Sujet Précédent Sujet Suivant

MALWARE DEFENDER 2009 - rapport LopSD

Fermé
jpkohaku Messages postés 19 Date d'inscription dimanche 22 mars 2009 Statut Membre Dernière intervention 25 mars 2009 - 22 mars 2009 à 15:43
janofcb Messages postés 128 Date d'inscription mercredi 18 mars 2009 Statut Membre Dernière intervention 26 novembre 2011 - 22 mars 2009 à 20:28
Bonjour,
Ayant également ce bazar sur mon pc, j'ai suivi les conseils d'un post précédent, en exécutant smitfraudfix. En mode sans échec, pour les corrections. Mais Mal.Def.2009 est toujours là.
J'ai effectué une analyse avec LopSD dont voici le rapport.
Quelqu'un pour m'aider?


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : jp ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:116 Go (Free:38 Go)
D:\ (Local Disk) - NTFS - Total:101 Go (Free:35 Go)
E:\ (Local Disk) - FAT32 - Total:15 Go (Free:1 Go)
F:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)
G:\ (CD or DVD)
H:\ (USB)
I:\ (Local Disk) - FAT32 - Total:298 Go (Free:5 Go)
J:\ (USB)
K:\ (USB)
L:\ (USB) - FAT - Total:244 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( dim. 22/03/2009|15:31 )

--------------------\\ Listing des dossiers dans APPLIC~1

[19/10/2005|20:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[14/10/2008|08:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[28/10/2005|21:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[19/10/2005|12:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[19/10/2005|20:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[28/10/2005|21:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[19/10/2005|20:09] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[27/10/2005|00:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun

[13/12/2008|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3E318E90-4BE6-4440-A0EE-2EAF8419199C}
[08/10/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[19/10/2005|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[11/12/2007|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[22/07/2007|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[02/02/2006|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/11/2008|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[25/12/2005|00:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[20/12/2008|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/02/2007|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCAAC.tmp
[05/03/2009|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[16/03/2008|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[08/03/2006|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/03/2009|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[19/10/2005|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[09/10/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[19/10/2005|14:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[27/12/2005|16:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[10/03/2009|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[06/12/2005|21:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[27/10/2005|00:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/10/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[16/03/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[11/12/2008|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[25/12/2005|00:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[19/10/2005|15:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[09/12/2006|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[30/08/2008|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[25/08/2008|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[25/08/2008|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[08/06/2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[19/10/2005|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[28/10/2005|21:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[19/10/2005|12:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[19/10/2005|20:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[28/10/2005|21:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[19/10/2005|20:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[27/10/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[04/02/2008|12:00] C:\DOCUME~1\jeremy\APPLIC~1\Adobe
[04/12/2005|10:34] C:\DOCUME~1\jeremy\APPLIC~1\AdobeUM
[16/09/2006|12:17] C:\DOCUME~1\jeremy\APPLIC~1\Ahead
[29/08/2006|18:07] C:\DOCUME~1\jeremy\APPLIC~1\Creative
[23/02/2007|11:19] C:\DOCUME~1\jeremy\APPLIC~1\CyberLink
[04/08/2006|16:27] C:\DOCUME~1\jeremy\APPLIC~1\Google
[08/05/2006|15:04] C:\DOCUME~1\jeremy\APPLIC~1\HbTools
[11/02/2006|13:11] C:\DOCUME~1\jeremy\APPLIC~1\Help
[19/10/2005|12:53] C:\DOCUME~1\jeremy\APPLIC~1\Identities
[19/10/2005|20:06] C:\DOCUME~1\jeremy\APPLIC~1\Macromedia
[15/12/2007|14:33] C:\DOCUME~1\jeremy\APPLIC~1\Microsoft
[23/04/2007|16:34] C:\DOCUME~1\jeremy\APPLIC~1\Nikon
[19/10/2005|20:09] C:\DOCUME~1\jeremy\APPLIC~1\Real
[23/12/2005|19:31] C:\DOCUME~1\jeremy\APPLIC~1\Sierra
[27/10/2005|00:15] C:\DOCUME~1\jeremy\APPLIC~1\Sun
[10/02/2007|15:11] C:\DOCUME~1\jeremy\APPLIC~1\Template
[10/12/2006|18:52] C:\DOCUME~1\jeremy\APPLIC~1\Windows Desktop Search
[18/09/2008|18:26] C:\DOCUME~1\jeremy\APPLIC~1\Xfire
[03/09/2008|13:41] C:\DOCUME~1\jeremy\APPLIC~1\Yahoo!

