Sujet Précédent Sujet Suivant

Fenetres publicitaires indesirables

trebz30 Messages postés 15 Statut Membre -  
benurrr Messages postés 9766 Statut Contributeur sécurité -
Bonjour,

Voila, je ne peux plus urfer sur internet sans avoir plein de fenetres publicitaires qui souvrent. Et cela ralenti enormement mon ordinateur. Aprés recherche sur des forum , j'ai telechargé Navilog et Hijackthis afin de faire une analyse de mon ordi. Par contre pour les 2 logiciels, ils disent que dans le rapport d'analyse, il peut y avoir des fichiers légitimes donc il vaut mieux demander l'avis à des personnes plus compétantes.
Voici donc la raison de ce poste. Pouvez vous me dire les fichiers à supprimer. (voir fichiers d'analyses Navilog et Hijackthis ci dessous):

Fichier d'analyse Navilog :

Search Navipromo version 3.6.6 commencé le 04/10/2008 à 10:51:15,93

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Trebz"

Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Trebz\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Trebz\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Trebz\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Trebz\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\Trebz\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\CMnmmUtv.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

*** Analyse terminée le 04/10/2008 à 11:14:53,01 ***

Fichier d'analyse Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:10, on 04/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: {ecf0b79c-032d-0599-6064-79bec16b0079} - {9700b61c-eb97-4606-9950-d230c97b0fce} - C:\WINDOWS\system32\gpwrsu.dll
O2 - BHO: (no name) - {EA820942-2FBE-470D-9BCE-006A7E416651} - C:\WINDOWS\system32\vtUmmnMC.dll (file missing)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BMf75abf8b] Rundll32.exe "C:\WINDOWS\system32\mvavwonl.dll",s
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1123561945-1425521274-682003330-1002\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: WiFi Station.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.line6.net
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
O20 - AppInit_DLLs: gpwrsu.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

3 réponses

Réponse 1 / 3
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
salut

on constate déjà du vundo

on va déjà voir pour les pub

Télécharge LOP S&D d'Eric71 ici https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique dessus pour lancer l'installation.

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )

( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

-1
trebz30 Messages postés 15 Statut Membre
 
merci benurr pour ta reponse aussi rapide

Juste une petite question, que veux tu dire par "on constate deja du vundo". Qu'est ce qu"un vundo? dois je le supprimer?

voici le fichier d'analyse LOP S&D

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

( : )
USER : Trebz ( Administrator )
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 04/10/2008|11:39 )

--------------------\\ Listing des dossiers dans APPLIC~1

[22/06/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
[15/08/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/01/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[30/12/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[29/12/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/08/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[06/08/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[28/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/07/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6
[25/06/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[22/04/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/10/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[22/06/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/11/2005|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[09/11/2005|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[15/02/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[04/12/2005|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/09/2006|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[14/09/2008|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/11/2006|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/09/2006|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[13/09/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/12/2006|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[30/10/2005|18:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[13/12/2006|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/10/2005|18:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/06/2008|22:32] C:\DOCUME~1\Trebz\APPLIC~1\Ableton
[15/06/2008|21:38] C:\DOCUME~1\Trebz\APPLIC~1\Adobe
[17/09/2006|18:51] C:\DOCUME~1\Trebz\APPLIC~1\AdobeUM
[27/01/2008|21:21] C:\DOCUME~1\Trebz\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\Trebz\APPLIC~1\Bitdefender
[30/12/2007|12:08] C:\DOCUME~1\Trebz\APPLIC~1\CyberLink
[15/04/2007|11:23] C:\DOCUME~1\Trebz\APPLIC~1\DivX
[07/11/2005|20:05] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[07/11/2005|20:06] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/08/2008|21:13] C:\DOCUME~1\Trebz\APPLIC~1\Help
[30/10/2005|18:16] C:\DOCUME~1\Trebz\APPLIC~1\Identities
[25/06/2008|20:18] C:\DOCUME~1\Trebz\APPLIC~1\InstallShield
[30/10/2005|18:47] C:\DOCUME~1\Trebz\APPLIC~1\InterTrust
[04/09/2007|20:04] C:\DOCUME~1\Trebz\APPLIC~1\Jasc Software Inc
[17/09/2006|18:34] C:\DOCUME~1\Trebz\APPLIC~1\Leadertech
[12/07/2008|17:51] C:\DOCUME~1\Trebz\APPLIC~1\Line 6
[04/11/2005|23:21] C:\DOCUME~1\Trebz\APPLIC~1\Macromedia
[15/08/2006|12:42] C:\DOCUME~1\Trebz\APPLIC~1\Media Player Classic
[14/06/2007|20:26] C:\DOCUME~1\Trebz\APPLIC~1\Microsoft
[23/09/2006|19:47] C:\DOCUME~1\Trebz\APPLIC~1\Mobile Master
[14/02/2006|20:58] C:\DOCUME~1\Trebz\APPLIC~1\MSN6
[19/02/2006|20:28] C:\DOCUME~1\Trebz\APPLIC~1\Real
[10/11/2007|19:48] C:\DOCUME~1\Trebz\APPLIC~1\Skype
[10/06/2008|18:45] C:\DOCUME~1\Trebz\APPLIC~1\Steinberg
[29/05/2007|22:10] C:\DOCUME~1\Trebz\APPLIC~1\Sun
[30/10/2005|19:04] C:\DOCUME~1\Trebz\APPLIC~1\Symantec
[17/09/2006|18:28] C:\DOCUME~1\Trebz\APPLIC~1\Teleca
[02/06/2008|21:48] C:\DOCUME~1\Trebz\APPLIC~1\vlc
[09/06/2008|19:01] C:\DOCUME~1\Trebz\APPLIC~1\Waves Audio

