Sujet Précédent Sujet Suivant

Besoin d' aide g ét touché par microav

helpmepl Messages postés 4 Statut Membre -  
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,
voilà g ét ataké par microav g téléchargé hijackthis é malwarebyte's anti-malware é joré besoin d'aide pour effectué lé bne manip voici le rapor hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:44:21, on 24/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {39D03DC1-8D8D-4329-81E6-AC8E69DF9C74} - C:\WINDOWS\system32\duncycga.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O2 - BHO: (no name) - {5024BF05-ACD4-477A-859B-D8EFB9865C82} - C:\WINDOWS\system32\jkhhf.dll (file missing)
O2 - BHO: (no name) - {7576018D-C231-4525-AE51-7CFDBEED492D} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {78A8D9A1-1404-4627-99D7-6C3400D78441} - C:\WINDOWS\system32\vtUnNfEU.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A7495120-0B29-4C2D-838E-D105EC3D8EDf} - C:\WINDOWS\system32\duncycga.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: QXK Olive - {B374AEEE-5CB5-4735-8E54-1E6BC34C0AFA} - C:\WINDOWS\dfmlxbpkmkn.dll (file missing)
O2 - BHO: (no name) - {BBB83371-CB1B-42F4-9FAF-132FB3667DE5} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: peltodgx - {7CE724E9-645E-4D3D-A273-8ED63BFA0136} - C:\WINDOWS\peltodgx.dll (file missing)
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.370.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [PC Booster] C:\Program Files\inKline Global\PC Booster\PCBooster.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [mpeg heck log link] C:\Documents and Settings\All Users\Application Data\Joy coal mpeg heck\road third.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [downloadenc] C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Bin Fast Ping.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [downloadenc] C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Bin Fast Ping.exe (User '?')
O4 - HKUS\S-1-5-21-527237240-2077806209-839522115-1003\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-527237240-2077806209-839522115-1003 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - S-1-5-21-527237240-2077806209-839522115-1003 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User '?')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{773A934D-DEA0-4DD4-A5F3-5ADD63847627}: NameServer = 212.27.53.252,212.27.54.252
O20 - Winlogon Notify: nnnopqr - nnnopqr.dll (file missing)
O21 - SSODL: rwlfsdmk - {63CD542F-4711-4AD4-88C6-99C7CD7B77D5} - C:\WINDOWS\rwlfsdmk.dll (file missing)
O21 - SSODL: onfwbsak - {272C9356-CC7B-4D0A-9030-DA68AEFA0799} - C:\WINDOWS\onfwbsak.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O24 - Desktop Component 0: Privacy Protection - (no file)
A voir également:

6 réponses

Réponse 1 / 6
mobinmob
 
Personnellement, j'en ai un peu marre des h-jackthis de tous poils réservés aux informaticiens en herbe qui passent leurs jours sur la machine. Tu fais ce que tu veux, mais si c'est encore possible, tu installes spyware terminator,(qui accepte les autres systèmes) y compris la protection en 'live', tufais un scan complet spy et virus, tu suis les instructions, version française pas oublier, mises à jours toutes les 48 heures, jamais eu de problèmes depuis. bye bye
0
Réponse 2 / 6
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
Salut,

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
-1
helpmepl
 
voici le rapport:


--------------------\\ Lop S&D 4.2.4-4 XP/Vista

( : )
USER : mamadou ( Administrator )

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 24/09/2008|17:12 )

