Aller au contenu

crackers56

Membres
  • Compteur de contenus

    17
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

crackers56's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Merci Falkra pour tes lumières et surtout pour toute l'aide que tu m'as apporté pour ma désinfection. A présent j'en sais un peu plus sur la sécurité en informatique(sans pour autant être devenu un expert...) je vais tâcher d'être prudent sur la toile et de ne pas comettre trop d'erreurs. Merci encore et à présent je vais modifier le titre de mon "appel au secours" en métant "résolu" Peut-être à l'avenir, je referais appel à toi pour d'autres questions si je suis à nouveau perdu!!! CIAO A+
  2. Bsr Falkra, effectivement pas cool, en fait j'ai acheté XP Pro 64 sur les conseilles d'un ami et j'ai donc acheté ce logiciel chez LDLC.com. Donc tu me confirmes qu'en installant XP Pro 64, je risque fort d'être embêté pour utiliser certains programmes!!! Et du coup je suis coincé avec ce logiciel...bon ça, c'est fait. Au fait, j'ai installé COMODO et ça fonctionne,j'ai utilisé le tuto que tu m'avais mis en lien pour l'installer et le paramêtrer. Par contre j'utilise une Box de chez NEUF(la trio 3D), elle fait office de routeur et appriori aussi de par feu!!! Est ce que celà est compatible avec un firewall? Si oui, le fait de tourner avec un firewall et un routeur, augmente t-il la protection de l'ordi? Cela fait encore beaucoup de questions que je te pose, merci encore de prendre du temps pour y répondre. Par contre je n'ai pas fini de lire ta documentation sur les infections et les moyens de les éviter et il me reste aussi à maintenir l'ensemble de mon système à jour avec les deux outils que tu a mis en lien. Tu vois il me reste encore du boulot à faire Bonne nuit, A+
  3. Bonjour Falkra, cela fait longtemps que je ne suis pas venu sur Zebulon mais j'ai été très occupé la semaine dernière... Par rapport aux "cracks et keygens", lorsque j'ai réalisé la config de mon ordi, j'avais acheté "XP PRO" 64 bits (mon processeur est un 64 bits) mais il m'a été impossible de l'installer car au moment d'installer les différent pilotes, à chaque fois l'installation échouait, et cela à maintes reprises. Nous en avons pensé que c'était dù a l'incompatibilité des pilotes avec XP PRO 64 bits, et nous avons un XP PRO de "la coccinelle" qui actuellement tourne avec un keygens pour avoir les mises à jours de WINDOWS. Et je dois dire que ça m'embête quand même d'avoir un logiciel acheté 150,00€ qui reste rangé dans un tiroir. Du coup ma question est, aujourd'hui, puis-je installer XP PRO 64 en allant chercher les pilotes sur les sites officiels des materiels que j'ai installé dans ma config? Et surtout, on me dis que si j'installe XP PRO 64 je risque d'avoir, dans l'avenir, des incompatibilités avec les logiciels que j'installerai. Qu'en pense tu? (PS: Encore merci pour ton aide lors de ma désinfection, à présent mon ordi me semble toutà fait clean).
  4. Bsr Falkra, depuis la derniere action effectuée avec Combofix, je n'ai plus aucun symptôme d'infection. Par contre, j'utilise une souris "Logitech MX Révolution" et parfois, malgré mes déplacements de souris, mon curseur reste immobile par à coups(et cela malgré les mises à jour de chez Logitech) est-ce que ce serait un signe d'infection? Serait-ce le bout du tunnel ??? Dis moi ce que tu en pense, ou reste t-il d'autres actions a mener. En tous cas, je te remerçi de toute l'aide que jusqu'içi tu m'as apporté. Si effectivement mon ordi est à présent clean, pourras tu me renseigner sur les outils préventif que je ppourrais mettre en place afin de ne pas réitérer cette malheureuse mésaventure. Car en effet j'aimerais, si possible, garder mon système hors d'atteinte de ce genre d'attaque. Je dois aussi présiser que j'ai deux enfants qui vont, pour l'un sur des sites de jeu en ligne(ex: jeux.fr), et pour l'autre, voir des clips de musique. Es-ce que ceçi explique cela... En tous cas je reste dans l'attente de tes lumières.
  5. Bjr Falkra, voiçi le rapport de Combofix lancé avec le fichier texte que tu m'a envoyé: ComboFix 08-08-17.01 - BRUNO 2008-08-18 18:44:10.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.593 [GMT 2:00] Endroit: C:\Documents and Settings\BRUNO\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\BRUNO\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\DOCUME~1\BRUNO\LOCALS~1\Temp\2008815225727_mcinfo.exe C:\Program Files\trcjgaf\appdbset.dll C:\WINDOWS\system32\ivczyxup.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\BRUNO\UserData C:\Documents and Settings\BRUNO\UserData\0UT2G47G\oWindowsUpdate[1].xml C:\Documents and Settings\BRUNO\UserData\index.dat C:\Program Files\qlztrmc C:\Program Files\qlztrmc\ComMnt.dll C:\Program Files\trcjgaf C:\Program Files\trcjgaf\appdbset.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SETUPNTGLM7X -------\Service_SetupNTGLM7X ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-18 to 2008-08-18 )))))))))))))))))))))))))))))))))))) . 2008-08-18 18:48 . 2008-08-18 18:48 <REP> d-------- C:\WINDOWS\LastGood 2008-08-18 18:48 . 2008-04-14 04:33 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLD48.tmp 2008-08-18 18:48 . 2008-04-14 04:31 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD51.tmp 2008-08-18 18:48 . 2008-04-14 04:33 188,480 --a--c--- C:\WINDOWS\system32\dllcache\OLD54.tmp 2008-08-18 18:48 . 2008-04-14 04:33 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD45.tmp 2008-08-18 18:48 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD4B.tmp 2008-08-18 18:48 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD3F.tmp 2008-08-18 18:48 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD4E.tmp 2008-08-18 18:48 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD42.tmp 2008-08-17 23:44 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll 2008-08-17 23:44 . 2008-05-01 16:36 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll 2008-08-12 00:32 . 2008-08-12 00:32 <REP> d-------- C:\Documents and Settings\BRUNO\Application Data\Malwarebytes 2008-08-12 00:32 . 2008-08-12 00:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-12 00:32 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-12 00:32 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-11 01:41 . 2008-08-15 21:58 <REP> d-------- C:\Lop SD 2008-08-08 19:26 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD3C.tmp 2008-08-07 22:35 . 2008-04-14 04:33 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLD27.tmp 2008-08-07 22:35 . 2008-04-14 04:31 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD30.tmp 2008-08-07 22:35 . 2008-04-14 04:33 188,480 --a--c--- C:\WINDOWS\system32\dllcache\OLD33.tmp 2008-08-07 22:35 . 2008-04-14 04:31 77,824 --a--c--- C:\WINDOWS\system32\dllcache\OLD36.tmp 2008-08-07 22:35 . 2008-04-14 04:33 47,104 --a--c--- C:\WINDOWS\system32\dllcache\OLD39.tmp 2008-08-07 22:35 . 2008-04-14 04:33 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD24.tmp 2008-08-07 22:35 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD2A.tmp 2008-08-07 22:35 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD1E.tmp 2008-08-07 22:35 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD2D.tmp 2008-08-07 22:35 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD21.tmp 2008-08-07 20:38 . 2007-01-17 00:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2008-08-07 20:38 . 2007-01-17 00:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2008-08-07 20:38 . 2007-01-17 00:22 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles 2008-08-07 20:38 . 2007-01-17 00:11 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents 2008-08-07 20:38 . 2007-01-17 00:11 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer 2008-08-07 20:38 . 2007-01-17 00:11 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris 2008-08-07 20:38 . 2008-08-07 20:50 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau 2008-08-07 20:38 . 2008-08-07 20:38 <REP> d-------- C:\Documents and Settings\Administrateur 2008-08-06 19:21 . 128 C:\WINDOWS\?AAVSCAN-20080806-192123-EEE7AE3E.avp 2008-08-06 17:49 . 2008-08-18 18:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-08-06 17:49 . 2008-08-06 17:49 1,409 --a------ C:\WINDOWS\QTFont.for 2008-08-06 17:47 . 2008-04-14 04:33 842,240 --a--c--- C:\WINDOWS\system32\dllcache\OLD77.tmp 2008-08-06 17:47 . 2008-04-14 04:33 68,608 --a--c--- C:\WINDOWS\system32\dllcache\OLD7D.tmp 2008-08-06 17:47 . 2008-04-14 04:33 13,312 --a--c--- C:\WINDOWS\system32\dllcache\OLD7A.tmp 2008-08-06 17:45 . 2008-04-14 04:33 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLD26.tmp 2008-08-06 17:45 . 2008-04-14 04:33 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD23.tmp 2008-08-06 17:45 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD29.tmp 2008-08-06 17:45 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD1D.tmp 2008-08-06 17:45 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD2C.tmp 2008-08-06 17:45 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD20.tmp 2008-08-03 18:58 . 2008-04-14 04:33 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLDC.tmp 2008-08-03 18:58 . 2008-04-14 04:31 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD15.tmp 2008-08-03 18:58 . 2008-04-14 04:33 188,480 --a--c--- C:\WINDOWS\system32\dllcache\OLD18.tmp 2008-08-03 18:58 . 2008-04-14 04:31 77,824 --a--c--- C:\WINDOWS\system32\dllcache\OLD1B.tmp 2008-08-03 18:58 . 2008-04-14 04:33 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD9.tmp 2008-08-03 18:58 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLDF.tmp 2008-08-03 18:58 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD3.tmp 2008-08-03 18:58 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD6.tmp 2008-08-03 18:58 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD12.tmp 2008-08-02 16:18 . 128 C:\WINDOWS\?‰?aAVSCAN-20080802-161858-127A7C4E.avp 2008-07-31 19:47 . 2008-07-31 19:47 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-30 21:07 . 2008-04-14 04:33 290,816 --a--c--- C:\WINDOWS\system32\dllcache\OLDB.tmp 2008-07-30 21:07 . 2008-04-14 04:31 281,600 --a--c--- C:\WINDOWS\system32\dllcache\OLD14.tmp 2008-07-30 21:07 . 2008-04-14 04:33 188,480 --a--c--- C:\WINDOWS\system32\dllcache\OLD17.tmp 2008-07-30 21:07 . 2008-04-14 04:31 77,824 --a--c--- C:\WINDOWS\system32\dllcache\OLD1A.tmp 2008-07-30 21:07 . 2008-04-14 04:33 43,520 --a--c--- C:\WINDOWS\system32\dllcache\OLD8.tmp 2008-07-30 21:07 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLDE.tmp 2008-07-30 21:07 . 2008-04-14 04:33 20,540 --a--c--- C:\WINDOWS\system32\dllcache\OLD2.tmp 2008-07-30 21:07 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD5.tmp 2008-07-30 21:07 . 2008-04-14 04:33 16,439 --a--c--- C:\WINDOWS\system32\dllcache\OLD11.tmp 2008-07-29 02:56 . 2008-07-29 02:56 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\AdobeUM 2008-07-25 02:08 . 2008-07-25 02:08 <REP> d-------- C:\Program Files\Fichiers communs\xing shared 2008-07-25 02:08 . 2008-07-25 02:08 <REP> d-------- C:\Program Files\Fichiers communs\Real 2008-07-23 04:31 . 2008-07-23 04:31 118 --a------ C:\WINDOWS\system32\MRT.INI 2008-07-21 21:50 . 2008-07-29 19:57 2,608 --a------ C:\WINDOWS\system32\settings.aaw 2008-07-21 21:50 . 2008-07-29 19:57 848 --a------ C:\WINDOWS\system32\history.aaw . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-18 16:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2008-08-16 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-15 20:59 --------- d-----w C:\Program Files\McAfee.com 2008-08-15 20:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com 2008-08-06 18:02 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-07-31 17:49 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2008-07-31 17:49 15,648 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2008-07-31 17:49 12,960 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys 2008-07-31 17:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-20 23:10 --------- d-----w C:\Program Files\Java 2008-07-02 18:21 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{A850D4D9-871B-4234-908D-21C457767270} 2008-07-02 18:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys . ((((((((((((((((((((((((((((( snapshot@2008-08-17_23.39.50.90 ))))))))))))))))))))))))))))))))))))))))) . + 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll + 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe + 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll + 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll + 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll + 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll + 2008-04-23 04:16:39 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll + 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll + 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll + 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll + 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe + 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll + 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll + 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll + 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll + 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll + 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll + 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll + 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll + 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe + 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe + 2008-04-23 04:16:40 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll + 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll + 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll + 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll + 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll + 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll + 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll + 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll + 2008-04-23 04:16:40 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll + 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll + 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll + 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll + 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll - 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll + 2008-06-23 16:28:17 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll + 2008-06-23 16:28:17 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll - 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-06-23 16:28:17 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2008-04-23 04:16:39 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-06-23 16:28:17 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-07-07 20:28:20 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll - 2008-04-23 04:16:39 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-06-23 16:28:17 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll - 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll + 2008-06-23 16:28:17 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll - 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2008-06-23 09:21:30 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2008-06-23 16:28:18 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2008-06-23 16:28:18 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll + 2008-06-21 05:23:54 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll - 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll + 2008-06-23 16:28:18 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll - 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2008-06-23 16:28:18 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll + 2008-06-23 16:28:19 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll - 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll + 2008-06-23 16:28:19 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll - 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll + 2008-06-23 16:28:20 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll - 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe + 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe - 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe + 2008-06-23 09:21:49 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe - 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-06-23 16:28:20 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-06-24 16:44:02 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll - 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll + 2008-06-23 16:28:20 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll - 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll + 2008-06-23 16:28:20 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll - 2008-04-23 20:16:42 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll + 2008-06-24 08:28:24 3,592,192 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll - 2008-04-23 04:16:40 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-06-23 16:28:22 477,696 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2008-04-23 04:16:40 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-06-23 16:28:22 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll - 2008-04-23 04:16:40 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-06-23 16:28:22 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll - 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll + 2008-06-23 16:28:22 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll - 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-06-23 16:28:22 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll + 2008-06-23 16:28:22 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll - 2008-04-23 04:16:40 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll + 2008-06-23 16:28:23 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll - 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll + 2008-06-23 16:28:23 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll - 2008-04-23 04:16:40 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll + 2008-06-23 16:28:23 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll - 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-06-23 16:28:17 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-06-23 16:28:17 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2008-04-14 02:33:24 246,272 ----a-w C:\WINDOWS\system32\es.dll + 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\system32\es.dll - 2008-04-23 04:16:39 133,120 ------w C:\WINDOWS\system32\extmgr.dll + 2008-06-23 16:28:17 133,120 ------w C:\WINDOWS\system32\extmgr.dll - 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll + 2008-06-23 16:28:17 63,488 ----a-w C:\WINDOWS\system32\icardie.dll - 2008-04-22 07:41:08 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe + 2008-06-23 09:21:30 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe - 2008-04-23 04:16:39 153,088 ------w C:\WINDOWS\system32\ieakeng.dll + 2008-06-23 16:28:18 153,088 ------w C:\WINDOWS\system32\ieakeng.dll - 2008-04-23 04:16:39 230,400 ------w C:\WINDOWS\system32\ieaksie.dll + 2008-06-23 16:28:18 230,400 ------w C:\WINDOWS\system32\ieaksie.dll - 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll + 2008-06-21 05:23:54 161,792 ------w C:\WINDOWS\system32\ieakui.dll - 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll + 2008-06-23 16:28:18 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2008-04-23 04:16:39 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll + 2008-06-23 16:28:18 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll - 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll + 2008-06-23 16:28:19 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll - 2008-04-23 04:16:39 44,544 ------w C:\WINDOWS\system32\iernonce.dll + 2008-06-23 16:28:19 44,544 ------w C:\WINDOWS\system32\iernonce.dll - 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll + 2008-06-23 16:28:20 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe - 2008-04-14 02:33:26 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll + 2008-04-11 19:05:22 691,712 ----a-w C:\WINDOWS\system32\inetcomm.dll - 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-06-23 16:28:20 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll - 2008-06-25 16:15:46 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe - 2008-04-14 02:33:30 73,728 ----a-w C:\WINDOWS\system32\mscms.dll + 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\system32\mscms.dll - 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2008-06-23 16:28:20 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll - 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2008-06-23 16:28:20 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll - 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-06-24 08:28:24 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll - 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2008-06-23 16:28:22 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll + 2008-06-23 16:28:22 193,024 ----a-w C:\WINDOWS\system32\msrating.dll - 2008-04-23 04:16:40 671,232 ------w C:\WINDOWS\system32\mstime.dll + 2008-06-23 16:28:22 671,232 ------w C:\WINDOWS\system32\mstime.dll - 2008-04-23 04:16:40 102,912 ------w C:\WINDOWS\system32\occache.dll + 2008-06-23 16:28:22 102,912 ------w C:\WINDOWS\system32\occache.dll - 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-06-23 16:28:22 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll - 2008-04-14 02:34:25 60,416 ------w C:\WINDOWS\system32\tzchange.exe + 2008-07-11 12:42:28 62,976 ------w C:\WINDOWS\system32\tzchange.exe - 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll + 2008-06-23 16:28:22 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll + 2008-06-23 16:28:23 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll - 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll + 2008-06-23 16:28:23 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll - 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll + 2008-06-23 16:28:23 826,368 ----a-w C:\WINDOWS\system32\wininet.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 16:18 94208] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-04 23:57 68856] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2005-08-31 21:27 1658592] "CursorFX"="D:\Program Files\Stardock\CursorFX\CursorFX.exe" [2008-02-20 00:59 418632] "SpybotSD TeaTimer"="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 12:12 90112] "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-21 00:31 266497] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 15:18 267048] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-07-25 02:08 185896] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 10:22 577536 C:\WINDOWS\soundman.exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 04:10 55824 C:\WINDOWS\KHALMNPR.Exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSimpleStartMenu"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 1 (0x1) "NoResolveTrack"= 0 (0x0) "NoResolveSearch"= 0 (0x0) "NoSMMyPictures"= 0 (0x0) "NoStartMenuMFUprogramsList"= 0 (0x0) "NoUserNameInStartMenu"= 0 (0x0) "MaxRecentDocs"= 15 (0xf) "NoInstrumentation"= 0 (0x0) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) "DisallowCpl"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2007-11-15 11:10 72208 c:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\Msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-05-25 01:53] S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 20:45] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 20:45] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\AutoRun\command - F:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da777483-a5ac-11db-ae33-806d6172696f}] \Shell\AutoRun\command - F:\Setup.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' 2008-08-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-18 18:49:07 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\ati2evxx.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\RAXCO\PerfectDisk\PDAgent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\RAXCO\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-18 18:52:55 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-18 16:52:52 ComboFix2.txt 2008-08-17 21:40:06 Pre-Run: 3,745,976,320 octets libres Post-Run: 3,859,738,624 octets libres 406 --- E O F --- 2008-08-18 01:03:10 Et aussi le nouveau rapport de Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:59:36, on 18/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Stardock\CursorFX\CursorFX.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\BRUNO\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CursorFX] "D:\Program Files\Stardock\CursorFX\CursorFX.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE RÉSEAU') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- End of file - 9250 bytes Voilà donc le résultat des courses, à suivre...
