Trojan packed 22375

lagoun -  
 cricri1901 -
Bonjour,

Mon analyse de mon antivirus bitdefender total vient de m'avertir que j'ai un trojan packed 22375. Il m'indique qu'il n'a aucune solution possible. Pouvez-vous m'aider à me dépasser de ce trojan. Comment dois-je faire ?
Configuration: Windows Vista
Internet Explorer 7.0

12 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt

    tu as le rapport bitdefender?

    puis

    colle un rapport hijackthis

    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

    manuel :

    https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

    Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

    ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

    Ensuite avec Explorer créer un dossier c:\hijackthis
    Décompresser Hijackthis dans ce dossier.
    C'est important pour les sauvegardes."
    0
  2. cricri1901
     
    j'ai fais ce que vous avez dit et ça me donne ceci:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:10:07, on 11/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    au bout de 2 mois ....

    Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    * Lance l'installation du programme en exécutant le fichier téléchargé.
    * Double-clique maintenant sur le raccourci de Toolbar-S&D.
    Tape sur "2" puis valide en appuyant sur "Entrée".
    ! Ne ferme pas la fenêtre lors de la suppression !
    Un rapport sera généré, poste son contenu ici.

    NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
    Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
    Tape explorer puis valide.

    ____________________

    scan avec
    MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  4. cricri1901
     
    Non mais je suis pas la même personne qui a posté le premier message !
    Bon j'ai fait ce que tu as dit, voici le rapport :

    -----------\\ ToolBar S&D 1.2.4 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
    BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
    USER : Cricri ( Administrator )
    BOOT : Normal boot
    Antivirus : BitDefender Antivirus 12.0 (Activated)
    Firewall : BitDefender Firewall 12.0 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
    D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
    Option : [2] ( 12/11/2008|17:40 )

    -----------\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@bananalotto[1].txt
    Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG
    Supprime! - C:\Program Files\Multi_Media\LanguagePack.xml
    Supprime! - C:\Program Files\Multi_Media\LocalSettings.txt
    Supprime! - C:\Program Files\Multi_Media\RadioPlayer
    Supprime! - C:\Program Files\Multi_Media\tbMul0.dll
    Supprime! - C:\Program Files\Multi_Media\tbMul1.dll
    Supprime! - C:\Program Files\Multi_Media\tbMult.dll
    Supprime! - C:\Program Files\Multi_Media\ThirdPartyComponents.xml
    Supprime! - C:\Program Files\Multi_Media\toolbar.cfg
    Supprime! - C:\Program Files\Multi_Media\UNWISE.EXE
    Supprime! - C:\Program Files\Multi_Media\update.xml
    Supprime! - C:\Program Files\Multi_Media

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ Extensions

    (All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Start Page"="https://www.google.fr/?gws_rd=ssl"
    "Default_Page_URL"="https://www.msn.com/fr-fr"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    scan avec
    MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    puis remets un rapoprt hijakhcits
    0
    1. cricri1901
       
      Malwarebytes' Anti-Malware 1.30
      Version de la base de données: 1306
      Windows 5.1.2600 Service Pack 3

      13/11/2008 20:49:09
      mbam-log-2008-11-13 (20-49-09).txt

      Type de recherche: Examen rapide
      Eléments examinés: 62765
      Temps écoulé: 14 minute(s), 15 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 1
      Clé(s) du Registre infectée(s): 12
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 5
      Fichier(s) infecté(s): 16

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\torrentmanager.webmanager (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\TypeLib\{970cc246-0d83-4ffa-9832-62f19b4505cb} (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{3ffbbd07-eb2d-4305-982b-21da43ded39c} (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\torrentmanager.webmanager.1 (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmotoolbarwebtools (Adware.Seekmo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\seekmotoolbar (Adware.Seekmo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenUSave) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload (Trojan.Lop) -> Delete on reboot.
      C:\Program Files\BitDownload\Skins (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.
      C:\Program Files\BitDownload\BitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\settings.ini (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\settings.stp (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\SkinCrafterDll.dll (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\unins000.dat (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\unins000.exe (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Skins\Stylish.skf (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support\default.htm (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support\dots.gif (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support\logo.jpg (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support\porttest_error.htm (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\Program Files\BitDownload\Support\porttest_start.htm (Trojan.Lop) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\swchlxcbfk_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\swchlxcbfk_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.

