Pc sain

Résolu
penetfred Messages postés 173 Statut Membre -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,est ce que mon pc est sain
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:26:51, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://www.neufsecurite.fr/pchc/fscax.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 10232 bytes
Configuration: Windows XP
Firefox 3.0.3

13 réponses

  1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    Télécharge DirLook de jpshortstuff ici :

    http://jpshortstuff.247fixes.com/DirLook.exe

    [*]Double-clique sur DirLook.exe pour le lancer.
    [*]Assure-toi que Show Hidden Files et BBCode Ouput soient tous les deux cochés.
    [*]Copie le contenu du texte ci-dessous dans le champ texte principal :

    C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple


    [*]Clique sur le bouton DirLook pour lancer l'examen.
    [*]Quand il est terminé, une fenêtre du Bloc-notes s'ouvre avec le résultat du scan. Merci de poster ce rapport dans ta prochaine réponse.

    Note : Le rapport peut aussi être trouvé dans C:dl_log.txt
    Note :Il se peut que l'examen prenne plus de temps pour les gros répertoires.
    2
  2. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    cesel45, quitte à faire utiliser une procédure de pré-désinfection, autant utiliser celle de CCM :

    http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr

    penelfred, paranoia ou souci réel ?
    0
    1. penetfred Messages postés 173 Statut Membre
       
      un peu des deux car suite a un virus et après réinstallation xp mon disque est partitionner 20 go alloue et 60 non aloue
      -1
  3. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    Relance Lop S&D

    Choisis cette fois ci l'Option 2 ( Suppression )

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

    Nouvelle tâche, tape explorer.exe et valide )
    0
  4. penetfred Messages postés 173 Statut Membre
     
    --------------------\\ Lop S&D 4.2.4-8 XP/Vista

    "C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
    Option : [2] ( 31/10/2008| 6:53 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
    -
    [ Fichier Hosts ] .. Restaure!

