Infecté ?
Résolu/Fermé
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
-
25 oct. 2008 à 14:56
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 2 nov. 2008 à 16:58
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 - 2 nov. 2008 à 16:58
A voir également:
- Infecté ?
- Alerte windows ordinateur infecté - Accueil - Arnaque
- L'ordinateur d'arthur a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? ✓ - Forum Antivirus
- L'ordinateur de samantha a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Virus
- Mon ordinateur a été infecté par un virus ou - Forum Virus
- Anti virus - Forum Antivirus
13 réponses
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2008 à 15:00
25 oct. 2008 à 15:00
salut ;
Oui tu es infecté :
on va commencer par cela :
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
ensuite :
1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :
https://www.malwarebytes.com/
3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :
7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
12) Ferme MBAM en cliquant sur Quitter.
13) Poste le rapport dans ta réponse
Oui tu es infecté :
on va commencer par cela :
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
ensuite :
1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :
https://www.malwarebytes.com/
3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.
4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :
7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.
8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
12) Ferme MBAM en cliquant sur Quitter.
13) Poste le rapport dans ta réponse
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2008 à 20:36
25 oct. 2008 à 20:36
La suite ? (j'espère que il y aura pas )
Ca ne va pa etre trop long .
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
ensuite recolle moi un hijack pour finir .
Ca ne va pa etre trop long .
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
ensuite recolle moi un hijack pour finir .
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
25 oct. 2008 à 21:19
25 oct. 2008 à 21:19
Hum....Je viens de me rendre compte de la boulette :)
Tu m'as posté deux rapports de LopS&D et Non ToolbarS&D comme indiqué post#2 .
Qui t'as demandé de téléchargé LopS&D ?
recommence comme indiqué post#2 .
Tu m'as posté deux rapports de LopS&D et Non ToolbarS&D comme indiqué post#2 .
Qui t'as demandé de téléchargé LopS&D ?
recommence comme indiqué post#2 .
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2008 à 00:11
26 oct. 2008 à 00:11
Désolé j'ai du me gourer de programme ... j'ai rien fait de grave ?
Ce n'est pas grave mais je me demande comment se fait-il que tu es LopS&D sur ton bureau ?
Recolle moi un nouveau hijack .
Ce n'est pas grave mais je me demande comment se fait-il que tu es LopS&D sur ton bureau ?
Recolle moi un nouveau hijack .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
26 oct. 2008 à 18:22
26 oct. 2008 à 18:22
-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!
Adobe reader n'est pas a jour :
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Installe Ccleaner(si tu ne l'as pas déja ):
Nettoyeurs (de fichiers inutiles) et autres :
*Ccleaner (gratuit)
Téléchargement :
https://www.01net.com/
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
Dis moi ensuite si tu as encore des soucis et on pourra conclure .
coche les cases devant ces lignes :
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - AutorunsDisabled - (no file)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!
Adobe reader n'est pas a jour :
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Installe Ccleaner(si tu ne l'as pas déja ):
Nettoyeurs (de fichiers inutiles) et autres :
*Ccleaner (gratuit)
Téléchargement :
https://www.01net.com/
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
Dis moi ensuite si tu as encore des soucis et on pourra conclure .
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
25 oct. 2008 à 17:05
25 oct. 2008 à 17:05
--------------------\\ Lop S&D 4.2.4-7 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [1] ( 25/10/2008|17:01 )
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 10:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 17:02:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:66][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4536][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
--------------------\\ Fin du rapport a 17:04:06
Voilà le rapport de ToolBar .
La suite sous peu.
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [1] ( 25/10/2008|17:01 )
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 10:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 17:02:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:66][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4536][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
--------------------\\ Fin du rapport a 17:04:06
Voilà le rapport de ToolBar .
La suite sous peu.
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
25 oct. 2008 à 20:29
25 oct. 2008 à 20:29
Voilà le rapport de MBAM :
Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1127
Windows 5.1.2600 Service Pack 2
25/10/2008 20:23:23
mbam-log-2008-10-25 (20-23-23).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 294278
Temps écoulé: 3 hour(s), 11 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19a58582-71cb-42ea-9dda-0960ce5bab37} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvundcb (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{19a58582-71cb-42ea-9dda-0960ce5bab37} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\tuvUNdcB.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
merci pour tout.
La suite ? (j'espère que il y aura pas )
Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1127
Windows 5.1.2600 Service Pack 2
25/10/2008 20:23:23
mbam-log-2008-10-25 (20-23-23).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 294278
Temps écoulé: 3 hour(s), 11 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19a58582-71cb-42ea-9dda-0960ce5bab37} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tuvundcb (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{19a58582-71cb-42ea-9dda-0960ce5bab37} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\tuvUNdcB.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
merci pour tout.