  6. Bsr Falkra, depuis que j'ai utilisé MBAM pour effacer les problèmesça a l'air d'aller mieux. Mais comme tu le préconise, je reste sur mes gardes. En fait j'ai peur de faire une bourde qui me ré-infecterait l'ordi. Donc voiçi le rapport du dernier scan de HIJACK: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:27:38, on 17/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Stardock\CursorFX\CursorFX.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe D:\Program Files\Virtualis\CMB.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe D:\PROGRA~1\IZArc\IZArc.exe C:\Documents and Settings\BRUNO\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {748a89c8-2338-4f77-b3bf-fb8f0b3a155c} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {BA77932F-384E-4BA0-A3C0-00E82A9D18AC} - (no file) O2 - BHO: (no name) - {C3936D47-3050-4370-97E8-D46054639ECC} - (no file) O2 - BHO: (no name) - {CBC603FB-E7DC-4879-9DF0-C03FA404BC92} - (no file) O2 - BHO: (no name) - {D08B8170-C067-402C-AC4F-570933501DA2} - (no file) O2 - BHO: (no name) - {E31B361A-5F0A-4081-B310-7F63B6628571} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [msci] C:\DOCUME~1\BRUNO\LOCALS~1\Temp\2008815225727_mcinfo.exe /insfin O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CursorFX] "D:\Program Files\Stardock\CursorFX\CursorFX.exe" O4 - HKCU\..\Run: [syssetact] C:\WINDOWS\system32\ivczyxup.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKLM\..\Policies\Explorer\Run: [01Npug5XNe] C:\Documents and Settings\All Users\Application Data\ubotojir\slwbsjid.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE RÉSEAU') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O21 - SSODL: appdbset - {483759E7-0716-4186-98D2-04F3A56BA479} - C:\Program Files\trcjgaf\appdbset.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- End of file - 10415 bytes Voila, j'attends ton diagnostic. Bonne nuit A+
  7. Et voiçi le rapport après suppression de la liste: Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1056 Windows 5.1.2600 Service Pack 3 22:40:17 15/08/2008 mbam-log-8-15-2008 (22-40-17).txt Type de recherche: Examen rapide Eléments examinés: 73498 Temps écoulé: 25 minute(s), 54 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 12 Fichier(s) infecté(s): 19 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\rhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcahgj0e709 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\rhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\rhcehgj0e709\database.dat (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\license.txt (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\MFC71ENU.DLL (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\rhcehgj0e709.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709\rhcehgj0e709.exe.local (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\blphcahgj0e709.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lphcahgj0e709.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\phcahgj0e709.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pphcahgj0e709.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sysrest.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. Maintenant je vais redémarrer l'ordi... CIAO
  8. Bjr FALKRA, réinfecté comme tu dis, pas cool du tout... Lorsque nous aurons réussi à tout nettoyer, pourras tu me dire comment cela a pus arriver dans de tel proportions et aussi comment empêcher que cela ne se reproduise. En atendant voiçi le rapport de LOP S&D; option 4. --------------------\\ Lop S&D 4.2.2-6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 3 ] [ USER : BRUNO ] [ "C:\Lop SD" ] [ Selection : 4 ] [ 15/08/2008 | 21:56:28,48 ] [ PC : ORDISUPERB ] [ MAJ : 09-08-2008 | 21:15 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript ////////////////////////////////// C:\Documents and Settings\All Users\Application Data\ubotojir C:\WINDOWS\system32\ivczyxup.exe \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// Supprime! - C:\WINDOWS\system32\ivczyxup.exe Supprime! - C:\Documents and Settings\All Users\Application Data\ubotojir Supprime! - C:\DOCUME~1\BRUNO\Cookies\bruno@advertising[2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\bruno@bigpoint[2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][3].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [17/01/2007|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [07/08/2008|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [13/12/2007|11:55] C:\DOCUME~1\ALAN\APPLIC~1\Adobe [05/09/2007|19:48] C:\DOCUME~1\ALAN\APPLIC~1\AdobeUM [17/02/2007|13:35] C:\DOCUME~1\ALAN\APPLIC~1\Ahead [16/04/2008|13:27] C:\DOCUME~1\ALAN\APPLIC~1\Apple Computer [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\ALAN\APPLIC~1\desktop.ini [10/01/2008|19:32] C:\DOCUME~1\ALAN\APPLIC~1\DivX [03/10/2007|14:52] C:\DOCUME~1\ALAN\APPLIC~1\Google [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Identities [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Logitech [20/01/2007|17:24] C:\DOCUME~1\ALAN\APPLIC~1\Macromedia [16/05/2007|10:55] C:\DOCUME~1\ALAN\APPLIC~1\McAfee.com Personal Firewall [17/02/2007|13:36] C:\DOCUME~1\ALAN\APPLIC~1\Media Player Classic [23/12/2007|21:31] C:\DOCUME~1\ALAN\APPLIC~1\Microsoft [25/07/2008|14:14] C:\DOCUME~1\ALAN\APPLIC~1\Real [03/02/2007|16:38] C:\DOCUME~1\ALAN\APPLIC~1\Sun [17/02/2008|04:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib [02/07/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270} [19/01/2007|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html [27/05/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [14/08/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08/02/2008|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [17/01/2007|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/01/2007|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/12/2007|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [12/08/2008|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20/01/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [18/02/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [10/11/2007|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/01/2008|03:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [26/05/2007|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [24/10/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache [19/01/2007|02:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco [26/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [06/08/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/01/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [19/01/2007|01:47] C:\DOCUME~1\BRUNO\APPLIC~1\Adobe [27/05/2008|22:38] C:\DOCUME~1\BRUNO\APPLIC~1\AdobeUM [18/10/2007|17:43] C:\DOCUME~1\BRUNO\APPLIC~1\Ahead [08/02/2008|02:21] C:\DOCUME~1\BRUNO\APPLIC~1\Apple Computer [18/01/2007|23:32] C:\DOCUME~1\BRUNO\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\BRUNO\APPLIC~1\desktop.ini [21/12/2007|01:44] C:\DOCUME~1\BRUNO\APPLIC~1\DivX [03/10/2007|10:59] C:\DOCUME~1\BRUNO\APPLIC~1\Google [10/02/2007|13:32] C:\DOCUME~1\BRUNO\APPLIC~1\Help [17/01/2007|00:40] C:\DOCUME~1\BRUNO\APPLIC~1\Identities [07/12/2007|02:29] C:\DOCUME~1\BRUNO\APPLIC~1\InstallShield [21/01/2008|19:44] C:\DOCUME~1\BRUNO\APPLIC~1\Lavasoft [18/01/2007|23:12] C:\DOCUME~1\BRUNO\APPLIC~1\Logitech [17/01/2007|00:39] C:\DOCUME~1\BRUNO\APPLIC~1\Macromedia [12/08/2008|00:32] C:\DOCUME~1\BRUNO\APPLIC~1\Malwarebytes [03/10/2007|11:06] C:\DOCUME~1\BRUNO\APPLIC~1\McAfee.com Personal Firewall [19/01/2007|02:10] C:\DOCUME~1\BRUNO\APPLIC~1\Media Player Classic [07/02/2008|19:12] C:\DOCUME~1\BRUNO\APPLIC~1\Microsoft [25/07/2008|04:17] C:\DOCUME~1\BRUNO\APPLIC~1\Real [12/08/2008|03:14] C:\DOCUME~1\BRUNO\APPLIC~1\rhcehgj0e709 [26/01/2008|19:56] C:\DOCUME~1\BRUNO\APPLIC~1\SlySoft [19/01/2007|03:41] C:\DOCUME~1\BRUNO\APPLIC~1\Sun [19/01/2007|02:30] C:\DOCUME~1\BRUNO\APPLIC~1\Winamp [09/10/2007|18:35] C:\DOCUME~1\BRUNO\APPLIC~1\XnView [17/01/2007|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [17/01/2007|00:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [19/01/2007|01:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [22/01/2007|14:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/01/2007|00:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [15/08/2008 03:50][--a------] C:\WINDOWS\tasks\SCHEDLGU.TXT [14/08/2008 22:21][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [15/08/2008 20:42][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [17/01/2007|00:38] C:\Program Files\Adobe [14/08/2008|22:50] C:\Program Files\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\Program Files\Apple Software Update [18/01/2007|23:29] C:\Program Files\ATI Technologies [18/01/2007|22:59] C:\Program Files\AvRack [17/01/2007|00:22] C:\Program Files\ComPlus Applications [10/04/2008|03:32] C:\Program Files\DivX [25/04/2008|19:02] C:\Program Files\EA GAMES [31/07/2008|19:47] C:\Program Files\Fichiers communs [17/11/2007|00:52] C:\Program Files\Google [02/07/2008|20:02] C:\Program Files\InstallShield Installation Information [11/06/2008|19:05] C:\Program Files\Internet Explorer [08/02/2008|02:21] C:\Program Files\iPod [08/02/2008|02:21] C:\Program Files\iTunes [21/07/2008|01:10] C:\Program Files\Java [17/01/2007|00:32] C:\Program Files\JEUX [21/01/2008|19:45] C:\Program Files\Lavasoft [18/01/2007|23:10] C:\Program Files\Logitech [18/03/2007|19:19] C:\Program Files\Maxis [19/01/2007|01:10] C:\Program Files\McAfee.com [02/07/2008|19:50] C:\Program Files\Messenger [17/01/2007|00:25] C:\Program Files\microsoft frontpage [26/05/2007|12:25] C:\Program Files\Microsoft Games [17/01/2007|00:36] C:\Program Files\Microsoft Office [29/01/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition [02/07/2008|19:50] C:\Program Files\Movie Maker [29/01/2008|03:01] C:\Program Files\MSECache [02/07/2008|19:50] C:\Program Files\msn [17/01/2007|00:22] C:\Program Files\MSN Gaming Zone [25/01/2007|20:42] C:\Program Files\Nero [02/07/2008|19:48] C:\Program Files\NetMeeting [19/01/2007|01:15] C:\Program Files\Neuf [02/07/2008|19:48] C:\Program Files\Outlook Express [09/12/2007|16:39] C:\Program Files\PDFCreator [12/12/2007|11:58] C:\Program Files\Prophet Soft [23/07/2008|03:51] C:\Program Files\qlztrmc [08/02/2008|02:18] C:\Program Files\QuickTime [24/11/2007|17:18] C:\Program Files\RAXCO [18/01/2007|22:59] C:\Program Files\Realtek AC97 [18/01/2007|22:59] C:\Program Files\Realtek Sound Manager [12/08/2008|03:14] C:\Program Files\rhcehgj0e709 [17/02/2008|04:42] C:\Program Files\SlySoft [06/08/2008|20:02] C:\Program Files\Spybot - Search & Destroy [23/07/2008|18:39] C:\Program Files\trcjgaf [17/01/2007|00:40] C:\Program Files\Uninstall Information [17/01/2007|00:31] C:\Program Files\UTILS [17/01/2007|00:36] C:\Program Files\Windows Journal Viewer [01/03/2008|19:30] C:\Program Files\Windows Live [17/01/2007|00:37] C:\Program Files\Windows Media Components [08/06/2007|19:21] C:\Program Files\Windows Media Connect 2 [02/07/2008|19:48] C:\Program Files\Windows Media Player [02/07/2008|19:48] C:\Program Files\Windows NT [17/01/2007|00:24] C:\Program Files\WindowsUpdate [17/01/2007|00:37] C:\Program Files\WMV9_VCM [17/01/2007|00:25] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [27/05/2008|22:38] C:\Program Files\Fichiers communs\Adobe [25/01/2007|20:42] C:\Program Files\Fichiers communs\Ahead [08/02/2008|02:20] C:\Program Files\Fichiers communs\Apple [18/01/2007|23:28] C:\Program Files\Fichiers communs\ATI Technologies [18/01/2007|23:25] C:\Program Files\Fichiers communs\InstallShield [17/01/2007|00:39] C:\Program Files\Fichiers communs\Java [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logishrd [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logitech [29/01/2008|03:54] C:\Program Files\Fichiers communs\Microsoft Shared [17/01/2007|00:23] C:\Program Files\Fichiers communs\MSSoap [17/01/2007|00:11] C:\Program Files\Fichiers communs\ODBC [24/11/2007|17:21] C:\Program Files\Fichiers communs\Raxco [25/07/2008|02:08] C:\Program Files\Fichiers communs\Real [17/01/2007|00:23] C:\Program Files\Fichiers communs\Services [17/01/2007|00:11] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2008|19:48] C:\Program Files\Fichiers communs\System [29/01/2008|03:54] C:\Program Files\Fichiers communs\WindowsLiveInstaller [31/07/2008|19:47] C:\Program Files\Fichiers communs\Wise Installation Wizard [25/07/2008|02:08] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 51 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\BRUNO\Cookies\bruno@advertstream[2].txt C:\DOCUME~1\BRUNO\Cookies\bruno@adultfriendfinder[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-15 21:57:08 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 133 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-117x1043374x3b2d8.url => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-146x1043374xd42be.url => C:\DOCUME~1\BRUNO\Favoris\nella .inthecrack.com-tgp-129x1054226x8fe42.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-024x1226481xffee8.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-026x1226481x8da35.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-028x1251006x996ba.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-032x1360096x04675.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-034x1226481x88b93.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-098x1251006x9d763.url [F:99][D:8]-> C:\DOCUME~1\BRUNO\LOCALS~1\Temp [F:903][D:0]-> C:\DOCUME~1\BRUNO\Cookies [F:8425][D:34]-> C:\DOCUME~1\BRUNO\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 21:58:11,12 Maintenant au tour de MBAM Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1056 Windows 5.1.2600 Service Pack 3 22:33:55 15/08/2008 mbam-log-8-15-2008 (22-32-47).txt Type de recherche: Examen rapide Eléments examinés: 73498 Temps écoulé: 25 minute(s), 54 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 12 Fichier(s) infecté(s): 19 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\rhcehgj0e709 (Rogue.Multiple) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysrest.sys (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysrest.sys (Rootkit.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysrest.sys (Rootkit.Agent) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\smrhcehgj0e709 (Rogue.Multiple) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysrest32.exe (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcahgj0e709 (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> No action taken. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> No action taken. Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Dossier(s) infecté(s): C:\Program Files\rhcehgj0e709 (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709 (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKCU (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKLM (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\BrowserObjects (Rogue.Multiple) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\rhcehgj0e709\Quarantine\Packages (Rogue.Multiple) -> No action taken. Fichier(s) infecté(s): C:\Program Files\rhcehgj0e709\database.dat (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\license.txt (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\MFC71.dll (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\MFC71ENU.DLL (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\msvcp71.dll (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\msvcr71.dll (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\rhcehgj0e709.exe (Rogue.Multiple) -> No action taken. C:\Program Files\rhcehgj0e709\rhcehgj0e709.exe.local (Rogue.Multiple) -> No action taken. C:\WINDOWS\system32\sysrest32.exe (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\blphcahgj0e709.scr (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\lphcahgj0e709.exe (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\phcahgj0e709.bmp (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\pphcahgj0e709.exe (Trojan.FakeAlert) -> No action taken. C:\WINDOWS\system32\sysrest.sys (Rootkit.Agent) -> No action taken. C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> No action taken. C:\Documents and Settings\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> No action taken. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> No action taken. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> No action taken. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> No action taken. Et maintenant que MBAM à fini son scan je vais supprimer la selection qu'il a touvé. Donc dis moi ce que tu pense de tout ça, A+
  9. Bjr, me revoila donc avec un truc pas possible sur mon ordi. Bon je viens de relançer un scan avec LOP S&D, et voila le résultat: --------------------\\ Lop S&D 4.2.2-6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 3 ] [ USER : BRUNO ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 14/08/2008 | 19:17:54,57 ] [ PC : ORDISUPERB ] [ MAJ : 09-08-2008 | 21:15 ] --------------------\\ Listing des dossiers dans APPLIC~1 [17/01/2007|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [07/08/2008|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [13/12/2007|11:55] C:\DOCUME~1\ALAN\APPLIC~1\Adobe [05/09/2007|19:48] C:\DOCUME~1\ALAN\APPLIC~1\AdobeUM [17/02/2007|13:35] C:\DOCUME~1\ALAN\APPLIC~1\Ahead [16/04/2008|13:27] C:\DOCUME~1\ALAN\APPLIC~1\Apple Computer [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\ALAN\APPLIC~1\desktop.ini [10/01/2008|19:32] C:\DOCUME~1\ALAN\APPLIC~1\DivX [03/10/2007|14:52] C:\DOCUME~1\ALAN\APPLIC~1\Google [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Identities [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Logitech [20/01/2007|17:24] C:\DOCUME~1\ALAN\APPLIC~1\Macromedia [16/05/2007|10:55] C:\DOCUME~1\ALAN\APPLIC~1\McAfee.com Personal Firewall [17/02/2007|13:36] C:\DOCUME~1\ALAN\APPLIC~1\Media Player Classic [23/12/2007|21:31] C:\DOCUME~1\ALAN\APPLIC~1\Microsoft [25/07/2008|14:14] C:\DOCUME~1\ALAN\APPLIC~1\Real [03/02/2007|16:38] C:\DOCUME~1\ALAN\APPLIC~1\Sun [17/02/2008|04:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib [02/07/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270} [19/01/2007|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html [27/05/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [13/08/2008|22:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08/02/2008|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [17/01/2007|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/01/2007|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/12/2007|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [12/08/2008|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20/01/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [18/02/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [10/11/2007|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/01/2008|03:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [26/05/2007|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [24/10/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache [19/01/2007|02:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco [26/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [06/08/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/07/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ubotojir [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/01/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [19/01/2007|01:47] C:\DOCUME~1\BRUNO\APPLIC~1\Adobe [27/05/2008|22:38] C:\DOCUME~1\BRUNO\APPLIC~1\AdobeUM [18/10/2007|17:43] C:\DOCUME~1\BRUNO\APPLIC~1\Ahead [08/02/2008|02:21] C:\DOCUME~1\BRUNO\APPLIC~1\Apple Computer [18/01/2007|23:32] C:\DOCUME~1\BRUNO\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\BRUNO\APPLIC~1\desktop.ini [21/12/2007|01:44] C:\DOCUME~1\BRUNO\APPLIC~1\DivX [03/10/2007|10:59] C:\DOCUME~1\BRUNO\APPLIC~1\Google [10/02/2007|13:32] C:\DOCUME~1\BRUNO\APPLIC~1\Help [17/01/2007|00:40] C:\DOCUME~1\BRUNO\APPLIC~1\Identities [07/12/2007|02:29] C:\DOCUME~1\BRUNO\APPLIC~1\InstallShield [21/01/2008|19:44] C:\DOCUME~1\BRUNO\APPLIC~1\Lavasoft [18/01/2007|23:12] C:\DOCUME~1\BRUNO\APPLIC~1\Logitech [17/01/2007|00:39] C:\DOCUME~1\BRUNO\APPLIC~1\Macromedia [12/08/2008|00:32] C:\DOCUME~1\BRUNO\APPLIC~1\Malwarebytes [03/10/2007|11:06] C:\DOCUME~1\BRUNO\APPLIC~1\McAfee.com Personal Firewall [19/01/2007|02:10] C:\DOCUME~1\BRUNO\APPLIC~1\Media Player Classic [07/02/2008|19:12] C:\DOCUME~1\BRUNO\APPLIC~1\Microsoft [25/07/2008|04:17] C:\DOCUME~1\BRUNO\APPLIC~1\Real [12/08/2008|03:14] C:\DOCUME~1\BRUNO\APPLIC~1\rhcehgj0e709 [26/01/2008|19:56] C:\DOCUME~1\BRUNO\APPLIC~1\SlySoft [19/01/2007|03:41] C:\DOCUME~1\BRUNO\APPLIC~1\Sun [19/01/2007|02:30] C:\DOCUME~1\BRUNO\APPLIC~1\Winamp [09/10/2007|18:35] C:\DOCUME~1\BRUNO\APPLIC~1\XnView [17/01/2007|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [17/01/2007|00:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [19/01/2007|01:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [22/01/2007|14:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/01/2007|00:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [14/08/2008 03:25][--a------] C:\WINDOWS\tasks\SCHEDLGU.TXT [31/07/2008 22:21][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [14/08/2008 17:39][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [17/01/2007|00:38] C:\Program Files\Adobe [13/08/2008|22:50] C:\Program Files\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\Program Files\Apple Software Update [18/01/2007|23:29] C:\Program Files\ATI Technologies [18/01/2007|22:59] C:\Program Files\AvRack [17/01/2007|00:22] C:\Program Files\ComPlus Applications [10/04/2008|03:32] C:\Program Files\DivX [25/04/2008|19:02] C:\Program Files\EA GAMES [31/07/2008|19:47] C:\Program Files\Fichiers communs [17/11/2007|00:52] C:\Program Files\Google [02/07/2008|20:02] C:\Program Files\InstallShield Installation Information [11/06/2008|19:05] C:\Program Files\Internet Explorer [08/02/2008|02:21] C:\Program Files\iPod [08/02/2008|02:21] C:\Program Files\iTunes [21/07/2008|01:10] C:\Program Files\Java [17/01/2007|00:32] C:\Program Files\JEUX [21/01/2008|19:45] C:\Program Files\Lavasoft [18/01/2007|23:10] C:\Program Files\Logitech [18/03/2007|19:19] C:\Program Files\Maxis [19/01/2007|01:10] C:\Program Files\McAfee.com [02/07/2008|19:50] C:\Program Files\Messenger [17/01/2007|00:25] C:\Program Files\microsoft frontpage [26/05/2007|12:25] C:\Program Files\Microsoft Games [17/01/2007|00:36] C:\Program Files\Microsoft Office [29/01/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition [02/07/2008|19:50] C:\Program Files\Movie Maker [29/01/2008|03:01] C:\Program Files\MSECache [02/07/2008|19:50] C:\Program Files\msn [17/01/2007|00:22] C:\Program Files\MSN Gaming Zone [25/01/2007|20:42] C:\Program Files\Nero [02/07/2008|19:48] C:\Program Files\NetMeeting [19/01/2007|01:15] C:\Program Files\Neuf [02/07/2008|19:48] C:\Program Files\Outlook Express [09/12/2007|16:39] C:\Program Files\PDFCreator [12/12/2007|11:58] C:\Program Files\Prophet Soft [23/07/2008|03:51] C:\Program Files\qlztrmc [08/02/2008|02:18] C:\Program Files\QuickTime [24/11/2007|17:18] C:\Program Files\RAXCO [18/01/2007|22:59] C:\Program Files\Realtek AC97 [18/01/2007|22:59] C:\Program Files\Realtek Sound Manager [12/08/2008|03:14] C:\Program Files\rhcehgj0e709 [17/02/2008|04:42] C:\Program Files\SlySoft [06/08/2008|20:02] C:\Program Files\Spybot - Search & Destroy [23/07/2008|18:39] C:\Program Files\trcjgaf [17/01/2007|00:40] C:\Program Files\Uninstall Information [17/01/2007|00:31] C:\Program Files\UTILS [17/01/2007|00:36] C:\Program Files\Windows Journal Viewer [01/03/2008|19:30] C:\Program Files\Windows Live [17/01/2007|00:37] C:\Program Files\Windows Media Components [08/06/2007|19:21] C:\Program Files\Windows Media Connect 2 [02/07/2008|19:48] C:\Program Files\Windows Media Player [02/07/2008|19:48] C:\Program Files\Windows NT [17/01/2007|00:24] C:\Program Files\WindowsUpdate [17/01/2007|00:37] C:\Program Files\WMV9_VCM [17/01/2007|00:25] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [27/05/2008|22:38] C:\Program Files\Fichiers communs\Adobe [25/01/2007|20:42] C:\Program Files\Fichiers communs\Ahead [08/02/2008|02:20] C:\Program Files\Fichiers communs\Apple [18/01/2007|23:28] C:\Program Files\Fichiers communs\ATI Technologies [18/01/2007|23:25] C:\Program Files\Fichiers communs\InstallShield [17/01/2007|00:39] C:\Program Files\Fichiers communs\Java [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logishrd [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logitech [29/01/2008|03:54] C:\Program Files\Fichiers communs\Microsoft Shared [17/01/2007|00:23] C:\Program Files\Fichiers communs\MSSoap [17/01/2007|00:11] C:\Program Files\Fichiers communs\ODBC [24/11/2007|17:21] C:\Program Files\Fichiers communs\Raxco [25/07/2008|02:08] C:\Program Files\Fichiers communs\Real [17/01/2007|00:23] C:\Program Files\Fichiers communs\Services [17/01/2007|00:11] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2008|19:48] C:\Program Files\Fichiers communs\System [29/01/2008|03:54] C:\Program Files\Fichiers communs\WindowsLiveInstaller [31/07/2008|19:47] C:\Program Files\Fichiers communs\Wise Installation Wizard [25/07/2008|02:08] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 50 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\BRUNO\Cookies\bruno@adultfriendfinder[1].txt C:\DOCUME~1\BRUNO\Cookies\bruno@advertising[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\bruno@bigpoint[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][3].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-14 19:18:25 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 133 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-117x1043374x3b2d8.url => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-146x1043374xd42be.url => C:\DOCUME~1\BRUNO\Favoris\nella .inthecrack.com-tgp-129x1054226x8fe42.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-024x1226481xffee8.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-026x1226481x8da35.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-028x1251006x996ba.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-032x1360096x04675.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-034x1226481x88b93.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-098x1251006x9d763.url [F:94][D:7]-> C:\DOCUME~1\BRUNO\LOCALS~1\Temp [F:501][D:0]-> C:\DOCUME~1\BRUNO\Cookies [F:10245][D:34]-> C:\DOCUME~1\BRUNO\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 19:19:24,65 Dis moi ce que tu en pense, A toute
  10. Bsr FALKRA,je crois que j'ai été trop optimiste lors de mon dernier message...je t'explique; Après avoir réalisé un scan avec MBAM, j'ai eu pendant un instant un ordi a priori nettoyé, mais rapidement je me suis retrouvé avec de nouvelles infections: VBS/Agent.1002(VBS script virus) TR/Dldr.FraudLoa.NC(cheval de troie) TR/Dldr.Small.aatb(cheval de troie) TR/Fraud.AV2008(cheval de troie) Je suis aussi systèmatique envahie par Antivirus XP 2008(qui semblerait-il, est en fait un virus!). Et aussi, juste à l'instant, avant de revenir sur le forum mon écran est devenu bleu avec un texte en anglais écris en blanc, qui me disais que Windowsvenait de rencontrer un problème(failure),qu'il essayait de redémarrer ou que je pouvais choisir de réinsérer le disque d'installation. Effectivement, Windows a éssayé plusieurs fois de redémarrer...sans succès. Il a fallut éteindre manuellement (avec le bouton poussoir sur la tour) et allumer à nouveau. A oui!!! je ne sait pas si cela a un rapport, mais, parmis mes icônes d'accès rapides dans la barre en bas à droite j'ai un bouclier rouge avec une croix blanche dessus, ça se préesnte sous la forme du "centre de sécurité Windows", es-ce que çela a un rapport avec "Antivirus XP 2008" ??? Donc je viens de refaire un scan avec HIJACK et dont voiçi le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:52:03, on 13/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\svchost.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\ubotojir\slwbsjid.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\Stardock\CursorFX\CursorFX.exe C:\WINDOWS\system32\ivczyxup.exe D:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\BRUNO\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {748a89c8-2338-4f77-b3bf-fb8f0b3a155c} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {BA77932F-384E-4BA0-A3C0-00E82A9D18AC} - (no file) O2 - BHO: (no name) - {C3936D47-3050-4370-97E8-D46054639ECC} - (no file) O2 - BHO: (no name) - {CBC603FB-E7DC-4879-9DF0-C03FA404BC92} - (no file) O2 - BHO: (no name) - {D08B8170-C067-402C-AC4F-570933501DA2} - (no file) O2 - BHO: (no name) - {E31B361A-5F0A-4081-B310-7F63B6628571} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [lphcahgj0e709] C:\WINDOWS\system32\lphcahgj0e709.exe O4 - HKLM\..\Run: [sMrhcehgj0e709] C:\Program Files\rhcehgj0e709\rhcehgj0e709.exe O4 - HKLM\..\Run: [sysrest32.exe] C:\WINDOWS\system32\sysrest32.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [CursorFX] "D:\Program Files\Stardock\CursorFX\CursorFX.exe" O4 - HKCU\..\Run: [syssetact] C:\WINDOWS\system32\ivczyxup.exe O4 - HKLM\..\Policies\Explorer\Run: [01Npug5XNe] C:\Documents and Settings\All Users\Application Data\ubotojir\slwbsjid.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_04] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_06] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE RÉSEAU') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O21 - SSODL: appdbset - {483759E7-0716-4186-98D2-04F3A56BA479} - C:\Program Files\trcjgaf\appdbset.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- End of file - 11104 bytes Je dois t'avouer ,FALKRA que je suis à la fois perdu et aussi complètement désabusé, n'étant absolument pas compétant dans ce genre de problème, je ne comprend pas comment tout çelà a pus arriverdans mon système alors que j'utilise un antivirus(ANTIVIR) Bon voilà, à nouveau mes ennuis et encore une fois...AU SECOURS!!! Je suis complètement à la ramasse... PS: ne t'inquiète pas à propos de POPCORN49, ce n'est que mon frère qui s'inquiète de mes souçis informatique. Bonne nuit A+...