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Viewpoint
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
    [12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
    [11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
    [28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    [05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
    [04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
    [16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
    [30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
    [31/10/2008|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    [30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
    [15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
    [24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
    [10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
    [30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
    [30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
    [30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
    [20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
    [22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
    [02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
    [08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
    [12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
    [23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
    [15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
    [18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
    [15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
    [13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
    [15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
    [16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
    [14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
    [01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
    [20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
    [20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
    [05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
    [25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
    [08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
    [26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
    [21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
    [07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
    [18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
    [23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
    [15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
    [30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
    [12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
    [04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
    [03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
    [01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
    [03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
    [10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
    [30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [31/10/2008 06:12][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
    [31/10/2008 06:12][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [31/10/2008 06:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [20/08/2008|09:23] C:\Program Files\Abexo
    [04/10/2008|08:27] C:\Program Files\Adobe
    [20/09/2008|12:24] C:\Program Files\adslTV
    [31/07/2008|06:13] C:\Program Files\Agnitum
    [23/08/2008|11:26] C:\Program Files\Alwil Software
    [15/08/2008|13:46] C:\Program Files\AOL 9.0
    [30/06/2008|11:05] C:\Program Files\AOL Compagnon
    [03/07/2008|14:30] C:\Program Files\Cartes de visite
    [03/09/2008|14:02] C:\Program Files\CCleaner
    [11/08/2008|12:53] C:\Program Files\COMMON~1
    [10/09/2008|07:04] C:\Program Files\Downloadspeed
    [08/09/2008|08:44] C:\Program Files\Eraser
    [02/07/2008|12:58] C:\Program Files\Executive Software
    [17/10/2008|10:15] C:\Program Files\Fichiers communs
    [20/10/2008|07:09] C:\Program Files\Glary Utilities
    [31/08/2008|10:11] C:\Program Files\IDETOOL
    [13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
    [15/10/2008|17:09] C:\Program Files\Internet Explorer
    [03/09/2008|13:00] C:\Program Files\IviCam
    [13/10/2008|14:19] C:\Program Files\Java
    [14/09/2008|12:01] C:\Program Files\KeirNet
    [30/06/2008|11:05] C:\Program Files\Learn2.com
    [26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
    [26/07/2008|12:29] C:\Program Files\Logitech
    [28/09/2008|07:33] C:\Program Files\ma-config.com
    [11/09/2008|10:41] C:\Program Files\Messenger
    [13/09/2008|08:42] C:\Program Files\Micro Application
    [16/08/2004|17:11] C:\Program Files\microsoft frontpage
    [25/08/2008|17:26] C:\Program Files\Microsoft Office
    [21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
    [17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
    [25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
    [25/08/2008|17:26] C:\Program Files\Microsoft Works
    [25/08/2008|17:24] C:\Program Files\Microsoft.NET
    [03/07/2008|14:31] C:\Program Files\Moss Bay Software
    [11/09/2008|10:37] C:\Program Files\Movie Maker
    [31/10/2008|06:46] C:\Program Files\Mozilla Firefox
    [30/09/2008|07:21] C:\Program Files\MSBuild
    [24/07/2008|20:30] C:\Program Files\MSN
    [16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
    [25/09/2008|13:15] C:\Program Files\MSXML 4.0
    [11/09/2008|10:34] C:\Program Files\NetMeeting
    [18/10/2008|08:36] C:\Program Files\Neuf
    [04/10/2008|11:02] C:\Program Files\NOS
    [16/08/2004|17:03] C:\Program Files\Online Services
    [01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
    [06/07/2008|09:46] C:\Program Files\Optimisation Windows
    [11/09/2008|10:34] C:\Program Files\Outlook Express
    [28/10/2008|16:08] C:\Program Files\PardaliS Software
    [10/09/2008|10:38] C:\Program Files\PSPad editor
    [28/08/2008|14:25] C:\Program Files\QuickTime
    [30/06/2008|11:05] C:\Program Files\Real
    [01/09/2008|07:36] C:\Program Files\Realtek AC97
    [30/09/2008|07:16] C:\Program Files\Reference Assemblies
    [30/06/2008|10:59] C:\Program Files\S3Inc
    [16/08/2004|17:07] C:\Program Files\Services en ligne
    [13/10/2008|10:12] C:\Program Files\SFR
    [12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
    [20/10/2008|08:22] C:\Program Files\Trend Micro
    [02/07/2008|12:13] C:\Program Files\Trust
    [16/08/2004|17:19] C:\Program Files\Uninstall Information
    [10/09/2008|10:24] C:\Program Files\VIA
    [27/10/2008|18:50] C:\Program Files\VideoLAN
    [14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
    [09/10/2008|13:57] C:\Program Files\Windows Live
    [23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
    [01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
    [11/09/2008|10:34] C:\Program Files\Windows Media Player
    [11/09/2008|10:34] C:\Program Files\Windows NT
    [16/08/2004|17:07] C:\Program Files\WindowsUpdate
    [16/08/2004|17:11] C:\Program Files\xerox
    [03/09/2008|14:03] C:\Program Files\Yahoo!

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
    [04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
    [19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
    [30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
    [30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
    [25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
    [25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
    [30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
    [11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
    [26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
    [11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
    [16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
    [30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
    [10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
    [30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
    [16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
    [16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
    [11/09/2008|10:34] C:\Program Files\Fichiers communs\System
    [03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
    [14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 42 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-31 06:54:46
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:7][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
    [F:18][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
    [F:379][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 31/10/2008| 6:55 - Option : [2]

    --------------------\\ Fin du rapport a 6:55:38
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. penetfred Messages postés 173 Statut Membre
     
    merci beaucoup
    0
  7. penetfred Messages postés 173 Statut Membre
     
    DirLook.exe v2.0 by jpshortstuff
    Log created at 13:59 on 31/10/2008
    ==================================[b]
    Contents of "C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple"
    [/b]
    [b][color=blue]---FOLDERS---[/b][/color]

    [b]icons[/b] (Created on 18/08/2008 at 07:17) d-----

    [b][color=blue]---FILES---[/b][/color]

    [b]accounts.xml[/b] (1718 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
    [b]blist.xml[/b] (2019 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
    [b]prefs.xml[/b] (16679 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---
    [b]status.xml[/b] (413 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---

    ==================================
    [b][color=blue]=EOF=[/b][/color]
    0
  8. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    à moins que tu ne conanisses, fais ceci :

    Rends toi sur ce site :

    https://www.virustotal.com/gui/

    Clique sur parcourir et cherche ce fichier : C:\DOCUMents and settings\PROPRIetaire\APPLICationsdata\.purple\accounts.xml
    Clique sur Send File.