La suite ? (j'espère que il y aura pas )
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
25 oct. 2008 à 20:52
25 oct. 2008 à 20:52
--------------------\\ Lop S&D 4.2.4-7 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [2] ( 25/10/2008|20:47 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\Alexis\APPLIC~1\Malwarebytes
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 20:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[25/10/2008|17:10] C:\Program Files\Malwarebytes' Anti-Malware
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 20:49:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:67][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4801][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 25/10/2008|20:50 - Option : [2]
--------------------\\ Fin du rapport a 20:50:46
Et le Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:25, on 25/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [2] ( 25/10/2008|20:47 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\Alexis\APPLIC~1\Malwarebytes
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 20:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[25/10/2008|17:10] C:\Program Files\Malwarebytes' Anti-Malware
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 20:49:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:67][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4801][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 25/10/2008|20:50 - Option : [2]
--------------------\\ Fin du rapport a 20:50:46
Et le Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:25, on 25/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
25 oct. 2008 à 20:53
25 oct. 2008 à 20:53
--------------------\\ Lop S&D 4.2.4-7 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [2] ( 25/10/2008|20:47 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\Alexis\APPLIC~1\Malwarebytes
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 20:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[25/10/2008|17:10] C:\Program Files\Malwarebytes' Anti-Malware
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 20:49:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:67][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4801][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 25/10/2008|20:50 - Option : [2]
--------------------\\ Fin du rapport a 20:50:46
Et le Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:25, on 25/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 23-10-2008|23:15 )
Option : [2] ( 25/10/2008|20:47 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|14:59] C:\DOCUME~1\Alexis\APPLIC~1\Adobe
[06/09/2008|14:33] C:\DOCUME~1\Alexis\APPLIC~1\AdobeUM
[25/12/2007|19:15] C:\DOCUME~1\Alexis\APPLIC~1\Ahead
[20/03/2008|17:59] C:\DOCUME~1\Alexis\APPLIC~1\Apple Computer
[18/10/2008|17:26] C:\DOCUME~1\Alexis\APPLIC~1\DataCast
[16/04/2008|15:01] C:\DOCUME~1\Alexis\APPLIC~1\DivX
[30/08/2007|21:38] C:\DOCUME~1\Alexis\APPLIC~1\Google
[06/11/2004|18:47] C:\DOCUME~1\Alexis\APPLIC~1\Help
[16/05/2004|13:44] C:\DOCUME~1\Alexis\APPLIC~1\Identities
[07/06/2008|17:52] C:\DOCUME~1\Alexis\APPLIC~1\InfraRecorder
[08/09/2005|19:56] C:\DOCUME~1\Alexis\APPLIC~1\Jasc Software Inc
[19/04/2007|11:00] C:\DOCUME~1\Alexis\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\Alexis\APPLIC~1\Malwarebytes
[17/05/2008|21:25] C:\DOCUME~1\Alexis\APPLIC~1\Media Player Classic
[16/09/2008|18:16] C:\DOCUME~1\Alexis\APPLIC~1\Microsoft
[17/06/2008|20:39] C:\DOCUME~1\Alexis\APPLIC~1\Mozilla-2
[07/03/2008|16:36] C:\DOCUME~1\Alexis\APPLIC~1\MxBoost
[26/02/2007|18:07] C:\DOCUME~1\Alexis\APPLIC~1\Notepad++
[24/09/2005|16:58] C:\DOCUME~1\Alexis\APPLIC~1\Real
[22/05/2006|20:36] C:\DOCUME~1\Alexis\APPLIC~1\Sierra
[18/06/2008|13:05] C:\DOCUME~1\Alexis\APPLIC~1\Smart PC Solutions
[04/06/2008|18:27] C:\DOCUME~1\Alexis\APPLIC~1\Sun
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\T.Aragon
[01/09/2006|15:35] C:\DOCUME~1\Alexis\APPLIC~1\Talkback
[28/05/2008|16:21] C:\DOCUME~1\Alexis\APPLIC~1\Teleca
[22/10/2008|19:40] C:\DOCUME~1\Alexis\APPLIC~1\temp
[06/06/2008|22:00] C:\DOCUME~1\Alexis\APPLIC~1\WinSesame