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/09/2008 15:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[04/10/2008 09:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[23/06/2008|17:40] C:\Program Files\Ableton
[04/10/2008|11:02] C:\Program Files\Adobe
[21/09/2008|17:37] C:\Program Files\adslTV
[13/11/2006|22:43] C:\Program Files\Ahead
[20/05/2008|20:05] C:\Program Files\Alwil Software
[26/04/2008|15:12] C:\Program Files\Antares
[26/01/2008|18:26] C:\Program Files\Apple Software Update
[24/09/2006|11:44] C:\Program Files\AviSynth 2.5
[30/09/2008|19:37] C:\Program Files\BitDefender
[26/05/2008|20:22] C:\Program Files\BitLord
[10/03/2008|23:23] C:\Program Files\Bonjour
[10/04/2008|18:14] C:\Program Files\brainspawn
[13/11/2006|20:08] C:\Program Files\CCleaner
[05/07/2008|16:08] C:\Program Files\Common Files
[30/12/2007|12:03] C:\Program Files\CyberLink
[01/05/2008|13:27] C:\Program Files\directx
[24/06/2008|19:37] C:\Program Files\DivX
[25/04/2008|16:18] C:\Program Files\DSPFX
[30/10/2005|22:16] C:\Program Files\D-Tools
[12/11/2005|11:55] C:\Program Files\DVD Decrypter
[30/10/2005|23:18] C:\Program Files\DVD Shrink
[03/06/2007|17:56] C:\Program Files\EarMaster
[24/09/2006|14:57] C:\Program Files\eRightSoft
[30/09/2008|19:36] C:\Program Files\Fichiers communs
[27/01/2008|19:22] C:\Program Files\Free iPod Video Converter
[03/11/2005|17:58] C:\Program Files\Guitar Pro 4
[03/10/2008|20:26] C:\Program Files\Hercules
[07/11/2005|20:04] C:\Program Files\Hewlett-Packard
[17/08/2007|17:28] C:\Program Files\Hofmann
[11/06/2007|19:45] C:\Program Files\HP
[06/08/2008|19:33] C:\Program Files\IncrediMail
[03/10/2008|20:26] C:\Program Files\InstallShield Installation Information
[15/09/2007|20:49] C:\Program Files\InterLok
[15/08/2008|19:11] C:\Program Files\Internet Explorer
[26/01/2008|18:33] C:\Program Files\iPod
[26/01/2008|18:33] C:\Program Files\iTunes
[04/09/2007|20:04] C:\Program Files\Jasc Software Inc
[19/10/2007|19:14] C:\Program Files\Java
[24/08/2008|12:05] C:\Program Files\Jibege Freq
[07/11/2006|21:36] C:\Program Files\Lavasoft
[12/07/2008|17:48] C:\Program Files\Line6
[22/06/2008|22:09] C:\Program Files\Logitech
[25/06/2008|22:20] C:\Program Files\ma-config.com
[30/10/2005|18:23] C:\Program Files\Marvell
[02/11/2005|21:07] C:\Program Files\Matroska Playback Pack
[25/06/2008|20:22] C:\Program Files\M-Audio
[15/02/2007|22:06] C:\Program Files\Media Player Classic
[26/08/2008|20:58] C:\Program Files\Messenger
[30/10/2005|18:13] C:\Program Files\microsoft frontpage
[22/04/2007|11:50] C:\Program Files\Microsoft Office
[08/09/2008|23:50] C:\Program Files\Microsoft Picture It! PhotoPub
[23/11/2005|22:11] C:\Program Files\Microsoft Works
[23/11/2005|22:08] C:\Program Files\Microsoft Works Suite 2001
[16/02/2007|18:00] C:\Program Files\Mio Technology
[26/08/2008|20:54] C:\Program Files\Movie Maker
[30/10/2005|21:28] C:\Program Files\MSN
[30/10/2005|18:10] C:\Program Files\MSN Gaming Zone
[11/11/2005|13:05] C:\Program Files\MSN Messenger
[17/11/2006|18:57] C:\Program Files\MSXML 4.0
[12/09/2008|13:17] C:\Program Files\Native Instruments
[04/10/2008|11:15] C:\Program Files\Navilog1
[26/08/2008|20:54] C:\Program Files\NetMeeting
[03/10/2008|21:34] C:\Program Files\Neuf
[27/01/2008|15:44] C:\Program Files\nutri
[19/11/2005|19:27] C:\Program Files\NVIDIA Corporation
[26/08/2008|20:54] C:\Program Files\Outlook Express
[12/09/2008|20:04] C:\Program Files\Pianoteq 2.2
[09/11/2005|21:08] C:\Program Files\Pinnacle
[09/11/2005|23:27] C:\Program Files\PowerQuest
[01/05/2008|13:29] C:\Program Files\QuickTime
[15/02/2007|22:06] C:\Program Files\Real Alternative
[24/06/2008|21:18] C:\Program Files\Realtek AC97
[24/09/2006|16:07] C:\Program Files\Ripp-it_AM
[15/08/2006|12:23] C:\Program Files\Satsuki Decoder Pack
[30/10/2005|18:12] C:\Program Files\Services en ligne
[26/09/2007|19:18] C:\Program Files\Sierra On-Line
[04/12/2005|19:27] C:\Program Files\Skype
[17/09/2006|18:20] C:\Program Files\Sony Ericsson
[10/04/2008|18:07] C:\Program Files\SpectralDesign
[14/09/2008|12:06] C:\Program Files\Spybot - Search & Destroy
[17/08/2008|18:55] C:\Program Files\Steinberg
[10/06/2008|18:40] C:\Program Files\Syncrosoft
[26/09/2008|21:20] C:\Program Files\Trend Micro
[01/05/2008|13:44] C:\Program Files\Uninstall Information
[15/08/2008|19:16] C:\Program Files\vst plugins
[25/04/2008|16:38] C:\Program Files\Waves
[13/12/2006|20:36] C:\Program Files\Windows Media Connect 2
[26/08/2008|20:54] C:\Program Files\Windows Media Player
[26/08/2008|20:54] C:\Program Files\Windows NT
[10/11/2005|01:43] C:\Program Files\WindowsUpdate
[29/08/2008|21:49] C:\Program Files\WinRAR
[30/10/2005|18:13] C:\Program Files\xerox
[09/06/2008|18:47] C:\Program Files\XLN Audio
[24/09/2006|11:22] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/09/2006|18:51] C:\Program Files\Fichiers communs\Adobe
[13/11/2006|22:43] C:\Program Files\Fichiers communs\Ahead
[26/01/2008|18:25] C:\Program Files\Fichiers communs\Apple
[30/09/2008|19:37] C:\Program Files\Fichiers communs\BitDefender
[22/04/2007|11:50] C:\Program Files\Fichiers communs\Designer
[07/11/2005|20:05] C:\Program Files\Fichiers communs\Hewlett-Packard
[28/06/2008|13:04] C:\Program Files\Fichiers communs\InstallShield
[29/05/2007|22:08] C:\Program Files\Fichiers communs\Java
[22/06/2008|22:11] C:\Program Files\Fichiers communs\Logitech
[01/05/2008|13:44] C:\Program Files\Fichiers communs\Microsoft Shared
[30/10/2005|18:11] C:\Program Files\Fichiers communs\MSSoap
[19/11/2005|19:27] C:\Program Files\Fichiers communs\NVIDIA Shared
[30/10/2005|18:05] C:\Program Files\Fichiers communs\ODBC
[09/11/2005|20:43] C:\Program Files\Fichiers communs\Services
[30/09/2008|19:32] C:\Program Files\Fichiers communs\Softwin
[30/10/2005|18:05] C:\Program Files\Fichiers communs\SpeechEngines
[06/11/2006|22:17] C:\Program Files\Fichiers communs\Symantec Shared
[26/08/2008|20:54] C:\Program Files\Fichiers communs\System
[17/09/2006|18:21] C:\Program Files\Fichiers communs\Teleca Shared