--------------------\\ Listing des dossiers dans APPLIC~1

[07/07/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[30/01/2008|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/10/2007|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2007|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/10/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[27/10/2007|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[02/12/2007|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeTest
[26/10/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/09/2008|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
[22/09/2008|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2007|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/04/2008|00:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[27/12/2007|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[22/09/2008|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[16/08/2008|03:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/10/2007|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[18/03/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/10/2007|15:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/10/2007|19:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[07/07/2008|16:38] C:\DOCUME~1\mamadou\APPLIC~1\ACD Systems
[29/05/2008|21:07] C:\DOCUME~1\mamadou\APPLIC~1\Adobe
[19/03/2008|18:28] C:\DOCUME~1\mamadou\APPLIC~1\Apple Computer
[14/02/2008|20:05] C:\DOCUME~1\mamadou\APPLIC~1\Application Data
[01/11/2007|04:46] C:\DOCUME~1\mamadou\APPLIC~1\ATI
[26/10/2007|16:51] C:\DOCUME~1\mamadou\APPLIC~1\BitTorrent
[25/12/2007|01:11] C:\DOCUME~1\mamadou\APPLIC~1\cs
[15/09/2008|22:13] C:\DOCUME~1\mamadou\APPLIC~1\dash drive okay
[30/05/2008|22:08] C:\DOCUME~1\mamadou\APPLIC~1\DivX
[24/08/2008|19:19] C:\DOCUME~1\mamadou\APPLIC~1\dvdcss
[26/10/2007|15:51] C:\DOCUME~1\mamadou\APPLIC~1\Google
[16/01/2008|18:43] C:\DOCUME~1\mamadou\APPLIC~1\Help
[25/10/2007|15:22] C:\DOCUME~1\mamadou\APPLIC~1\Identities
[25/06/2008|18:14] C:\DOCUME~1\mamadou\APPLIC~1\Macromedia
[22/09/2008|23:41] C:\DOCUME~1\mamadou\APPLIC~1\Malwarebytes
[19/02/2008|21:50] C:\DOCUME~1\mamadou\APPLIC~1\mamadou
[22/09/2008|17:12] C:\DOCUME~1\mamadou\APPLIC~1\Microsoft
[27/10/2007|03:52] C:\DOCUME~1\mamadou\APPLIC~1\Mozilla
[25/10/2007|17:11] C:\DOCUME~1\mamadou\APPLIC~1\Nero
[24/09/2008|16:02] C:\DOCUME~1\mamadou\APPLIC~1\OpenOffice.org2
[12/01/2008|00:14] C:\DOCUME~1\mamadou\APPLIC~1\PC Tools
[21/02/2008|19:36] C:\DOCUME~1\mamadou\APPLIC~1\Real
[14/02/2008|20:05] C:\DOCUME~1\mamadou\APPLIC~1\report
[06/11/2007|20:21] C:\DOCUME~1\mamadou\APPLIC~1\Samsung
[25/11/2007|17:21] C:\DOCUME~1\mamadou\APPLIC~1\Sun
[23/09/2008|00:58] C:\DOCUME~1\mamadou\APPLIC~1\TmpRecentIcons
[18/12/2007|03:08] C:\DOCUME~1\mamadou\APPLIC~1\vlc
[07/07/2008|17:48] C:\DOCUME~1\mamadou\APPLIC~1\Yahoo!