[18/07/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29/12/2005|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/06/2008|16:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[29/05/2004|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/09/2006|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[21/08/2005|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/04/2007|09:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[25/10/2008|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/10/2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[29/01/2006|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
[15/05/2004|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/06/2004|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/05/2008|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[13/03/2005|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2008|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/03/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[30/12/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[13/10/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[15/05/2004|14:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/07/2004|15:33] C:\DOCUME~1\ELISAB~1\APPLIC~1\Adobe
[14/06/2004|09:44] C:\DOCUME~1\ELISAB~1\APPLIC~1\Help
[16/05/2004|13:13] C:\DOCUME~1\ELISAB~1\APPLIC~1\Identities
[26/12/2004|19:58] C:\DOCUME~1\ELISAB~1\APPLIC~1\Macromedia
[22/03/2005|21:59] C:\DOCUME~1\ELISAB~1\APPLIC~1\Microsoft
[29/05/2004|12:20] C:\DOCUME~1\ELISAB~1\APPLIC~1\MSN6
[10/03/2005|18:14] C:\DOCUME~1\ELISAB~1\APPLIC~1\Real
[08/10/2008|19:40] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Adobe
[08/08/2006|17:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Apple Computer
[18/06/2007|12:03] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Google
[07/10/2006|16:04] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Help
[14/07/2005|06:31] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Identities
[27/10/2005|18:09] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\iShell
[21/08/2005|11:29] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Jasc Software Inc
[05/10/2005|20:58] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Macromedia
[16/06/2008|10:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Microsoft
[03/03/2006|16:48] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Mozilla
[04/11/2005|20:55] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Real
[07/06/2008|21:10] C:\DOCUME~1\ELISAB~1.PC-\APPLIC~1\Teleca
[19/10/2008|12:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/05/2004|14:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[19/10/2008|17:47] C:\DOCUME~1\Pascal\APPLIC~1\Adobe
[18/07/2008|08:17] C:\DOCUME~1\Pascal\APPLIC~1\AdobeUM
[29/05/2005|12:05] C:\DOCUME~1\Pascal\APPLIC~1\Ahead
[12/06/2007|14:16] C:\DOCUME~1\Pascal\APPLIC~1\Apple Computer
[18/04/2008|08:44] C:\DOCUME~1\Pascal\APPLIC~1\DivX
[30/08/2007|20:04] C:\DOCUME~1\Pascal\APPLIC~1\Google
[22/05/2004|20:03] C:\DOCUME~1\Pascal\APPLIC~1\Help
[15/05/2004|14:45] C:\DOCUME~1\Pascal\APPLIC~1\Identities
[20/12/2005|16:04] C:\DOCUME~1\Pascal\APPLIC~1\iShell
[28/11/2005|22:21] C:\DOCUME~1\Pascal\APPLIC~1\Macromedia
[20/01/2008|00:15] C:\DOCUME~1\Pascal\APPLIC~1\Microsoft
[20/01/2008|19:12] C:\DOCUME~1\Pascal\APPLIC~1\Mozilla
[20/02/2005|00:12] C:\DOCUME~1\Pascal\APPLIC~1\Real
[15/05/2004|16:16] C:\DOCUME~1\Pascal\APPLIC~1\Symantec
[01/06/2008|14:41] C:\DOCUME~1\Pascal\APPLIC~1\Teleca
[23/05/2004|19:00] C:\DOCUME~1\Sylvie\APPLIC~1\Adobe
[16/05/2004|23:03] C:\DOCUME~1\Sylvie\APPLIC~1\Identities
[06/07/2008|14:56] C:\DOCUME~1\Sylvie\APPLIC~1\Microsoft
[23/02/2005|23:53] C:\DOCUME~1\Sylvie\APPLIC~1\Real
[22/08/2004|20:07] C:\DOCUME~1\Sylvie\APPLIC~1\Symantec
[05/06/2008|22:28] C:\DOCUME~1\Sylvie\APPLIC~1\Teleca
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[25/10/2008 10:25][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E1C046DE-1CBA-4318-ADC4-B845E775C6EB}.job
[15/05/2004 16:27][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[25/10/2008 20:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/09/2008|22:52] C:\Program Files\Activision
[22/01/2007|22:07] C:\Program Files\Adobe
[15/03/2008|18:58] C:\Program Files\Ahead
[30/09/2008|19:15] C:\Program Files\ArtMoney
[16/05/2004|22:31] C:\Program Files\C-Media 3D Audio
[17/05/2008|20:32] C:\Program Files\Combined Community Codec Pack