  11. Je suis à nouveaux de retour... Donc, après avoir redémarré, j'ai lançé un nouveau scan avec LOP S&D et voila le rapport: --------------------\\ Lop S&D 4.2.2-6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 3 ] [ USER : BRUNO ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 12/08/2008 | 2:41:23,93 ] [ PC : ORDISUPERB ] [ MAJ : 09-08-2008 | 21:15 ] --------------------\\ Listing des dossiers dans APPLIC~1 [17/01/2007|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [07/08/2008|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [13/12/2007|11:55] C:\DOCUME~1\ALAN\APPLIC~1\Adobe [05/09/2007|19:48] C:\DOCUME~1\ALAN\APPLIC~1\AdobeUM [17/02/2007|13:35] C:\DOCUME~1\ALAN\APPLIC~1\Ahead [16/04/2008|13:27] C:\DOCUME~1\ALAN\APPLIC~1\Apple Computer [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\ALAN\APPLIC~1\desktop.ini [10/01/2008|19:32] C:\DOCUME~1\ALAN\APPLIC~1\DivX [03/10/2007|14:52] C:\DOCUME~1\ALAN\APPLIC~1\Google [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Identities [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Logitech [20/01/2007|17:24] C:\DOCUME~1\ALAN\APPLIC~1\Macromedia [16/05/2007|10:55] C:\DOCUME~1\ALAN\APPLIC~1\McAfee.com Personal Firewall [17/02/2007|13:36] C:\DOCUME~1\ALAN\APPLIC~1\Media Player Classic [23/12/2007|21:31] C:\DOCUME~1\ALAN\APPLIC~1\Microsoft [25/07/2008|14:14] C:\DOCUME~1\ALAN\APPLIC~1\Real [03/02/2007|16:38] C:\DOCUME~1\ALAN\APPLIC~1\Sun [17/02/2008|04:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib [02/07/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270} [19/01/2007|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html [27/05/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [12/08/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08/02/2008|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [17/01/2007|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/01/2007|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/12/2007|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [12/08/2008|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [20/01/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [18/02/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [10/11/2007|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/01/2008|03:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [26/05/2007|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [24/10/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache [19/01/2007|02:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco [26/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [06/08/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/07/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ubotojir [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/01/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [19/01/2007|01:47] C:\DOCUME~1\BRUNO\APPLIC~1\Adobe [27/05/2008|22:38] C:\DOCUME~1\BRUNO\APPLIC~1\AdobeUM [18/10/2007|17:43] C:\DOCUME~1\BRUNO\APPLIC~1\Ahead [08/02/2008|02:21] C:\DOCUME~1\BRUNO\APPLIC~1\Apple Computer [18/01/2007|23:32] C:\DOCUME~1\BRUNO\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\BRUNO\APPLIC~1\desktop.ini [21/12/2007|01:44] C:\DOCUME~1\BRUNO\APPLIC~1\DivX [03/10/2007|10:59] C:\DOCUME~1\BRUNO\APPLIC~1\Google [10/02/2007|13:32] C:\DOCUME~1\BRUNO\APPLIC~1\Help [17/01/2007|00:40] C:\DOCUME~1\BRUNO\APPLIC~1\Identities [07/12/2007|02:29] C:\DOCUME~1\BRUNO\APPLIC~1\InstallShield [21/01/2008|19:44] C:\DOCUME~1\BRUNO\APPLIC~1\Lavasoft [18/01/2007|23:12] C:\DOCUME~1\BRUNO\APPLIC~1\Logitech [17/01/2007|00:39] C:\DOCUME~1\BRUNO\APPLIC~1\Macromedia [12/08/2008|00:32] C:\DOCUME~1\BRUNO\APPLIC~1\Malwarebytes [03/10/2007|11:06] C:\DOCUME~1\BRUNO\APPLIC~1\McAfee.com Personal Firewall [19/01/2007|02:10] C:\DOCUME~1\BRUNO\APPLIC~1\Media Player Classic [07/02/2008|19:12] C:\DOCUME~1\BRUNO\APPLIC~1\Microsoft [25/07/2008|04:17] C:\DOCUME~1\BRUNO\APPLIC~1\Real [26/01/2008|19:56] C:\DOCUME~1\BRUNO\APPLIC~1\SlySoft [19/01/2007|03:41] C:\DOCUME~1\BRUNO\APPLIC~1\Sun [19/01/2007|02:30] C:\DOCUME~1\BRUNO\APPLIC~1\Winamp [09/10/2007|18:35] C:\DOCUME~1\BRUNO\APPLIC~1\XnView [17/01/2007|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [17/01/2007|00:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [19/01/2007|01:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [22/01/2007|14:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/01/2007|00:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [12/08/2008 01:19][--a------] C:\WINDOWS\tasks\SCHEDLGU.TXT [31/07/2008 22:21][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [12/08/2008 01:21][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [17/01/2007|00:38] C:\Program Files\Adobe [12/08/2008|01:22] C:\Program Files\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\Program Files\Apple Software Update [18/01/2007|23:29] C:\Program Files\ATI Technologies [18/01/2007|22:59] C:\Program Files\AvRack [17/01/2007|00:22] C:\Program Files\ComPlus Applications [10/04/2008|03:32] C:\Program Files\DivX [25/04/2008|19:02] C:\Program Files\EA GAMES [31/07/2008|19:47] C:\Program Files\Fichiers communs [17/11/2007|00:52] C:\Program Files\Google [02/07/2008|20:02] C:\Program Files\InstallShield Installation Information [11/06/2008|19:05] C:\Program Files\Internet Explorer [08/02/2008|02:21] C:\Program Files\iPod [08/02/2008|02:21] C:\Program Files\iTunes [21/07/2008|01:10] C:\Program Files\Java [17/01/2007|00:32] C:\Program Files\JEUX [21/01/2008|19:45] C:\Program Files\Lavasoft [18/01/2007|23:10] C:\Program Files\Logitech [18/03/2007|19:19] C:\Program Files\Maxis [19/01/2007|01:10] C:\Program Files\McAfee.com [02/07/2008|19:50] C:\Program Files\Messenger [17/01/2007|00:25] C:\Program Files\microsoft frontpage [26/05/2007|12:25] C:\Program Files\Microsoft Games [17/01/2007|00:36] C:\Program Files\Microsoft Office [29/01/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition [02/07/2008|19:50] C:\Program Files\Movie Maker [29/01/2008|03:01] C:\Program Files\MSECache [02/07/2008|19:50] C:\Program Files\msn [17/01/2007|00:22] C:\Program Files\MSN Gaming Zone [25/01/2007|20:42] C:\Program Files\Nero [02/07/2008|19:48] C:\Program Files\NetMeeting [19/01/2007|01:15] C:\Program Files\Neuf [02/07/2008|19:48] C:\Program Files\Outlook Express [09/12/2007|16:39] C:\Program Files\PDFCreator [12/12/2007|11:58] C:\Program Files\Prophet Soft [23/07/2008|03:51] C:\Program Files\qlztrmc [08/02/2008|02:18] C:\Program Files\QuickTime [24/11/2007|17:18] C:\Program Files\RAXCO [18/01/2007|22:59] C:\Program Files\Realtek AC97 [18/01/2007|22:59] C:\Program Files\Realtek Sound Manager [17/02/2008|04:42] C:\Program Files\SlySoft [06/08/2008|20:02] C:\Program Files\Spybot - Search & Destroy [23/07/2008|18:39] C:\Program Files\trcjgaf [17/01/2007|00:40] C:\Program Files\Uninstall Information [17/01/2007|00:31] C:\Program Files\UTILS [17/01/2007|00:36] C:\Program Files\Windows Journal Viewer [01/03/2008|19:30] C:\Program Files\Windows Live [17/01/2007|00:37] C:\Program Files\Windows Media Components [08/06/2007|19:21] C:\Program Files\Windows Media Connect 2 [02/07/2008|19:48] C:\Program Files\Windows Media Player [02/07/2008|19:48] C:\Program Files\Windows NT [17/01/2007|00:24] C:\Program Files\WindowsUpdate [17/01/2007|00:37] C:\Program Files\WMV9_VCM [17/01/2007|00:25] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [27/05/2008|22:38] C:\Program Files\Fichiers communs\Adobe [25/01/2007|20:42] C:\Program Files\Fichiers communs\Ahead [08/02/2008|02:20] C:\Program Files\Fichiers communs\Apple [18/01/2007|23:28] C:\Program Files\Fichiers communs\ATI Technologies [18/01/2007|23:25] C:\Program Files\Fichiers communs\InstallShield [17/01/2007|00:39] C:\Program Files\Fichiers communs\Java [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logishrd [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logitech [29/01/2008|03:54] C:\Program Files\Fichiers communs\Microsoft Shared [17/01/2007|00:23] C:\Program Files\Fichiers communs\MSSoap [17/01/2007|00:11] C:\Program Files\Fichiers communs\ODBC [24/11/2007|17:21] C:\Program Files\Fichiers communs\Raxco [25/07/2008|02:08] C:\Program Files\Fichiers communs\Real [17/01/2007|00:23] C:\Program Files\Fichiers communs\Services [17/01/2007|00:11] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2008|19:48] C:\Program Files\Fichiers communs\System [29/01/2008|03:54] C:\Program Files\Fichiers communs\WindowsLiveInstaller [31/07/2008|19:47] C:\Program Files\Fichiers communs\Wise Installation Wizard [25/07/2008|02:08] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 51 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\BRUNO\Cookies\bruno@adultfriendfinder[1].txt C:\DOCUME~1\BRUNO\Cookies\bruno@advertising[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\bruno@bigpoint[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][3].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-12 02:41:58 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 133 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-117x1043374x3b2d8.url => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-146x1043374xd42be.url => C:\DOCUME~1\BRUNO\Favoris\nella .inthecrack.com-tgp-129x1054226x8fe42.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-024x1226481xffee8.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-026x1226481x8da35.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-028x1251006x996ba.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-032x1360096x04675.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-034x1226481x88b93.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-098x1251006x9d763.url [F:88][D:7]-> C:\DOCUME~1\BRUNO\LOCALS~1\Temp [F:290][D:0]-> C:\DOCUME~1\BRUNO\Cookies [F:4929][D:26]-> C:\DOCUME~1\BRUNO\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 2:43:06,00 Je ne sais pas si mon ordi est enfin nettoyé mais pour l'instant je n'est plus de détection d'infection par ANTIVIR qui l'antivirus que j'utilise. j'attend avec impatience ton avis éclairé sur la question. Maintenant, l'heure de l'extinction des feux est dépassé depuis fort longtemps et du coup je vais y aller car demain il y a du pain sur la planche. Donc bonne nuit et peut-être à demain... CIAO
  12. Re-hello, comme prévu me revoila et j'ai donc Lançé MBAM en "examen rapide" et "supprimé la selection". Je te met en copie le rapport: Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1042 Windows 5.1.2600 Service Pack 3 01:08:56 12/08/2008 mbam-log-8-12-2008 (01-08-56).txt Type de recherche: Examen rapide Eléments examinés: 69738 Temps écoulé: 21 minute(s), 56 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 4 Clé(s) du Registre infectée(s): 36 Valeur(s) du Registre infectée(s): 7 Elément(s) de données du Registre infecté(s): 5 Dossier(s) infecté(s): 12 Fichier(s) infecté(s): 133 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\ameasygp.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\hgGxUMCu.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\jkkKbYPF.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\gccntj.dll (Trojan.Vundo) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ebc4069-d518-4a3b-aa38-124c4d1048ea} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9ebc4069-d518-4a3b-aa38-124c4d1048ea} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5164e72-7450-415e-a387-f42fd6b01dcb} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{e5164e72-7450-415e-a387-f42fd6b01dcb} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{28030fa8-2428-4de6-b0f3-ce9494e1a412} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28030fa8-2428-4de6-b0f3-ce9494e1a412} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkkbypf (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a15e2a71-303e-4f13-a642-eb3a786da5fc} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\rhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\antivirus 2008 pro (Rogue.Antivirus2008) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\sunporn (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\sunpornwrrb325 (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\uninstall (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\d09361bb (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{28030fa8-2428-4de6-b0f3-ce9494e1a412} (Trojan.Vundo) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggxumcu -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggxumcu -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\akl (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\Inet Delivery (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\rhcehgj0e709 (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\BASE (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\DELETED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\SAVED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\gccntj.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\hgGxUMCu.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\uCMUxGgh.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uCMUxGgh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ablfxlsr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rslxflba.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ameasygp.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\pgysaema.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fchfufnc.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cnfufhcf.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jkkKbYPF.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\aowdtsvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cccohf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\endplkne.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\enueaxyb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\errexudr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fpebad.