      :)
      0
  7. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Fais un clic droit sur ce lien : (IL-MAFIOSO)
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le blocnote.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

    et

    tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    * Double-clique dessus pour lancer l'installation
    * Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan
    * Poste le rapport généré (C:\lopR.txt)
    0
    1. cricri1901
       
      voici le 1er rapport

      Search Navipromo version 3.6.9 commencé le 17/11/2008 à 21:19:00,85

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Postez ce rapport sur le forum pour le faire analyser !!!
      !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "Cricri"

      Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


      Microsoft Windows XP [version 5.1.2600]
      Internet Explorer : 7.0.5730.11
      Système de fichiers : NTFS

      Recherche executé en mode normal

      *** Recherche Programmes installés ***


      *** Recherche dossiers dans "C:\WINDOWS" ***


      *** Recherche dossiers dans "C:\Program Files" ***


      *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


      *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***


      *** Recherche dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***


      *** Recherche dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***


      *** Recherche dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***


      *** Recherche dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***


      *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
      pour + d'infos : http://www.gmer.net



      *** Recherche avec GenericNaviSearch ***
      !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
      !!! A vérifier impérativement avant toute suppression manuelle !!!

      * Recherche dans "C:\WINDOWS\system32" *

      * Recherche dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *

      * Recherche dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *



      *** Recherche fichiers ***



      *** Recherche clés spécifiques dans le Registre ***


      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche nouveaux fichiers Instant Access :


      2)Recherche Heuristique :

      * Dans "C:\WINDOWS\system32" :

      swchlxcbfk.dat trouvé !

      * Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" :


      * Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" :


      3)Recherche Certificats :

      Certificat Egroup absent !
      Certificat Electronic-Group absent !
      Certificat Montorgueil absent !
      Certificat OOO-Favorit absent !
      Certificat Sunny-Day-Design-Ltd absent !

      4)Recherche fichiers connus :



      *** Analyse terminée le 17/11/2008 à 21:27:29,14 ***
      0
      1. cricri1901 > cricri1901
         
        Voici le second


        --------------------\\ Lop S&D 4.2.4-9c XP/Vista

        Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
        X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
        BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
        USER : Cricri ( Administrator )
        BOOT : Normal boot
        Antivirus : BitDefender Antivirus 12.0 (Activated)
        Firewall : BitDefender Firewall 12.0 (Activated)
        A:\ (USB)
        C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
        D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
        E:\ (CD or DVD)
        F:\ (CD or DVD)

        "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
        Option : [1] ( 17/11/2008|21:31 )

        --------------------\\ Listing des dossiers dans APPLIC~1

        [03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
        [24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
        [08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
        [23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
        [18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
        [16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
        [22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
        [21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
        [01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
        [23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
        [03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
        [23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
        [13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
        [03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
        [02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
        [17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
        [04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
        [23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
        [26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
        [24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
        [01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
        [16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
        [03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

        [22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
        [08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
        [16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
        [03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
        [03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
        [20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
        [22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
        [27/09/2008|14:41] C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
        [27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
        [20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
        [17/11/2008|21:12] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
        [20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
        [13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
        [06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
        [21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
        [03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
        [27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
        [28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun

        [30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

        [22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
        [02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
        [14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
        [12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
        [24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
        [13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
        [12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
        [16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
        [13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
        [01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
        [15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real

        [22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

        [23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
        [30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