[25/10/2007|15:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[24/09/2008 07:14][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[24/09/2008 16:39][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[23/09/2008 10:34][--a------] C:\WINDOWS\tasks\CAAntiSpywareScan_Quotidien en tant que mamadou … 17 34.job
[24/09/2008 16:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/07/2008|16:35] C:\Program Files\ACD Systems
[30/01/2008|15:47] C:\Program Files\Adobe
[25/10/2007|16:28] C:\Program Files\AMD
[07/05/2008|17:01] C:\Program Files\Apple Software Update
[06/11/2007|04:07] C:\Program Files\ATI
[24/09/2008|00:31] C:\Program Files\ATI Technologies
[14/02/2008|20:04] C:\Program Files\Audacity
[25/10/2007|16:29] C:\Program Files\AvRack
[25/10/2007|16:34] C:\Program Files\CA
[27/10/2007|19:32] C:\Program Files\CanonBJ
[18/12/2007|18:45] C:\Program Files\Circle Developement
[22/09/2008|16:26] C:\Program Files\Clever Age
[25/10/2007|15:15] C:\Program Files\ComPlus Applications
[15/09/2008|22:12] C:\Program Files\dash drive okay
[16/07/2008|00:19] C:\Program Files\DivX
[24/09/2008|16:13] C:\Program Files\eMule
[07/07/2008|16:35] C:\Program Files\Fichiers communs
[26/07/2008|13:23] C:\Program Files\Free
[18/12/2007|03:07] C:\Program Files\Freeplayer
[27/10/2007|05:13] C:\Program Files\Google
[25/10/2007|17:13] C:\Program Files\inKline Global
[06/11/2007|19:38] C:\Program Files\InstallShield Installation Information
[08/09/2008|19:38] C:\Program Files\Internet Explorer
[30/11/2007|21:38] C:\Program Files\iPod
[05/01/2008|13:48] C:\Program Files\iTunes
[28/08/2008|16:19] C:\Program Files\Java
[22/09/2008|16:53] C:\Program Files\Macrogaming
[06/11/2007|03:55] C:\Program Files\MainConcept
[24/09/2008|00:43] C:\Program Files\Malwarebytes' Anti-Malware
[16/08/2008|20:38] C:\Program Files\Messenger
[13/04/2008|00:35] C:\Program Files\Messenger Plus! Live
[24/09/2008|16:02] C:\Program Files\microsoft frontpage
[02/11/2007|21:27] C:\Program Files\Microsoft LifeCam
[03/01/2008|03:34] C:\Program Files\Microsoft SQL Server Compact Edition
[08/09/2008|19:40] C:\Program Files\Movie Maker
[24/09/2008|16:12] C:\Program Files\Mozilla Firefox
[22/09/2008|16:24] C:\Program Files\MSECache
[25/10/2007|15:14] C:\Program Files\MSN
[25/10/2007|15:15] C:\Program Files\MSN Gaming Zone
[13/04/2008|00:35] C:\Program Files\MSN Messenger
[01/11/2007|19:54] C:\Program Files\Nero
[25/10/2007|15:17] C:\Program Files\NetMeeting
[25/10/2007|16:26] C:\Program Files\NVIDIA Corporation
[25/10/2007|15:15] C:\Program Files\Online Services
[25/10/2007|17:43] C:\Program Files\OO Software
[06/05/2008|02:26] C:\Program Files\OpenOffice.org 2.3
[06/05/2008|02:26] C:\Program Files\OpenOffice.org 2.4
[08/09/2008|19:41] C:\Program Files\Outlook Express
[25/10/2007|15:45] C:\Program Files\PowerQuest
[27/06/2008|19:58] C:\Program Files\QuickMediaConverter
[30/11/2007|21:30] C:\Program Files\QuickTime
[26/10/2007|15:57] C:\Program Files\QuickZip4
[11/02/2008|01:09] C:\Program Files\Real
[31/10/2007|22:54] C:\Program Files\Realtek AC97
[25/10/2007|16:29] C:\Program Files\Realtek Sound Manager
[01/11/2007|20:18] C:\Program Files\RealVNC
[13/04/2008|00:26] C:\Program Files\Safari
[06/11/2007|19:38] C:\Program Files\Samsung
[24/07/2008|14:33] C:\Program Files\Services en ligne
[22/07/2008|18:23] C:\Program Files\Spyware Doctor
[27/10/2007|18:50] C:\Program Files\SymplisIT
[22/09/2008|23:26] C:\Program Files\Trend Micro
[25/10/2007|16:51] C:\Program Files\Tronics
[25/10/2007|15:22] C:\Program Files\Uninstall Information
[27/10/2007|19:29] C:\Program Files\VideoLAN
[25/10/2007|17:18] C:\Program Files\Vista Drive Icon
[03/01/2008|03:36] C:\Program Files\Windows Live
[03/01/2008|18:50] C:\Program Files\Windows Live Toolbar
[25/10/2007|19:57] C:\Program Files\Windows Media Connect 2
[09/09/2008|01:00] C:\Program Files\Windows Media Player
[25/10/2007|15:15] C:\Program Files\Windows NT
[25/10/2007|15:17] C:\Program Files\WindowsUpdate
[31/08/2008|21:54] C:\Program Files\WinRAR
[24/09/2008|16:02] C:\Program Files\xerox
[07/07/2008|16:36] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[07/07/2008|16:36] C:\Program Files\Fichiers communs\ACD Systems
[30/01/2008|15:48] C:\Program Files\Fichiers communs\Adobe
[26/10/2007|21:03] C:\Program Files\Fichiers communs\Apple
[06/11/2007|03:26] C:\Program Files\Fichiers communs\InstallShield
[25/10/2007|20:23] C:\Program Files\Fichiers communs\Java
[24/09/2008|00:18] C:\Program Files\Fichiers communs\Microsoft Shared
[25/10/2007|15:16] C:\Program Files\Fichiers communs\MSSoap
[01/11/2007|20:04] C:\Program Files\Fichiers communs\Nero
[25/10/2007|17:07] C:\Program Files\Fichiers communs\ODBC
[14/02/2008|20:05] C:\Program Files\Fichiers communs\Real
[25/10/2007|17:03] C:\Program Files\Fichiers communs\Scanner
[25/10/2007|15:17] C:\Program Files\Fichiers communs\Services
[25/10/2007|17:07] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2007|15:43] C:\Program Files\Fichiers communs\SWF Studio
[08/09/2008|19:41] C:\Program Files\Fichiers communs\System
[13/04/2008|00:25] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/02/2008|20:05] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 39 Processes )

iexplore.exe ~ [PID:1348]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis12.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis208.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bisC7.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\acndcbje.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\aseddcba.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\basefunkglobalabout.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Bin Fast Ping.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\cnaytxnt.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\fexvoncl.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\flzqmxpq.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\lfmfzxzd.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\luuxxbwl.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Optionboldactive.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\pektllgr.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\sdayoltj.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\tqfzmslt.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\wipriiwq.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Film dale.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Heck Store.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\meal wipe.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\road third.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\mamadou\Cookies\mamadou@advertising[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\atombashregs]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\mamadou\\APPLIC~1\\DASHDR~1\\Bin Fast Ping.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"downloadenc"="C:\\DOCUME~1\\mamadou\\APPLIC~1\\DASHDR~1\\Bin Fast Ping.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mpeg heck log link"="C:\\Documents and Settings\\All Users\\Application Data\\Joy coal mpeg heck\\road third.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 17:14:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\abeeg.ini
C:\WINDOWS\system32\abeeg.ini2
C:\WINDOWS\system32\acbeg.ini
C:\WINDOWS\system32\acbeg.ini2
C:\WINDOWS\system32\bbeeg.ini
C:\WINDOWS\system32\bbeeg.ini2
C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\hutrhcnt.ini
C:\WINDOWS\system32\hutrhcnt.ini2
C:\WINDOWS\system32\hutrhcnt.tmp
C:\WINDOWS\system32\qpqss.ini2
C:\WINDOWS\system32\qpqss.tmp
C:\WINDOWS\system32\UEfNnUtv.ini
C:\WINDOWS\system32\UEfNnUtv.ini2
C:\WINDOWS\system32\yafbxygf.ini
C:\WINDOWS\system32\yafbxygf.ini2
C:\WINDOWS\system32\yafbxygf.tmp
[b]==> VUNDO <==/b



