Virus privacyremover.M64
RDOS
Messages postés
2
Statut
Membre
-
Destrio5 Messages postés 99820 Statut Modérateur -
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : BIOS Date: 09/11/06 09:57:47 Ver: 08.00.10
USER : Administrateur ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : Kaspersky Anti-Virus 8.0.0.357 (Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.357 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 298 Go Free : 134 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 149 Go Free : 62 Go
M:\ (USB)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 06.10.2008|17:29 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24.06.2008|17:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06.10.2008|12:43] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Adobe
[06.10.2008|13:04] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Macromedia
[06.10.2008|12:42] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Microsoft
[23.09.2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[14.09.2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06.03.2008|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04.06.2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[30.06.2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23.09.2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22.02.2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[05.10.2008|22:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[30.06.2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[22.02.2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05.10.2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[02.07.2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cyberlink
[07.08.2008|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[06.03.2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[04.03.2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[06.09.2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13.04.2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[06.10.2008|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[03.07.2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[24.06.2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22.02.2008|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[31.05.2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[25.02.2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[07.08.2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[25.08.2008|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07.08.2008|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10.09.2008|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[26.05.2008|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[06.09.2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[13.04.2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[11.03.2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17.08.2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidWorks
[24.06.2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05.10.2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[29.04.2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22.02.2008|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04.08.2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[22.02.2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[25.02.2008|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[25.02.2008|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[21.02.2008|18:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06.08.2008|08:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02.08.2008|11:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05.10.2008|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[04.06.2008|20:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[21.08.2008|19:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ansys
[21.08.2008|17:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[16.04.2008|17:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[22.02.2008|15:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\ATI
[23.08.2008|12:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[30.06.2008|19:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU
[27.09.2008|19:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Azureus
[13.04.2008|12:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