        --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

        [31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
        [17/11/2008 21:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
        [17/11/2008 21:00][--ah-----] C:\WINDOWS\tasks\AD40ECE1902B6141.job
        [17/11/2008 20:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
        [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

        ( AD40ECE1902B6141.job )=( c:\docume~1\jerome\applic~1\thatch~1\Teamrulewave.exe )

        --------------------\\ Listing des dossiers dans C:\Program Files

        [19/02/2007|10:52] C:\Program Files\Acrobat3
        [23/12/2006|15:55] C:\Program Files\Adobe
        [23/12/2006|16:08] C:\Program Files\Ahead
        [27/09/2008|14:50] C:\Program Files\Alwil Software
        [23/12/2006|15:43] C:\Program Files\Analog Devices
        [26/08/2008|12:23] C:\Program Files\Apple Software Update
        [09/12/2007|11:09] C:\Program Files\ArcSoft
        [23/12/2006|16:00] C:\Program Files\ATI Technologies
        [23/12/2006|15:49] C:\Program Files\Attansic
        [24/10/2008|20:53] C:\Program Files\BestPractice
        [22/10/2008|18:50] C:\Program Files\BitDefender
        [14/09/2008|17:54] C:\Program Files\Bonjour
        [26/05/2007|19:23] C:\Program Files\Buena Vista Games
        [22/12/2006|19:04] C:\Program Files\ComPlus Applications
        [24/02/2007|16:47] C:\Program Files\Corel
        [29/12/2006|14:59] C:\Program Files\Croteam
        [23/12/2006|16:02] C:\Program Files\CyberLink
        [23/12/2007|12:00] C:\Program Files\DIFX
        [02/08/2007|12:57] C:\Program Files\directx
        [03/10/2008|19:58] C:\Program Files\DivX
        [15/10/2008|15:02] C:\Program Files\eMule
        [15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
        [03/10/2008|19:05] C:\Program Files\Fichiers communs
        [15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
        [21/07/2007|18:55] C:\Program Files\GoldWave
        [18/11/2007|17:43] C:\Program Files\Google
        [04/01/2007|23:26] C:\Program Files\Hewlett-Packard
        [03/01/2007|18:58] C:\Program Files\HP
        [03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
        [23/12/2006|15:38] C:\Program Files\Intel
        [17/10/2008|18:27] C:\Program Files\Internet Explorer
        [03/10/2008|19:13] C:\Program Files\iPod
        [03/10/2008|19:14] C:\Program Files\iTunes
        [29/01/2008|21:57] C:\Program Files\Java
        [01/08/2007|18:19] C:\Program Files\JoWood
        [20/04/2008|19:12] C:\Program Files\LimeWire
        [30/12/2006|15:57] C:\Program Files\Logitech
        [19/05/2007|16:26] C:\Program Files\LucasArts
        [13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
        [22/10/2008|17:35] C:\Program Files\Messenger