[22/06/2008|21:01] C:\DOCUME~1\jp\APPLIC~1\Adobe
[21/01/2007|18:48] C:\DOCUME~1\jp\APPLIC~1\AdobeUM
[15/04/2006|21:21] C:\DOCUME~1\jp\APPLIC~1\Ahead
[23/04/2007|20:02] C:\DOCUME~1\jp\APPLIC~1\beid-cache
[05/11/2006|09:56] C:\DOCUME~1\jp\APPLIC~1\Canvas Multi-Media
[04/12/2005|10:13] C:\DOCUME~1\jp\APPLIC~1\Creative
[11/01/2006|20:27] C:\DOCUME~1\jp\APPLIC~1\CyberLink
[08/04/2006|17:14] C:\DOCUME~1\jp\APPLIC~1\EverAd
[07/08/2006|13:09] C:\DOCUME~1\jp\APPLIC~1\Google
[14/02/2006|17:41] C:\DOCUME~1\jp\APPLIC~1\Help
[05/11/2006|09:56] C:\DOCUME~1\jp\APPLIC~1\Identities
[23/06/2007|09:17] C:\DOCUME~1\jp\APPLIC~1\InstallShield
[06/04/2006|10:36] C:\DOCUME~1\jp\APPLIC~1\Lavasoft
[25/03/2006|09:53] C:\DOCUME~1\jp\APPLIC~1\Leadertech
[19/10/2005|20:06] C:\DOCUME~1\jp\APPLIC~1\Macromedia
[20/12/2008|00:39] C:\DOCUME~1\jp\APPLIC~1\Microsoft
[31/01/2006|19:35] C:\DOCUME~1\jp\APPLIC~1\Nikon
[06/04/2006|10:28] C:\DOCUME~1\jp\APPLIC~1\PC Tools
[19/10/2005|20:09] C:\DOCUME~1\jp\APPLIC~1\Real
[19/03/2007|20:01] C:\DOCUME~1\jp\APPLIC~1\Screenshot Sender
[25/12/2005|00:43] C:\DOCUME~1\jp\APPLIC~1\Sierra
[27/10/2005|00:15] C:\DOCUME~1\jp\APPLIC~1\Sun
[23/11/2005|23:08] C:\DOCUME~1\jp\APPLIC~1\Template
[28/01/2007|16:59] C:\DOCUME~1\jp\APPLIC~1\TradingDuel
[06/04/2006|10:27] C:\DOCUME~1\jp\APPLIC~1\Webroot
[14/04/2008|22:38] C:\DOCUME~1\jp\APPLIC~1\Xfire
[26/08/2008|07:52] C:\DOCUME~1\jp\APPLIC~1\Yahoo!
[05/11/2006|19:13] C:\DOCUME~1\jp\APPLIC~1\Zylom

[13/03/2008|19:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[02/01/2006|22:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
[17/02/2007|13:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[17/02/2006|10:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[19/10/2005|12:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/03/2009|07:37] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
[06/04/2006|10:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot
[26/10/2005|23:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[02/05/2008|13:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire

[12/10/2008|18:22] C:\DOCUME~1\loic\APPLIC~1\Adobe
[25/06/2006|16:10] C:\DOCUME~1\loic\APPLIC~1\AdobeUM
[02/11/2006|13:37] C:\DOCUME~1\loic\APPLIC~1\Ahead
[22/10/2007|15:20] C:\DOCUME~1\loic\APPLIC~1\Creative
[28/10/2005|21:40] C:\DOCUME~1\loic\APPLIC~1\CyberLink
[03/08/2006|10:27] C:\DOCUME~1\loic\APPLIC~1\Google
[19/10/2005|12:53] C:\DOCUME~1\loic\APPLIC~1\Identities
[19/10/2005|20:06] C:\DOCUME~1\loic\APPLIC~1\Macromedia
[01/05/2007|18:16] C:\DOCUME~1\loic\APPLIC~1\Microsoft
[19/10/2005|20:09] C:\DOCUME~1\loic\APPLIC~1\Real
[18/02/2006|14:06] C:\DOCUME~1\loic\APPLIC~1\Sierra
[27/10/2005|00:15] C:\DOCUME~1\loic\APPLIC~1\Sun
[09/12/2006|09:46] C:\DOCUME~1\loic\APPLIC~1\Windows Desktop Search
[12/10/2008|17:54] C:\DOCUME~1\loic\APPLIC~1\Xfire
[25/08/2008|18:46] C:\DOCUME~1\loic\APPLIC~1\Yahoo!

[27/11/2005|20:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[31/10/2008|18:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\SACore
[13/10/2008|16:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
[15/01/2007|00:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\X10 Commander
[28/06/2008|14:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire

[28/03/2006|20:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real

[04/02/2008|14:00] C:\DOCUME~1\timi\APPLIC~1\Adobe
[12/05/2008|07:53] C:\DOCUME~1\timi\APPLIC~1\AdobeUM
[29/08/2006|15:00] C:\DOCUME~1\timi\APPLIC~1\Creative
[28/10/2005|21:40] C:\DOCUME~1\timi\APPLIC~1\CyberLink
[01/12/2006|18:21] C:\DOCUME~1\timi\APPLIC~1\Google
[08/05/2006|07:11] C:\DOCUME~1\timi\APPLIC~1\HbTools
[07/09/2006|19:29] C:\DOCUME~1\timi\APPLIC~1\Help
[19/10/2005|12:53] C:\DOCUME~1\timi\APPLIC~1\Identities
[13/03/2006|17:42] C:\DOCUME~1\timi\APPLIC~1\Leadertech
[19/10/2005|20:06] C:\DOCUME~1\timi\APPLIC~1\Macromedia
[11/04/2008|06:24] C:\DOCUME~1\timi\APPLIC~1\Microsoft
[25/02/2006|12:06] C:\DOCUME~1\timi\APPLIC~1\MSNInstaller
[21/02/2006|18:12] C:\DOCUME~1\timi\APPLIC~1\Nikon
[19/10/2005|20:09] C:\DOCUME~1\timi\APPLIC~1\Real
[01/01/2006|10:08] C:\DOCUME~1\timi\APPLIC~1\Sierra
[27/10/2005|00:15] C:\DOCUME~1\timi\APPLIC~1\Sun
[03/01/2009|18:22] C:\DOCUME~1\timi\APPLIC~1\Template
[25/08/2008|08:35] C:\DOCUME~1\timi\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[10/04/2008 21:01][--a------] C:\WINDOWS\tasks\McDefragTask.job
[10/04/2008 21:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[22/03/2009 14:58][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/12/2007 12:43][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{AE4C55C6-0711-46B2-BF7D-32B0FFA83E11}.job
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[22/03/2009 15:07][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[22/01/2006|13:26] C:\Program Files\ABBYY FineReader 4.0 Sprint
[19/12/2007|21:06] C:\Program Files\Activision
[08/10/2008|20:40] C:\Program Files\Adobe
[19/10/2005|20:16] C:\Program Files\Ahead
[25/12/2005|00:26] C:\Program Files\ArcSoft
[04/06/2006|21:59] C:\Program Files\ATB Radio Viewer
[13/07/2006|21:15] C:\Program Files\ATBRadioViewer
[22/07/2007|20:52] C:\Program Files\Audible
[16/03/2008|14:18] C:\Program Files\AviSynth 2.5
[20/02/2007|14:04] C:\Program Files\Belgium Identity Card
[18/02/2006|11:32] C:\Program Files\CA
[11/12/2007|19:18] C:\Program Files\Canon
[11/12/2007|19:01] C:\Program Files\CanonBJ
[22/03/2009|11:13] C:\Program Files\CCleaner
[19/10/2005|15:13] C:\Program Files\C-Media USB2.0 Card Reader
[06/04/2006|10:09] C:\Program Files\CodeStuff
[26/10/2005|23:07] C:\Program Files\Common Files
[19/10/2005|12:52] C:\Program Files\ComPlus Applications
[13/01/2008|12:43] C:\Program Files\Core Design
[17/01/2006|20:47] C:\Program Files\Corel
[22/07/2007|19:39] C:\Program Files\Creative
[22/07/2007|19:38] C:\Program Files\Creative Installation Information
[25/02/2009|10:10] C:\Program Files\CyberLink
[24/01/2009|20:41] C:\Program Files\devolo
[19/10/2005|20:19] C:\Program Files\DivX
[18/03/2009|16:05] C:\Program Files\Dofus
[27/12/2008|14:20] C:\Program Files\downloaded
[16/03/2008|18:11] C:\Program Files\DVD Decrypter
[06/04/2006|10:01] C:\Program Files\dvd shrink
[19/10/2005|20:52] C:\Program Files\Encarta
[13/12/2008|14:19] C:\Program Files\Fichiers communs
[31/01/2007|21:11] C:\Program Files\Freemind
[20/12/2008|10:00] C:\Program Files\Google
[13/12/2008|10:34] C:\Program Files\GTA3Mods
[08/05/2006|18:20] C:\Program Files\HbTools_Icons
[19/10/2005|16:24] C:\Program Files\HighMAT CD Writing Wizard
[13/02/2009|08:54] C:\Program Files\Hitman Pro
[06/04/2006|10:08] C:\Program Files\hitmanpro
[06/04/2006|10:10] C:\Program Files\Home Cinema
[21/10/2006|16:24] C:\Program Files\IncrediMail
[06/12/2005|20:34] C:\Program Files\ING
[25/02/2009|10:11] C:\Program Files\InstallShield Installation Information
[19/10/2005|14:02] C:\Program Files\Intel
[13/01/2008|15:32] C:\Program Files\InterActual
[12/02/2009|08:46] C:\Program Files\Internet Explorer
[10/12/2008|15:35] C:\Program Files\Java
[06/04/2006|10:18] C:\Program Files\Lavasoft
[22/03/2009|14:21] C:\Program Files\Malware Defender 2009
[06/03/2009|15:23] C:\Program Files\McAfee
[10/04/2008|21:00] C:\Program Files\McAfee.com
[28/10/2005|21:45] C:\Program Files\Medion Info Display
[13/08/2008|19:55] C:\Program Files\Messenger
[09/03/2006|18:12] C:\Program Files\Messenger Plus! 3
[14/03/2009|10:29] C:\Program Files\Messenger Plus! Live
[28/09/2006|19:57] C:\Program Files\MessengerPlus! 3
[19/10/2005|20:55] C:\Program Files\Microsoft AutoRoute
[04/09/2007|15:47] C:\Program Files\Microsoft Digital Image 2006
[19/10/2005|12:53] C:\Program Files\microsoft frontpage
[14/10/2008|17:10] C:\Program Files\Microsoft Games
[13/04/2008|11:23] C:\Program Files\Microsoft mise … jour
[03/12/2005|12:31] C:\Program Files\Microsoft Money 2005
[08/12/2005|20:22] C:\Program Files\Microsoft Office
[27/02/2009|08:23] C:\Program Files\Microsoft Silverlight
[08/12/2005|20:22] C:\Program Files\Microsoft Visual Studio
[10/09/2008|19:02] C:\Program Files\Microsoft Works
[19/10/2005|20:39] C:\Program Files\Microsoft Works Suite 2006
[10/07/2008|18:36] C:\Program Files\Movie Maker
[19/02/2006|22:21] C:\Program Files\MSN
[19/10/2005|12:51] C:\Program Files\MSN Gaming Zone
[01/04/2008|09:26] C:\Program Files\MSN Messenger
[19/11/2006|18:18] C:\Program Files\MSXML 4.0
[19/10/2005|20:20] C:\Program Files\muvee Technologies
[10/07/2008|18:33] C:\Program Files\NetMeeting
[06/12/2005|19:36] C:\Program Files\NewSoft
[25/12/2005|00:28] C:\Program Files\Nikon
[09/10/2008|15:33] C:\Program Files\NOS
[26/10/2005|22:55] C:\Program Files\OfficeUpdate11
[19/10/2005|12:51] C:\Program Files\Online Services
[10/07/2008|18:33] C:\Program Files\Outlook Express
[25/12/2005|00:27] C:\Program Files\QuickTime
[19/10/2005|19:34] C:\Program Files\RALINK
[20/02/2007|13:54] C:\Program Files\Reader E Carte
[19/10/2005|20:08] C:\Program Files\Real
[19/10/2005|14:08] C:\Program Files\Realtek
[16/03/2008|18:09] C:\Program Files\ripp IT
[16/03/2008|18:06] C:\Program Files\Ripp-it_AM
[05/10/2008|12:24] C:\Program Files\Rockstar Games
[22/03/2009|13:01] C:\Program Files\RogueRemover FREE
[04/05/2008|09:32] C:\Program Files\Samsung
[14/02/2007|19:21] C:\Program Files\SEGA
[19/10/2005|12:52] C:\Program Files\Services en ligne
[28/06/2008|14:12] C:\Program Files\SIERRA
[23/11/2005|22:17] C:\Program Files\Sierra On-Line
[29/04/2008|16:55] C:\Program Files\Sophos
[29/04/2008|16:54] C:\Program Files\Sophos rootkittest
[16/03/2008|13:55] C:\Program Files\Spybot - Search & Destroy
[07/04/2006|07:30] C:\Program Files\Spyware Doctor
[06/04/2006|10:36] C:\Program Files\SpywareBlaster
[23/12/2008|17:26] C:\Program Files\Steam
[28/06/2008|09:42] C:\Program Files\Sun
[23/06/2007|09:17] C:\Program Files\Test-A
[07/12/2008|13:15] C:\Program Files\Trust(2)
[06/07/2008|09:24] C:\Program Files\Ubisoft
[19/10/2005|12:56] C:\Program Files\Uninstall Information
[15/04/2007|11:52] C:\Program Files\Usability Sciences
[19/10/2005|15:23] C:\Program Files\USB Wireless Keyboard Driver
[02/12/2006|10:54] C:\Program Files\Virtools Web Player 3.5
[06/04/2006|10:27] C:\Program Files\Webroot
[05/02/2009|21:42] C:\Program Files\WIDCOMM
[09/12/2006|09:46] C:\Program Files\Windows Desktop Search
[19/10/2005|12:57] C:\Program Files\Windows Journal Viewer
[30/08/2008|08:53] C:\Program Files\Windows Live
[07/12/2007|10:37] C:\Program Files\Windows Live Toolbar
[14/01/2007|22:49] C:\Program Files\Windows Media Connect
[14/01/2007|22:52] C:\Program Files\Windows Media Connect 2
[10/07/2008|18:33] C:\Program Files\Windows Media Player
[11/10/2006|19:58] C:\Program Files\Windows Media Player plug-in
[10/07/2008|18:33] C:\Program Files\Windows NT
[19/10/2005|12:52] C:\Program Files\WindowsUpdate
[26/10/2005|23:07] C:\Program Files\X10 Hardware
[19/10/2005|12:53] C:\Program Files\xerox
[12/10/2008|18:12] C:\Program Files\xfire
[25/08/2008|08:35] C:\Program Files\Yahoo!
[05/11/2006|19:12] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[08/10/2008|20:41] C:\Program Files\Fichiers communs\Adobe
[19/10/2005|20:15] C:\Program Files\Fichiers communs\Ahead
[22/07/2007|19:36] C:\Program Files\Fichiers communs\Creative
[19/10/2005|20:44] C:\Program Files\Fichiers communs\Designer
[20/02/2007|14:03] C:\Program Files\Fichiers communs\InstallShield
[19/10/2005|20:17] C:\Program Files\Fichiers communs\Java
[19/10/2005|20:16] C:\Program Files\Fichiers communs\LightScribe
[10/04/2008|21:01] C:\Program Files\Fichiers communs\McAfee
[05/03/2009|20:02] C:\Program Files\Fichiers communs\Microsoft Shared
[19/10/2005|12:52] C:\Program Files\Fichiers communs\MSSoap
[19/10/2005|20:20] C:\Program Files\Fichiers communs\muvee Technologies
[19/10/2005|20:16] C:\Program Files\Fichiers communs\Nero
[31/01/2006|19:35] C:\Program Files\Fichiers communs\Nikon
[19/10/2005|14:48] C:\Program Files\Fichiers communs\ODBC
[19/10/2005|20:08] C:\Program Files\Fichiers communs\Real
[19/10/2005|12:52] C:\Program Files\Fichiers communs\Services
[19/10/2005|14:48] C:\Program Files\Fichiers communs\SpeechEngines
[10/07/2008|18:33] C:\Program Files\Fichiers communs\System
[13/04/2008|14:02] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/10/2005|20:08] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 72 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-22 15:34:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Pack.epk
[b]==> EGDACCESS <==/b



[F:22][D:6]-> C:\DOCUME~1\jp\LOCALS~1\Temp
[F:19][D:0]-> C:\DOCUME~1\jp\Cookies
[F:35][D:8]-> C:\DOCUME~1\jp\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - dim. 22/03/2009|15:35 - Option : [1]

--------------------\\ Fin du rapport a 15:35:25
A voir également:

3 réponses

Réponse 1 / 3
gil le fantom Messages postés 2799 Date d'inscription vendredi 18 janvier 2008 Statut Membre Dernière intervention 17 octobre 2010 25
22 mars 2009 à 16:38
Bonjour,essaye plutot Malwarebytes' Anti-Malware

Tu télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware

Tu clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

Tu suis les indications et tu n'apporte aucune modication aux réglages par défaut et en fin d'installation,vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

Tu fais "Exécuter un examen complet"

Si des malwares ont été détectés, leur liste s'affiche.
tu clique sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

Tu me poste le rapport
0
Réponse 2 / 3
jpkohaku Messages postés 19 Date d'inscription dimanche 22 mars 2009 Statut Membre Dernière intervention 25 mars 2009
22 mars 2009 à 20:20
Salut et merci pour l 'aide.
Curieusement, Malware Defender est toujours présent, mais son comportement est modifié.
P.ex. je peux arrêter le scan qui a demarré automatiquement lors du reboot. Avant cela je ne savais pas l'arrêter. Je n'ai plus la fenêtre en bas à droite qui me dit que mon pc est infecté.
Cela m'a l'air d'être déjà un bon début.

Voici le rapport avant nettoyage. Et plus bas celui après nettoyage.

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 3

22/03/2009 20:01:23
mbam-log-2009-03-22 (20-01-13).txt

Type de recherche: Examen complet (C:\|D:\|E:\|I:\|)
Eléments examinés: 313036
Temps écoulé: 2 hour(s), 40 minute(s), 43 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 8
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
C:\WINDOWS\system32\ntdll64.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\frmwrk32.exe (Trojan.FakeAlert) -> No action taken.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\__c00986A2.dat (Trojan.Agent) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00986a2 (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> No action taken.
C:\WINDOWS\system32\ntdll64.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\__c00986A2.dat (Trojan.Vundo) -> No action taken.
C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\warning.gif (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\frmwrk32.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\jp\Local Settings\Temp\mousehook.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> No action taken.




Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 3

22/03/2009 20:03:08
mbam-log-2009-03-22 (20-03-08).txt

Type de recherche: Examen complet (C:\|D:\|E:\|I:\|)
Eléments examinés: 313036
Temps écoulé: 2 hour(s), 40 minute(s), 43 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 8
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
C:\WINDOWS\system32\ntdll64.exe (Trojan.Agent) -> Unloaded process successfully.
C:\WINDOWS\system32\frmwrk32.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\__c00986A2.dat (Trojan.Agent) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7e66936c-fea0-4984-ad26-7b6661ac5b2e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00986a2 (Trojan.Vundo) -> Delete on reboot.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Fichiers communs\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ntdll64.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\__c00986A2.dat (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\warning.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\frmwrk32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\jp\Local Settings\Temp\mousehook.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
0
Réponse 3 / 3
janofcb Messages postés 128 Date d'inscription mercredi 18 mars 2009 Statut Membre Dernière intervention 26 novembre 2011 22
22 mars 2009 à 20:28
g u ce virus ya 2 jrs.
j'ai téléchargé avast.a la fin de l'instalation il ma demandé de redémaré puis de faire une vérification au démarage.
J'ai accepté. Il y a u une vérification et a chaque fichier il me demandait plusieurs choix(supprimer le fichier, quarantaine restaurer...
Si tu peux, restaure les sinon supprime. Quand tu arrive a malware, supprime le.
Ton ordinateur redémarrera ensuite. évite tt de même de supprimer les fichiers windows mais si il y a pas d'autre choix, tant pis... j'espère que ca t'aidera...
0

Discussions similaires

Comment supprimer tor.jack sur Android
sabinelouisonbruno -
akaloupile -

4 réponses
télécharger et installer encarta junior
98653773 -
1 -

3 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Windows defender: avertissement de sécurité
surfinia -
Tchoumi -

20 réponses