[19/09/2007|16:50] C:\Program Files\Cossacks
[29/05/2004|12:34] C:\Program Files\CyberLink
[29/05/2004|12:34] C:\Program Files\CyberLink DVD Solution
[24/09/2008|12:45] C:\Program Files\Defraggler
[17/06/2008|12:13] C:\Program Files\DIFX
[15/05/2008|10:39] C:\Program Files\directx
[28/05/2008|16:39] C:\Program Files\Disc2Phone
[28/09/2008|14:10] C:\Program Files\DivX
[02/09/2006|11:42] C:\Program Files\DVD Shrink
[01/01/2008|14:22] C:\Program Files\EA GAMES
[14/09/2008|13:16] C:\Program Files\EA SPORTS
[23/10/2008|18:53] C:\Program Files\eMule
[01/09/2008|09:34] C:\Program Files\EndNote
[21/09/2008|16:45] C:\Program Files\Fichiers communs
[06/02/2005|19:05] C:\Program Files\Gadwin Systems
[10/09/2008|14:01] C:\Program Files\GameSpy Arcade
[18/10/2008|17:26] C:\Program Files\InstallShield Installation Information
[18/06/2005|21:19] C:\Program Files\InterActual
[17/06/2008|15:59] C:\Program Files\Internet Explorer
[17/06/2008|19:07] C:\Program Files\IObit
[04/06/2008|18:35] C:\Program Files\Java
[11/04/2008|14:34] C:\Program Files\K-Lite Codec Pack
[16/12/2007|15:31] C:\Program Files\Lionhead Studios
[27/07/2004|15:52] C:\Program Files\L'Or Bleu
[13/03/2005|23:38] C:\Program Files\lotus
[19/04/2007|09:26] C:\Program Files\Macromedia
[25/10/2008|17:10] C:\Program Files\Malwarebytes' Anti-Malware
[18/10/2008|17:26] C:\Program Files\MarkAny
[04/12/2007|15:48] C:\Program Files\MatroskaProp
[13/11/2005|22:13] C:\Program Files\Maxis
[20/05/2004|21:42] C:\Program Files\Maxtor
[30/12/2007|15:50] C:\Program Files\messenger
[15/05/2004|14:38] C:\Program Files\microsoft frontpage
[14/04/2008|17:40] C:\Program Files\Microsoft Games
[16/05/2004|21:33] C:\Program Files\Microsoft Hardware
[20/05/2004|22:21] C:\Program Files\Microsoft Office
[20/05/2004|22:21] C:\Program Files\Microsoft Visual Studio
[25/02/2005|00:08] C:\Program Files\Mobile Phone Manager
[30/12/2007|15:27] C:\Program Files\Movie Maker
[05/11/2007|12:10] C:\Program Files\MSN Gaming Zone
[30/12/2007|14:19] C:\Program Files\MSXML 4.0
[30/12/2007|15:21] C:\Program Files\NetMeeting
[29/01/2006|13:21] C:\Program Files\Network Associates
[28/09/2008|13:52] C:\Program Files\Opera
[30/12/2007|15:21] C:\Program Files\Outlook Express
[24/10/2008|19:42] C:\Program Files\Panda Security
[22/04/2005|18:34] C:\Program Files\PhotoFiltre
[22/09/2005|16:47] C:\Program Files\Picasa2
[17/05/2006|14:19] C:\Program Files\QuickTime
[25/07/2005|06:44] C:\Program Files\QuickZip4
[20/02/2005|00:09] C:\Program Files\Real
[19/05/2007|11:46] C:\Program Files\regCollegeExe
[18/10/2008|17:28] C:\Program Files\Samsung
[03/09/2008|14:46] C:\Program Files\Sierra
[18/06/2008|12:51] C:\Program Files\Smart PC Solutions
[28/05/2008|16:19] C:\Program Files\Sony Ericsson
[13/03/2005|10:07] C:\Program Files\Symantec
[10/09/2008|17:49] C:\Program Files\SystemRequirementsLab
[25/10/2008|12:12] C:\Program Files\Trend Micro
[22/09/2008|19:43] C:\Program Files\Valve
[13/12/2004|20:08] C:\Program Files\Virtools Web Player 2.5
[01/09/2008|09:35] C:\Program Files\WarTimesEF
[01/09/2008|09:36] C:\Program Files\WinAce
[13/10/2008|19:06] C:\Program Files\Windows Live
[19/10/2008|14:08] C:\Program Files\Windows Media Connect 2
[19/10/2008|14:08] C:\Program Files\Windows Media Player
[30/12/2007|15:21] C:\Program Files\Windows NT
[30/12/2007|11:42] C:\Program Files\WindowsUpdate
[12/09/2008|17:07] C:\Program Files\WinRAR
[01/09/2008|09:36] C:\Program Files\WinZip
[28/10/2004|20:56] C:\Program Files\XAcePlus
[15/05/2004|14:38] C:\Program Files\xerox
[16/05/2004|13:03] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/07/2008|08:07] C:\Program Files\Fichiers communs\Adobe
[04/09/2004|20:26] C:\Program Files\Fichiers communs\Ahead
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Cisco Systems
[20/05/2004|22:21] C:\Program Files\Fichiers communs\Designer
[10/12/2005|19:06] C:\Program Files\Fichiers communs\InstallShield
[04/06/2008|18:32] C:\Program Files\Fichiers communs\Java
[19/04/2007|09:29] C:\Program Files\Fichiers communs\Macromedia
[24/01/2008|19:52] C:\Program Files\Fichiers communs\Microsoft Shared
[15/05/2004|14:35] C:\Program Files\Fichiers communs\MSSoap
[29/01/2006|13:21] C:\Program Files\Fichiers communs\Network Associates
[15/05/2004|15:24] C:\Program Files\Fichiers communs\ODBC