        [31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
        [03/10/2008|18:41] C:\Program Files\Micro Application
        [02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
        [22/12/2006|19:07] C:\Program Files\microsoft frontpage
        [25/02/2007|21:45] C:\Program Files\Microsoft Office
        [02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
        [23/12/2006|16:21] C:\Program Files\Microsoft.NET
        [22/10/2008|17:31] C:\Program Files\Movie Maker
        [09/01/2008|14:52] C:\Program Files\Mozilla Firefox
        [28/12/2006|11:10] C:\Program Files\MSN
        [22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
        [30/03/2008|14:30] C:\Program Files\MSN Messenger
        [02/01/2007|12:07] C:\Program Files\MSXML 4.0
        [17/11/2008|21:28] C:\Program Files\Navilog1
        [22/10/2008|17:28] C:\Program Files\NetMeeting
        [22/12/2006|19:04] C:\Program Files\Online Services
        [29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
        [25/09/2007|19:09] C:\Program Files\OrangeHSS
        [22/10/2008|17:28] C:\Program Files\Outlook Express
        [03/10/2008|18:48] C:\Program Files\Panasonic
        [23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
        [03/01/2007|22:14] C:\Program Files\PhotoFiltre
        [18/11/2007|17:43] C:\Program Files\Picasa2
        [08/07/2007|22:36] C:\Program Files\Player Tool
        [23/12/2006|17:52] C:\Program Files\PowerQuest
        [14/09/2008|17:52] C:\Program Files\QuickTime
        [27/02/2008|17:23] C:\Program Files\Real
        [23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
        [05/09/2007|16:24] C:\Program Files\Securitoo
        [05/03/2007|16:57] C:\Program Files\SeekmoToolbar
        [22/12/2006|19:06] C:\Program Files\Services en ligne
        [23/12/2006|17:57] C:\Program Files\Softwin
        [20/01/2007|19:16] C:\Program Files\thatchiccomp
        [20/01/2008|11:26] C:\Program Files\Trend Micro
        [22/12/2006|19:11] C:\Program Files\Uninstall Information
        [30/09/2007|12:31] C:\Program Files\Wanadoo
        [16/09/2007|19:35] C:\Program Files\Warcraft III
        [01/11/2008|21:18] C:\Program Files\Windows Live
        [27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
        [02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
        [31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
        [22/10/2008|17:28] C:\Program Files\Windows Media Player
        [22/10/2008|17:28] C:\Program Files\Windows NT
        [22/12/2006|19:06] C:\Program Files\WindowsUpdate
        [03/11/2008|17:00] C:\Program Files\World of Warcraft
        [22/12/2006|19:07] C:\Program Files\xerox
        [31/10/2008|17:51] C:\Program Files\YesMessenger
        [24/12/2006|12:05] C:\Program Files\Zhongxing
        [22/05/2007|05:14] C:\Program Files\ZTE Corporation