    Un rapport va s'élaborer ligne à ligne.

    Attends la fin. Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copie le dans ta réponse.

    Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.

    fais la même chose pour les autres fichiers du sous-répertoire :

    blist.xml
    prefs.xml
    status.xml
    0
  9. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Re,

    OK,

    tu m'expliques d'abord pourquoi tu as arrêté un topic avec jorginho (installatioin d'un parefeu) et un autre avec Destrio5 (passage de MBAM).

    Ensuite, où et par qui as tu été désinfecté.
    -1
  10. penetfred Messages postés 173 Statut Membre
     
    désinfection avast et je ne comprend pas le topic et le mbam
    -1
  11. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    tu fais ça :

    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt
    -1
  12. penetfred Messages postés 173 Statut Membre
     
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Propriétaire at 2008-10-20 09:22:16
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 15 GB (51%) free of 30 GB
    Total RAM: 447 MB (34% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:22:36, on 20/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\WINDOWS\system32\oodtray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Glary Utilities\memdefrag.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\RSIT.exe
    C:\Program Files\trend micro\Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
    O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
    O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    -1
  13. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    Télécharge Lop S&D ici :

    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    Double-clique dessus pour lancer l'installation

    Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

    Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

    Patiente jusqu'à la fin du scan

    Poste le rapport généré ( C:lopR.txt )
    -1
    1. penetfred Messages postés 173 Statut Membre
       
      --------------------\\ Lop S&D 4.2.4-8 XP/Vista


      "C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
      Option : [1] ( 28/10/2008|16:14 )

      --------------------\\ Listing des dossiers dans APPLIC~1

      [04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
      [30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
      [03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
      [23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
      [18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
      [16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
      [12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
      [15/09/2008|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
      [11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
      [28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
      [28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
      [04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
      [05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
      [11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
      [17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
      [04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
      [04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
      [16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
      [30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
      [16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
      [13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
      [26/10/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
      [12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
      [30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
      [30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
      [17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
      [07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

      [16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

      [01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
      [15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
      [24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

      [24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

      [23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
      [10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
      [30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
      [30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
      [30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
      [20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
      [22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
      [02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
      [08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
      [12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
      [23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
      [15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
      [18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
      [15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
      [13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
      [15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
      [16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
      [14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
      [01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
      [20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
      [20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
      [05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
      [25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
      [08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
      [26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
      [21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
      [07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
      [18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
      [23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
      [15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
      [30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
      [12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
      [04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
      [03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
      [01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
      [03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
      [10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
      [30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

      --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

      [28/10/2008 14:55][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
      [28/10/2008 16:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
      [28/10/2008 14:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
      [05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