[20.08.2008|00:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\CVitae
[04.10.2008|09:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
[17.07.2008|10:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\DAEMON Tools
[07.08.2008|22:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\DassaultSystemes
[19.05.2008|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
[02.08.2008|12:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\DWGeditor
[21.02.2008|18:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[06.10.2008|06:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\IM
[10.05.2008|14:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\KompoZer
[24.06.2008|17:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[28.08.2008|14:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[22.02.2008|20:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14.08.2008|18:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[24.06.2008|18:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24.06.2008|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[19.04.2008|16:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\NewSoft
[08.09.2008|19:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia
[10.05.2008|08:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nvu
[13.09.2008|23:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera
[06.09.2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\PC Suite
[13.04.2008|12:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
[05.10.2008|09:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[01.07.2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
[26.08.2008|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\SolidWorks
[23.02.2008|13:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\SolidWorks 2008
[20.07.2008|00:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[17.07.2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[05.10.2008|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\TmpRecentIcons
[17.05.2008|11:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Winamp
[18.03.2008|15:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
[12.03.2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06.10.2008 12:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[14.09.2008|11:20] C:\Program Files\Adobe
[17.08.2008|17:46] C:\Program Files\AGEIA Technologies
[04.06.2008|20:38] C:\Program Files\Ahead
[05.09.2008|11:52] C:\Program Files\ALDI Suisse Foto Service
[22.02.2008|10:51] C:\Program Files\Analog Devices
[23.08.2008|12:07] C:\Program Files\AOEMView 2009
[13.04.2008|12:09] C:\Program Files\ArcSoft
[07.08.2008|11:42] C:\Program Files\ASUS
[22.02.2008|15:05] C:\Program Files\ATI Technologies
[16.09.2008|17:54] C:\Program Files\Autodesk
[02.07.2008|19:42] C:\Program Files\AVS4YOU
[02.07.2008|18:55] C:\Program Files\Azureus
[05.10.2008|22:18] C:\Program Files\Bonjour
[13.04.2008|12:09] C:\Program Files\Canon
[13.04.2008|12:08] C:\Program Files\CanonBJ
[25.08.2008|12:38] C:\Program Files\Circle Developement
[18.07.2008|23:50] C:\Program Files\Codemasters
[21.02.2008|18:01] C:\Program Files\ComPlus Applications
[04.10.2008|09:52] C:\Program Files\Converio 2.0
[05.10.2008|22:10] C:\Program Files\CVitae
[04.10.2008|10:33] C:\Program Files\CyberLink
[17.07.2008|19:35] C:\Program Files\DAEMON Tools Lite
[17.07.2008|10:52] C:\Program Files\DAEMON Tools Toolbar
[06.09.2008|16:28] C:\Program Files\DIFX
[25.06.2008|22:43] C:\Program Files\Digital Photo Navigator 1.5
[15.09.2008|22:27] C:\Program Files\DivX
[14.03.2008|12:07] C:\Program Files\DVD Shrink
[14.08.2008|12:50] C:\Program Files\Electronic Arts
[14.09.2008|11:06] C:\Program Files\Fichiers communs
[26.09.2008|07:51] C:\Program Files\Google
[07.08.2008|13:10] C:\Program Files\Hewlett-Packard
[05.10.2008|22:19] C:\Program Files\InstallShield Installation Information
[22.02.2008|10:54] C:\Program Files\Intel
[14.08.2008|23:54] C:\Program Files\Internet Explorer
[23.09.2008|17:55] C:\Program Files\iPod
[23.09.2008|17:55] C:\Program Files\iTunes
[09.07.2008|21:40] C:\Program Files\iVerio Softwares
[20.07.2008|00:29] C:\Program Files\Java
[02.07.2008|19:36] C:\Program Files\Kaspersky Lab
[24.02.2008|08:39] C:\Program Files\Larousse Multim‚dia
[24.06.2008|17:43] C:\Program Files\Lavasoft
[17.08.2008|16:19] C:\Program Files\Logitech
[14.09.2008|08:24] C:\Program Files\Messenger
[25.08.2008|12:38] C:\Program Files\Messenger Plus! Live