        --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

        [08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
        [23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
        [14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
        [22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
        [19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
        [23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
        [30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
        [05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
        [03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
        [03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
        [23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
        [24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
        [23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
        [30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
        [12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
        [22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
        [23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
        [22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
        [27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
        [22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
        [02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
        [22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
        [22/10/2008|17:28] C:\Program Files\Fichiers communs\System
        [02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
        [27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared

        --------------------\\ Process

        ( 53 Processes )

        iexplore.exe ~ [PID:3316]

        --------------------\\ Recherche avec S_Lop

        Aucun fichier / dossier Lop trouvé !

        --------------------\\ Recherche de Fichiers / Dossiers Lop

        C:\Program Files\thatch~1
        C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
        C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
        C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
        C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
        C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
        C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
        C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
        C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
        C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
        C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
        C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
        C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
        C:\WINDOWS\Tasks\AD40ECE1902B6141.job

        --------------------\\ Verification du Registre

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

        ..... OK !

        --------------------\\ Verification du fichier Hosts

        Fichier Hosts MODIFIE

        127.0.0.1 bin.errorprotector.com ## added by CiD
        127.0.0.1 br.errorsafe.com ## added by CiD
        127.0.0.1 br.winantivirus.com ## added by CiD
        127.0.0.1 br.winfixer.com ## added by CiD
        127.0.0.1 cdn.drivecleaner.com ## added by CiD
        127.0.0.1 cdn.errorsafe.com ## added by CiD
        127.0.0.1 cdn.winsoftware.com ## added by CiD
        127.0.0.1 de.errorsafe.com ## added by CiD
        127.0.0.1 de.winantivirus.com ## added by CiD
        127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
        127.0.0.1 download.cdn.errorsafe.com ## added by CiD
        127.0.0.1 download.cdn.winsoftware.com ## added by CiD
        127.0.0.1 download.errorsafe.com ## added by CiD
        127.0.0.1 download.systemdoctor.com ## added by CiD
        127.0.0.1 download.winantispyware.com ## added by CiD
        127.0.0.1 download.windrivecleaner.com ## added by CiD
        127.0.0.1 download.winfixer.com ## added by CiD
        127.0.0.1 drivecleaner.com ## added by CiD
        127.0.0.1 dynamique.drivecleaner.com ## added by CiD
        127.0.0.1 errorprotector.com ## added by CiD
        127.0.0.1 errorsafe.com ## added by CiD
        127.0.0.1 es.winantivirus.com ## added by CiD
        127.0.0.1 fr.winantivirus.com ## added by CiD
        127.0.0.1 fr.winfixer.com ## added by CiD
        127.0.0.1 go.drivecleaner.com ## added by CiD
        127.0.0.1 go.errorsafe.com ## added by CiD
        127.0.0.1 go.winantispyware.com ## added by CiD
        127.0.0.1 go.winantivirus.com ## added by CiD
        127.0.0.1 hk.winantivirus.com ## added by CiD
        127.0.0.1 instlog.errorsafe.com ## added by CiD
        127.0.0.1 instlog.winantivirus.com ## added by CiD
        127.0.0.1 instlog.winfixer.com ## added by CiD
        127.0.0.1 jsp.drivecleaner.com ## added by CiD
        127.0.0.1 kb.errorsafe.com ## added by CiD
        127.0.0.1 kb.winantivirus.com ## added by CiD
        127.0.0.1 nl.errorsafe.com ## added by CiD
        127.0.0.1 se.errorsafe.com ## added by CiD
        127.0.0.1 secure.drivecleaner.com ## added by CiD
        127.0.0.1 secure.errorsafe.com ## added by CiD
        127.0.0.1 secure.winantispam.com ## added by CiD
        127.0.0.1 secure.winantispy.com ## added by CiD
        127.0.0.1 secure.winantivirus.com ## added by CiD
        127.0.0.1 support.winantivirus.com ## added by CiD
        127.0.0.1 trial.updates.winsoftware.com ## added by CiD
        127.0.0.1 ulog.winantivirus.com ## added by CiD
        127.0.0.1 utils.errorsafe.com ## added by CiD
        127.0.0.1 utils.winantivirus.com ## added by CiD
        127.0.0.1 utils.winfixer.com ## added by CiD
        127.0.0.1 winantispyware.com ## added by CiD
        127.0.0.1 winantivirus.com ## added by CiD
        127.0.0.1 winfixer.com ## added by CiD
        127.0.0.1 winfixer2006.com ## added by CiD
        127.0.0.1 winsoftware.com ## added by CiD
        127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
        127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
        127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
        127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
        127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
        127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
        127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
        127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
        127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
        127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
        127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
        127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
        127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
        127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
        127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
        127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
        127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

        -> 72 [ 70 ## added by CiD ]

        --------------------\\ Recherche de fichiers avec Catchme

        catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-11-17 21:33:14
        Windows 5.1.2600 Service Pack 3 NTFS
        scanning hidden processes ...
        scanning hidden files ...
        scan completed successfully
        hidden processes: 0
        hidden files: 0

        --------------------\\ Recherche d'autres infections


        Aucune autre infection trouvée !

        [F:1579][D:28]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
        [F:1707][D:0]-> C:\DOCUME~1\Cricri\Cookies
        [F:3111][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5

        1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]

        --------------------\\ Fin du rapport a 21:34:17
        0
  8. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    = Lance navilog1
    = Cette fois-ci choisi l'option 2
    = Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
    = Un rapport va être génrer sur ton C:\ qui sera en option 2
    Note: le bureau disparaît

    = colle le contenu du rapport de navilog (qui est en option2)

    PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
    Tape explorer et valide. Celà te fera apparaitre ton bureau.