--------------------\\ Process

( 39 Processes )

IEXPLORE.EXE ~ [PID:1828]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Trebz\Cookies\trebz@advertstream[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adultfriendfinder[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@advertising[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adin.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@cotedazurpalace[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@www.cotedazurpalace[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adopt.euroclick[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@partypoker[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr.seafight.bigpoint[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 11:41:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\CMnmmUtv.ini
C:\WINDOWS\system32\CMnmmUtv.ini2
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Trebz\Local Settings\Application Data\ApplicationHistory\serial bit defender v10 key keygen.exe.1a8ae99b.ini
C:\DOCUME~1\Trebz\Mes documents\Ableton\Library\Presets\Vinyl Distortion\Crack.adv
C:\DOCUME~1\Trebz\Recent\Addictive Drums Crack Install.lnk
C:\DOCUME~1\Trebz\Recent\Addictive Drums XLN Audio Keygen.lnk
C:\DOCUME~1\Trebz\Recent\BitDefender.Total.Security.2008.V11.0.15.+Keygen+.patch.by-Siegfried.lnk
C:\DOCUME~1\Trebz\Recent\Copy.of.crack.pianoteq.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments B4 II + KeyGen.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments b4 v2.0.0.7 Incl Keygen-h2O.lnk
C:\DOCUME~1\Trebz\Recent\total_crack.lnk


[F:136][D:566]-> C:\DOCUME~1\Trebz\LOCALS~1\Temp
[F:551][D:0]-> C:\DOCUME~1\Trebz\Cookies
[F:17745][D:38]-> C:\DOCUME~1\Trebz\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|11:44 - Option : [1]

--------------------\\ Fin du rapport a 11:44:34
-1
Réponse 2 / 3
trebz30 Messages postés 15 Statut Membre
 
merci benurr pour ta reponse aussi rapide

Juste une petite question, que veux tu dire par "on constate deja du vundo". Qu'est ce qu"un vundo? dois je le supprimer?

voici le fichier d'analyse LOP S&D

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

( : )
USER : Trebz ( Administrator )
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 04/10/2008|11:39 )

--------------------\\ Listing des dossiers dans APPLIC~1

[22/06/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
[15/08/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/01/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[30/12/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[29/12/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/08/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[06/08/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[28/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/07/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6
[25/06/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[22/04/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/10/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[22/06/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/11/2005|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[09/11/2005|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[15/02/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[04/12/2005|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/09/2006|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[14/09/2008|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/11/2006|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/09/2006|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[13/09/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/12/2006|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[30/10/2005|18:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[13/12/2006|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/10/2005|18:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/06/2008|22:32] C:\DOCUME~1\Trebz\APPLIC~1\Ableton
[15/06/2008|21:38] C:\DOCUME~1\Trebz\APPLIC~1\Adobe
[17/09/2006|18:51] C:\DOCUME~1\Trebz\APPLIC~1\AdobeUM
[27/01/2008|21:21] C:\DOCUME~1\Trebz\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\Trebz\APPLIC~1\Bitdefender
[30/12/2007|12:08] C:\DOCUME~1\Trebz\APPLIC~1\CyberLink
[15/04/2007|11:23] C:\DOCUME~1\Trebz\APPLIC~1\DivX
[07/11/2005|20:05] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[07/11/2005|20:06] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/08/2008|21:13] C:\DOCUME~1\Trebz\APPLIC~1\Help
[30/10/2005|18:16] C:\DOCUME~1\Trebz\APPLIC~1\Identities
[25/06/2008|20:18] C:\DOCUME~1\Trebz\APPLIC~1\InstallShield
[30/10/2005|18:47] C:\DOCUME~1\Trebz\APPLIC~1\InterTrust
[04/09/2007|20:04] C:\DOCUME~1\Trebz\APPLIC~1\Jasc Software Inc
[17/09/2006|18:34] C:\DOCUME~1\Trebz\APPLIC~1\Leadertech
[12/07/2008|17:51] C:\DOCUME~1\Trebz\APPLIC~1\Line 6
[04/11/2005|23:21] C:\DOCUME~1\Trebz\APPLIC~1\Macromedia
[15/08/2006|12:42] C:\DOCUME~1\Trebz\APPLIC~1\Media Player Classic
[14/06/2007|20:26] C:\DOCUME~1\Trebz\APPLIC~1\Microsoft
[23/09/2006|19:47] C:\DOCUME~1\Trebz\APPLIC~1\Mobile Master
[14/02/2006|20:58] C:\DOCUME~1\Trebz\APPLIC~1\MSN6
[19/02/2006|20:28] C:\DOCUME~1\Trebz\APPLIC~1\Real
[10/11/2007|19:48] C:\DOCUME~1\Trebz\APPLIC~1\Skype
[10/06/2008|18:45] C:\DOCUME~1\Trebz\APPLIC~1\Steinberg
[29/05/2007|22:10] C:\DOCUME~1\Trebz\APPLIC~1\Sun
[30/10/2005|19:04] C:\DOCUME~1\Trebz\APPLIC~1\Symantec
[17/09/2006|18:28] C:\DOCUME~1\Trebz\APPLIC~1\Teleca
[02/06/2008|21:48] C:\DOCUME~1\Trebz\APPLIC~1\vlc
[09/06/2008|19:01] C:\DOCUME~1\Trebz\APPLIC~1\Waves Audio