      --------------------\\ Listing des dossiers dans C:\Program Files

      [20/08/2008|09:23] C:\Program Files\Abexo
      [04/10/2008|08:27] C:\Program Files\Adobe
      [20/09/2008|12:24] C:\Program Files\adslTV
      [31/07/2008|06:13] C:\Program Files\Agnitum
      [23/08/2008|11:26] C:\Program Files\Alwil Software
      [15/08/2008|13:46] C:\Program Files\AOL 9.0
      [30/06/2008|11:05] C:\Program Files\AOL Compagnon
      [03/07/2008|14:30] C:\Program Files\Cartes de visite
      [03/09/2008|14:02] C:\Program Files\CCleaner
      [11/08/2008|12:53] C:\Program Files\COMMON~1
      [10/09/2008|07:04] C:\Program Files\Downloadspeed
      [08/09/2008|08:44] C:\Program Files\Eraser
      [02/07/2008|12:58] C:\Program Files\Executive Software
      [17/10/2008|10:15] C:\Program Files\Fichiers communs
      [20/10/2008|07:09] C:\Program Files\Glary Utilities
      [31/08/2008|10:11] C:\Program Files\IDETOOL
      [13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
      [15/10/2008|17:09] C:\Program Files\Internet Explorer
      [03/09/2008|13:00] C:\Program Files\IviCam
      [13/10/2008|14:19] C:\Program Files\Java
      [14/09/2008|12:01] C:\Program Files\KeirNet
      [30/06/2008|11:05] C:\Program Files\Learn2.com
      [26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
      [26/07/2008|12:29] C:\Program Files\Logitech
      [28/09/2008|07:33] C:\Program Files\ma-config.com
      [11/09/2008|10:41] C:\Program Files\Messenger
      [13/09/2008|08:42] C:\Program Files\Micro Application
      [16/08/2004|17:11] C:\Program Files\microsoft frontpage
      [25/08/2008|17:26] C:\Program Files\Microsoft Office
      [21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
      [17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
      [25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
      [25/08/2008|17:26] C:\Program Files\Microsoft Works
      [25/08/2008|17:24] C:\Program Files\Microsoft.NET
      [03/07/2008|14:31] C:\Program Files\Moss Bay Software
      [11/09/2008|10:37] C:\Program Files\Movie Maker
      [28/10/2008|16:11] C:\Program Files\Mozilla Firefox
      [30/09/2008|07:21] C:\Program Files\MSBuild
      [24/07/2008|20:30] C:\Program Files\MSN
      [16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
      [25/09/2008|13:15] C:\Program Files\MSXML 4.0
      [11/09/2008|10:34] C:\Program Files\NetMeeting
      [18/10/2008|08:36] C:\Program Files\Neuf
      [04/10/2008|11:02] C:\Program Files\NOS
      [16/08/2004|17:03] C:\Program Files\Online Services
      [01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
      [06/07/2008|09:46] C:\Program Files\Optimisation Windows
      [11/09/2008|10:34] C:\Program Files\Outlook Express
      [28/10/2008|16:08] C:\Program Files\PardaliS Software
      [10/09/2008|10:38] C:\Program Files\PSPad editor
      [28/08/2008|14:25] C:\Program Files\QuickTime
      [30/06/2008|11:05] C:\Program Files\Real
      [01/09/2008|07:36] C:\Program Files\Realtek AC97
      [30/09/2008|07:16] C:\Program Files\Reference Assemblies
      [30/06/2008|10:59] C:\Program Files\S3Inc
      [16/08/2004|17:07] C:\Program Files\Services en ligne
      [13/10/2008|10:12] C:\Program Files\SFR
      [12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
      [20/10/2008|08:22] C:\Program Files\Trend Micro
      [02/07/2008|12:13] C:\Program Files\Trust
      [16/08/2004|17:19] C:\Program Files\Uninstall Information
      [10/09/2008|10:24] C:\Program Files\VIA
      [27/10/2008|18:50] C:\Program Files\VideoLAN
      [30/06/2008|11:05] C:\Program Files\Viewpoint
      [14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
      [09/10/2008|13:57] C:\Program Files\Windows Live
      [23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
      [01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
      [11/09/2008|10:34] C:\Program Files\Windows Media Player
      [11/09/2008|10:34] C:\Program Files\Windows NT
      [16/08/2004|17:07] C:\Program Files\WindowsUpdate
      [16/08/2004|17:11] C:\Program Files\xerox
      [03/09/2008|14:03] C:\Program Files\Yahoo!

      --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

      [19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
      [04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
      [19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
      [30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
      [30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
      [25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
      [25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
      [30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
      [11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
      [26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
      [11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
      [16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
      [30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
      [10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
      [30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
      [16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
      [16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
      [11/09/2008|10:34] C:\Program Files\Fichiers communs\System
      [03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
      [14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller

      --------------------\\ Process

      ( 42 Processes )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default

      --------------------\\ Verification du Registre

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-10-28 16:15:45
      Windows 5.1.2600 Service Pack 3 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 2

      --------------------\\ Recherche d'autres infections


      Aucune autre infection trouvée !

      [F:94][D:10]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
      [F:14][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
      [F:91][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

      1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]

      --------------------\\ Fin du rapport a 16:16:41
      0