    _______________________

    refais lop sd:

    * Choisis cette fois ci l'Option 2 (Suppression)
    * Ne ferme pas la fenêtre lors de la suppression !
    * Poste le rapport généré (C:\lopR.txt)

    _________________________

    remets ensuite un rapport hijackthis et dis tes soucis
    0
    1. cricri1901
       
      rapport de navilog:

      Clean Navipromo version 3.6.9 commencé le 22/11/2008 à 20:18:36,81

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "Cricri"

      Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO


      Microsoft Windows XP [version 5.1.2600]
      Internet Explorer : 7.0.5730.11
      Système de fichiers : NTFS

      Mode suppression automatique
      avec prise en charge résultats Catchme et GNS


      Nettoyage exécuté au redémarrage de l'ordinateur


      *** fsbl1.txt non trouvé ***
      (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


      *** Suppression avec sauvegardes résultats GenericNaviSearch ***

      * Suppression dans "C:\WINDOWS\System32" *


      * Suppression dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *


      * Suppression dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *


      *** Suppression dossiers dans "C:\WINDOWS" ***


      *** Suppression dossiers dans "C:\Program Files" ***


      *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


      *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***


      *** Suppression dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***


      *** Suppression dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***



      *** Suppression fichiers ***


      *** Suppression fichiers temporaires ***

      Nettoyage contenu C:\WINDOWS\Temp effectué !
      Nettoyage contenu C:\Documents and Settings\Cricri\locals~1\Temp effectué !

      *** Traitement Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

      2)Recherche, création sauvegardes et suppression Heuristique :


      * Dans "C:\WINDOWS\system32" *


      swchlxcbfk.dat trouvé !
      Copie swchlxcbfk.dat réalisée avec succès !
      swchlxcbfk.dat supprimé !


      * Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *


      * Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *


      *** Sauvegarde du Registre vers dossier Safebackup ***

      sauvegarde du Registre réalisée avec succès !

      *** Nettoyage Registre ***

      Nettoyage Registre Ok


      *** Certificats ***

      Certificat Egroup absent !
      Certificat Electronic-Group absent !
      Certificat Montorgueil absent !
      Certificat OOO-Favorit absent !
      Certificat Sunny-Day-Design-Ltdt absent !

      *** Nettoyage terminé le 22/11/2008 à 20:25:19,76 ***
      0
  9. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok fais la suite

    a plus
    0
    1. cricri1901
       
      rapport de lopSD:


      --------------------\\ Lop S&D 4.2.4-9c XP/Vista

      Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
      X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
      BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
      USER : Cricri ( Administrator )
      BOOT : Normal boot
      Antivirus : BitDefender Antivirus 12.0 (Activated)
      Firewall : BitDefender Firewall 12.0 (Activated)
      A:\ (USB)
      C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
      D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
      E:\ (CD or DVD)
      F:\ (CD or DVD)

      "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
      Option : [2] ( 22/11/2008|20:27 )


      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

      Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
      Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
      Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
      Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
      Supprime! - C:\WINDOWS\Tasks\AD40ECE1902B6141.job
      Supprime! - C:\Program Files\thatch~1
      Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
      Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
      -
      [ Fichier Hosts ] .. Restaure!

      \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


      --------------------\\ Listing des dossiers dans APPLIC~1

      [03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
      [24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
      [08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
      [18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
      [16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
      [22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
      [21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
      [01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
      [23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
      [03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
      [23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
      [13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
      [02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
      [04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
      [23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
      [26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
      [01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
      [03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

      [22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
      [08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
      [16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
      [03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
      [03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
      [20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
      [22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
      [27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
      [20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
      [22/11/2008|20:00] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
      [20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
      [13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
      [06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
      [21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
      [03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
      [27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
      [28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun

      [30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
      [02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
      [14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
      [12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
      [24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
      [13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
      [12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
      [16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
      [13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
      [01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
      [15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real