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/09/2008 15:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[04/10/2008 09:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[23/06/2008|17:40] C:\Program Files\Ableton
[04/10/2008|11:02] C:\Program Files\Adobe
[21/09/2008|17:37] C:\Program Files\adslTV
[13/11/2006|22:43] C:\Program Files\Ahead
[20/05/2008|20:05] C:\Program Files\Alwil Software
[26/04/2008|15:12] C:\Program Files\Antares
[26/01/2008|18:26] C:\Program Files\Apple Software Update
[24/09/2006|11:44] C:\Program Files\AviSynth 2.5
[30/09/2008|19:37] C:\Program Files\BitDefender
[26/05/2008|20:22] C:\Program Files\BitLord
[10/03/2008|23:23] C:\Program Files\Bonjour
[10/04/2008|18:14] C:\Program Files\brainspawn
[13/11/2006|20:08] C:\Program Files\CCleaner
[05/07/2008|16:08] C:\Program Files\Common Files
[30/12/2007|12:03] C:\Program Files\CyberLink
[01/05/2008|13:27] C:\Program Files\directx
[24/06/2008|19:37] C:\Program Files\DivX
[25/04/2008|16:18] C:\Program Files\DSPFX
[30/10/2005|22:16] C:\Program Files\D-Tools
[12/11/2005|11:55] C:\Program Files\DVD Decrypter
[30/10/2005|23:18] C:\Program Files\DVD Shrink
[03/06/2007|17:56] C:\Program Files\EarMaster
[24/09/2006|14:57] C:\Program Files\eRightSoft
[30/09/2008|19:36] C:\Program Files\Fichiers communs
[27/01/2008|19:22] C:\Program Files\Free iPod Video Converter
[03/11/2005|17:58] C:\Program Files\Guitar Pro 4
[03/10/2008|20:26] C:\Program Files\Hercules
[07/11/2005|20:04] C:\Program Files\Hewlett-Packard
[17/08/2007|17:28] C:\Program Files\Hofmann
[11/06/2007|19:45] C:\Program Files\HP
[06/08/2008|19:33] C:\Program Files\IncrediMail
[03/10/2008|20:26] C:\Program Files\InstallShield Installation Information
[15/09/2007|20:49] C:\Program Files\InterLok
[15/08/2008|19:11] C:\Program Files\Internet Explorer
[26/01/2008|18:33] C:\Program Files\iPod
[26/01/2008|18:33] C:\Program Files\iTunes
[04/09/2007|20:04] C:\Program Files\Jasc Software Inc
[19/10/2007|19:14] C:\Program Files\Java
[24/08/2008|12:05] C:\Program Files\Jibege Freq
[07/11/2006|21:36] C:\Program Files\Lavasoft
[12/07/2008|17:48] C:\Program Files\Line6
[22/06/2008|22:09] C:\Program Files\Logitech
[25/06/2008|22:20] C:\Program Files\ma-config.com
[30/10/2005|18:23] C:\Program Files\Marvell
[02/11/2005|21:07] C:\Program Files\Matroska Playback Pack
[25/06/2008|20:22] C:\Program Files\M-Audio
[15/02/2007|22:06] C:\Program Files\Media Player Classic
[26/08/2008|20:58] C:\Program Files\Messenger
[30/10/2005|18:13] C:\Program Files\microsoft frontpage
[22/04/2007|11:50] C:\Program Files\Microsoft Office
[08/09/2008|23:50] C:\Program Files\Microsoft Picture It! PhotoPub
[23/11/2005|22:11] C:\Program Files\Microsoft Works
[23/11/2005|22:08] C:\Program Files\Microsoft Works Suite 2001
[16/02/2007|18:00] C:\Program Files\Mio Technology
[26/08/2008|20:54] C:\Program Files\Movie Maker
[30/10/2005|21:28] C:\Program Files\MSN
[30/10/2005|18:10] C:\Program Files\MSN Gaming Zone
[11/11/2005|13:05] C:\Program Files\MSN Messenger
[17/11/2006|18:57] C:\Program Files\MSXML 4.0
[12/09/2008|13:17] C:\Program Files\Native Instruments
[04/10/2008|11:15] C:\Program Files\Navilog1
[26/08/2008|20:54] C:\Program Files\NetMeeting
[03/10/2008|21:34] C:\Program Files\Neuf
[27/01/2008|15:44] C:\Program Files\nutri
[19/11/2005|19:27] C:\Program Files\NVIDIA Corporation
[26/08/2008|20:54] C:\Program Files\Outlook Express
[12/09/2008|20:04] C:\Program Files\Pianoteq 2.2
[09/11/2005|21:08] C:\Program Files\Pinnacle
[09/11/2005|23:27] C:\Program Files\PowerQuest
[01/05/2008|13:29] C:\Program Files\QuickTime
[15/02/2007|22:06] C:\Program Files\Real Alternative
[24/06/2008|21:18] C:\Program Files\Realtek AC97
[24/09/2006|16:07] C:\Program Files\Ripp-it_AM
[15/08/2006|12:23] C:\Program Files\Satsuki Decoder Pack
[30/10/2005|18:12] C:\Program Files\Services en ligne
[26/09/2007|19:18] C:\Program Files\Sierra On-Line
[04/12/2005|19:27] C:\Program Files\Skype
[17/09/2006|18:20] C:\Program Files\Sony Ericsson
[10/04/2008|18:07] C:\Program Files\SpectralDesign
[14/09/2008|12:06] C:\Program Files\Spybot - Search & Destroy
[17/08/2008|18:55] C:\Program Files\Steinberg
[10/06/2008|18:40] C:\Program Files\Syncrosoft
[26/09/2008|21:20] C:\Program Files\Trend Micro
[01/05/2008|13:44] C:\Program Files\Uninstall Information
[15/08/2008|19:16] C:\Program Files\vst plugins
[25/04/2008|16:38] C:\Program Files\Waves
[13/12/2006|20:36] C:\Program Files\Windows Media Connect 2
[26/08/2008|20:54] C:\Program Files\Windows Media Player
[26/08/2008|20:54] C:\Program Files\Windows NT
[10/11/2005|01:43] C:\Program Files\WindowsUpdate
[29/08/2008|21:49] C:\Program Files\WinRAR
[30/10/2005|18:13] C:\Program Files\xerox
[09/06/2008|18:47] C:\Program Files\XLN Audio
[24/09/2006|11:22] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/09/2006|18:51] C:\Program Files\Fichiers communs\Adobe
[13/11/2006|22:43] C:\Program Files\Fichiers communs\Ahead
[26/01/2008|18:25] C:\Program Files\Fichiers communs\Apple
[30/09/2008|19:37] C:\Program Files\Fichiers communs\BitDefender
[22/04/2007|11:50] C:\Program Files\Fichiers communs\Designer
[07/11/2005|20:05] C:\Program Files\Fichiers communs\Hewlett-Packard
[28/06/2008|13:04] C:\Program Files\Fichiers communs\InstallShield
[29/05/2007|22:08] C:\Program Files\Fichiers communs\Java
[22/06/2008|22:11] C:\Program Files\Fichiers communs\Logitech
[01/05/2008|13:44] C:\Program Files\Fichiers communs\Microsoft Shared
[30/10/2005|18:11] C:\Program Files\Fichiers communs\MSSoap
[19/11/2005|19:27] C:\Program Files\Fichiers communs\NVIDIA Shared
[30/10/2005|18:05] C:\Program Files\Fichiers communs\ODBC
[09/11/2005|20:43] C:\Program Files\Fichiers communs\Services
[30/09/2008|19:32] C:\Program Files\Fichiers communs\Softwin
[30/10/2005|18:05] C:\Program Files\Fichiers communs\SpeechEngines
[06/11/2006|22:17] C:\Program Files\Fichiers communs\Symantec Shared
[26/08/2008|20:54] C:\Program Files\Fichiers communs\System
[17/09/2006|18:21] C:\Program Files\Fichiers communs\Teleca Shared