[25.02.2008|21:30] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[21.02.2008|18:03] C:\Program Files\microsoft frontpage
[17.08.2008|17:46] C:\Program Files\Microsoft Office
[05.08.2008|12:45] C:\Program Files\Microsoft SQL Server
[22.02.2008|21:26] C:\Program Files\Microsoft Visual Studio
[22.02.2008|21:22] C:\Program Files\Microsoft Visual Studio 8
[22.02.2008|21:27] C:\Program Files\Microsoft Works
[02.08.2008|10:07] C:\Program Files\Microsoft WSE
[02.08.2008|11:18] C:\Program Files\Microsoft.NET
[14.09.2008|07:26] C:\Program Files\Movie Maker
[05.10.2008|22:07] C:\Program Files\Mozilla Firefox
[24.06.2008|17:43] C:\Program Files\Mozilla Firefox(2)
[22.02.2008|21:27] C:\Program Files\MSBuild
[23.02.2008|12:00] C:\Program Files\MSECache
[01.04.2008|17:54] C:\Program Files\MSN
[21.02.2008|18:00] C:\Program Files\MSN Gaming Zone
[25.02.2008|21:30] C:\Program Files\MSXML 4.0
[22.02.2008|12:27] C:\Program Files\MSXML 6.0
[22.02.2008|14:09] C:\Program Files\Nero
[14.09.2008|07:18] C:\Program Files\NetMeeting
[13.04.2008|11:57] C:\Program Files\NewSoft
[06.09.2008|16:29] C:\Program Files\Nokia
[10.05.2008|14:25] C:\Program Files\Nvu
[21.02.2008|18:00] C:\Program Files\Online Services
[19.07.2008|00:32] C:\Program Files\OpenAL
[14.09.2008|07:33] C:\Program Files\Outlook Express
[06.09.2008|16:28] C:\Program Files\PC Connectivity Solution
[05.10.2008|21:30] C:\Program Files\PCHealthCenter
[26.09.2008|07:51] C:\Program Files\Picasa2
[02.08.2008|09:34] C:\Program Files\PowerISO
[23.09.2008|17:53] C:\Program Files\QuickTime
[22.02.2008|10:59] C:\Program Files\Realtek
[22.02.2008|11:46] C:\Program Files\Reference Assemblies
[21.08.2008|17:17] C:\Program Files\Safari
[05.10.2008|09:52] C:\Program Files\SAV
[13.04.2008|12:10] C:\Program Files\ScanSoft
[30.03.2008|10:29] C:\Program Files\Services en ligne
[17.08.2008|21:30] C:\Program Files\SolidWorks
[20.07.2008|00:29] C:\Program Files\Sun
[17.07.2008|10:54] C:\Program Files\THQ
[23.02.2008|12:59] C:\Program Files\Uninstall Information
[24.07.2008|14:43] C:\Program Files\VaudTax2007
[17.05.2008|10:03] C:\Program Files\Winamp
[01.10.2008|10:55] C:\Program Files\Winamp Remote
[07.08.2008|11:10] C:\Program Files\Windows Desktop Search
[22.02.2008|21:35] C:\Program Files\Windows Live
[22.02.2008|11:45] C:\Program Files\Windows Media Connect 2
[14.09.2008|07:18] C:\Program Files\Windows Media Player
[14.09.2008|07:18] C:\Program Files\Windows NT
[21.02.2008|18:02] C:\Program Files\WindowsUpdate
[12.03.2008|19:45] C:\Program Files\WinRAR
[04.08.2008|13:25] C:\Program Files\WinZip
[21.02.2008|18:03] C:\Program Files\xerox
[25.02.2008|22:34] C:\Program Files\Yahoo!
[21.03.2008|11:30] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[14.09.2008|11:19] C:\Program Files\Fichiers communs\Adobe
[06.03.2008|21:03] C:\Program Files\Fichiers communs\Adobe Systems Shared
[04.06.2008|20:29] C:\Program Files\Fichiers communs\Ahead
[07.08.2008|10:39] C:\Program Files\Fichiers communs\Aladdin Shared
[23.09.2008|17:52] C:\Program Files\Fichiers communs\Apple
[05.10.2008|22:25] C:\Program Files\Fichiers communs\Autodesk Shared
[02.07.2008|19:45] C:\Program Files\Fichiers communs\AVSMedia
[13.04.2008|11:56] C:\Program Files\Fichiers communs\CANON
[17.08.2008|17:46] C:\Program Files\Fichiers communs\DESIGNER
[17.08.2008|17:59] C:\Program Files\Fichiers communs\eDrawings2008
[17.08.2008|17:13] C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks
[13.04.2008|12:11] C:\Program Files\Fichiers communs\InstallShield
[20.07.2008|00:27] C:\Program Files\Fichiers communs\Java
[22.02.2008|14:12] C:\Program Files\Fichiers communs\LightScribe
[07.08.2008|12:46] C:\Program Files\Fichiers communs\LogiShrd
[13.04.2008|10:51] C:\Program Files\Fichiers communs\Logitech
[14.09.2008|11:06] C:\Program Files\Fichiers communs\Macrovision Shared
[21.08.2008|18:55] C:\Program Files\Fichiers communs\Microsoft Shared
[21.02.2008|18:01] C:\Program Files\Fichiers communs\MSSoap
[06.09.2008|16:29] C:\Program Files\Fichiers communs\Nokia
[17.05.2008|10:09] C:\Program Files\Fichiers communs\NSV
[21.02.2008|18:37] C:\Program Files\Fichiers communs\ODBC
[06.09.2008|16:29] C:\Program Files\Fichiers communs\PCSuite
[13.04.2008|12:12] C:\Program Files\Fichiers communs\PDFView
[13.04.2008|12:11] C:\Program Files\Fichiers communs\ScanSoft Shared
[21.02.2008|18:01] C:\Program Files\Fichiers communs\Services