      [22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

      [23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
      [30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
      [22/11/2008 19:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [22/11/2008 20:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [19/02/2007|10:52] C:\Program Files\Acrobat3
      [23/12/2006|15:55] C:\Program Files\Adobe
      [23/12/2006|16:08] C:\Program Files\Ahead
      [27/09/2008|14:50] C:\Program Files\Alwil Software
      [23/12/2006|15:43] C:\Program Files\Analog Devices
      [26/08/2008|12:23] C:\Program Files\Apple Software Update
      [09/12/2007|11:09] C:\Program Files\ArcSoft
      [23/12/2006|16:00] C:\Program Files\ATI Technologies
      [23/12/2006|15:49] C:\Program Files\Attansic
      [24/10/2008|20:53] C:\Program Files\BestPractice
      [22/10/2008|18:50] C:\Program Files\BitDefender
      [14/09/2008|17:54] C:\Program Files\Bonjour
      [26/05/2007|19:23] C:\Program Files\Buena Vista Games
      [22/12/2006|19:04] C:\Program Files\ComPlus Applications
      [24/02/2007|16:47] C:\Program Files\Corel
      [29/12/2006|14:59] C:\Program Files\Croteam
      [23/12/2006|16:02] C:\Program Files\CyberLink
      [23/12/2007|12:00] C:\Program Files\DIFX
      [02/08/2007|12:57] C:\Program Files\directx
      [03/10/2008|19:58] C:\Program Files\DivX
      [15/10/2008|15:02] C:\Program Files\eMule
      [15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
      [03/10/2008|19:05] C:\Program Files\Fichiers communs
      [15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
      [21/07/2007|18:55] C:\Program Files\GoldWave
      [18/11/2007|17:43] C:\Program Files\Google
      [04/01/2007|23:26] C:\Program Files\Hewlett-Packard
      [03/01/2007|18:58] C:\Program Files\HP
      [03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
      [23/12/2006|15:38] C:\Program Files\Intel
      [17/10/2008|18:27] C:\Program Files\Internet Explorer
      [03/10/2008|19:13] C:\Program Files\iPod
      [03/10/2008|19:14] C:\Program Files\iTunes
      [29/01/2008|21:57] C:\Program Files\Java
      [01/08/2007|18:19] C:\Program Files\JoWood
      [20/04/2008|19:12] C:\Program Files\LimeWire
      [30/12/2006|15:57] C:\Program Files\Logitech
      [19/05/2007|16:26] C:\Program Files\LucasArts
      [13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
      [22/10/2008|17:35] C:\Program Files\Messenger
      [31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
      [03/10/2008|18:41] C:\Program Files\Micro Application
      [02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
      [22/12/2006|19:07] C:\Program Files\microsoft frontpage
      [25/02/2007|21:45] C:\Program Files\Microsoft Office
      [02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
      [23/12/2006|16:21] C:\Program Files\Microsoft.NET
      [22/10/2008|17:31] C:\Program Files\Movie Maker
      [09/01/2008|14:52] C:\Program Files\Mozilla Firefox
      [28/12/2006|11:10] C:\Program Files\MSN
      [22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
      [30/03/2008|14:30] C:\Program Files\MSN Messenger
      [02/01/2007|12:07] C:\Program Files\MSXML 4.0
      [22/11/2008|20:25] C:\Program Files\Navilog1
      [22/10/2008|17:28] C:\Program Files\NetMeeting
      [22/12/2006|19:04] C:\Program Files\Online Services
      [29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
      [25/09/2007|19:09] C:\Program Files\OrangeHSS
      [22/10/2008|17:28] C:\Program Files\Outlook Express
      [03/10/2008|18:48] C:\Program Files\Panasonic
      [23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
      [03/01/2007|22:14] C:\Program Files\PhotoFiltre
      [18/11/2007|17:43] C:\Program Files\Picasa2
      [08/07/2007|22:36] C:\Program Files\Player Tool
      [23/12/2006|17:52] C:\Program Files\PowerQuest
      [14/09/2008|17:52] C:\Program Files\QuickTime
      [27/02/2008|17:23] C:\Program Files\Real
      [23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
      [05/09/2007|16:24] C:\Program Files\Securitoo
      [05/03/2007|16:57] C:\Program Files\SeekmoToolbar
      [22/12/2006|19:06] C:\Program Files\Services en ligne
      [23/12/2006|17:57] C:\Program Files\Softwin
      [20/01/2008|11:26] C:\Program Files\Trend Micro
      [22/12/2006|19:11] C:\Program Files\Uninstall Information
      [30/09/2007|12:31] C:\Program Files\Wanadoo
      [16/09/2007|19:35] C:\Program Files\Warcraft III
      [01/11/2008|21:18] C:\Program Files\Windows Live
      [27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
      [02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
      [31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
      [22/10/2008|17:28] C:\Program Files\Windows Media Player
      [22/10/2008|17:28] C:\Program Files\Windows NT
      [22/12/2006|19:06] C:\Program Files\WindowsUpdate
      [03/11/2008|17:00] C:\Program Files\World of Warcraft
      [22/12/2006|19:07] C:\Program Files\xerox
      [31/10/2008|17:51] C:\Program Files\YesMessenger
      [24/12/2006|12:05] C:\Program Files\Zhongxing
      [22/05/2007|05:14] C:\Program Files\ZTE Corporation