--------------------\\ Process

( 39 Processes )

IEXPLORE.EXE ~ [PID:1828]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Trebz\Cookies\trebz@advertstream[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adultfriendfinder[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@advertising[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adin.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@banner.cotedazurpalace[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@cotedazurpalace[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@www.cotedazurpalace[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@adopt.euroclick[1].txt
C:\DOCUME~1\Trebz\Cookies\trebz@partypoker[2].txt
C:\DOCUME~1\Trebz\Cookies\trebz@fr.seafight.bigpoint[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 11:41:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\CMnmmUtv.ini
C:\WINDOWS\system32\CMnmmUtv.ini2
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Trebz\Local Settings\Application Data\ApplicationHistory\serial bit defender v10 key keygen.exe.1a8ae99b.ini
C:\DOCUME~1\Trebz\Mes documents\Ableton\Library\Presets\Vinyl Distortion\Crack.adv
C:\DOCUME~1\Trebz\Recent\Addictive Drums Crack Install.lnk
C:\DOCUME~1\Trebz\Recent\Addictive Drums XLN Audio Keygen.lnk
C:\DOCUME~1\Trebz\Recent\BitDefender.Total.Security.2008.V11.0.15.+Keygen+.patch.by-Siegfried.lnk
C:\DOCUME~1\Trebz\Recent\Copy.of.crack.pianoteq.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments B4 II + KeyGen.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments b4 v2.0.0.7 Incl Keygen-h2O.lnk
C:\DOCUME~1\Trebz\Recent\total_crack.lnk

[F:136][D:566]-> C:\DOCUME~1\Trebz\LOCALS~1\Temp
[F:551][D:0]-> C:\DOCUME~1\Trebz\Cookies
[F:17745][D:38]-> C:\DOCUME~1\Trebz\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|11:44 - Option : [1]

--------------------\\ Fin du rapport a 11:44:34
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
ok

Relance LOP S&D d'Eric71

Choisis cette fois ci l'option 3 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (situé aussi ici C:\lopR.txt )

un vundo c'est un trojan

il y'a des outil spécifique pour le suprimmer
-1
trebz30 Messages postés 15 Statut Membre > benurrr Messages postés 9766 Statut Contributeur sécurité
 
Voici le fichier d'analyse :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

( : )
USER : Trebz ( Administrator )
Antivirus : Bitdefender Antivirus 8.0 (Activated)
Firewall : Bitdefender Firewall 8.0 (Activated)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [3] ( 04/10/2008|12:21 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@advertstream[2].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@adultfriendfinder[2].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@advertising[2].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@fr.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Trebz\Cookies\trebz@partypoker[2].txt