[17.05.2008|15:37] C:\Program Files\Fichiers communs\Skype
[17.08.2008|18:04] C:\Program Files\Fichiers communs\SolidWorks Shared
[21.02.2008|18:37] C:\Program Files\Fichiers communs\SpeechEngines
[05.10.2008|22:20] C:\Program Files\Fichiers communs\Symantec Shared
[14.09.2008|07:33] C:\Program Files\Fichiers communs\System
[22.02.2008|21:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[24.06.2008|17:43] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 29 Processes )
IEXPLORE.EXE ~ [PID:1500]
iexplore.exe ~ [PID:4840]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
C:\DOCUME~1\ADMINI~1.ADM\Cookies\administrateur@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 17:33:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\ayIknnpo.ini
C:\WINDOWS\system32\ayIknnpo.ini2
C:\WINDOWS\system32\drynvylo.ini
C:\WINDOWS\system32\drynvylo.ini2
C:\WINDOWS\system32\fhjlmUvw.ini2
C:\WINDOWS\system32\NTDKRXbc.ini
C:\WINDOWS\system32\NTDKRXbc.ini2
C:\WINDOWS\system32\UxEKnqss.ini
C:\WINDOWS\system32\UxEKnqss.ini2
C:\WINDOWS\system32\YGgOXyay.ini2
C:\WINDOWS\system32\yGhkQXyb.ini
C:\WINDOWS\system32\yGhkQXyb.ini2
[b]==> VUNDO <==/b
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv]
Trojan ! .. C:\WINDOWS\system32\drivers\tdssserv.sys
Trojan ! .. C:\WINDOWS\system32\tdssl.dll
--------------------\\ Suspect ..
C:\WINDOWS\system32\TDSSl.dll
[F:62][D:10]-> C:\DOCUME~1\ADMINI~1.ADM\LOCALS~1\Temp
[F:36][D:0]-> C:\DOCUME~1\ADMINI~1.ADM\Cookies
[F:682][D:4]-> C:\DOCUME~1\ADMINI~1.ADM\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06.10.2008|17:17 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06.10.2008|17:36 - Option : [1]
--------------------\\ Fin du rapport a 17:36:10
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : BIOS Date: 09/11/06 09:57:47 Ver: 08.00.10
USER : Administrateur ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : Kaspersky Anti-Virus 8.0.0.357 (Activated)
Firewall : Kaspersky Anti-Virus 8.0.0.357 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 298 Go Free : 134 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 149 Go Free : 62 Go
M:\ (USB)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 06.10.2008|17:29 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24.06.2008|17:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[06.10.2008|12:43] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Adobe
[06.10.2008|13:04] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Macromedia
[06.10.2008|12:42] C:\DOCUME~1\ADMINI~1.ADM\APPLIC~1\Microsoft
[23.09.2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[14.09.2008|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06.03.2008|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04.06.2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[30.06.2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[23.09.2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22.02.2008|15:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[05.10.2008|22:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[30.06.2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[22.02.2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05.10.2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[02.07.2008|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cyberlink
[07.08.2008|22:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[06.03.2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[04.03.2008|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[06.09.2008|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13.04.2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[06.10.2008|06:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[03.07.2008|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[24.06.2008|17:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22.02.2008|20:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[31.05.2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[25.02.2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[07.08.2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[25.08.2008|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07.08.2008|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10.09.2008|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[26.05.2008|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[06.09.2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[13.04.2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[11.03.2008|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17.08.2008|13:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidWorks
[24.06.2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05.10.2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[29.04.2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22.02.2008|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04.08.2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[22.02.2008|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[25.02.2008|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[25.02.2008|23:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[21.02.2008|18:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06.08.2008|08:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[02.08.2008|11:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05.10.2008|11:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[04.06.2008|20:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[21.08.2008|19:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ansys
[21.08.2008|17:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\Apple Computer
[16.04.2008|17:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[22.02.2008|15:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\ATI
[23.08.2008|12:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[30.06.2008|19:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVS4YOU
[27.09.2008|19:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Azureus
[13.04.2008|12:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Canon
[20.08.2008|00:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\CVitae
[04.10.2008|09:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\CyberLink
[17.07.2008|10:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\DAEMON Tools
[07.08.2008|22:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\DassaultSystemes
[19.05.2008|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\DivX
[02.08.2008|12:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\DWGeditor
[21.02.2008|18:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[06.10.2008|06:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\IM
[10.05.2008|14:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\KompoZer
[24.06.2008|17:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[28.08.2008|14:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[22.02.2008|20:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14.08.2008|18:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[24.06.2008|18:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[24.06.2008|17:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[19.04.2008|16:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\NewSoft
[08.09.2008|19:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nokia
[10.05.2008|08:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nvu
[13.09.2008|23:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Opera
[06.09.2008|17:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\PC Suite
[13.04.2008|12:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\ScanSoft
[05.10.2008|09:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[01.07.2008|17:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\skypePM
[26.08.2008|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\SolidWorks
[23.02.2008|13:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\SolidWorks 2008
[20.07.2008|00:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[17.07.2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[05.10.2008|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\TmpRecentIcons
[17.05.2008|11:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Winamp
[18.03.2008|15:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
[12.03.2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06.10.2008 12:27][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[14.09.2008|11:20] C:\Program Files\Adobe
[17.08.2008|17:46] C:\Program Files\AGEIA Technologies
[04.06.2008|20:38] C:\Program Files\Ahead
[05.09.2008|11:52] C:\Program Files\ALDI Suisse Foto Service
[22.02.2008|10:51] C:\Program Files\Analog Devices
[23.08.2008|12:07] C:\Program Files\AOEMView 2009
[13.04.2008|12:09] C:\Program Files\ArcSoft
[07.08.2008|11:42] C:\Program Files\ASUS