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
      [23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
      [14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
      [22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
      [19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
      [23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
      [30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
      [05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
      [03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
      [03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
      [23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
      [24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
      [23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
      [30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
      [12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
      [22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
      [23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
      [22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
      [27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
      [22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
      [02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
      [22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
      [22/10/2008|17:28] C:\Program Files\Fichiers communs\System
      [02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
      [27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared

      --------------------\\ Process

      ( 49 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-11-22 20:30:07
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 0

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:9][D:2]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
      [F:1741][D:0]-> C:\DOCUME~1\Cricri\Cookies
      [F:2756][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]
      2 - "C:\Lop SD\LopR_2.txt" - 22/11/2008|20:31 - Option : [2]

      --------------------\\ Fin du rapport a 20:31:50
      0
  10. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    remets ensuite un rapport hijackthis et dis tes soucis
    0
    1. cricri1901
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 20:40:22, on 22/11/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16735)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Analog Devices\Core\smax4pnp.exe
      C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
      C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\WINDOWS\system32\LVCOMSX.EXE
      C:\Program Files\Logitech\Video\LogiTray.exe
      C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Logitech\Video\FxSvr2.exe
      C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
      O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
      O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
      O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
      O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
      O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
      O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
      O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
      O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
      O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
      O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
      O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
      0
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB

    ______________

    télécharge OTMoveIt
    http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve en citation ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
    (bien mettre :files)

    :files
    C:\Program Files\SeekmoToolbar

    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
    0
    1. cricri1901
       
      ========== FILES ==========
      C:\Program Files\SeekmoToolbar\Bin\4.8.4.0 moved successfully.
      C:\Program Files\SeekmoToolbar\Bin moved successfully.
      C:\Program Files\SeekmoToolbar moved successfully.

      OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11222008_205600
      0
  12. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Télécharge ToolsCleaner sur ton bureau.
    --> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    encore des problemes???
    0
    1. cricri1901
       
      J'ai un problème oui... Quand je clique sur "recherche" sur toolscleaner, mon ordi beugue... Que faire?
      0
  13. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    tools cleaner permet de virer ce qui a été utilisé
    dnas ce cas vire manuellement les logiciels utilisés (sauf malwarebyte que tu garde en version gratuite en complement de bitdefender)

    rq: pour navilog il faut aussi le desinstaller via ton panneau de configuraion

    encore des soucis
    0
    1. cricri1901
       
      Non, c'est bon, plus de soucis, merci beaucoup !
      0
      1. cricri1901 > cricri1901
         
        Je viens de faire une analyse avec Bitdefender, les trojans 22375 ont disparus :D
        Merci encore une fois !
        0