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[22/06/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ableton
[15/08/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/01/2008|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[30/12/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[29/12/2007|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/08/2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[06/08/2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[28/06/2008|13:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[12/07/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Line 6
[25/06/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[22/04/2007|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[30/10/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[22/06/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[09/11/2005|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[09/11/2005|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[15/02/2007|22:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[04/12/2005|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/09/2006|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[14/09/2008|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/11/2006|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[17/09/2006|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[13/09/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/12/2006|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[30/10/2005|18:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[13/12/2006|20:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[30/10/2005|18:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/06/2008|22:32] C:\DOCUME~1\Trebz\APPLIC~1\Ableton
[15/06/2008|21:38] C:\DOCUME~1\Trebz\APPLIC~1\Adobe
[17/09/2006|18:51] C:\DOCUME~1\Trebz\APPLIC~1\AdobeUM
[27/01/2008|21:21] C:\DOCUME~1\Trebz\APPLIC~1\Apple Computer
[30/09/2008|19:38] C:\DOCUME~1\Trebz\APPLIC~1\Bitdefender
[30/12/2007|12:08] C:\DOCUME~1\Trebz\APPLIC~1\CyberLink
[15/04/2007|11:23] C:\DOCUME~1\Trebz\APPLIC~1\DivX
[07/11/2005|20:05] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[07/11/2005|20:06] C:\DOCUME~1\Trebz\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web
[06/08/2008|21:13] C:\DOCUME~1\Trebz\APPLIC~1\Help
[30/10/2005|18:16] C:\DOCUME~1\Trebz\APPLIC~1\Identities
[25/06/2008|20:18] C:\DOCUME~1\Trebz\APPLIC~1\InstallShield
[30/10/2005|18:47] C:\DOCUME~1\Trebz\APPLIC~1\InterTrust
[04/09/2007|20:04] C:\DOCUME~1\Trebz\APPLIC~1\Jasc Software Inc
[17/09/2006|18:34] C:\DOCUME~1\Trebz\APPLIC~1\Leadertech
[12/07/2008|17:51] C:\DOCUME~1\Trebz\APPLIC~1\Line 6
[04/11/2005|23:21] C:\DOCUME~1\Trebz\APPLIC~1\Macromedia
[15/08/2006|12:42] C:\DOCUME~1\Trebz\APPLIC~1\Media Player Classic
[14/06/2007|20:26] C:\DOCUME~1\Trebz\APPLIC~1\Microsoft
[23/09/2006|19:47] C:\DOCUME~1\Trebz\APPLIC~1\Mobile Master
[14/02/2006|20:58] C:\DOCUME~1\Trebz\APPLIC~1\MSN6
[19/02/2006|20:28] C:\DOCUME~1\Trebz\APPLIC~1\Real
[10/11/2007|19:48] C:\DOCUME~1\Trebz\APPLIC~1\Skype
[10/06/2008|18:45] C:\DOCUME~1\Trebz\APPLIC~1\Steinberg
[29/05/2007|22:10] C:\DOCUME~1\Trebz\APPLIC~1\Sun
[30/10/2005|19:04] C:\DOCUME~1\Trebz\APPLIC~1\Symantec
[17/09/2006|18:28] C:\DOCUME~1\Trebz\APPLIC~1\Teleca
[02/06/2008|21:48] C:\DOCUME~1\Trebz\APPLIC~1\vlc
[09/06/2008|19:01] C:\DOCUME~1\Trebz\APPLIC~1\Waves Audio

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/09/2008 15:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[04/10/2008 09:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[23/06/2008|17:40] C:\Program Files\Ableton
[04/10/2008|11:02] C:\Program Files\Adobe
[21/09/2008|17:37] C:\Program Files\adslTV
[13/11/2006|22:43] C:\Program Files\Ahead
[20/05/2008|20:05] C:\Program Files\Alwil Software
[26/04/2008|15:12] C:\Program Files\Antares
[26/01/2008|18:26] C:\Program Files\Apple Software Update
[24/09/2006|11:44] C:\Program Files\AviSynth 2.5
[30/09/2008|19:37] C:\Program Files\BitDefender
[26/05/2008|20:22] C:\Program Files\BitLord
[10/03/2008|23:23] C:\Program Files\Bonjour
[10/04/2008|18:14] C:\Program Files\brainspawn
[13/11/2006|20:08] C:\Program Files\CCleaner
[05/07/2008|16:08] C:\Program Files\Common Files
[30/12/2007|12:03] C:\Program Files\CyberLink
[01/05/2008|13:27] C:\Program Files\directx
[24/06/2008|19:37] C:\Program Files\DivX
[25/04/2008|16:18] C:\Program Files\DSPFX
[30/10/2005|22:16] C:\Program Files\D-Tools
[12/11/2005|11:55] C:\Program Files\DVD Decrypter
[30/10/2005|23:18] C:\Program Files\DVD Shrink
[03/06/2007|17:56] C:\Program Files\EarMaster
[24/09/2006|14:57] C:\Program Files\eRightSoft
[30/09/2008|19:36] C:\Program Files\Fichiers communs
[27/01/2008|19:22] C:\Program Files\Free iPod Video Converter
[03/11/2005|17:58] C:\Program Files\Guitar Pro 4
[03/10/2008|20:26] C:\Program Files\Hercules
[07/11/2005|20:04] C:\Program Files\Hewlett-Packard
[17/08/2007|17:28] C:\Program Files\Hofmann
[11/06/2007|19:45] C:\Program Files\HP
[06/08/2008|19:33] C:\Program Files\IncrediMail
[03/10/2008|20:26] C:\Program Files\InstallShield Installation Information
[15/09/2007|20:49] C:\Program Files\InterLok
[15/08/2008|19:11] C:\Program Files\Internet Explorer
[26/01/2008|18:33] C:\Program Files\iPod
[26/01/2008|18:33] C:\Program Files\iTunes
[04/09/2007|20:04] C:\Program Files\Jasc Software Inc
[19/10/2007|19:14] C:\Program Files\Java
[24/08/2008|12:05] C:\Program Files\Jibege Freq
[07/11/2006|21:36] C:\Program Files\Lavasoft
[12/07/2008|17:48] C:\Program Files\Line6
[22/06/2008|22:09] C:\Program Files\Logitech
[25/06/2008|22:20] C:\Program Files\ma-config.com
[30/10/2005|18:23] C:\Program Files\Marvell
[02/11/2005|21:07] C:\Program Files\Matroska Playback Pack
[25/06/2008|20:22] C:\Program Files\M-Audio
[15/02/2007|22:06] C:\Program Files\Media Player Classic
[26/08/2008|20:58] C:\Program Files\Messenger
[30/10/2005|18:13] C:\Program Files\microsoft frontpage
[22/04/2007|11:50] C:\Program Files\Microsoft Office
[08/09/2008|23:50] C:\Program Files\Microsoft Picture It! PhotoPub
[23/11/2005|22:11] C:\Program Files\Microsoft Works
[23/11/2005|22:08] C:\Program Files\Microsoft Works Suite 2001
[16/02/2007|18:00] C:\Program Files\Mio Technology
[26/08/2008|20:54] C:\Program Files\Movie Maker
[30/10/2005|21:28] C:\Program Files\MSN
[30/10/2005|18:10] C:\Program Files\MSN Gaming Zone
[11/11/2005|13:05] C:\Program Files\MSN Messenger
[17/11/2006|18:57] C:\Program Files\MSXML 4.0
[12/09/2008|13:17] C:\Program Files\Native Instruments
[04/10/2008|11:15] C:\Program Files\Navilog1
[26/08/2008|20:54] C:\Program Files\NetMeeting
[03/10/2008|21:34] C:\Program Files\Neuf
[27/01/2008|15:44] C:\Program Files\nutri
[19/11/2005|19:27] C:\Program Files\NVIDIA Corporation
[26/08/2008|20:54] C:\Program Files\Outlook Express
[12/09/2008|20:04] C:\Program Files\Pianoteq 2.2
[09/11/2005|21:08] C:\Program Files\Pinnacle
[09/11/2005|23:27] C:\Program Files\PowerQuest
[01/05/2008|13:29] C:\Program Files\QuickTime
[15/02/2007|22:06] C:\Program Files\Real Alternative
[24/06/2008|21:18] C:\Program Files\Realtek AC97
[24/09/2006|16:07] C:\Program Files\Ripp-it_AM
[15/08/2006|12:23] C:\Program Files\Satsuki Decoder Pack
[30/10/2005|18:12] C:\Program Files\Services en ligne
[26/09/2007|19:18] C:\Program Files\Sierra On-Line
[04/12/2005|19:27] C:\Program Files\Skype
[17/09/2006|18:20] C:\Program Files\Sony Ericsson
[10/04/2008|18:07] C:\Program Files\SpectralDesign
[14/09/2008|12:06] C:\Program Files\Spybot - Search & Destroy
[17/08/2008|18:55] C:\Program Files\Steinberg
[10/06/2008|18:40] C:\Program Files\Syncrosoft
[26/09/2008|21:20] C:\Program Files\Trend Micro
[01/05/2008|13:44] C:\Program Files\Uninstall Information
[15/08/2008|19:16] C:\Program Files\vst plugins
[25/04/2008|16:38] C:\Program Files\Waves
[13/12/2006|20:36] C:\Program Files\Windows Media Connect 2
[26/08/2008|20:54] C:\Program Files\Windows Media Player
[26/08/2008|20:54] C:\Program Files\Windows NT
[10/11/2005|01:43] C:\Program Files\WindowsUpdate
[29/08/2008|21:49] C:\Program Files\WinRAR
[30/10/2005|18:13] C:\Program Files\xerox
[09/06/2008|18:47] C:\Program Files\XLN Audio
[24/09/2006|11:22] C:\Program Files\XviD

