Lecture d'analyse
cirdan
-
cirdan -
cirdan -
Bonjour,
voila j'ai essayé un logiciel decouvert ici meme dans ce site (Lop S&D ) car j'ai une pub qui s'affiche depuis 2 jours
si quelqu'un peut m'analyser le rapport svp (car il est recommandé de demander l'avis d'un spécialiste sur le forum Virus/Sécurité de CCM) :
(si possible je pourai fournir un raport hijak this)
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : eTrust ITM 8.1 (Activated)
C:\ (Local Disk) - NTFS - Total : 232 Go Free : 210 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total : 911 Mo Free : 0 Go
I:\ (USB)
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 17/09/2008|19:12 )
--------------------\\ Listing des dossiers dans APPLIC~1
[10/04/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16/11/2007|23:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/11/2007|00:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/11/2007|12:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[20/11/2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[24/11/2007|18:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[15/09/2008|21:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[23/11/2007|22:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[09/06/2008|20:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[19/11/2007|23:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
[17/09/2008|18:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
[25/05/2008|15:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
[28/11/2007|17:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[30/08/2008|10:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[03/04/2008|21:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ventrilo
[21/07/2008|15:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[15/03/2008|21:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
[06/04/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/05/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/11/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/09/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[14/08/2008|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/11/2007|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/11/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[05/11/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[05/11/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/11/2007|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2007|02:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/11/2007|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[21/05/2008|18:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/05/2008|18:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[16/09/2008 21:59][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
[19/01/2008 23:38][--a------] C:\WINDOWS\tasks\WebReg 20080119223859.job
[20/02/2008 23:41][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1195247536.job
[17/09/2008 18:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 04:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/07/2008|12:11] C:\Program Files\Adobe
[02/11/2007|17:43] C:\Program Files\ATI Technologies
[22/04/2008|19:24] C:\Program Files\AVG
[02/11/2007|17:46] C:\Program Files\Broadcom
[27/11/2007|22:01] C:\Program Files\CA
[02/11/2007|17:47] C:\Program Files\Compaq
[03/11/2007|02:33] C:\Program Files\ComPlus Applications
[15/09/2008|19:19] C:\Program Files\Fichiers communs
[17/11/2007|12:25] C:\Program Files\Google
[16/11/2007|23:07] C:\Program Files\Hewlett-Packard
[02/11/2007|17:46] C:\Program Files\HP_SDMS
[02/11/2007|17:45] C:\Program Files\HPQ
[31/01/2008|20:19] C:\Program Files\InstallShield Installation Information
[13/08/2008|13:07] C:\Program Files\Internet Explorer
[17/11/2007|00:29] C:\Program Files\Inventel
[02/11/2007|17:42] C:\Program Files\Java
[13/08/2008|12:03] C:\Program Files\Messenger
[19/11/2007|23:00] C:\Program Files\microsoft frontpage
[19/11/2007|23:00] C:\Program Files\Microsoft Office
[03/11/2007|02:33] C:\Program Files\Movie Maker
[03/11/2007|02:33] C:\Program Files\MSN
[03/11/2007|02:33] C:\Program Files\MSN Gaming Zone
[17/11/2007|01:44] C:\Program Files\MSXML 4.0
[14/02/2008|21:47] C:\Program Files\Navilog1
[03/11/2007|02:33] C:\Program Files\NetMeeting
[22/11/2007|23:05] C:\Program Files\OpenOffice.org 2.3
[05/11/2007|11:47] C:\Program Files\Outlook Express
[02/11/2007|17:46] C:\Program Files\PDF Complete
[26/04/2008|12:20] C:\Program Files\PlayMP3z
[02/11/2007|18:23] C:\Program Files\Raccourcis de programmes
[16/11/2007|23:12] C:\Program Files\ReadIris
[02/11/2007|17:44] C:\Program Files\Realtek
[05/11/2007|12:11] C:\Program Files\Roxio