[22.02.2008|15:05] C:\Program Files\ATI Technologies
[16.09.2008|17:54] C:\Program Files\Autodesk
[02.07.2008|19:42] C:\Program Files\AVS4YOU
[02.07.2008|18:55] C:\Program Files\Azureus
[05.10.2008|22:18] C:\Program Files\Bonjour
[13.04.2008|12:09] C:\Program Files\Canon
[13.04.2008|12:08] C:\Program Files\CanonBJ
[25.08.2008|12:38] C:\Program Files\Circle Developement
[18.07.2008|23:50] C:\Program Files\Codemasters
[21.02.2008|18:01] C:\Program Files\ComPlus Applications
[04.10.2008|09:52] C:\Program Files\Converio 2.0
[05.10.2008|22:10] C:\Program Files\CVitae
[04.10.2008|10:33] C:\Program Files\CyberLink
[17.07.2008|19:35] C:\Program Files\DAEMON Tools Lite
[17.07.2008|10:52] C:\Program Files\DAEMON Tools Toolbar
[06.09.2008|16:28] C:\Program Files\DIFX
[25.06.2008|22:43] C:\Program Files\Digital Photo Navigator 1.5
[15.09.2008|22:27] C:\Program Files\DivX
[14.03.2008|12:07] C:\Program Files\DVD Shrink
[14.08.2008|12:50] C:\Program Files\Electronic Arts
[14.09.2008|11:06] C:\Program Files\Fichiers communs
[26.09.2008|07:51] C:\Program Files\Google
[07.08.2008|13:10] C:\Program Files\Hewlett-Packard
[05.10.2008|22:19] C:\Program Files\InstallShield Installation Information
[22.02.2008|10:54] C:\Program Files\Intel
[14.08.2008|23:54] C:\Program Files\Internet Explorer
[23.09.2008|17:55] C:\Program Files\iPod
[23.09.2008|17:55] C:\Program Files\iTunes
[09.07.2008|21:40] C:\Program Files\iVerio Softwares
[20.07.2008|00:29] C:\Program Files\Java
[02.07.2008|19:36] C:\Program Files\Kaspersky Lab
[24.02.2008|08:39] C:\Program Files\Larousse Multim‚dia
[24.06.2008|17:43] C:\Program Files\Lavasoft
[17.08.2008|16:19] C:\Program Files\Logitech
[14.09.2008|08:24] C:\Program Files\Messenger
[25.08.2008|12:38] C:\Program Files\Messenger Plus! Live
[25.02.2008|21:30] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[21.02.2008|18:03] C:\Program Files\microsoft frontpage
[17.08.2008|17:46] C:\Program Files\Microsoft Office
[05.08.2008|12:45] C:\Program Files\Microsoft SQL Server
[22.02.2008|21:26] C:\Program Files\Microsoft Visual Studio
[22.02.2008|21:22] C:\Program Files\Microsoft Visual Studio 8
[22.02.2008|21:27] C:\Program Files\Microsoft Works
[02.08.2008|10:07] C:\Program Files\Microsoft WSE
[02.08.2008|11:18] C:\Program Files\Microsoft.NET
[14.09.2008|07:26] C:\Program Files\Movie Maker
[05.10.2008|22:07] C:\Program Files\Mozilla Firefox
[24.06.2008|17:43] C:\Program Files\Mozilla Firefox(2)
[22.02.2008|21:27] C:\Program Files\MSBuild
[23.02.2008|12:00] C:\Program Files\MSECache
[01.04.2008|17:54] C:\Program Files\MSN
[21.02.2008|18:00] C:\Program Files\MSN Gaming Zone
[25.02.2008|21:30] C:\Program Files\MSXML 4.0
[22.02.2008|12:27] C:\Program Files\MSXML 6.0
[22.02.2008|14:09] C:\Program Files\Nero
[14.09.2008|07:18] C:\Program Files\NetMeeting
[13.04.2008|11:57] C:\Program Files\NewSoft
[06.09.2008|16:29] C:\Program Files\Nokia
[10.05.2008|14:25] C:\Program Files\Nvu
[21.02.2008|18:00] C:\Program Files\Online Services
[19.07.2008|00:32] C:\Program Files\OpenAL
[14.09.2008|07:33] C:\Program Files\Outlook Express
[06.09.2008|16:28] C:\Program Files\PC Connectivity Solution
[05.10.2008|21:30] C:\Program Files\PCHealthCenter
[26.09.2008|07:51] C:\Program Files\Picasa2
[02.08.2008|09:34] C:\Program Files\PowerISO
[23.09.2008|17:53] C:\Program Files\QuickTime
[22.02.2008|10:59] C:\Program Files\Realtek
[22.02.2008|11:46] C:\Program Files\Reference Assemblies
[21.08.2008|17:17] C:\Program Files\Safari
[05.10.2008|09:52] C:\Program Files\SAV
[13.04.2008|12:10] C:\Program Files\ScanSoft
[30.03.2008|10:29] C:\Program Files\Services en ligne
[17.08.2008|21:30] C:\Program Files\SolidWorks
[20.07.2008|00:29] C:\Program Files\Sun
[17.07.2008|10:54] C:\Program Files\THQ
[23.02.2008|12:59] C:\Program Files\Uninstall Information
[24.07.2008|14:43] C:\Program Files\VaudTax2007
[17.05.2008|10:03] C:\Program Files\Winamp
[01.10.2008|10:55] C:\Program Files\Winamp Remote
[07.08.2008|11:10] C:\Program Files\Windows Desktop Search
[22.02.2008|21:35] C:\Program Files\Windows Live
[22.02.2008|11:45] C:\Program Files\Windows Media Connect 2
[14.09.2008|07:18] C:\Program Files\Windows Media Player
[14.09.2008|07:18] C:\Program Files\Windows NT
[21.02.2008|18:02] C:\Program Files\WindowsUpdate
[12.03.2008|19:45] C:\Program Files\WinRAR
[04.08.2008|13:25] C:\Program Files\WinZip
[21.02.2008|18:03] C:\Program Files\xerox
[25.02.2008|22:34] C:\Program Files\Yahoo!