[F:23035][D:1648]-> C:\DOCUME~1\mamadou\LOCALS~1\Temp
[F:40][D:0]-> C:\DOCUME~1\mamadou\Cookies
[F:507][D:4]-> C:\DOCUME~1\mamadou\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 24/09/2008|17:17 - Option : [1]

--------------------\\ Fin du rapport a 17:17:48
0
helpmepl
 
voici le rapport:


--------------------\\ Lop S&D 4.2.4-4 XP/Vista

( : )
USER : mamadou ( Administrator )

"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 24/09/2008|17:12 )

--------------------\\ Listing des dossiers dans APPLIC~1

[07/07/2008|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[30/01/2008|15:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/10/2007|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2007|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/10/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
[27/10/2007|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[02/12/2007|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeTest
[26/10/2007|15:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/09/2008|22:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
[22/09/2008|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2007|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[13/04/2008|00:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/11/2007|20:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[27/12/2007|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[22/09/2008|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[16/08/2008|03:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[25/10/2007|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[29/10/2007|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[18/03/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[25/10/2007|15:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/10/2007|19:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[07/07/2008|16:38] C:\DOCUME~1\mamadou\APPLIC~1\ACD Systems
[29/05/2008|21:07] C:\DOCUME~1\mamadou\APPLIC~1\Adobe
[19/03/2008|18:28] C:\DOCUME~1\mamadou\APPLIC~1\Apple Computer
[14/02/2008|20:05] C:\DOCUME~1\mamadou\APPLIC~1\Application Data
[01/11/2007|04:46] C:\DOCUME~1\mamadou\APPLIC~1\ATI
[26/10/2007|16:51] C:\DOCUME~1\mamadou\APPLIC~1\BitTorrent
[25/12/2007|01:11] C:\DOCUME~1\mamadou\APPLIC~1\cs
[15/09/2008|22:13] C:\DOCUME~1\mamadou\APPLIC~1\dash drive okay
[30/05/2008|22:08] C:\DOCUME~1\mamadou\APPLIC~1\DivX
[24/08/2008|19:19] C:\DOCUME~1\mamadou\APPLIC~1\dvdcss
[26/10/2007|15:51] C:\DOCUME~1\mamadou\APPLIC~1\Google
[16/01/2008|18:43] C:\DOCUME~1\mamadou\APPLIC~1\Help
[25/10/2007|15:22] C:\DOCUME~1\mamadou\APPLIC~1\Identities
[25/06/2008|18:14] C:\DOCUME~1\mamadou\APPLIC~1\Macromedia
[22/09/2008|23:41] C:\DOCUME~1\mamadou\APPLIC~1\Malwarebytes
[19/02/2008|21:50] C:\DOCUME~1\mamadou\APPLIC~1\mamadou
[22/09/2008|17:12] C:\DOCUME~1\mamadou\APPLIC~1\Microsoft
[27/10/2007|03:52] C:\DOCUME~1\mamadou\APPLIC~1\Mozilla
[25/10/2007|17:11] C:\DOCUME~1\mamadou\APPLIC~1\Nero
[24/09/2008|16:02] C:\DOCUME~1\mamadou\APPLIC~1\OpenOffice.org2
[12/01/2008|00:14] C:\DOCUME~1\mamadou\APPLIC~1\PC Tools
[21/02/2008|19:36] C:\DOCUME~1\mamadou\APPLIC~1\Real
[14/02/2008|20:05] C:\DOCUME~1\mamadou\APPLIC~1\report
[06/11/2007|20:21] C:\DOCUME~1\mamadou\APPLIC~1\Samsung
[25/11/2007|17:21] C:\DOCUME~1\mamadou\APPLIC~1\Sun
[23/09/2008|00:58] C:\DOCUME~1\mamadou\APPLIC~1\TmpRecentIcons
[18/12/2007|03:08] C:\DOCUME~1\mamadou\APPLIC~1\vlc
[07/07/2008|17:48] C:\DOCUME~1\mamadou\APPLIC~1\Yahoo!