[03/11/2007|02:33] C:\Program Files\Services en ligne
[23/11/2007|23:46] C:\Program Files\Ubi Soft
[03/11/2007|02:33] C:\Program Files\Uninstall Information
[17/09/2008|18:03] C:\Program Files\Wanadoo
[17/11/2007|00:50] C:\Program Files\Wanadoo Messager
[17/11/2007|01:05] C:\Program Files\Windows Live
[30/01/2008|19:39] C:\Program Files\Windows Media Connect 2
[18/11/2007|00:02] C:\Program Files\Windows Media Player
[03/11/2007|02:33] C:\Program Files\Windows NT
[03/11/2007|02:33] C:\Program Files\WindowsUpdate
[03/11/2007|02:33] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2008|21:51] C:\Program Files\Fichiers communs\Adobe
[02/11/2007|17:43] C:\Program Files\Fichiers communs\ATI Technologies
[19/11/2007|23:02] C:\Program Files\Fichiers communs\Designer
[16/11/2007|23:07] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/11/2007|17:44] C:\Program Files\Fichiers communs\InstallShield
[02/11/2007|17:42] C:\Program Files\Fichiers communs\Java
[05/11/2007|12:03] C:\Program Files\Fichiers communs\LightScribe
[22/04/2008|19:24] C:\Program Files\Fichiers communs\Microsoft Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\MSSoap
[15/09/2008|19:19] C:\Program Files\Fichiers communs\NSIS
[03/11/2007|02:33] C:\Program Files\Fichiers communs\ODBC
[05/11/2007|12:06] C:\Program Files\Fichiers communs\Roxio Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\Services
[05/11/2007|12:06] C:\Program Files\Fichiers communs\Sonic Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\SpeechEngines
[05/11/2007|12:07] C:\Program Files\Fichiers communs\SureThing Shared
[19/11/2007|23:01] C:\Program Files\Fichiers communs\System
[17/11/2007|01:03] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 63 Processes )
iexplore.exe ~ [PID:3044]
iexplore.exe ~ [PID:1508]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-17 19:13:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:63][D:9]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:3514][D:6]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/09/2008|19:14 - Option : [1]
--------------------\\ Fin du rapport a 19:14:17
voila j'ai essayé un logiciel decouvert ici meme dans ce site (Lop S&D ) car j'ai une pub qui s'affiche depuis 2 jours
si quelqu'un peut m'analyser le rapport svp (car il est recommandé de demander l'avis d'un spécialiste sur le forum Virus/Sécurité de CCM) :
(si possible je pourai fournir un raport hijak this)
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4400+ )
BIOS : Default System BIOS
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : eTrust ITM 8.1 (Activated)
C:\ (Local Disk) - NTFS - Total : 232 Go Free : 210 Go
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB) - FAT - Total : 911 Mo Free : 0 Go
I:\ (USB)
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 17/09/2008|19:12 )
--------------------\\ Listing des dossiers dans APPLIC~1
[10/04/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16/11/2007|23:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/11/2007|00:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[17/11/2007|12:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[20/11/2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[24/11/2007|18:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[15/09/2008|21:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[23/11/2007|22:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[09/06/2008|20:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[19/11/2007|23:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft Web Folders
[17/09/2008|18:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
[25/05/2008|15:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
[28/11/2007|17:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[30/08/2008|10:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\teamspeak2
[03/04/2008|21:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ventrilo
[21/07/2008|15:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[15/03/2008|21:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
[06/04/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[21/05/2008|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[17/11/2007|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/09/2008|20:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[14/08/2008|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[30/11/2007|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[05/11/2007|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[05/11/2007|12:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[05/11/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/11/2007|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2007|02:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/11/2007|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[21/05/2008|18:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[21/05/2008|18:03] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[16/09/2008 21:59][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