[21.03.2008|11:30] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[14.09.2008|11:19] C:\Program Files\Fichiers communs\Adobe
[06.03.2008|21:03] C:\Program Files\Fichiers communs\Adobe Systems Shared
[04.06.2008|20:29] C:\Program Files\Fichiers communs\Ahead
[07.08.2008|10:39] C:\Program Files\Fichiers communs\Aladdin Shared
[23.09.2008|17:52] C:\Program Files\Fichiers communs\Apple
[05.10.2008|22:25] C:\Program Files\Fichiers communs\Autodesk Shared
[02.07.2008|19:45] C:\Program Files\Fichiers communs\AVSMedia
[13.04.2008|11:56] C:\Program Files\Fichiers communs\CANON
[17.08.2008|17:46] C:\Program Files\Fichiers communs\DESIGNER
[17.08.2008|17:59] C:\Program Files\Fichiers communs\eDrawings2008
[17.08.2008|17:13] C:\Program Files\Fichiers communs\Gestionnaire d'installation SolidWorks
[13.04.2008|12:11] C:\Program Files\Fichiers communs\InstallShield
[20.07.2008|00:27] C:\Program Files\Fichiers communs\Java
[22.02.2008|14:12] C:\Program Files\Fichiers communs\LightScribe
[07.08.2008|12:46] C:\Program Files\Fichiers communs\LogiShrd
[13.04.2008|10:51] C:\Program Files\Fichiers communs\Logitech
[14.09.2008|11:06] C:\Program Files\Fichiers communs\Macrovision Shared
[21.08.2008|18:55] C:\Program Files\Fichiers communs\Microsoft Shared
[21.02.2008|18:01] C:\Program Files\Fichiers communs\MSSoap
[06.09.2008|16:29] C:\Program Files\Fichiers communs\Nokia
[17.05.2008|10:09] C:\Program Files\Fichiers communs\NSV
[21.02.2008|18:37] C:\Program Files\Fichiers communs\ODBC
[06.09.2008|16:29] C:\Program Files\Fichiers communs\PCSuite
[13.04.2008|12:12] C:\Program Files\Fichiers communs\PDFView
[13.04.2008|12:11] C:\Program Files\Fichiers communs\ScanSoft Shared
[21.02.2008|18:01] C:\Program Files\Fichiers communs\Services
[17.05.2008|15:37] C:\Program Files\Fichiers communs\Skype
[17.08.2008|18:04] C:\Program Files\Fichiers communs\SolidWorks Shared
[21.02.2008|18:37] C:\Program Files\Fichiers communs\SpeechEngines
[05.10.2008|22:20] C:\Program Files\Fichiers communs\Symantec Shared
[14.09.2008|07:33] C:\Program Files\Fichiers communs\System
[22.02.2008|21:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[24.06.2008|17:43] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 29 Processes )
IEXPLORE.EXE ~ [PID:1500]
iexplore.exe ~ [PID:4840]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
C:\DOCUME~1\ADMINI~1.ADM\Cookies\administrateur@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-06 17:33:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\ayIknnpo.ini
C:\WINDOWS\system32\ayIknnpo.ini2
C:\WINDOWS\system32\drynvylo.ini
C:\WINDOWS\system32\drynvylo.ini2
C:\WINDOWS\system32\fhjlmUvw.ini2
C:\WINDOWS\system32\NTDKRXbc.ini
C:\WINDOWS\system32\NTDKRXbc.ini2
C:\WINDOWS\system32\UxEKnqss.ini
C:\WINDOWS\system32\UxEKnqss.ini2
C:\WINDOWS\system32\YGgOXyay.ini2
C:\WINDOWS\system32\yGhkQXyb.ini
C:\WINDOWS\system32\yGhkQXyb.ini2
[b]==> VUNDO <==/b
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv]
Trojan ! .. C:\WINDOWS\system32\drivers\tdssserv.sys
Trojan ! .. C:\WINDOWS\system32\tdssl.dll
--------------------\\ Suspect ..
C:\WINDOWS\system32\TDSSl.dll
[F:62][D:10]-> C:\DOCUME~1\ADMINI~1.ADM\LOCALS~1\Temp
[F:36][D:0]-> C:\DOCUME~1\ADMINI~1.ADM\Cookies
[F:682][D:4]-> C:\DOCUME~1\ADMINI~1.ADM\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06.10.2008|17:17 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 06.10.2008|17:36 - Option : [1]
--------------------\\ Fin du rapport a 17:36:10
A voir également:
- Virus privacyremover.M64
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