[20/02/2005|00:09] C:\Program Files\Fichiers communs\Real
[14/04/2005|22:32] C:\Program Files\Fichiers communs\Risxtd
[15/05/2004|14:35] C:\Program Files\Fichiers communs\Services
[15/05/2004|15:24] C:\Program Files\Fichiers communs\SpeechEngines
[01/09/2008|09:34] C:\Program Files\Fichiers communs\Symantec Shared
[30/12/2007|15:21] C:\Program Files\Fichiers communs\System
[28/05/2008|16:20] C:\Program Files\Fichiers communs\Teleca Shared
[24/01/2008|19:53] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[20/02/2005|00:09] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 38 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 20:49:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
[F:156][D:24]-> C:\DOCUME~1\Alexis\LOCALS~1\Temp
[F:67][D:0]-> C:\DOCUME~1\Alexis\Cookies
[F:4801][D:31]-> C:\DOCUME~1\Alexis\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/10/2008|17:04 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 25/10/2008|20:50 - Option : [2]
--------------------\\ Fin du rapport a 20:50:46
Et le Hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:25, on 25/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
25 oct. 2008 à 21:34
25 oct. 2008 à 21:34
-----------\\ ToolBar S&D 1.2.3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 23-10-2008|0:25 )
Option : [1] ( 25/10/2008|21:32 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://mysearchnow.com/searchbar.html"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2008|21:33 - Option : [1]
-----------\\ Fin du rapport a 21:33:59.40
Voilà,
Désolé j'ai du me gourer de programme ... j'ai rien fait de grave ?
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2600+ )
BIOS : Version 1.00
USER : Alexis ( Not Administrator ! )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 76 Go Free : 40 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 76 Go Free : 4 Go
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 23-10-2008|0:25 )
Option : [1] ( 25/10/2008|21:32 )
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Bar"="http://mysearchnow.com/searchbar.html"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Alexis\Recent\FIFA_08_KEYGEN.torrent.lnk
C:\DOCUME~1\Alexis\Recent\KEYGEN2007.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 25/10/2008|21:33 - Option : [1]
-----------\\ Fin du rapport a 21:33:59.40
Voilà,
Désolé j'ai du me gourer de programme ... j'ai rien fait de grave ?
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
26 oct. 2008 à 10:07
26 oct. 2008 à 10:07
Voilà le HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:03, on 26/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:03, on 26/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearchnow.com/searchbar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb02937
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://dl-ak.solidworks.com/nonsecure/edrawings/e2020sp01/28.1.0.0091-PCK0T79I/cab//eModelsStandard.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Darka Maul
Messages postés
11
Date d'inscription
samedi 25 octobre 2008
Statut
Membre
Dernière intervention
23 juin 2010
1 nov. 2008 à 18:51
1 nov. 2008 à 18:51
Désolé pour le retard, mais je suis parti une semaine en vacances.
J'ai fait tout ce que tu avais demandé, je peux désormais désinstallé Lop et Hijacthis ?
Encore merci pour tout.
DM
PS : normalement, pas de problèmes.
J'ai fait tout ce que tu avais demandé, je peux désormais désinstallé Lop et Hijacthis ?
Encore merci pour tout.
DM
PS : normalement, pas de problèmes.
jfkpresident
Messages postés
13408
Date d'inscription
lundi 3 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
5 janvier 2015
1 175
2 nov. 2008 à 16:58
2 nov. 2008 à 16:58
salut ;
J'ai fait tout ce que tu avais demandé, je peux désormais désinstallé Lop et Hijacthis ?
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.
http://pc-system.fr/
· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
met ton post en résolu .
Tch@O
J'ai fait tout ce que tu avais demandé, je peux désormais désinstallé Lop et Hijacthis ?
Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :
· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.
http://pc-system.fr/
· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
met ton post en résolu .
Tch@O