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fsihpngt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hgsrob.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hsorfqfk.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\jpkqyugt.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mccgknmm.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ciikzw.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cuyyxi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qaeixkme.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rzzcku.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uvghdjvb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\itspzl.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\fgshckeb.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gfqesl.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\gohzak.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\idnwdqbn.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\qwigyg.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mpnnwgrk.exe (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bkynwgso.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\oiclwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ykniigim.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ywuhyp.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\djrssr.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ubdxqcmp.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uflyryhx.dll (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\ENORA\Local Settings\Temporary Internet Files\Content.IE5\OD8NK3SF\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\ENORA\Local Settings\Temporary Internet Files\Content.IE5\QFSFAPKJ\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CA5MTY82\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CA5MTY82\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CA5MTY82\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CF461RN7\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CF461RN7\kb767887[2] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\CF461RN7\kb767887[3] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\MRQUPCCN\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\NYTFQIDU\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\ZHSKKFDZ\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\ZHSKKFDZ\kb65666[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\ZHSKKFDZ\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\ZXSSVXBV\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\akl\akl.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\akl\akl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\akl\uninstall.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\akl\unsetup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\sex1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\PCHealthCenter\sex2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully. C:\Program Files\Inet Delivery\inetdl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Program Files\Inet Delivery\intdel.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SecuriSoft SARL\WinSpywareProtect\LOG\20080721015737875.log (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully. C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lphcahgj0e709.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\phcahgj0e709.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\s1265.php (Trojan.FakeAlert) -> Quarantined and deleted successfully. A présent je vais redémarrer et faire un scan avec HIJACK, à toute
  13. Bsr, FALKRA, je viens de lançer "LOP S&D" avec L'option 2, voila le rapport émis: --------------------\\ Lop S&D 4.2.2-6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 3 ] [ USER : BRUNO ] [ "C:\Lop SD" ] [ Selection : 2 ] [ 11/08/2008 | 20:47:47,85 ] [ PC : ORDISUPERB ] [ MAJ : 09-08-2008 | 21:15 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt Supprime! - C:\DOCUME~1\BRUNO\Cookies\bruno@cotedazurpalace[1].txt RestaurÚ! - Fichier Hosts //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [17/01/2007|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [07/08/2008|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [13/12/2007|11:55] C:\DOCUME~1\ALAN\APPLIC~1\Adobe [05/09/2007|19:48] C:\DOCUME~1\ALAN\APPLIC~1\AdobeUM [17/02/2007|13:35] C:\DOCUME~1\ALAN\APPLIC~1\Ahead [16/04/2008|13:27] C:\DOCUME~1\ALAN\APPLIC~1\Apple Computer [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\ALAN\APPLIC~1\desktop.ini [10/01/2008|19:32] C:\DOCUME~1\ALAN\APPLIC~1\DivX [03/10/2007|14:52] C:\DOCUME~1\ALAN\APPLIC~1\Google [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Identities [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Logitech [20/01/2007|17:24] C:\DOCUME~1\ALAN\APPLIC~1\Macromedia [16/05/2007|10:55] C:\DOCUME~1\ALAN\APPLIC~1\McAfee.com Personal Firewall [17/02/2007|13:36] C:\DOCUME~1\ALAN\APPLIC~1\Media Player Classic [23/12/2007|21:31] C:\DOCUME~1\ALAN\APPLIC~1\Microsoft [25/07/2008|14:14] C:\DOCUME~1\ALAN\APPLIC~1\Real [03/02/2007|16:38] C:\DOCUME~1\ALAN\APPLIC~1\Sun [17/02/2008|04:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib [02/07/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270} [19/01/2007|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html [27/05/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [11/08/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08/02/2008|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [17/01/2007|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/01/2007|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/12/2007|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [20/01/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [18/02/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [10/11/2007|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/01/2008|03:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [26/05/2007|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [24/10/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache [19/01/2007|02:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco [21/07/2008|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuriSoft SARL [26/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [06/08/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/07/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ubotojir [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/01/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [19/01/2007|01:47] C:\DOCUME~1\BRUNO\APPLIC~1\Adobe [27/05/2008|22:38] C:\DOCUME~1\BRUNO\APPLIC~1\AdobeUM [18/10/2007|17:43] C:\DOCUME~1\BRUNO\APPLIC~1\Ahead [08/02/2008|02:21] C:\DOCUME~1\BRUNO\APPLIC~1\Apple Computer [18/01/2007|23:32] C:\DOCUME~1\BRUNO\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\BRUNO\APPLIC~1\desktop.ini [21/12/2007|01:44] C:\DOCUME~1\BRUNO\APPLIC~1\DivX [03/10/2007|10:59] C:\DOCUME~1\BRUNO\APPLIC~1\Google [10/02/2007|13:32] C:\DOCUME~1\BRUNO\APPLIC~1\Help [17/01/2007|00:40] C:\DOCUME~1\BRUNO\APPLIC~1\Identities [07/12/2007|02:29] C:\DOCUME~1\BRUNO\APPLIC~1\InstallShield [21/01/2008|19:44] C:\DOCUME~1\BRUNO\APPLIC~1\Lavasoft [18/01/2007|23:12] C:\DOCUME~1\BRUNO\APPLIC~1\Logitech [17/01/2007|00:39] C:\DOCUME~1\BRUNO\APPLIC~1\Macromedia [03/10/2007|11:06] C:\DOCUME~1\BRUNO\APPLIC~1\McAfee.com Personal Firewall [19/01/2007|02:10] C:\DOCUME~1\BRUNO\APPLIC~1\Media Player Classic [07/02/2008|19:12] C:\DOCUME~1\BRUNO\APPLIC~1\Microsoft [25/07/2008|04:17] C:\DOCUME~1\BRUNO\APPLIC~1\Real [26/01/2008|19:56] C:\DOCUME~1\BRUNO\APPLIC~1\SlySoft [19/01/2007|03:41] C:\DOCUME~1\BRUNO\APPLIC~1\Sun [19/01/2007|02:30] C:\DOCUME~1\BRUNO\APPLIC~1\Winamp [09/10/2007|18:35] C:\DOCUME~1\BRUNO\APPLIC~1\XnView [17/01/2007|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [17/01/2007|00:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [19/01/2007|01:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [22/01/2007|14:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/01/2007|00:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [09/08/2008 04:22][--a------] C:\WINDOWS\tasks\SCHEDLGU.TXT [31/07/2008 22:21][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [11/08/2008 01:20][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [17/01/2007|00:38] C:\Program Files\Adobe [23/07/2008|03:51] C:\Program Files\akl [11/08/2008|01:22] C:\Program Files\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\Program Files\Apple Software Update [18/01/2007|23:29] C:\Program Files\ATI Technologies [18/01/2007|22:59] C:\Program Files\AvRack [17/01/2007|00:22] C:\Program Files\ComPlus Applications [10/04/2008|03:32] C:\Program Files\DivX [25/04/2008|19:02] C:\Program Files\EA GAMES [31/07/2008|19:47] C:\Program Files\Fichiers communs [17/11/2007|00:52] C:\Program Files\Google [23/07/2008|03:51] C:\Program Files\Inet Delivery [02/07/2008|20:02] C:\Program Files\InstallShield Installation Information [11/06/2008|19:05] C:\Program Files\Internet Explorer [08/02/2008|02:21] C:\Program Files\iPod [08/02/2008|02:21] C:\Program Files\iTunes [21/07/2008|01:10] C:\Program Files\Java [17/01/2007|00:32] C:\Program Files\JEUX [21/01/2008|19:45] C:\Program Files\Lavasoft [18/01/2007|23:10] C:\Program Files\Logitech [18/03/2007|19:19] C:\Program Files\Maxis [19/01/2007|01:10] C:\Program Files\McAfee.com [02/07/2008|19:50] C:\Program Files\Messenger [17/01/2007|00:25] C:\Program Files\microsoft frontpage [26/05/2007|12:25] C:\Program Files\Microsoft Games [17/01/2007|00:36] C:\Program Files\Microsoft Office [29/01/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition [02/07/2008|19:50] C:\Program Files\Movie Maker [29/01/2008|03:01] C:\Program Files\MSECache [02/07/2008|19:50] C:\Program Files\msn [17/01/2007|00:22] C:\Program Files\MSN Gaming Zone [25/01/2007|20:42] C:\Program Files\Nero [02/07/2008|19:48] C:\Program Files\NetMeeting [19/01/2007|01:15] C:\Program Files\Neuf [02/07/2008|19:48] C:\Program Files\Outlook Express [23/07/2008|05:18] C:\Program Files\PCHealthCenter [09/12/2007|16:39] C:\Program Files\PDFCreator [12/12/2007|11:58] C:\Program Files\Prophet Soft [23/07/2008|03:51] C:\Program Files\qlztrmc [08/02/2008|02:18] C:\Program Files\QuickTime [24/11/2007|17:18] C:\Program Files\RAXCO [18/01/2007|22:59] C:\Program Files\Realtek AC97 [18/01/2007|22:59] C:\Program Files\Realtek Sound Manager [05/08/2008|19:53] C:\Program Files\rhcehgj0e709 [17/02/2008|04:42] C:\Program Files\SlySoft [06/08/2008|20:02] C:\Program Files\Spybot - Search & Destroy [23/07/2008|18:39] C:\Program Files\trcjgaf [17/01/2007|00:40] C:\Program Files\Uninstall Information [17/01/2007|00:31] C:\Program Files\UTILS [17/01/2007|00:36] C:\Program Files\Windows Journal Viewer [01/03/2008|19:30] C:\Program Files\Windows Live [17/01/2007|00:37] C:\Program Files\Windows Media Components [08/06/2007|19:21] C:\Program Files\Windows Media Connect 2 [02/07/2008|19:48] C:\Program Files\Windows Media Player [02/07/2008|19:48] C:\Program Files\Windows NT [17/01/2007|00:24] C:\Program Files\WindowsUpdate [17/01/2007|00:37] C:\Program Files\WMV9_VCM [17/01/2007|00:25] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [27/05/2008|22:38] C:\Program Files\Fichiers communs\Adobe [25/01/2007|20:42] C:\Program Files\Fichiers communs\Ahead [08/02/2008|02:20] C:\Program Files\Fichiers communs\Apple [18/01/2007|23:28] C:\Program Files\Fichiers communs\ATI Technologies [18/01/2007|23:25] C:\Program Files\Fichiers communs\InstallShield [17/01/2007|00:39] C:\Program Files\Fichiers communs\Java [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logishrd [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logitech [29/01/2008|03:54] C:\Program Files\Fichiers communs\Microsoft Shared [17/01/2007|00:23] C:\Program Files\Fichiers communs\MSSoap [17/01/2007|00:11] C:\Program Files\Fichiers communs\ODBC [24/11/2007|17:21] C:\Program Files\Fichiers communs\Raxco [25/07/2008|02:08] C:\Program Files\Fichiers communs\Real [17/01/2007|00:23] C:\Program Files\Fichiers communs\Services [17/01/2007|00:11] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2008|19:48] C:\Program Files\Fichiers communs\System [29/01/2008|03:54] C:\Program Files\Fichiers communs\WindowsLiveInstaller [31/07/2008|19:47] C:\Program Files\Fichiers communs\Wise Installation Wizard [25/07/2008|02:08] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 55 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\BRUNO\Cookies\bruno@adultfriendfinder[1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\bruno@bigpoint[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-11 20:48:19 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 133 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\uCMUxGgh.ini C:\WINDOWS\system32\uCMUxGgh.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-117x1043374x3b2d8.url => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-146x1043374xd42be.url => C:\DOCUME~1\BRUNO\Favoris\nella .inthecrack.com-tgp-129x1054226x8fe42.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-024x1226481xffee8.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-026x1226481x8da35.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-028x1251006x996ba.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-032x1360096x04675.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-034x1226481x88b93.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-098x1251006x9d763.url [F:87][D:7]-> C:\DOCUME~1\BRUNO\LOCALS~1\Temp [F:277][D:0]-> C:\DOCUME~1\BRUNO\Cookies [F:4499][D:26]-> C:\DOCUME~1\BRUNO\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 20:48:50,02 A présent je vais continuer avec MBAM...à très bientôt.