[25/10/2007|15:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[24/09/2008 07:14][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[24/09/2008 16:39][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[23/09/2008 10:34][--a------] C:\WINDOWS\tasks\CAAntiSpywareScan_Quotidien en tant que mamadou … 17 34.job
[24/09/2008 16:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/07/2008|16:35] C:\Program Files\ACD Systems
[30/01/2008|15:47] C:\Program Files\Adobe
[25/10/2007|16:28] C:\Program Files\AMD
[07/05/2008|17:01] C:\Program Files\Apple Software Update
[06/11/2007|04:07] C:\Program Files\ATI
[24/09/2008|00:31] C:\Program Files\ATI Technologies
[14/02/2008|20:04] C:\Program Files\Audacity
[25/10/2007|16:29] C:\Program Files\AvRack
[25/10/2007|16:34] C:\Program Files\CA
[27/10/2007|19:32] C:\Program Files\CanonBJ
[18/12/2007|18:45] C:\Program Files\Circle Developement
[22/09/2008|16:26] C:\Program Files\Clever Age
[25/10/2007|15:15] C:\Program Files\ComPlus Applications
[15/09/2008|22:12] C:\Program Files\dash drive okay
[16/07/2008|00:19] C:\Program Files\DivX
[24/09/2008|16:13] C:\Program Files\eMule
[07/07/2008|16:35] C:\Program Files\Fichiers communs
[26/07/2008|13:23] C:\Program Files\Free
[18/12/2007|03:07] C:\Program Files\Freeplayer
[27/10/2007|05:13] C:\Program Files\Google
[25/10/2007|17:13] C:\Program Files\inKline Global
[06/11/2007|19:38] C:\Program Files\InstallShield Installation Information
[08/09/2008|19:38] C:\Program Files\Internet Explorer
[30/11/2007|21:38] C:\Program Files\iPod
[05/01/2008|13:48] C:\Program Files\iTunes
[28/08/2008|16:19] C:\Program Files\Java
[22/09/2008|16:53] C:\Program Files\Macrogaming
[06/11/2007|03:55] C:\Program Files\MainConcept
[24/09/2008|00:43] C:\Program Files\Malwarebytes' Anti-Malware
[16/08/2008|20:38] C:\Program Files\Messenger
[13/04/2008|00:35] C:\Program Files\Messenger Plus! Live
[24/09/2008|16:02] C:\Program Files\microsoft frontpage
[02/11/2007|21:27] C:\Program Files\Microsoft LifeCam
[03/01/2008|03:34] C:\Program Files\Microsoft SQL Server Compact Edition
[08/09/2008|19:40] C:\Program Files\Movie Maker
[24/09/2008|16:12] C:\Program Files\Mozilla Firefox
[22/09/2008|16:24] C:\Program Files\MSECache
[25/10/2007|15:14] C:\Program Files\MSN
[25/10/2007|15:15] C:\Program Files\MSN Gaming Zone
[13/04/2008|00:35] C:\Program Files\MSN Messenger
[01/11/2007|19:54] C:\Program Files\Nero
[25/10/2007|15:17] C:\Program Files\NetMeeting
[25/10/2007|16:26] C:\Program Files\NVIDIA Corporation
[25/10/2007|15:15] C:\Program Files\Online Services
[25/10/2007|17:43] C:\Program Files\OO Software
[06/05/2008|02:26] C:\Program Files\OpenOffice.org 2.3
[06/05/2008|02:26] C:\Program Files\OpenOffice.org 2.4
[08/09/2008|19:41] C:\Program Files\Outlook Express
[25/10/2007|15:45] C:\Program Files\PowerQuest
[27/06/2008|19:58] C:\Program Files\QuickMediaConverter
[30/11/2007|21:30] C:\Program Files\QuickTime
[26/10/2007|15:57] C:\Program Files\QuickZip4
[11/02/2008|01:09] C:\Program Files\Real
[31/10/2007|22:54] C:\Program Files\Realtek AC97
[25/10/2007|16:29] C:\Program Files\Realtek Sound Manager
[01/11/2007|20:18] C:\Program Files\RealVNC
[13/04/2008|00:26] C:\Program Files\Safari
[06/11/2007|19:38] C:\Program Files\Samsung
[24/07/2008|14:33] C:\Program Files\Services en ligne
[22/07/2008|18:23] C:\Program Files\Spyware Doctor
[27/10/2007|18:50] C:\Program Files\SymplisIT
[22/09/2008|23:26] C:\Program Files\Trend Micro
[25/10/2007|16:51] C:\Program Files\Tronics
[25/10/2007|15:22] C:\Program Files\Uninstall Information
[27/10/2007|19:29] C:\Program Files\VideoLAN
[25/10/2007|17:18] C:\Program Files\Vista Drive Icon
[03/01/2008|03:36] C:\Program Files\Windows Live
[03/01/2008|18:50] C:\Program Files\Windows Live Toolbar
[25/10/2007|19:57] C:\Program Files\Windows Media Connect 2
[09/09/2008|01:00] C:\Program Files\Windows Media Player
[25/10/2007|15:15] C:\Program Files\Windows NT
[25/10/2007|15:17] C:\Program Files\WindowsUpdate
[31/08/2008|21:54] C:\Program Files\WinRAR
[24/09/2008|16:02] C:\Program Files\xerox
[07/07/2008|16:36] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[07/07/2008|16:36] C:\Program Files\Fichiers communs\ACD Systems
[30/01/2008|15:48] C:\Program Files\Fichiers communs\Adobe
[26/10/2007|21:03] C:\Program Files\Fichiers communs\Apple
[06/11/2007|03:26] C:\Program Files\Fichiers communs\InstallShield
[25/10/2007|20:23] C:\Program Files\Fichiers communs\Java
[24/09/2008|00:18] C:\Program Files\Fichiers communs\Microsoft Shared
[25/10/2007|15:16] C:\Program Files\Fichiers communs\MSSoap
[01/11/2007|20:04] C:\Program Files\Fichiers communs\Nero
[25/10/2007|17:07] C:\Program Files\Fichiers communs\ODBC
[14/02/2008|20:05] C:\Program Files\Fichiers communs\Real
[25/10/2007|17:03] C:\Program Files\Fichiers communs\Scanner
[25/10/2007|15:17] C:\Program Files\Fichiers communs\Services
[25/10/2007|17:07] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2007|15:43] C:\Program Files\Fichiers communs\SWF Studio
[08/09/2008|19:41] C:\Program Files\Fichiers communs\System
[13/04/2008|00:25] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/02/2008|20:05] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 39 Processes )