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/09/2006|18:51] C:\Program Files\Fichiers communs\Adobe
[13/11/2006|22:43] C:\Program Files\Fichiers communs\Ahead
[26/01/2008|18:25] C:\Program Files\Fichiers communs\Apple
[30/09/2008|19:37] C:\Program Files\Fichiers communs\BitDefender
[22/04/2007|11:50] C:\Program Files\Fichiers communs\Designer
[07/11/2005|20:05] C:\Program Files\Fichiers communs\Hewlett-Packard
[28/06/2008|13:04] C:\Program Files\Fichiers communs\InstallShield
[29/05/2007|22:08] C:\Program Files\Fichiers communs\Java
[22/06/2008|22:11] C:\Program Files\Fichiers communs\Logitech
[01/05/2008|13:44] C:\Program Files\Fichiers communs\Microsoft Shared
[30/10/2005|18:11] C:\Program Files\Fichiers communs\MSSoap
[19/11/2005|19:27] C:\Program Files\Fichiers communs\NVIDIA Shared
[30/10/2005|18:05] C:\Program Files\Fichiers communs\ODBC
[09/11/2005|20:43] C:\Program Files\Fichiers communs\Services
[30/09/2008|19:32] C:\Program Files\Fichiers communs\Softwin
[30/10/2005|18:05] C:\Program Files\Fichiers communs\SpeechEngines
[06/11/2006|22:17] C:\Program Files\Fichiers communs\Symantec Shared
[26/08/2008|20:54] C:\Program Files\Fichiers communs\System
[17/09/2006|18:21] C:\Program Files\Fichiers communs\Teleca Shared

--------------------\\ Process

( 37 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-04 12:24:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\CMnmmUtv.ini
C:\WINDOWS\system32\CMnmmUtv.ini2
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Trebz\Local Settings\Application Data\ApplicationHistory\serial bit defender v10 key keygen.exe.1a8ae99b.ini
C:\DOCUME~1\Trebz\Mes documents\Ableton\Library\Presets\Vinyl Distortion\Crack.adv
C:\DOCUME~1\Trebz\Recent\Addictive Drums Crack Install.lnk
C:\DOCUME~1\Trebz\Recent\Addictive Drums XLN Audio Keygen.lnk
C:\DOCUME~1\Trebz\Recent\BitDefender.Total.Security.2008.V11.0.15.+Keygen+.patch.by-Siegfried.lnk
C:\DOCUME~1\Trebz\Recent\Copy.of.crack.pianoteq.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments B4 II + KeyGen.lnk
C:\DOCUME~1\Trebz\Recent\Native Instruments b4 v2.0.0.7 Incl Keygen-h2O.lnk
C:\DOCUME~1\Trebz\Recent\total_crack.lnk


[F:136][D:566]-> C:\DOCUME~1\Trebz\LOCALS~1\Temp
[F:544][D:0]-> C:\DOCUME~1\Trebz\Cookies
[F:18213][D:38]-> C:\DOCUME~1\Trebz\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/10/2008|11:44 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/10/2008|12:26 - Option : [3]

--------------------\\ Fin du rapport a 12:26:21
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107 > trebz30 Messages postés 15 Statut Membre
 
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer.

Coche Run VundoFix as a task.

Un message t'avertira que l'outil va se fermer et s'ouvrir à nouveau : clique Ok
Clique sur le bouton Scan for Vundo.

Lorsque le scan est complété, clique sur le bouton Remove Vundo.

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.

Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown") ; clique OK
Démarre ton PC à nouveau.

s'il ne trouve rien refait le scan on mode sans echec
-1
trebz30 Messages postés 15 Statut Membre > benurrr Messages postés 9766 Statut Contributeur sécurité
 
J'ai lancé vundofix en mode normal et en mode sans echec; et il ne ma pas trouvé d'infection (et j'ai toujours mes fenetres publicitaires)
-1
Réponse 3 / 3
trebz30 Messages postés 15 Statut Membre
 
up
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
Téléchargez VirtumundoBeGone sur votre bureau.

http://secured2k.home.comcast.net/~secured2k/tools/VirtumundoBeGone.exe

Double-cliquez ensuite sur VirtumundoBeGone.exe et suivez les instructions qui s'affichent à l'écran.
Une fois terminé, redémarrez votre PC.
PS : Ne vous inquiétez pas si vous voyez un écran bleu "Erreur fatale", c'est normal.


Par Manque De Curiosité On Risque De Mourir Ignorant;Tu es libre de penser que tu es C..,
mais C.. de penser que ­tu es libre...merci a australe13
-1
trebz30 Messages postés 15 Statut Membre > benurrr Messages postés 9766 Statut Contributeur sécurité
 
J'ai lancé VirtumundoBeGone et visiblement il n'a rien trouvé.

Voici le rapport :

[10/04/2008, 19:30:30] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Trebz\Bureau\VirtumundoBeGone.exe" )
[10/04/2008, 19:30:39] - Detected System Information:
[10/04/2008, 19:30:39] - Windows Version: 5.1.2600, Service Pack 2
[10/04/2008, 19:30:39] - Current Username: Trebz (Admin)
[10/04/2008, 19:30:39] - Windows is in NORMAL mode.
[10/04/2008, 19:30:39] - Searching for Browser Helper Objects:
[10/04/2008, 19:30:39] - BHO 1: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/04/2008, 19:30:39] - BHO 2: {9700b61c-eb97-4606-9950-d230c97b0fce} ()
[10/04/2008, 19:30:39] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/04/2008, 19:30:39] - Checking for HKLM\...\Winlogon\Notify\gpwrsu
[10/04/2008, 19:30:39] - Key not found: HKLM\...\Winlogon\Notify\gpwrsu, continuing.
[10/04/2008, 19:30:39] - BHO 3: {EA820942-2FBE-470D-9BCE-006A7E416651} ()
[10/04/2008, 19:30:39] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/04/2008, 19:30:39] - Checking for HKLM\...\Winlogon\Notify\vtUmmnMC
[10/04/2008, 19:30:39] - Key not found: HKLM\...\Winlogon\Notify\vtUmmnMC, continuing.
[10/04/2008, 19:30:40] - Finished Searching Browser Helper Objects
[10/04/2008, 19:30:40] - Finishing up...
[10/04/2008, 19:30:40] - Nothing found! Exiting...

[10/04/2008, 19:31:02] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Trebz\Bureau\VirtumundoBeGone.exe" )
[10/04/2008, 19:31:04] - Detected System Information:
[10/04/2008, 19:31:04] - Windows Version: 5.1.2600, Service Pack 2
[10/04/2008, 19:31:04] - Current Username: Trebz (Admin)
[10/04/2008, 19:31:04] - Windows is in NORMAL mode.
[10/04/2008, 19:31:04] - Searching for Browser Helper Objects:
[10/04/2008, 19:31:04] - BHO 1: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[10/04/2008, 19:31:04] - BHO 2: {9700b61c-eb97-4606-9950-d230c97b0fce} ()
[10/04/2008, 19:31:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/04/2008, 19:31:04] - Checking for HKLM\...\Winlogon\Notify\gpwrsu
[10/04/2008, 19:31:04] - Key not found: HKLM\...\Winlogon\Notify\gpwrsu, continuing.
[10/04/2008, 19:31:04] - BHO 3: {EA820942-2FBE-470D-9BCE-006A7E416651} ()
[10/04/2008, 19:31:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[10/04/2008, 19:31:04] - Checking for HKLM\...\Winlogon\Notify\vtUmmnMC
[10/04/2008, 19:31:04] - Key not found: HKLM\...\Winlogon\Notify\vtUmmnMC, continuing.
[10/04/2008, 19:31:04] - Finished Searching Browser Helper Objects
[10/04/2008, 19:31:04] - Finishing up...
[10/04/2008, 19:31:04] - Nothing found! Exiting...
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107 > trebz30 Messages postés 15 Statut Membre
 
télécharge malwarbyte http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware

a l'installation vérifie que mise a jour et lancer programme et scan complet sont bien cocher

Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".

A la fin du scan clique sur Afficher les résultats

Suppression des éléments détectés >>>> clique sur Supprimer la sélection ou supprimer tout
S'il t'es demandé de redémarrer >>> clique sur "Yes"

Et tu poste le rapport générer
et on attendant une réponse tu peut refaire un scan malwarbyte mais on mode sans échec car beaucoup plus efficace

comment démarrer on mode sans échec ici tuto http://www.infos-du-net.com/forum/272325-11-tuto-demarrer-mode-echec

tu enregistre le rapport générer de façon a le retrouver et tu poste le nouveau rapport rapport
-1
trebz30 Messages postés 15 Statut Membre > benurrr Messages postés 9766 Statut Contributeur sécurité
 
Merci beaucoup pour ton aide benurrr, visiblement, je n'ai plus de publicité.
merci encore pour ton aide.

voici le rapport:

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1227
Windows 5.1.2600 Service Pack 2

04/10/2008 21:14:17
mbam-log-2008-10-04 (21-14-17).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 130047
Temps écoulé: 1 hour(s), 13 minute(s), 19 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\gpwrsu.dll (Trojan.Vundo) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9700b61c-eb97-4606-9950-d230c97b0fce} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9700b61c-eb97-4606-9950-d230c97b0fce} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmf75abf8b (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\gpwrsu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\maryroun.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\skqldeag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hotflo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\BMf75abf8b.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMf75abf8b.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107 > trebz30 Messages postés 15 Statut Membre
 
on va nettoyer les fix qui nous ont servit

Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

Double clique sur ToolsCleaner2.exe >
puis Recherche
et sur Suppression
Note : ton bureau va disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

et poste le rapport generer stp
-1

Discussions similaires

Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses