Sujet Précédent Sujet Suivant

Virus fenêtre pop-up qui s'ouvre toute seule

Résolu/Fermé
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009 - 8 nov. 2009 à 15:26
rionetta Messages postés 1 Date d'inscription vendredi 2 novembre 2012 Statut Membre Dernière intervention 2 novembre 2012 - 2 nov. 2012 à 09:40
Bonjour,

Je suis allée sur plusieurs sites pour voir comment on pouvait supprimer les fenêtre pop-up qui s'ouvrent toutes seules, j'ai télécharger Hijackthis et ça m'a donné :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:33, on 08/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Solange\Local Settings\Temporary Internet Files\Content.IE5\T1KFT98Z\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Solang­e\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [memo site kind that] C:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\once save.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [Camp Safe] C:\DOCUME~1\Solange\APPLIC~1\AXISDR~1\mixdefaultroad.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [http://]*.mappy.com
O15 - Trusted Zone: [http://]*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1A26F07F-0D60-4835-91CF-1E1766A0EC56} - http://scanner2.malware-scan.com/setup/webinst_fr.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Client Firewall Configuration (CfgWzSvc) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe


A voir également:

16 réponses

Réponse 1 / 16
Utilisateur anonyme
8 nov. 2009 à 15:58
bonjour
O4 - HKLM\..\Run: [memo site kind that] C:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\once save.exe
O4 - HKCU\..\Run: [Camp Safe] C:\DOCUME~1\Solange\APPLIC~1\AXISDR~1\mixdefaultroad.exe

Tu as une infection LOP , c'est ce qui fait ouvrir des pop-up
Elles s'installent par ces programmes qu'il éviter à tout prix:
* Le sponsor de Messenger Plus!
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101



Télécharge Lop S&D(de Eric_71 et Angeldark) sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
Réponse 2 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 12:48
Bonjour, merci beaucoup, mais le site ne veut pas s'afficher, le lien est bon mais il y a écrit "The bandwidth or page view limit for this site has been exceeded and the page cannot be viewed at this time. Once the site is below the limit, it will once again begin serving as normal. "
Pour tout dire, je n'ai pas tout saisi, mais je vais réessayer d'y aller un peu plus tard, sait-on jamais...
0
Réponse 3 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 14:19
Finalement j'ai trouvé un autre lien pour accéder au même programme : http://eric71.geekstogo.com/tools/LopSD.exe

Voici mon rapport généré :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Default System BIOS
USER : Solange ( Administrator )
BOOT : Normal boot
Antivirus : Symantec AntiVirus Corporate Edition 9.0.3.1000 (Activated)
Firewall : Symantec Client Firewall 7.1.3.1039 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:48 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:48 Go (Free:48 Go)
E:\ (Local Disk) - NTFS - Total:51 Go (Free:49 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 11/11/2009|12:51 )

--------------------\\ Listing des dossiers dans APPLIC~1

[01/01/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[19/02/2006|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[23/07/2009|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/04/2009|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[20/02/2006|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[30/12/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[05/11/2009|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
[15/07/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\howto
[01/01/2009|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[31/10/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/05/2009|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
[19/02/2006|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[02/03/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/02/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[01/04/2006|15:57] C:\DOCUME~1\Celine\APPLIC~1\ACD Systems
[18/11/2006|20:21] C:\DOCUME~1\Celine\APPLIC~1\Adobe
[05/09/2007|20:20] C:\DOCUME~1\Celine\APPLIC~1\AdobeUM
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\ATI
[10/11/2009|14:48] C:\DOCUME~1\Celine\APPLIC~1\Axis draw
[25/02/2006|10:38] C:\DOCUME~1\Celine\APPLIC~1\COWON
[03/03/2007|09:43] C:\DOCUME~1\Celine\APPLIC~1\CyberLink
[05/06/2007|17:32] C:\DOCUME~1\Celine\APPLIC~1\Google
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\Identities
[13/06/2006|07:15] C:\DOCUME~1\Celine\APPLIC~1\Macromedia
[11/03/2009|12:10] C:\DOCUME~1\Celine\APPLIC~1\Microsoft
[08/05/2009|07:11] C:\DOCUME~1\Celine\APPLIC~1\Sun

[08/03/2009|19:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2006|16:59] C:\DOCUME~1\Papa\APPLIC~1\ACD Systems
[19/07/2007|08:24] C:\DOCUME~1\Papa\APPLIC~1\Adobe
[22/07/2007|17:28] C:\DOCUME~1\Papa\APPLIC~1\AdobeUM
[19/02/2006|16:39] C:\DOCUME~1\Papa\APPLIC~1\ATI
[05/11/2009|10:47] C:\DOCUME~1\Papa\APPLIC~1\Axis draw
[20/02/2006|08:39] C:\DOCUME~1\Papa\APPLIC~1\COWON
[20/02/2006|19:04] C:\DOCUME~1\Papa\APPLIC~1\eConf
[05/06/2007|07:06] C:\DOCUME~1\Papa\APPLIC~1\Google
[22/08/2006|08:11] C:\DOCUME~1\Papa\APPLIC~1\Help
[19/02/2006|16:21] C:\DOCUME~1\Papa\APPLIC~1\Identities
[19/02/2006|18:04] C:\DOCUME~1\Papa\APPLIC~1\Macromedia
[09/03/2009|09:20] C:\DOCUME~1\Papa\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\Papa\APPLIC~1\Nikon
[26/04/2009|15:02] C:\DOCUME~1\Papa\APPLIC~1\Sun

[23/02/2006|17:10] C:\DOCUME~1\Solange\APPLIC~1\ACD Systems
[11/12/2008|14:02] C:\DOCUME~1\Solange\APPLIC~1\Adobe
[24/07/2009|13:27] C:\DOCUME~1\Solange\APPLIC~1\AdobeUM
[25/05/2006|18:49] C:\DOCUME~1\Solange\APPLIC~1\Ahead
[19/02/2006|18:14] C:\DOCUME~1\Solange\APPLIC~1\ATI
[05/11/2009|19:51] C:\DOCUME~1\Solange\APPLIC~1\Axis draw
[26/06/2006|19:29] C:\DOCUME~1\Solange\APPLIC~1\COWON
[04/07/2006|09:34] C:\DOCUME~1\Solange\APPLIC~1\FotoWire
[06/06/2007|10:26] C:\DOCUME~1\Solange\APPLIC~1\Google
[02/01/2008|22:27] C:\DOCUME~1\Solange\APPLIC~1\Help
[19/02/2006|18:13] C:\DOCUME~1\Solange\APPLIC~1\Identities
[26/02/2006|12:27] C:\DOCUME~1\Solange\APPLIC~1\Macromedia
[12/04/2009|19:21] C:\DOCUME~1\Solange\APPLIC~1\Microsoft
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mostick
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mozilla
[12/05/2007|14:59] C:\DOCUME~1\Solange\APPLIC~1\MSNInstaller
[17/07/2007|09:13] C:\DOCUME~1\Solange\APPLIC~1\Nikon
[18/03/2007|13:57] C:\DOCUME~1\Solange\APPLIC~1\Screenshot Sender
[20/12/2007|18:11] C:\DOCUME~1\Solange\APPLIC~1\Sun
[05/10/2007|18:45] C:\DOCUME~1\Solange\APPLIC~1\The Rasmus Player

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/11/2009 12:00][--ah-----] C:\WINDOWS\tasks\A78E259F9185DDDF.job
[11/11/2009 12:51][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{CFF12CB8-BE2A-4694-B3D7-D08A5CFF598D}.job
[23/10/2009 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[19/02/2006 17:18][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[11/11/2009 11:44][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( A78E259F9185DDDF.job )=( c:\docume~1\papa\applic~1\axisdr~1\dentgpldefy.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[19/02/2006|16:54] C:\Program Files\ACD Systems
[19/02/2006|16:48] C:\Program Files\Adobe
[19/02/2006|16:50] C:\Program Files\Ahead
[15/07/2007|18:30] C:\Program Files\ArcSoft
[19/02/2006|16:34] C:\Program Files\ATI Technologies
[05/11/2009|10:46] C:\Program Files\Axis draw
[17/04/2007|19:10] C:\Program Files\CCleaner
[05/11/2009|10:46] C:\Program Files\Cirle Developement
[19/02/2006|16:28] C:\Program Files\C-Media 3D Audio
[19/02/2006|16:12] C:\Program Files\ComPlus Applications
[19/02/2006|17:21] C:\Program Files\CyberLink
[19/02/2006|16:55] C:\Program Files\D-Tools
[06/09/2009|15:03] C:\Program Files\EA GAMES
[13/04/2009|09:03] C:\Program Files\Fichiers communs
[26/04/2009|15:36] C:\Program Files\Google
[26/03/2009|20:35] C:\Program Files\Hewlett-Packard
[26/03/2009|20:32] C:\Program Files\HP
[16/07/2008|15:17] C:\Program Files\InstallShield Installation Information
[14/10/2009|09:59] C:\Program Files\Internet Explorer
[26/04/2009|15:03] C:\Program Files\Java
[20/02/2006|08:39] C:\Program Files\JetAudio
[19/02/2006|17:23] C:\Program Files\Lavasoft
[19/02/2006|17:04] C:\Program Files\LHSP
[20/02/2006|19:04] C:\Program Files\Livecom
[01/01/2009|20:19] C:\Program Files\ma-config.com
[08/03/2009|19:27] C:\Program Files\Messenger
[05/11/2009|10:46] C:\Program Files\Messenger Plus! Live
[06/03/2009|17:46] C:\Program Files\Microsoft
[27/03/2009|18:58] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/02/2006|16:16] C:\Program Files\microsoft frontpage
[19/02/2006|16:57] C:\Program Files\Microsoft Office
[29/09/2009|19:39] C:\Program Files\Microsoft Office Outlook Connector
[30/09/2009|11:57] C:\Program Files\Microsoft Silverlight
[06/03/2009|17:40] C:\Program Files\Microsoft SQL Server Compact Edition
[06/03/2009|17:41] C:\Program Files\Microsoft Sync Framework
[19/02/2006|16:57] C:\Program Files\Microsoft.NET
[19/02/2006|17:17] C:\Program Files\Movie Maker
[08/08/2009|12:21] C:\Program Files\MSBuild
[19/02/2006|19:17] C:\Program Files\MSN
[19/02/2006|19:38] C:\Program Files\MSN Apps
[19/02/2006|16:12] C:\Program Files\MSN Gaming Zone
[15/07/2007|18:35] C:\Program Files\MSXML 4.0
[08/08/2009|12:17] C:\Program Files\MSXML 6.0
[19/02/2006|16:14] C:\Program Files\NetMeeting
[15/07/2007|18:33] C:\Program Files\Nikon
[21/08/2009|14:00] C:\Program Files\Norton Security Scan
[19/02/2006|17:09] C:\Program Files\ObjectDock
[19/02/2006|16:12] C:\Program Files\Online Services
[20/04/2009|18:16] C:\Program Files\OrangeHSS
[13/08/2009|12:26] C:\Program Files\Outlook Express
[02/01/2009|10:38] C:\Program Files\QuickTime
[08/08/2009|12:20] C:\Program Files\Reference Assemblies
[19/02/2006|17:14] C:\Program Files\RegCleaner
[19/02/2006|17:09] C:\Program Files\RK Launcher
[27/02/2006|17:21] C:\Program Files\SAGEM
[27/02/2006|17:21] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[24/11/2008|15:00] C:\Program Files\Securitoo
[19/02/2006|16:15] C:\Program Files\Services en ligne
[19/02/2006|17:11] C:\Program Files\Symantec
[19/02/2006|17:11] C:\Program Files\Symantec Client Security
[19/02/2006|16:21] C:\Program Files\Uninstall Information
[19/02/2006|16:40] C:\Program Files\VIA Technologies, Inc
[27/02/2006|17:25] C:\Program Files\Wanadoo Messager
[29/09/2009|19:38] C:\Program Files\Windows Live
[06/03/2009|17:38] C:\Program Files\Windows Live SkyDrive
[12/02/2007|20:43] C:\Program Files\Windows Media Connect 2
[12/03/2007|08:07] C:\Program Files\Windows Media Player
[19/02/2006|17:17] C:\Program Files\Windows NT
[19/02/2006|16:15] C:\Program Files\WindowsUpdate
[19/02/2006|17:17] C:\Program Files\WinRAR
[05/09/2009|10:57] C:\Program Files\World of Warcraft
[19/02/2006|16:16] C:\Program Files\xerox
[26/02/2006|12:27] C:\Program Files\Yahoo!
[19/02/2006|17:09] C:\Program Files\YzShadow

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/02/2006|16:54] C:\Program Files\Fichiers communs\ACD Systems
[19/02/2006|16:48] C:\Program Files\Fichiers communs\Adobe
[19/02/2006|16:50] C:\Program Files\Fichiers communs\Ahead
[15/04/2009|11:56] C:\Program Files\Fichiers communs\Blizzard Entertainment
[19/02/2006|16:57] C:\Program Files\Fichiers communs\DESIGNER
[24/11/2008|14:57] C:\Program Files\Fichiers communs\France Telecom
[19/02/2006|16:34] C:\Program Files\Fichiers communs\InstallShield
[20/12/2007|18:09] C:\Program Files\Fichiers communs\Java
[19/02/2006|17:05] C:\Program Files\Fichiers communs\L&H Shared
[16/07/2007|20:13] C:\Program Files\Fichiers communs\Logitech
[08/03/2009|19:23] C:\Program Files\Fichiers communs\Microsoft Shared
[19/02/2006|16:14] C:\Program Files\Fichiers communs\MSSoap
[15/07/2007|18:33] C:\Program Files\Fichiers communs\muvee Technologies
[15/07/2007|18:34] C:\Program Files\Fichiers communs\Nikon
[20/02/2006|00:03] C:\Program Files\Fichiers communs\ODBC
[19/02/2006|16:14] C:\Program Files\Fichiers communs\Services
[20/02/2006|00:03] C:\Program Files\Fichiers communs\SpeechEngines
[11/11/2009|11:45] C:\Program Files\Fichiers communs\Symantec Shared
[29/09/2009|19:39] C:\Program Files\Fichiers communs\System
[06/03/2009|17:28] C:\Program Files\Fichiers communs\Windows Live
[16/04/2008|16:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 63 Processes )

IEXPLORE.EXE ~ [PID:3872]
IEXPLORE.EXE ~ [PID:196]
IEXPLORE.EXE ~ [PID:352]
IEXPLORE.EXE ~ [PID:5080]
IEXPLORE.EXE ~ [PID:6072]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\once save.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\once save.exe
C:\DOCUME~1\Celine\APPLIC~1\axisdr~1
C:\DOCUME~1\Celine\APPLIC~1\axisdr~1\mixdefaultroad.exe
C:\DOCUME~1\Papa\APPLIC~1\axisdr~1
C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\dentgpldefy.exe
C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\Grid Seek Junk About.exe
C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\klmcdupu.exe
C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\mixdefaultroad.exe
C:\DOCUME~1\Solange\APPLIC~1\axisdr~1
C:\DOCUME~1\Solange\APPLIC~1\axisdr~1\mixdefaultroad.exe
C:\Program Files\axisdr~1
C:\DOCUME~1\Solange\Cookies\solange@advertstream[2].txt
C:\DOCUME~1\Solange\Cookies\solange@advertising[2].txt
C:\DOCUME~1\Solange\Cookies\solange@cotedazurpalace[2].txt
C:\DOCUME~1\Solange\Cookies\solange@serve.cotedazurpalace[1].txt
C:\DOCUME~1\Solange\Cookies\solange@www.cotedazurpalace[2].txt
C:\DOCUME~1\Solange\Cookies\solange@2xmoinscher[2].txt
C:\DOCUME~1\Solange\Cookies\solange@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A78E259F9185DDDF.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Camp Safe"="C:\\DOCUME~1\\Solange\\APPLIC~1\\AXISDR~1\\mixdefaultroad.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"memo site kind that"="C:\\Documents and Settings\\All Users\\Application Data\\Grid Blue Memo Site\\once save.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 12:54:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Solange\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Solange\Local Settings\Temporary Internet Files\Content.IE5\DPWJA753\mobifun_MBFII_AGR_CrackBonky_728x90_051109[1].gif


[F:72][D:7]-> C:\DOCUME~1\Solange\LOCALS~1\Temp
[F:244][D:0]-> C:\DOCUME~1\Solange\Cookies
[F:10335][D:19]-> C:\DOCUME~1\Solange\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 11/11/2009|12:55 - Option : [1]

--------------------\\ Fin du rapport a 12:55:29
0
Utilisateur anonyme
11 nov. 2009 à 14:56
bonjour,
double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
Réponse 4 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 15:40
Bonjour,
Voilà le rapport :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Default System BIOS
USER : Solange ( Administrator )
BOOT : Normal boot
Antivirus : Symantec AntiVirus Corporate Edition 9.0.3.1000 (Activated)
Firewall : Symantec Client Firewall 7.1.3.1039 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:48 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:48 Go (Free:48 Go)
E:\ (Local Disk) - NTFS - Total:51 Go (Free:49 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 11/11/2009|15:18 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\A78E259F9185DDDF.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\once save.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\once save.exe
Supprime! - C:\DOCUME~1\Celine\APPLIC~1\axisdr~1\mixdefaultroad.exe
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\dentgpldefy.exe
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\Grid Seek Junk About.exe
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\klmcdupu.exe
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\axisdr~1\mixdefaultroad.exe
Supprime! - C:\DOCUME~1\Solange\APPLIC~1\axisdr~1\mixdefaultroad.exe
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@advertstream[2].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@advertising[2].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@serve.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@fr.pacificpoker[2].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\Solange\Cookies\solange@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
Supprime! - C:\DOCUME~1\Celine\APPLIC~1\axisdr~1
Supprime! - C:\DOCUME~1\Papa\APPLIC~1\axisdr~1
Supprime! - C:\DOCUME~1\Solange\APPLIC~1\axisdr~1
Supprime! - C:\Program Files\axisdr~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[01/01/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[19/02/2006|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[23/07/2009|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/04/2009|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[20/02/2006|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[30/12/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/07/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\howto
[01/01/2009|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[31/10/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/05/2009|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
[19/02/2006|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[02/03/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/02/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[01/04/2006|15:57] C:\DOCUME~1\Celine\APPLIC~1\ACD Systems
[18/11/2006|20:21] C:\DOCUME~1\Celine\APPLIC~1\Adobe
[05/09/2007|20:20] C:\DOCUME~1\Celine\APPLIC~1\AdobeUM
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\ATI
[25/02/2006|10:38] C:\DOCUME~1\Celine\APPLIC~1\COWON
[03/03/2007|09:43] C:\DOCUME~1\Celine\APPLIC~1\CyberLink
[05/06/2007|17:32] C:\DOCUME~1\Celine\APPLIC~1\Google
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\Identities
[13/06/2006|07:15] C:\DOCUME~1\Celine\APPLIC~1\Macromedia
[11/03/2009|12:10] C:\DOCUME~1\Celine\APPLIC~1\Microsoft
[08/05/2009|07:11] C:\DOCUME~1\Celine\APPLIC~1\Sun

[08/03/2009|19:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2006|16:59] C:\DOCUME~1\Papa\APPLIC~1\ACD Systems
[19/07/2007|08:24] C:\DOCUME~1\Papa\APPLIC~1\Adobe
[22/07/2007|17:28] C:\DOCUME~1\Papa\APPLIC~1\AdobeUM
[19/02/2006|16:39] C:\DOCUME~1\Papa\APPLIC~1\ATI
[20/02/2006|08:39] C:\DOCUME~1\Papa\APPLIC~1\COWON
[20/02/2006|19:04] C:\DOCUME~1\Papa\APPLIC~1\eConf
[05/06/2007|07:06] C:\DOCUME~1\Papa\APPLIC~1\Google
[22/08/2006|08:11] C:\DOCUME~1\Papa\APPLIC~1\Help
[19/02/2006|16:21] C:\DOCUME~1\Papa\APPLIC~1\Identities
[19/02/2006|18:04] C:\DOCUME~1\Papa\APPLIC~1\Macromedia
[09/03/2009|09:20] C:\DOCUME~1\Papa\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\Papa\APPLIC~1\Nikon
[26/04/2009|15:02] C:\DOCUME~1\Papa\APPLIC~1\Sun

[23/02/2006|17:10] C:\DOCUME~1\Solange\APPLIC~1\ACD Systems
[11/12/2008|14:02] C:\DOCUME~1\Solange\APPLIC~1\Adobe
[24/07/2009|13:27] C:\DOCUME~1\Solange\APPLIC~1\AdobeUM
[25/05/2006|18:49] C:\DOCUME~1\Solange\APPLIC~1\Ahead
[19/02/2006|18:14] C:\DOCUME~1\Solange\APPLIC~1\ATI
[26/06/2006|19:29] C:\DOCUME~1\Solange\APPLIC~1\COWON
[04/07/2006|09:34] C:\DOCUME~1\Solange\APPLIC~1\FotoWire
[06/06/2007|10:26] C:\DOCUME~1\Solange\APPLIC~1\Google
[02/01/2008|22:27] C:\DOCUME~1\Solange\APPLIC~1\Help
[19/02/2006|18:13] C:\DOCUME~1\Solange\APPLIC~1\Identities
[26/02/2006|12:27] C:\DOCUME~1\Solange\APPLIC~1\Macromedia
[12/04/2009|19:21] C:\DOCUME~1\Solange\APPLIC~1\Microsoft
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mostick
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mozilla
[12/05/2007|14:59] C:\DOCUME~1\Solange\APPLIC~1\MSNInstaller
[17/07/2007|09:13] C:\DOCUME~1\Solange\APPLIC~1\Nikon
[18/03/2007|13:57] C:\DOCUME~1\Solange\APPLIC~1\Screenshot Sender
[20/12/2007|18:11] C:\DOCUME~1\Solange\APPLIC~1\Sun
[05/10/2007|18:45] C:\DOCUME~1\Solange\APPLIC~1\The Rasmus Player

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/11/2009 15:21][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{CFF12CB8-BE2A-4694-B3D7-D08A5CFF598D}.job
[23/10/2009 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[19/02/2006 17:18][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[11/11/2009 15:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[19/02/2006|16:54] C:\Program Files\ACD Systems
[19/02/2006|16:48] C:\Program Files\Adobe
[19/02/2006|16:50] C:\Program Files\Ahead
[15/07/2007|18:30] C:\Program Files\ArcSoft
[19/02/2006|16:34] C:\Program Files\ATI Technologies
[17/04/2007|19:10] C:\Program Files\CCleaner
[05/11/2009|10:46] C:\Program Files\Cirle Developement
[19/02/2006|16:28] C:\Program Files\C-Media 3D Audio
[19/02/2006|16:12] C:\Program Files\ComPlus Applications
[19/02/2006|17:21] C:\Program Files\CyberLink
[19/02/2006|16:55] C:\Program Files\D-Tools
[06/09/2009|15:03] C:\Program Files\EA GAMES
[13/04/2009|09:03] C:\Program Files\Fichiers communs
[26/04/2009|15:36] C:\Program Files\Google
[26/03/2009|20:35] C:\Program Files\Hewlett-Packard
[26/03/2009|20:32] C:\Program Files\HP
[16/07/2008|15:17] C:\Program Files\InstallShield Installation Information
[14/10/2009|09:59] C:\Program Files\Internet Explorer
[26/04/2009|15:03] C:\Program Files\Java
[20/02/2006|08:39] C:\Program Files\JetAudio
[19/02/2006|17:23] C:\Program Files\Lavasoft
[19/02/2006|17:04] C:\Program Files\LHSP
[20/02/2006|19:04] C:\Program Files\Livecom
[01/01/2009|20:19] C:\Program Files\ma-config.com
[08/03/2009|19:27] C:\Program Files\Messenger
[05/11/2009|10:46] C:\Program Files\Messenger Plus! Live
[06/03/2009|17:46] C:\Program Files\Microsoft
[27/03/2009|18:58] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/02/2006|16:16] C:\Program Files\microsoft frontpage
[19/02/2006|16:57] C:\Program Files\Microsoft Office
[29/09/2009|19:39] C:\Program Files\Microsoft Office Outlook Connector
[30/09/2009|11:57] C:\Program Files\Microsoft Silverlight
[06/03/2009|17:40] C:\Program Files\Microsoft SQL Server Compact Edition
[06/03/2009|17:41] C:\Program Files\Microsoft Sync Framework
[19/02/2006|16:57] C:\Program Files\Microsoft.NET
[19/02/2006|17:17] C:\Program Files\Movie Maker
[08/08/2009|12:21] C:\Program Files\MSBuild
[19/02/2006|19:17] C:\Program Files\MSN
[19/02/2006|19:38] C:\Program Files\MSN Apps
[19/02/2006|16:12] C:\Program Files\MSN Gaming Zone
[15/07/2007|18:35] C:\Program Files\MSXML 4.0
[08/08/2009|12:17] C:\Program Files\MSXML 6.0
[19/02/2006|16:14] C:\Program Files\NetMeeting
[15/07/2007|18:33] C:\Program Files\Nikon
[21/08/2009|14:00] C:\Program Files\Norton Security Scan
[19/02/2006|17:09] C:\Program Files\ObjectDock
[19/02/2006|16:12] C:\Program Files\Online Services
[20/04/2009|18:16] C:\Program Files\OrangeHSS
[13/08/2009|12:26] C:\Program Files\Outlook Express
[02/01/2009|10:38] C:\Program Files\QuickTime
[08/08/2009|12:20] C:\Program Files\Reference Assemblies
[19/02/2006|17:14] C:\Program Files\RegCleaner
[19/02/2006|17:09] C:\Program Files\RK Launcher
[27/02/2006|17:21] C:\Program Files\SAGEM
[27/02/2006|17:21] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[24/11/2008|15:00] C:\Program Files\Securitoo
[19/02/2006|16:15] C:\Program Files\Services en ligne
[19/02/2006|17:11] C:\Program Files\Symantec
[19/02/2006|17:11] C:\Program Files\Symantec Client Security
[19/02/2006|16:21] C:\Program Files\Uninstall Information
[19/02/2006|16:40] C:\Program Files\VIA Technologies, Inc
[27/02/2006|17:25] C:\Program Files\Wanadoo Messager
[29/09/2009|19:38] C:\Program Files\Windows Live
[06/03/2009|17:38] C:\Program Files\Windows Live SkyDrive
[12/02/2007|20:43] C:\Program Files\Windows Media Connect 2
[12/03/2007|08:07] C:\Program Files\Windows Media Player
[19/02/2006|17:17] C:\Program Files\Windows NT
[19/02/2006|16:15] C:\Program Files\WindowsUpdate
[19/02/2006|17:17] C:\Program Files\WinRAR
[05/09/2009|10:57] C:\Program Files\World of Warcraft
[19/02/2006|16:16] C:\Program Files\xerox
[26/02/2006|12:27] C:\Program Files\Yahoo!
[19/02/2006|17:09] C:\Program Files\YzShadow

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/02/2006|16:54] C:\Program Files\Fichiers communs\ACD Systems
[19/02/2006|16:48] C:\Program Files\Fichiers communs\Adobe
[19/02/2006|16:50] C:\Program Files\Fichiers communs\Ahead
[15/04/2009|11:56] C:\Program Files\Fichiers communs\Blizzard Entertainment
[19/02/2006|16:57] C:\Program Files\Fichiers communs\DESIGNER
[24/11/2008|14:57] C:\Program Files\Fichiers communs\France Telecom
[19/02/2006|16:34] C:\Program Files\Fichiers communs\InstallShield
[20/12/2007|18:09] C:\Program Files\Fichiers communs\Java
[19/02/2006|17:05] C:\Program Files\Fichiers communs\L&H Shared
[16/07/2007|20:13] C:\Program Files\Fichiers communs\Logitech
[08/03/2009|19:23] C:\Program Files\Fichiers communs\Microsoft Shared
[19/02/2006|16:14] C:\Program Files\Fichiers communs\MSSoap
[15/07/2007|18:33] C:\Program Files\Fichiers communs\muvee Technologies
[15/07/2007|18:34] C:\Program Files\Fichiers communs\Nikon
[20/02/2006|00:03] C:\Program Files\Fichiers communs\ODBC
[19/02/2006|16:14] C:\Program Files\Fichiers communs\Services
[20/02/2006|00:03] C:\Program Files\Fichiers communs\SpeechEngines
[11/11/2009|15:08] C:\Program Files\Fichiers communs\Symantec Shared
[29/09/2009|19:39] C:\Program Files\Fichiers communs\System
[06/03/2009|17:28] C:\Program Files\Fichiers communs\Windows Live
[16/04/2008|16:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 55 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE
0
Utilisateur anonyme
11 nov. 2009 à 16:10
pourrai tu me poster un nouveau rapport hijackthis
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 17:53
Voilà mon rapport (depuis cet après-midi, il n'y a plus de fenêtre pop-up qui s'ouvre !) :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Default System BIOS
USER : Solange ( Administrator )
BOOT : Normal boot
Antivirus : Symantec AntiVirus Corporate Edition 9.0.3.1000 (Activated)
Firewall : Symantec Client Firewall 7.1.3.1039 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:48 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:48 Go (Free:48 Go)
E:\ (Local Disk) - NTFS - Total:51 Go (Free:49 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB) - FAT - Total:983 Mo (Free:0 Go)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 11/11/2009|17:35 )

--------------------\\ Listing des dossiers dans APPLIC~1

[01/01/2009|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[19/02/2006|16:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[23/07/2009|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[16/04/2009|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[20/02/2006|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EnterNHelp
[30/12/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/07/2007|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\howto
[01/01/2009|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[31/10/2006|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/05/2009|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nikon
[19/02/2006|17:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/07/2007|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ultima_T15
[02/03/2007|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/04/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/02/2006|12:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[01/04/2006|15:57] C:\DOCUME~1\Celine\APPLIC~1\ACD Systems
[18/11/2006|20:21] C:\DOCUME~1\Celine\APPLIC~1\Adobe
[05/09/2007|20:20] C:\DOCUME~1\Celine\APPLIC~1\AdobeUM
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\ATI
[25/02/2006|10:38] C:\DOCUME~1\Celine\APPLIC~1\COWON
[03/03/2007|09:43] C:\DOCUME~1\Celine\APPLIC~1\CyberLink
[05/06/2007|17:32] C:\DOCUME~1\Celine\APPLIC~1\Google
[19/02/2006|17:41] C:\DOCUME~1\Celine\APPLIC~1\Identities
[13/06/2006|07:15] C:\DOCUME~1\Celine\APPLIC~1\Macromedia
[11/03/2009|12:10] C:\DOCUME~1\Celine\APPLIC~1\Microsoft
[08/05/2009|07:11] C:\DOCUME~1\Celine\APPLIC~1\Sun

[08/03/2009|19:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[19/02/2006|16:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2006|16:59] C:\DOCUME~1\Papa\APPLIC~1\ACD Systems
[19/07/2007|08:24] C:\DOCUME~1\Papa\APPLIC~1\Adobe
[22/07/2007|17:28] C:\DOCUME~1\Papa\APPLIC~1\AdobeUM
[19/02/2006|16:39] C:\DOCUME~1\Papa\APPLIC~1\ATI
[20/02/2006|08:39] C:\DOCUME~1\Papa\APPLIC~1\COWON
[20/02/2006|19:04] C:\DOCUME~1\Papa\APPLIC~1\eConf
[05/06/2007|07:06] C:\DOCUME~1\Papa\APPLIC~1\Google
[22/08/2006|08:11] C:\DOCUME~1\Papa\APPLIC~1\Help
[19/02/2006|16:21] C:\DOCUME~1\Papa\APPLIC~1\Identities
[19/02/2006|18:04] C:\DOCUME~1\Papa\APPLIC~1\Macromedia
[09/03/2009|09:20] C:\DOCUME~1\Papa\APPLIC~1\Microsoft
[15/07/2007|18:34] C:\DOCUME~1\Papa\APPLIC~1\Nikon
[26/04/2009|15:02] C:\DOCUME~1\Papa\APPLIC~1\Sun

[23/02/2006|17:10] C:\DOCUME~1\Solange\APPLIC~1\ACD Systems
[11/12/2008|14:02] C:\DOCUME~1\Solange\APPLIC~1\Adobe
[24/07/2009|13:27] C:\DOCUME~1\Solange\APPLIC~1\AdobeUM
[25/05/2006|18:49] C:\DOCUME~1\Solange\APPLIC~1\Ahead
[19/02/2006|18:14] C:\DOCUME~1\Solange\APPLIC~1\ATI
[26/06/2006|19:29] C:\DOCUME~1\Solange\APPLIC~1\COWON
[04/07/2006|09:34] C:\DOCUME~1\Solange\APPLIC~1\FotoWire
[06/06/2007|10:26] C:\DOCUME~1\Solange\APPLIC~1\Google
[02/01/2008|22:27] C:\DOCUME~1\Solange\APPLIC~1\Help
[19/02/2006|18:13] C:\DOCUME~1\Solange\APPLIC~1\Identities
[26/02/2006|12:27] C:\DOCUME~1\Solange\APPLIC~1\Macromedia
[12/04/2009|19:21] C:\DOCUME~1\Solange\APPLIC~1\Microsoft
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mostick
[17/11/2008|13:55] C:\DOCUME~1\Solange\APPLIC~1\Mozilla
[12/05/2007|14:59] C:\DOCUME~1\Solange\APPLIC~1\MSNInstaller
[17/07/2007|09:13] C:\DOCUME~1\Solange\APPLIC~1\Nikon
[18/03/2007|13:57] C:\DOCUME~1\Solange\APPLIC~1\Screenshot Sender
[20/12/2007|18:11] C:\DOCUME~1\Solange\APPLIC~1\Sun
[05/10/2007|18:45] C:\DOCUME~1\Solange\APPLIC~1\The Rasmus Player

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/11/2009 17:31][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{CFF12CB8-BE2A-4694-B3D7-D08A5CFF598D}.job
[23/10/2009 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[19/02/2006 17:18][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[11/11/2009 15:07][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[19/02/2006|16:54] C:\Program Files\ACD Systems
[19/02/2006|16:48] C:\Program Files\Adobe
[19/02/2006|16:50] C:\Program Files\Ahead
[15/07/2007|18:30] C:\Program Files\ArcSoft
[19/02/2006|16:34] C:\Program Files\ATI Technologies
[17/04/2007|19:10] C:\Program Files\CCleaner
[05/11/2009|10:46] C:\Program Files\Cirle Developement
[19/02/2006|16:28] C:\Program Files\C-Media 3D Audio
[19/02/2006|16:12] C:\Program Files\ComPlus Applications
[19/02/2006|17:21] C:\Program Files\CyberLink
[19/02/2006|16:55] C:\Program Files\D-Tools
[06/09/2009|15:03] C:\Program Files\EA GAMES
[13/04/2009|09:03] C:\Program Files\Fichiers communs
[26/04/2009|15:36] C:\Program Files\Google
[26/03/2009|20:35] C:\Program Files\Hewlett-Packard
[26/03/2009|20:32] C:\Program Files\HP
[16/07/2008|15:17] C:\Program Files\InstallShield Installation Information
[14/10/2009|09:59] C:\Program Files\Internet Explorer
[26/04/2009|15:03] C:\Program Files\Java
[20/02/2006|08:39] C:\Program Files\JetAudio
[19/02/2006|17:23] C:\Program Files\Lavasoft
[19/02/2006|17:04] C:\Program Files\LHSP
[20/02/2006|19:04] C:\Program Files\Livecom
[01/01/2009|20:19] C:\Program Files\ma-config.com
[08/03/2009|19:27] C:\Program Files\Messenger
[05/11/2009|10:46] C:\Program Files\Messenger Plus! Live
[06/03/2009|17:46] C:\Program Files\Microsoft
[27/03/2009|18:58] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/02/2006|16:16] C:\Program Files\microsoft frontpage
[19/02/2006|16:57] C:\Program Files\Microsoft Office
[29/09/2009|19:39] C:\Program Files\Microsoft Office Outlook Connector
[30/09/2009|11:57] C:\Program Files\Microsoft Silverlight
[06/03/2009|17:40] C:\Program Files\Microsoft SQL Server Compact Edition
[06/03/2009|17:41] C:\Program Files\Microsoft Sync Framework
[19/02/2006|16:57] C:\Program Files\Microsoft.NET
[19/02/2006|17:17] C:\Program Files\Movie Maker
[08/08/2009|12:21] C:\Program Files\MSBuild
[19/02/2006|19:17] C:\Program Files\MSN
[19/02/2006|19:38] C:\Program Files\MSN Apps
[19/02/2006|16:12] C:\Program Files\MSN Gaming Zone
[15/07/2007|18:35] C:\Program Files\MSXML 4.0
[08/08/2009|12:17] C:\Program Files\MSXML 6.0
[19/02/2006|16:14] C:\Program Files\NetMeeting
[15/07/2007|18:33] C:\Program Files\Nikon
[21/08/2009|14:00] C:\Program Files\Norton Security Scan
[19/02/2006|17:09] C:\Program Files\ObjectDock
[19/02/2006|16:12] C:\Program Files\Online Services
[20/04/2009|18:16] C:\Program Files\OrangeHSS
[13/08/2009|12:26] C:\Program Files\Outlook Express
[02/01/2009|10:38] C:\Program Files\QuickTime
[08/08/2009|12:20] C:\Program Files\Reference Assemblies
[19/02/2006|17:14] C:\Program Files\RegCleaner
[19/02/2006|17:09] C:\Program Files\RK Launcher
[27/02/2006|17:21] C:\Program Files\SAGEM
[27/02/2006|17:21] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[24/11/2008|15:00] C:\Program Files\Securitoo
[19/02/2006|16:15] C:\Program Files\Services en ligne
[19/02/2006|17:11] C:\Program Files\Symantec
[19/02/2006|17:11] C:\Program Files\Symantec Client Security
[19/02/2006|16:21] C:\Program Files\Uninstall Information
[19/02/2006|16:40] C:\Program Files\VIA Technologies, Inc
[27/02/2006|17:25] C:\Program Files\Wanadoo Messager
[29/09/2009|19:38] C:\Program Files\Windows Live
[06/03/2009|17:38] C:\Program Files\Windows Live SkyDrive
[12/02/2007|20:43] C:\Program Files\Windows Media Connect 2
[12/03/2007|08:07] C:\Program Files\Windows Media Player
[19/02/2006|17:17] C:\Program Files\Windows NT
[19/02/2006|16:15] C:\Program Files\WindowsUpdate
[19/02/2006|17:17] C:\Program Files\WinRAR
[05/09/2009|10:57] C:\Program Files\World of Warcraft
[19/02/2006|16:16] C:\Program Files\xerox
[26/02/2006|12:27] C:\Program Files\Yahoo!
[19/02/2006|17:09] C:\Program Files\YzShadow

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[19/02/2006|16:54] C:\Program Files\Fichiers communs\ACD Systems
[19/02/2006|16:48] C:\Program Files\Fichiers communs\Adobe
[19/02/2006|16:50] C:\Program Files\Fichiers communs\Ahead
[15/04/2009|11:56] C:\Program Files\Fichiers communs\Blizzard Entertainment
[19/02/2006|16:57] C:\Program Files\Fichiers communs\DESIGNER
[24/11/2008|14:57] C:\Program Files\Fichiers communs\France Telecom
[19/02/2006|16:34] C:\Program Files\Fichiers communs\InstallShield
[20/12/2007|18:09] C:\Program Files\Fichiers communs\Java
[19/02/2006|17:05] C:\Program Files\Fichiers communs\L&H Shared
[16/07/2007|20:13] C:\Program Files\Fichiers communs\Logitech
[08/03/2009|19:23] C:\Program Files\Fichiers communs\Microsoft Shared
[19/02/2006|16:14] C:\Program Files\Fichiers communs\MSSoap
[15/07/2007|18:33] C:\Program Files\Fichiers communs\muvee Technologies
[15/07/2007|18:34] C:\Program Files\Fichiers communs\Nikon
[20/02/2006|00:03] C:\Program Files\Fichiers communs\ODBC
[19/02/2006|16:14] C:\Program Files\Fichiers communs\Services
[20/02/2006|00:03] C:\Program Files\Fichiers communs\SpeechEngines
[11/11/2009|15:08] C:\Program Files\Fichiers communs\Symantec Shared
[29/09/2009|19:39] C:\Program Files\Fichiers communs\System
[06/03/2009|17:28] C:\Program Files\Fichiers communs\Windows Live
[16/04/2008|16:31] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 66 Processes )

iexplore.exe ~ [PID:1484]
iexplore.exe ~ [PID:3684]
iexplore.exe ~ [PID:360]
iexplore.exe ~ [PID:5768]
iexplore.exe ~ [PID:4532]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\Solange\LOCALS~1\Temp\nsi9B.tmp
C:\DOCUME~1\Solange\Cookies\solange@advertstream[2].txt
C:\DOCUME~1\Solange\Cookies\solange@advertising[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-11 17:45:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Solange\LOCALS~1\APPLIC~1\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 1087 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Solange\Local Settings\Temporary Internet Files\Content.IE5\DPWJA753\mobifun_MBFII_AGR_CrackBonky_728x90_051109[1].gif


[F:92][D:14]-> C:\DOCUME~1\Solange\LOCALS~1\Temp
[F:311][D:0]-> C:\DOCUME~1\Solange\Cookies
[F:14926][D:23]-> C:\DOCUME~1\Solange\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 11/11/2009|12:55 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 11/11/2009|15:25 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 11/11/2009|17:52 - Option : [1]

--------------------\\ Fin du rapport a 17:52:10
0
Utilisateur anonyme
11 nov. 2009 à 17:58
C'est un nouveau rapport Hijackthis que je t'ai demandé, pas un rapport LOP
0
Réponse 6 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 18:08
Pardon :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:00, on 11/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
H:\dist\win32\Apps\xulrunner\xulrunner.exe
H:\dist\win32\Apps\Cafe\cafe.exe
H:\dist\win32\Apps\PortableOpenOffice\openoffice\program\soffice.exe
H:\dist\win32\Apps\PortableOpenOffice\openoffice\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Solange\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1A26F07F-0D60-4835-91CF-1E1766A0EC56} - http://scanner2.malware-scan.com/setup/webinst_fr.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Client Firewall Configuration (CfgWzSvc) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
0
Utilisateur anonyme
11 nov. 2009 à 18:10
Télécharge malwarebytes' anti-malware
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
Enregistre le sur le bureau
Double-clique sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation
Si la pare-feu demande l'autorisation de se connecter pour malwarebytes, accepte
Il va se mettre à jour une fois faite
Va dans l'onglet recherche
Sélectionne exécuter un examen complet
Clique sur rechercher
Le scan démarre
A la fin de l'analyse, le message s'affiche: L'examen s'est terminé normalement.
Clique sur afficher les résultats pour afficher les objets trouvés
Clique sur OK pour pousuivre
Si des malwares ont été détectés, cliquer sur afficher les résultats
Sélectionne tout (ou laisser coché)
Clique sur supprimer la sélection
Malwarebytes va détruire les fichiers et les clés de registre et en mettre une
copie dans la quarantaine
Malewarebytes va ouvrir le bloc-note et y copier le rapport
Redémarre le PC
Une fois redémarré, double-clique sur Malewarebytes
Va dans l'onglet rapport/log
Clique dessus pour l'afficher une fois affiché, cliquer sur édition en haut du
bloc-note puis sur sélectionner tout
Revient sur édition, puis sur copier et revient sur le forum et dans ta réponse
Clic droit dans le cadre de la réponse et coller
0
Réponse 7 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
11 nov. 2009 à 18:57
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3147
Windows 5.1.2600 Service Pack 2

11/11/2009 18:47:34
mbam-log-2009-11-11 (18-47-34).txt

Type de recherche: Examen rapide
Eléments examinés: 135804
Temps écoulé: 18 minute(s), 17 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{7543fbd5-2279-4d03-8f29-eb21531fa2fe} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update loader (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\Solange\LOCALS~1\Temp\services.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Utilisateur anonyme
11 nov. 2009 à 22:25
il faut vider la quarantaine de Malwarebytes
0
Réponse 8 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
12 nov. 2009 à 21:20
Bonsoir,

J'ai vidé la quarantaine et voici mon rapport de Malwarebytes :

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 2

12/11/2009 21:09:47
mbam-log-2009-11-12 (21-09-47).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 205980
Temps écoulé: 1 hour(s), 8 minute(s), 19 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Utilisateur anonyme
12 nov. 2009 à 21:23
Peux tu me refaire un hijackthis
0
Réponse 9 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
12 nov. 2009 à 21:30
Voilà mon hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:09, on 12/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Client Firewall Configuration (CfgWzSvc) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
0
Réponse 10 / 16
Utilisateur anonyme
12 nov. 2009 à 21:39
le rapport est propre
souhaites tu que Windows Live Messenger se toujours au démarrage ?
0
Réponse 11 / 16
Utilisateur anonyme
12 nov. 2009 à 21:51
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe





Relance Hijackthis
Clique sur do a system scan only
Coche les lignes que je t'indique en gras
Clique sur fix checked
Redémarre le PC


Il faut nettoyer le outils de désinfection:

* Télécharge ToolsCleaner2 sur ton Bureau
https://www.commentcamarche.net/telecharger/
* Double-clique sur ToolsCleaner2.exe pour le lancer.
* Clique sur Recherche et laisse le scan agir.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options Facultatives.
* Clique sur Quitter pour obtenir le rapport.
* Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

supprime toolscleaner2 manuellement


*Désactive ta restauration pour supprimer les points de restauration infectés:

Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Coche la case désactiver la restauration Clique sur appliquer, puis sur OK
---> Redémarre ton PC ...

*Réactive ta restauration :
Clique droit sur Poste de travail, clique sur Propriétés, puis sur Restauration système Décoche la case désactiver la restauration Clique sur appliquer, puis sur OK
--->Redémarre ton PC ...

( Note : tu peux aussi y accéder via panneau de configuration->" système "->" restauration système " ).

Créer un point de restauration propre manuellement:
Démarrer, Programmes
Va dans accèssoires, et dans outils système
Sélectionne restauration système
Clique sur suivant
Entre la date du point de restauration que tu veux créer
Clique sur créer, et le point de restauration se crée automatiquement


Un dernier petit nettoyage pour ton PC:

Télécharge C Cleaner Slim
* Enregistre le sur le Bureau
* Double-clique sur le fichier pour lancer l'installation
* Sur la fenêtre de l'installation langage bien choisir français et OK
* Clique sur suivant
* Lit la licence, et clique sur j'accepte
* Clique sur suivant, sur installer, puis sur fermer
* Double-clique sur l'icône de C Cleaner pour l'ouvrir
* Clique sur option, et puis avancé
* Tu décoches effacer uniquement les fichiers du dossier temp de windows plus vieux que 48 heures
* Clique sur nettoyeur
* Clique sur windows, et dans la colonne avancé
* Coche la première case vieilles données du perfetch que celle-là, ce qui te donnes la case vieilles données du perfetch et la case avancé qui c'est coché automatiquement mais que celle-là
* Clique sur analyser
*Clique sur nettoyer et sur la demande de confirmation OK. Tu recommences jusqu'à ce que C Cleaner ne trouve plus rien
* Clique maintenant sur registre et puis sur chercher les erreurs
* Laisse tout coché, et clique sur corriger les erreurs sélectionnées
*Il te demande de sauvegarder OUI
*Tu lui donnes un nom pour pouvoir la retrouver et enregistre
* Clique sur chercher les erreurs sélectionnées et sur la demande de confirmation OK
* Il supprime, et fermer, tu vérifies en relançant chercher les erreurs
*Tu retournes dans options, et tu recoches la case effacer uniquement les fichiers, du dossier temps de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du prefetch
* Tu peux fermer C Cleaner


Ton Windows n'est pas à jour, il comporte des failles de sécurité
Installe le SP3 pour Windows XP
http://www.microsoft.com/windows/products/windowsxp/sp3/default.mspx

Pense à garder à jour tes logiciels et Windows, c'est important
0
Réponse 12 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
13 nov. 2009 à 15:51
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\lopR.txt: trouvé !
C:\Lop SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Solange\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Solange\Local Settings\Temporary Internet Files\Content.IE5\T1KFT98Z\hijackthis.log: trouvé !
C:\Documents and Settings\Solange\Mes documents\LopSD.exe: trouvé !
C:\Lop SD\catchme.exe: trouvé !
C:\Lop SD\catchme.log: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Solange\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Solange\Mes documents\LopSD.exe: supprimé !
C:\Lop SD\catchme.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\lopR.txt: supprimé !
C:\Documents and Settings\Solange\Local Settings\Temporary Internet Files\Content.IE5\T1KFT98Z\hijackthis.log: supprimé !
C:\Lop SD\catchme.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
0
Utilisateur anonyme
13 nov. 2009 à 16:20
bonjour,
tu fait la suite après
0
Réponse 13 / 16
rx4
13 nov. 2009 à 16:51
slt telecharge adblock plus
0
Réponse 14 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
13 nov. 2009 à 16:58
J'ai téléchargé CCleaner Slim et je viens de faire tout ce que tu m'as dit
Voilà mon rapport Hijackthis, quoi que je ne sais pas si ça va te servir :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:06, on 13/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec Client Firewall Configuration (CfgWzSvc) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\CfgWzSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
0
Utilisateur anonyme
13 nov. 2009 à 23:22
je n'avais pas demandé de rapport hijackthis
il faut mettre à jour ton Windows, je t'ai donné le lien pour installer le service pack 3
0
Réponse 15 / 16
Braguet-X Messages postés 12 Date d'inscription dimanche 8 novembre 2009 Statut Membre Dernière intervention 14 novembre 2009
14 nov. 2009 à 17:38
Ok, merci beaucoup pour ton aide =D
0
Réponse 16 / 16
rionetta Messages postés 1 Date d'inscription vendredi 2 novembre 2012 Statut Membre Dernière intervention 2 novembre 2012
2 nov. 2012 à 09:40
Bonjour ,
Voici mon rapport :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz )
BIOS : BIOS Date: 04/21/08 11:00:40 Ver: 5.23
USER : m.schnee-gamot ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Trend Micro Security Agent 17.0 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:164 Go)
D:\ (CD or DVD)
G:\ (Network Disk) - NTFS - Total:187 Go (Free:116 Go)
H:\ (Network Disk) - NTFS - Total:465 Go (Free:94 Go)
I:\ (Network Disk) - NTFS - Total:465 Go (Free:413 Go)
K:\ (Network Disk) - NTFS - Total:189 Go (Free:158 Go)
L:\ (Network Disk) - NTFS - Total:465 Go (Free:94 Go)
P:\ (Network Disk) - NTFS - Total:187 Go (Free:116 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/11/2012| 9:21 )

--------------------\\ Listing des dossiers dans APPLIC~1

[22/07/2008|13:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[22/07/2008|11:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[22/07/2008|15:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[22/07/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\OfficeUpdate12
[22/07/2008|02:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[22/07/2008|15:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc

[22/07/2008|11:12] C:\DOCUME~1\ADMINI~2.MAI\APPLIC~1\Identities
[06/03/2009|14:53] C:\DOCUME~1\ADMINI~2.MAI\APPLIC~1\Microsoft
[22/07/2008|02:29] C:\DOCUME~1\ADMINI~2.MAI\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\ADMINI~2.MAI\APPLIC~1\Sun

[22/07/2008|11:12] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Identities
[16/06/2010|11:00] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Media Player Classic
[16/06/2010|08:44] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Microsoft
[22/07/2008|02:29] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\ADMINI~1.000\APPLIC~1\Sun

[22/07/2008|11:12] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Identities
[22/07/2008|02:25] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Microsoft
[22/07/2008|02:29] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\ADMINI~1.MAI\APPLIC~1\Sun

[26/01/2011|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[18/09/2012|11:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\188F1432-103A-4ffb-80F1-36B633C5C9E1
[01/08/2008|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[05/11/2011|09:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2011|10:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/01/2011|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/05/2012|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[04/05/2011|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[22/07/2008|09:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[20/01/2009|13:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/10/2012|15:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/05/2012|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[22/07/2008|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[28/08/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[25/04/2012|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Research In Motion
[22/07/2008|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[11/02/2011|10:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sun
[21/05/2011|10:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro
[22/07/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[21/01/2012|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindSolutions

[04/09/2008|07:55] C:\DOCUME~1\BIBLIO~1\APPLIC~1\Adobe
[07/01/2009|10:42] C:\DOCUME~1\BIBLIO~1\APPLIC~1\dvdcss
[22/07/2008|11:12] C:\DOCUME~1\BIBLIO~1\APPLIC~1\Identities
[27/08/2008|15:16] C:\DOCUME~1\BIBLIO~1\APPLIC~1\Macromedia
[05/09/2008|10:26] C:\DOCUME~1\BIBLIO~1\APPLIC~1\Microsoft
[08/08/2008|16:00] C:\DOCUME~1\BIBLIO~1\APPLIC~1\ntr
[22/07/2008|02:29] C:\DOCUME~1\BIBLIO~1\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\BIBLIO~1\APPLIC~1\Sun
[08/08/2008|12:58] C:\DOCUME~1\BIBLIO~1\APPLIC~1\vlc

[22/07/2008|11:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/06/2012|08:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/07/2008|02:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[07/01/2010|10:06] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Adobe
[22/01/2010|10:52] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\dvdcss
[22/07/2008|11:12] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Identities
[20/01/2009|13:54] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Macromedia
[29/05/2010|08:53] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Microsoft
[21/01/2010|17:48] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Mozilla
[04/02/2010|17:42] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\ntr
[22/07/2008|02:29] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\Sun
[04/06/2009|15:24] C:\DOCUME~1\FF78B~1.PRU\APPLIC~1\vlc

[17/06/2010|13:47] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Adobe
[26/01/2011|10:07] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Apple Computer
[03/05/2011|13:20] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Brother
[16/06/2010|10:10] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\dvdcss
[22/07/2008|11:12] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Identities
[17/06/2010|08:36] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Macromedia
[16/06/2010|11:03] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Media Player Classic
[21/05/2011|10:19] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Microsoft
[16/06/2010|15:51] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Mozilla
[22/07/2008|02:29] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\Sun
[16/06/2010|10:56] C:\DOCUME~1\FPRUNI~1.MAI\APPLIC~1\vlc