iexplore.exe ~ [PID:1348]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis12.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bis208.exe
C:\DOCUME~1\mamadou\LOCALS~1\Temp\bisC7.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\acndcbje.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\aseddcba.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\basefunkglobalabout.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Bin Fast Ping.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\cnaytxnt.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\fexvoncl.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\flzqmxpq.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\lfmfzxzd.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\luuxxbwl.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\Optionboldactive.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\pektllgr.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\sdayoltj.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\tqfzmslt.exe
C:\DOCUME~1\mamadou\APPLIC~1\DASHDR~1\wipriiwq.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Film dale.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\Heck Store.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\meal wipe.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Joy coal mpeg heck\road third.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\mamadou\Cookies\mamadou@advertising[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\atombashregs]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\mamadou\\APPLIC~1\\DASHDR~1\\Bin Fast Ping.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"downloadenc"="C:\\DOCUME~1\\mamadou\\APPLIC~1\\DASHDR~1\\Bin Fast Ping.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mpeg heck log link"="C:\\Documents and Settings\\All Users\\Application Data\\Joy coal mpeg heck\\road third.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 72 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 17:14:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\abeeg.ini
C:\WINDOWS\system32\abeeg.ini2
C:\WINDOWS\system32\acbeg.ini
C:\WINDOWS\system32\acbeg.ini2
C:\WINDOWS\system32\bbeeg.ini
C:\WINDOWS\system32\bbeeg.ini2
C:\WINDOWS\system32\fhhkj.ini
C:\WINDOWS\system32\fhhkj.ini2
C:\WINDOWS\system32\hutrhcnt.ini
C:\WINDOWS\system32\hutrhcnt.ini2
C:\WINDOWS\system32\hutrhcnt.tmp
C:\WINDOWS\system32\qpqss.ini2
C:\WINDOWS\system32\qpqss.tmp
C:\WINDOWS\system32\UEfNnUtv.ini
C:\WINDOWS\system32\UEfNnUtv.ini2
C:\WINDOWS\system32\yafbxygf.ini
C:\WINDOWS\system32\yafbxygf.ini2
C:\WINDOWS\system32\yafbxygf.tmp
[b]==> VUNDO <==/b



[F:23035][D:1648]-> C:\DOCUME~1\mamadou\LOCALS~1\Temp
[F:40][D:0]-> C:\DOCUME~1\mamadou\Cookies
[F:507][D:4]-> C:\DOCUME~1\mamadou\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 24/09/2008|17:17 - Option : [1]

--------------------\\ Fin du rapport a 17:17:48
0
Réponse 3 / 6
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
mobinmob ---> Cours te cacher s'il te plaît.
-1
Réponse 4 / 6
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

---> Puis fais ceci :

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Le rapport ComBoFix (passe a la trappe)))

ComboFix 08-09-22.06 - mamadou 2008-09-24 18:05:49.1 - NTFSx86 DSREPAIR

Lancé depuis: C:\Documents and Settings\mamadou\Bureau\ComboFix.exe­

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

((((((((((((((((((((((((((((((((((((­ Autres suppressions ))))))))))))))))))))))))))))))))))))­))))))))))))
.

C:\Documents and Settings\mamadou\Cookies\mamadou@blu­estreak[2].txt
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-24 au 2008-09-24 ))))))))))))))))))))))))))))))))))))­
.