[19/01/2008 23:38][--a------] C:\WINDOWS\tasks\WebReg 20080119223859.job
[20/02/2008 23:41][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1195247536.job
[17/09/2008 18:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 04:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/07/2008|12:11] C:\Program Files\Adobe
[02/11/2007|17:43] C:\Program Files\ATI Technologies
[22/04/2008|19:24] C:\Program Files\AVG
[02/11/2007|17:46] C:\Program Files\Broadcom
[27/11/2007|22:01] C:\Program Files\CA
[02/11/2007|17:47] C:\Program Files\Compaq
[03/11/2007|02:33] C:\Program Files\ComPlus Applications
[15/09/2008|19:19] C:\Program Files\Fichiers communs
[17/11/2007|12:25] C:\Program Files\Google
[16/11/2007|23:07] C:\Program Files\Hewlett-Packard
[02/11/2007|17:46] C:\Program Files\HP_SDMS
[02/11/2007|17:45] C:\Program Files\HPQ
[31/01/2008|20:19] C:\Program Files\InstallShield Installation Information
[13/08/2008|13:07] C:\Program Files\Internet Explorer
[17/11/2007|00:29] C:\Program Files\Inventel
[02/11/2007|17:42] C:\Program Files\Java
[13/08/2008|12:03] C:\Program Files\Messenger
[19/11/2007|23:00] C:\Program Files\microsoft frontpage
[19/11/2007|23:00] C:\Program Files\Microsoft Office
[03/11/2007|02:33] C:\Program Files\Movie Maker
[03/11/2007|02:33] C:\Program Files\MSN
[03/11/2007|02:33] C:\Program Files\MSN Gaming Zone
[17/11/2007|01:44] C:\Program Files\MSXML 4.0
[14/02/2008|21:47] C:\Program Files\Navilog1
[03/11/2007|02:33] C:\Program Files\NetMeeting
[22/11/2007|23:05] C:\Program Files\OpenOffice.org 2.3
[05/11/2007|11:47] C:\Program Files\Outlook Express
[02/11/2007|17:46] C:\Program Files\PDF Complete
[26/04/2008|12:20] C:\Program Files\PlayMP3z
[02/11/2007|18:23] C:\Program Files\Raccourcis de programmes
[16/11/2007|23:12] C:\Program Files\ReadIris
[02/11/2007|17:44] C:\Program Files\Realtek
[05/11/2007|12:11] C:\Program Files\Roxio
[03/11/2007|02:33] C:\Program Files\Services en ligne
[23/11/2007|23:46] C:\Program Files\Ubi Soft
[03/11/2007|02:33] C:\Program Files\Uninstall Information
[17/09/2008|18:03] C:\Program Files\Wanadoo
[17/11/2007|00:50] C:\Program Files\Wanadoo Messager
[17/11/2007|01:05] C:\Program Files\Windows Live
[30/01/2008|19:39] C:\Program Files\Windows Media Connect 2
[18/11/2007|00:02] C:\Program Files\Windows Media Player
[03/11/2007|02:33] C:\Program Files\Windows NT
[03/11/2007|02:33] C:\Program Files\WindowsUpdate
[03/11/2007|02:33] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2008|21:51] C:\Program Files\Fichiers communs\Adobe
[02/11/2007|17:43] C:\Program Files\Fichiers communs\ATI Technologies
[19/11/2007|23:02] C:\Program Files\Fichiers communs\Designer
[16/11/2007|23:07] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/11/2007|17:44] C:\Program Files\Fichiers communs\InstallShield
[02/11/2007|17:42] C:\Program Files\Fichiers communs\Java
[05/11/2007|12:03] C:\Program Files\Fichiers communs\LightScribe
[22/04/2008|19:24] C:\Program Files\Fichiers communs\Microsoft Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\MSSoap
[15/09/2008|19:19] C:\Program Files\Fichiers communs\NSIS
[03/11/2007|02:33] C:\Program Files\Fichiers communs\ODBC
[05/11/2007|12:06] C:\Program Files\Fichiers communs\Roxio Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\Services
[05/11/2007|12:06] C:\Program Files\Fichiers communs\Sonic Shared
[03/11/2007|02:33] C:\Program Files\Fichiers communs\SpeechEngines
[05/11/2007|12:07] C:\Program Files\Fichiers communs\SureThing Shared
[19/11/2007|23:01] C:\Program Files\Fichiers communs\System
[17/11/2007|01:03] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 63 Processes )
iexplore.exe ~ [PID:3044]
iexplore.exe ~ [PID:1508]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertstream[2].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-17 19:13:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:63][D:9]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:3514][D:6]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/09/2008|19:14 - Option : [1]
--------------------\\ Fin du rapport a 19:14:17
A voir également:
- Lecture d'analyse
- Analyse composant pc - Guide
- Lecture epub sur pc - Guide
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Accusé de lecture gmail - Guide
- Analyse performance pc - Guide