[22/07/2008|11:12] C:\DOCUME~1\INFORM~1\APPLIC~1\Identities
[22/07/2008|02:25] C:\DOCUME~1\INFORM~1\APPLIC~1\Microsoft
[22/07/2008|02:29] C:\DOCUME~1\INFORM~1\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\INFORM~1\APPLIC~1\Sun

[26/01/2011|10:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Apple Computer
[07/07/2010|08:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[22/07/2008|11:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[19/05/2011|13:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Trend Micro

[03/11/2011|15:13] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Adobe
[24/02/2012|09:37] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Apple Computer
[25/05/2011|12:49] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Brother
[09/08/2012|10:01] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\dvdcss
[24/08/2012|11:04] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\gcstar
[12/10/2012|14:09] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\gtk-2.0
[08/11/2011|10:09] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Help
[22/07/2008|11:12] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Identities
[24/05/2011|13:55] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Macromedia
[05/08/2011|13:44] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Media Player Classic
[25/04/2012|12:12] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Microsoft
[24/05/2011|13:51] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Mozilla
[25/04/2012|08:55] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Research In Motion
[22/07/2008|02:29] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\SiteAdvisor
[22/07/2008|02:23] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\Sun
[24/08/2012|11:15] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\System
[14/06/2011|10:48] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\TeamViewer
[09/08/2012|10:09] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\vlc
[21/01/2012|13:20] C:\DOCUME~1\M7043~1.SCH\APPLIC~1\WindSolutions

[06/01/2012|15:18] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple Computer
[22/11/2011|09:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\McAfee
[22/07/2008|11:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[02/11/2012 09:11][--a------] C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[02/11/2012 09:03][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{411DC663-76AA-4C25-BDC9-046C9911235B}.job
[02/11/2012 09:21][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{209FC921-1C00-4B14-8307-7E2D06EE68AB}.job
[26/10/2012 13:52][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/11/2012 09:20][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{DCFD1529-58F2-4CE2-ADA8-E3D4EA482C4C}.job
[02/11/2012 09:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02/03/2006 03:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[22/07/2008|13:28] C:\Program Files\7-Zip
[02/11/2011|09:51] C:\Program Files\Adobe
[04/08/2011|08:33] C:\Program Files\Apple Software Update
[06/01/2012|15:17] C:\Program Files\Bonjour
[08/06/2012|15:19] C:\Program Files\Brother
[02/11/2010|10:42] C:\Program Files\ClicApi13
[22/07/2008|11:12] C:\Program Files\ComPlus Applications
[22/07/2008|13:45] C:\Program Files\FastStone Image Viewer
[23/10/2012|10:08] C:\Program Files\Fichiers communs
[11/06/2011|14:16] C:\Program Files\GIMP-2.0
[23/10/2012|13:00] C:\Program Files\Google
[22/07/2008|02:29] C:\Program Files\Hewlett-Packard
[03/05/2011|10:15] C:\Program Files\InstallShield Installation Information
[22/09/2012|16:47] C:\Program Files\Internet Explorer
[24/08/2012|09:38] C:\Program Files\Intuisphere
[24/08/2012|16:46] C:\Program Files\Iolo
[18/09/2012|11:38] C:\Program Files\iPod
[18/09/2012|11:39] C:\Program Files\iTunes
[30/04/2011|08:14] C:\Program Files\Java
[04/05/2011|14:35] C:\Program Files\ma-config.com
[24/08/2012|12:33] C:\Program Files\Mediathek
[25/08/2011|13:34] C:\Program Files\Microsoft Analysis Services
[22/07/2008|11:12] C:\Program Files\microsoft frontpage
[25/08/2011|13:41] C:\Program Files\Microsoft Office
[25/08/2011|13:41] C:\Program Files\Microsoft.NET
[13/08/2010|11:02] C:\Program Files\Movie Maker
[27/10/2012|14:20] C:\Program Files\Mozilla Firefox
[30/10/2012|09:00] C:\Program Files\Mozilla Maintenance Service
[27/05/2009|17:03] C:\Program Files\MSBuild
[22/07/2008|11:12] C:\Program Files\MSN
[22/07/2008|11:12] C:\Program Files\MSN Gaming Zone
[27/05/2009|17:00] C:\Program Files\MSXML 6.0
[30/05/2009|16:35] C:\Program Files\NetMeeting
[04/02/2010|15:26] C:\Program Files\NTR global
[24/06/2011|09:22] C:\Program Files\opsys
[15/12/2010|18:31] C:\Program Files\Outlook Express
[16/08/2012|16:42] C:\Program Files\QuickTime
[22/07/2008|02:24] C:\Program Files\Realtek
[16/06/2010|11:00] C:\Program Files\Recode Media
[27/05/2009|17:03] C:\Program Files\Reference Assemblies
[25/04/2012|08:49] C:\Program Files\Research In Motion
[11/06/2011|14:45] C:\Program Files\Scribus 1.3.3.14
[22/07/2008|11:12] C:\Program Files\Services en ligne
[19/05/2011|13:05] C:\Program Files\Trend Micro
[23/10/2012|10:44] C:\Program Files\TUTO4PC
[22/07/2008|11:12] C:\Program Files\Uninstall Information
[09/08/2012|10:00] C:\Program Files\VideoLAN
[25/09/2009|17:00] C:\Program Files\Windows Media Connect 2
[25/09/2009|17:00] C:\Program Files\Windows Media Player
[30/05/2009|16:34] C:\Program Files\Windows NT
[22/07/2008|11:12] C:\Program Files\WindowsUpdate
[22/07/2008|11:12] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[02/11/2011|09:51] C:\Program Files\Fichiers communs\Adobe
[18/09/2012|11:38] C:\Program Files\Fichiers communs\Apple
[14/06/2011|10:52] C:\Program Files\Fichiers communs\Borland Shared
[03/05/2011|10:13] C:\Program Files\Fichiers communs\Brother
[25/08/2011|13:41] C:\Program Files\Fichiers communs\DESIGNER
[31/05/2012|10:20] C:\Program Files\Fichiers communs\EPSON
[03/05/2011|10:12] C:\Program Files\Fichiers communs\InstallShield
[30/04/2011|08:15] C:\Program Files\Fichiers communs\Java
[25/08/2011|13:48] C:\Program Files\Fichiers communs\Microsoft Shared
[22/07/2008|11:12] C:\Program Files\Fichiers communs\MSSoap
[22/07/2008|11:12] C:\Program Files\Fichiers communs\ODBC
[23/10/2012|10:09] C:\Program Files\Fichiers communs\Research In Motion
[22/07/2008|11:12] C:\Program Files\Fichiers communs\Services
[22/07/2008|11:12] C:\Program Files\Fichiers communs\SpeechEngines
[30/05/2009|16:34] C:\Program Files\Fichiers communs\System
[23/10/2012|10:09] C:\Program Files\Fichiers communs\XCPCSync.OEM

--------------------\\ Process

( 46 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-02 09:23:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\M7043~1.SCH\Mes documents\Ma musique\iTunes\iTunes Media\Music\Compilations\R & B Spotlight '59 [Disc 2}\2-06 Crackin' Up.mp3


[F:2916][D:454]-> C:\DOCUME~1\M7043~1.SCH\LOCALS~1\Temp
[F:71][D:0]-> C:\DOCUME~1\M7043~1.SCH\Cookies
[F:5724][D:9]-> C:\DOCUME~1\M7043~1.SCH\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 02/11/2012| 9:32 - Option : [1]

--------------------\\ Fin du rapport a 9:32:57
0

Discussions similaires

Comment désactiver le mode sécurisé de la Freebox POP.
Cycy -
munstef676 -

11 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Faux virus Pop up Mcafee
Pascal11300 -
bazfile -

12 réponses
Que pensez-vous de McAfee? besoin d'avis?
anastazia60 -
Mobilsat -

31 réponses
Comment lire un DVD avec un pop-up mobile external DVD-RW
Anna -
Anna -

2 réponses