1\tof\Cookies\tof@advertstream[1].txt
C:\WINDOWS\Prefetch\GALAPLAYER-1.3.0.0-SETUP.EXE-2A082E3F.pf
C:\WINDOWS\Prefetch\GALAPLAYER.EXE-309BBCE7.pf
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[1].txt
C:\DOCUME~1\tof\Cookies\tof@sr2.livemediasrv[2].txt
C:\DOCUME~1\tof\Cookies\tof@32vegas[1].txt
C:\DOCUME~1\tof\Cookies\tof@banner.32vegas[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BoltBoneAudio]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Send Find"="C:\\DOCUME~1\\tof\\APPLIC~1\\SLOWMU~1\\site itch extra.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-23 17:18:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\tof\Local Settings\Application Data\Opera\Opera\profile\bt_metadata\keygen.exe.dat
[F:21][D:22]-> C:\DOCUME~1\tof\LOCALS~1\Temp
[F:132][D:0]-> C:\DOCUME~1\tof\Cookies
[F:1223][D:6]-> C:\DOCUME~1\tof\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 17:19:36
A voir également:
- Probleme avec Win32:Swizzor [Trj]
- Puabundler win32 candyopen - Forum Virus
- Win32:miscx-gen ✓ - Forum Linux / Unix
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- Hacktool win32 ✓ - Forum Virus