2008-09-24 17:11 . 2008-09-24 17:46 <REP> d-------- C:\Lop SD
2008-09-24 16:02 . 2008-09-24 16:02 <REP> d-------- C:\Program Files\microsoft frontpage
2008-09-24 01:36 . 2004-08-19 16:09 400,896 --a------ C:\WINDOWS\system32\fxsxp32.dll
2008-09-24 01:36 . 2004-08-19 16:09 397,312 --a------ C:\WINDOWS\system32\fxstiff.dll
2008-09-24 01:36 . 2004-08-19 16:09 268,800 --a------ C:\WINDOWS\system32\fxssvc.exe
2008-09-24 01:36 . 2004-08-19 16:09 246,272 --a------ C:\WINDOWS\system32\fxst30.dll
2008-09-24 01:36 . 2004-08-19 16:09 197,120 --a------ C:\WINDOWS\system32\fxswzrd.dll
2008-09-24 01:36 . 2004-08-19 16:09 156,672 --a------ C:\WINDOWS\system32\fxsui.dll
2008-09-24 01:36 . 2004-08-19 16:09 33,792 --a------ C:\WINDOWS\system32\lmmib2.dll
2008-09-24 01:35 . 2004-08-19 16:09 563,712 --a------ C:\WINDOWS\system32\fxsst.dll
2008-09-24 01:35 . 2004-08-19 16:09 238,592 --a------ C:\WINDOWS\system32\fxscover.exe
2008-09-24 01:35 . 2004-08-19 16:09 143,360 --a------ C:\WINDOWS\system32\fxsclnt.exe
2008-09-24 01:35 . 2004-08-19 16:09 66,048 --a------ C:\WINDOWS\system32\fxsevent.dll
2008-09-24 01:35 . 2004-08-19 16:09 27,136 --a------ C:\WINDOWS\system32\fxsdrv.dll
2008-09-24 01:35 . 2004-08-19 16:09 24,064 --a------ C:\WINDOWS\system32\fxsmon.dll
2008-09-24 01:35 . 2004-08-19 16:09 23,552 --a------ C:\WINDOWS\system32\fxsext32.dll
2008-09-24 01:35 . 2004-08-19 16:09 8,704 --a------ C:\WINDOWS\system32\fxsperf.dll
2008-09-24 01:35 . 2004-08-19 16:08 7,168 --a------ C:\WINDOWS\system32\fxsres.dll
2008-09-24 01:34 . 2004-08-19 16:09 452,096 --a------ C:\WINDOWS\system32\fxsapi.dll
2008-09-24 01:34 . 2004-08-19 16:09 285,184 --a------ C:\WINDOWS\system32\fxscomex.dll
2008-09-24 01:34 . 2004-08-19 16:09 72,192 --a------ C:\WINDOWS\system32\fxscom.dll
2008-09-24 01:31 . 2008-09-24 01:31 <REP> d-------- C:\WINDOWS\system32\msmq
2008-09-24 00:54 . 2008-09-24 00:54 335 --a------ C:\WINDOWS\mozregistry.dat
2008-09-24 00:26 . 2008-09-24 00:26 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-23 16:51 . 2008-09-24 16:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-22 23:41 . 2008-09-24 00:43 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-22 23:41 . 2008-09-22 23:41 <REP> d-------- C:\Documents and Settings\mamadou\Application Data\Malwarebytes
2008-09-22 23:41 . 2008-09-22 23:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-22 23:41 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-22 23:41 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-22 23:26 . 2008-09-22 23:26 <REP> d-------- C:\Program Files\Trend Micro
2008-09-22 16:53 . 2008-09-22 16:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SweetIM
2008-09-22 16:26 . 2008-09-22 16:26 <REP> d-------- C:\Program Files\Clever Age
2008-09-22 16:24 . 2008-09-22 16:24 <REP> d-------- C:\Program Files\MSECache
2008-09-22 15:38 . 2008-09-22 15:39 754 --a------ C:\WINDOWS\WORDPAD.INI
2008-09-15 22:12 . 2008-09-15 22:12 <REP> d-------- C:\Program Files\dash drive okay
2008-09-12 22:41 . 2008-09-12 22:41 43,728 --a------ C:\WINDOWS\system32\esta.jpg
2008-09-09 01:00 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-09-09 01:00 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-09-09 01:00 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-09-08 23:55 . 2008-09-08 23:55 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-09-08 23:55 . 2008-09-08 23:55 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-09-08 23:55 . 2008-09-08 23:55 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-09-08 23:55 . 2008-09-08 23:55 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-09-08 23:55 . 2008-09-08 23:55 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-09-08 23:55 . 2008-09-08 23:55 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-08 23:17 . 2004-08-19 17:21 1,086,058 -ra------ C:\WINDOWS\SET92.tmp
2008-09-08 23:17 . 2004-08-19 18:07 1,013,912 -ra------ C:\WINDOWS\SET8F.tmp
2008-09-08 23:17 . 2002-08-30 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-09-08 23:17 . 2004-08-19 17:21 14,043 -ra------ C:\WINDOWS\SET9E.tmp
2008-09-08 23:17 . 2002-08-30 14:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-09-01 19:10 . 2008-09-01 19:10 <REP> d--hs---- C:\found.003
2008-08-31 01:45 . 2008-08-31 01:45 <REP> d--hs---- C:\found.002

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-24 15:26 --------- d-----w C:\Program Files\eMule
2008-09-24 14:02 --------- d-----w C:\Documents and Settings\mamadou\Application Data\OpenOffice.org2
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2008-09-24 14:00 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2008-09-24 14:00 192,666 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2008-09-23 22:31 --------- d-----w C:\Program Files\ATI Technologies
2008-09-22 14:53 --------- d-----w C:\Program Files\Macrogaming
2008-08-28 14:19 --------- d-----w C:\Program Files\Java
2008-08-24 17:19 --------- d-----w C:\Documents and Settings\mamadou\Application Data\dvdcss
2008-08-16 01:00 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-26 11:23 --------- d-----w C:\Program Files\Free
2008-07-24 12:33 --------- d-----w C:\Program Files\Services en ligne
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-03-12 16:00 211,473 --sha-w C:\WINDOWS\system32\abeeg.ini2
2008-04-12 04:00 75,635 --sha-w C:\WINDOWS\system32\acbeg.ini2
2008-02-20 12:33 326,000 --sha-w C:\WINDOWS\system32\bbeeg.ini2
2008-02-19 13:20 274,788 --sha-w C:\WINDOWS\system32\fhhkj.ini2
2008-01-11 22:10 1,045,258 --sh--w C:\WINDOWS\system32\hutrhcnt.ini2
2008-02-12 18:17 318 --sh--w C:\WINDOWS\system32\qpqss.ini2
2008-04-12 23:06 83,536 --sha-w C:\WINDOWS\system32\UEfNnUtv.ini2
2008-01-01 01:14 1,032,399 --sh--w C:\WINDOWS\system32\yafbxygf.ini2
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-02 68856]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2008-05-11 5423104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-07-29 270336]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [2007-08-16 177416]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-10-25 230928]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe" [2007-10-25 14088]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 45056]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-06-28 2512128]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 707376]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2005-03-18 106496]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 7573504]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-15 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 267048]
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [2008-05-22 1193224]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [2008-05-22 173320]
"capfupgrade"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe" [2008-05-22 259336]
"PC Booster"="C:\Program Files\inKline Global\PC Booster\PCBooster.exe" [2006-08-03 7368704]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-02-11 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-28 86016]
"nwiz"="nwiz.exe" [2006-04-28 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 C:\WINDOWS\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15360]

C:\Documents and Settings\mamadou\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 0
"NoInstrumentation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2007-05-18 15:30 79368 C:\WINDOWS\system32\UmxWNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"C:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9591:TCP"= 9591:TCP:BitComet 9591 TCP
"9591:UDP"= 9591:UDP:BitComet 9591 UDP

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{39D03DC1-8D8D-4329-81E6-AC8E69DF9C74} - C:\WINDOWS\system32\duncycga.dll
BHO-{5024BF05-ACD4-477A-859B-D8EFB9865C82} - C:\WINDOWS\system32\jkhhf.dll
BHO-{7576018D-C231-4525-AE51-7CFDBEED492D} - C:\WINDOWS\system32\geebb.dll
BHO-{78A8D9A1-1404-4627-99D7-6C3400D78441} - C:\WINDOWS\system32\vtUnNfEU.dll
BHO-{A7495120-0B29-4C2D-838E-D105EC3D8EDf} - C:\WINDOWS\system32\duncycga.dll
BHO-{BBB83371-CB1B-42F4-9FAF-132FB3667DE5} - C:\WINDOWS\system32\geeba.dll
Toolbar-{7CE724E9-645E-4D3D-A273-8ED63BFA0136} - C:\WINDOWS\peltodgx.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-BitTorrent - C:\Program Files\BitTorrent\bittorrent.exe
HKCU-Run-BitComet - C:\Program Files\BitComet\BitComet.exe
HKLM-Run-Device Detector - DevDetect.exe
Notify-nnnopqr - nnnopqr.dll

.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\mamadou\Application Data\Mozilla\Firefox\Profiles\qo1u8twe.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.sweetim.com/search.asp?src=2&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - google
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-24 18:10:56
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

**************************************************************************
.
Heure de fin: 2008-09-24 18:13:54
ComboFix-quarantined-files.txt 2008-09-24 16:12:41

Avant-CF: 25ÿ680ÿ105ÿ472 octets libres
Après-CF: 35,347,640,320 octets libres

200 --- E O F --- 2008-08-16

+++
-1
Réponse 6 / 6
Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 305
 
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport
-1

Discussions similaires

Java : Jeux gratuits à télécharger !
undertaker3 -
neogenesis -

1 réponse
Jeux gratuits sur mobile
pipo -
alasko de montana -

16 réponses
Jeux sur itel it6800
deniseprisk -
Abel -

4 réponses
A quoi sert ce boitier ?
regis5492 -
brupala -

7 réponses
Touches majuscule et minuscule inversées sur mon clavier
popoloko -
person -

27 réponses