  14. Bsr Falkra, merçi de t'interesser à mon cas qui je l'èspère n'est pas désesperé. J'ai donc lançé le scan du système et en voilà le résultat: --------------------\\ Lop S&D 4.2.2-6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 3 ] [ USER : BRUNO ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 11/08/2008 | 1:44:47,64 ] [ PC : ORDISUPERB ] [ MAJ : 09-08-2008 | 21:15 ] --------------------\\ Listing des dossiers dans APPLIC~1 [17/01/2007|00:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [07/08/2008|20:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [07/08/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real [13/12/2007|11:55] C:\DOCUME~1\ALAN\APPLIC~1\Adobe [05/09/2007|19:48] C:\DOCUME~1\ALAN\APPLIC~1\AdobeUM [17/02/2007|13:35] C:\DOCUME~1\ALAN\APPLIC~1\Ahead [16/04/2008|13:27] C:\DOCUME~1\ALAN\APPLIC~1\Apple Computer [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\ALAN\APPLIC~1\desktop.ini [10/01/2008|19:32] C:\DOCUME~1\ALAN\APPLIC~1\DivX [03/10/2007|14:52] C:\DOCUME~1\ALAN\APPLIC~1\Google [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Identities [20/01/2007|05:26] C:\DOCUME~1\ALAN\APPLIC~1\Logitech [20/01/2007|17:24] C:\DOCUME~1\ALAN\APPLIC~1\Macromedia [16/05/2007|10:55] C:\DOCUME~1\ALAN\APPLIC~1\McAfee.com Personal Firewall [17/02/2007|13:36] C:\DOCUME~1\ALAN\APPLIC~1\Media Player Classic [23/12/2007|21:31] C:\DOCUME~1\ALAN\APPLIC~1\Microsoft [25/07/2008|14:14] C:\DOCUME~1\ALAN\APPLIC~1\Real [03/02/2007|16:38] C:\DOCUME~1\ALAN\APPLIC~1\Sun [17/02/2008|04:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib [02/07/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{A850D4D9-871B-4234-908D-21C457767270} [19/01/2007|00:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html [27/05/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [11/08/2008|01:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [08/02/2008|02:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [17/01/2007|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [19/01/2007|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [03/10/2007|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [31/07/2008|19:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [07/12/2007|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd [25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [20/01/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [18/02/2007|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall [10/11/2007|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/01/2008|03:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [26/05/2007|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [24/10/2007|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache [19/01/2007|02:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco [21/07/2008|01:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuriSoft SARL [26/01/2008|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft [06/08/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [23/07/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ubotojir [29/01/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [29/01/2008|03:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [19/01/2007|01:47] C:\DOCUME~1\BRUNO\APPLIC~1\Adobe [27/05/2008|22:38] C:\DOCUME~1\BRUNO\APPLIC~1\AdobeUM [18/10/2007|17:43] C:\DOCUME~1\BRUNO\APPLIC~1\Ahead [08/02/2008|02:21] C:\DOCUME~1\BRUNO\APPLIC~1\Apple Computer [18/01/2007|23:32] C:\DOCUME~1\BRUNO\APPLIC~1\ATI [17/01/2007|00:11] C:\DOCUME~1\BRUNO\APPLIC~1\desktop.ini [21/12/2007|01:44] C:\DOCUME~1\BRUNO\APPLIC~1\DivX [03/10/2007|10:59] C:\DOCUME~1\BRUNO\APPLIC~1\Google [10/02/2007|13:32] C:\DOCUME~1\BRUNO\APPLIC~1\Help [17/01/2007|00:40] C:\DOCUME~1\BRUNO\APPLIC~1\Identities [07/12/2007|02:29] C:\DOCUME~1\BRUNO\APPLIC~1\InstallShield [21/01/2008|19:44] C:\DOCUME~1\BRUNO\APPLIC~1\Lavasoft [18/01/2007|23:12] C:\DOCUME~1\BRUNO\APPLIC~1\Logitech [17/01/2007|00:39] C:\DOCUME~1\BRUNO\APPLIC~1\Macromedia [03/10/2007|11:06] C:\DOCUME~1\BRUNO\APPLIC~1\McAfee.com Personal Firewall [19/01/2007|02:10] C:\DOCUME~1\BRUNO\APPLIC~1\Media Player Classic [07/02/2008|19:12] C:\DOCUME~1\BRUNO\APPLIC~1\Microsoft [25/07/2008|04:17] C:\DOCUME~1\BRUNO\APPLIC~1\Real [26/01/2008|19:56] C:\DOCUME~1\BRUNO\APPLIC~1\SlySoft [19/01/2007|03:41] C:\DOCUME~1\BRUNO\APPLIC~1\Sun [19/01/2007|02:30] C:\DOCUME~1\BRUNO\APPLIC~1\Winamp [09/10/2007|18:35] C:\DOCUME~1\BRUNO\APPLIC~1\XnView [17/01/2007|00:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [17/01/2007|00:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [29/07/2008|02:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [19/01/2007|01:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall [22/01/2007|14:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/01/2007|00:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [09/08/2008 04:22][--a------] C:\WINDOWS\tasks\SCHEDLGU.TXT [31/07/2008 22:21][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [11/08/2008 01:20][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [17/01/2007|00:38] C:\Program Files\Adobe [23/07/2008|03:51] C:\Program Files\akl [11/08/2008|01:22] C:\Program Files\AntiVir PersonalEdition Classic [09/01/2008|17:14] C:\Program Files\Apple Software Update [18/01/2007|23:29] C:\Program Files\ATI Technologies [18/01/2007|22:59] C:\Program Files\AvRack [17/01/2007|00:22] C:\Program Files\ComPlus Applications [10/04/2008|03:32] C:\Program Files\DivX [25/04/2008|19:02] C:\Program Files\EA GAMES [31/07/2008|19:47] C:\Program Files\Fichiers communs [17/11/2007|00:52] C:\Program Files\Google [23/07/2008|03:51] C:\Program Files\Inet Delivery [02/07/2008|20:02] C:\Program Files\InstallShield Installation Information [11/06/2008|19:05] C:\Program Files\Internet Explorer [08/02/2008|02:21] C:\Program Files\iPod [08/02/2008|02:21] C:\Program Files\iTunes [21/07/2008|01:10] C:\Program Files\Java [17/01/2007|00:32] C:\Program Files\JEUX [21/01/2008|19:45] C:\Program Files\Lavasoft [18/01/2007|23:10] C:\Program Files\Logitech [18/03/2007|19:19] C:\Program Files\Maxis [19/01/2007|01:10] C:\Program Files\McAfee.com [02/07/2008|19:50] C:\Program Files\Messenger [17/01/2007|00:25] C:\Program Files\microsoft frontpage [26/05/2007|12:25] C:\Program Files\Microsoft Games [17/01/2007|00:36] C:\Program Files\Microsoft Office [29/01/2008|03:55] C:\Program Files\Microsoft SQL Server Compact Edition [02/07/2008|19:50] C:\Program Files\Movie Maker [29/01/2008|03:01] C:\Program Files\MSECache [02/07/2008|19:50] C:\Program Files\msn [17/01/2007|00:22] C:\Program Files\MSN Gaming Zone [25/01/2007|20:42] C:\Program Files\Nero [02/07/2008|19:48] C:\Program Files\NetMeeting [19/01/2007|01:15] C:\Program Files\Neuf [02/07/2008|19:48] C:\Program Files\Outlook Express [23/07/2008|05:18] C:\Program Files\PCHealthCenter [09/12/2007|16:39] C:\Program Files\PDFCreator [12/12/2007|11:58] C:\Program Files\Prophet Soft [23/07/2008|03:51] C:\Program Files\qlztrmc [08/02/2008|02:18] C:\Program Files\QuickTime [24/11/2007|17:18] C:\Program Files\RAXCO [18/01/2007|22:59] C:\Program Files\Realtek AC97 [18/01/2007|22:59] C:\Program Files\Realtek Sound Manager [05/08/2008|19:53] C:\Program Files\rhcehgj0e709 [17/02/2008|04:42] C:\Program Files\SlySoft [06/08/2008|20:02] C:\Program Files\Spybot - Search & Destroy [23/07/2008|18:39] C:\Program Files\trcjgaf [17/01/2007|00:40] C:\Program Files\Uninstall Information [17/01/2007|00:31] C:\Program Files\UTILS [17/01/2007|00:36] C:\Program Files\Windows Journal Viewer [01/03/2008|19:30] C:\Program Files\Windows Live [17/01/2007|00:37] C:\Program Files\Windows Media Components [08/06/2007|19:21] C:\Program Files\Windows Media Connect 2 [02/07/2008|19:48] C:\Program Files\Windows Media Player [02/07/2008|19:48] C:\Program Files\Windows NT [17/01/2007|00:24] C:\Program Files\WindowsUpdate [17/01/2007|00:37] C:\Program Files\WMV9_VCM [17/01/2007|00:25] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [27/05/2008|22:38] C:\Program Files\Fichiers communs\Adobe [25/01/2007|20:42] C:\Program Files\Fichiers communs\Ahead [08/02/2008|02:20] C:\Program Files\Fichiers communs\Apple [18/01/2007|23:28] C:\Program Files\Fichiers communs\ATI Technologies [18/01/2007|23:25] C:\Program Files\Fichiers communs\InstallShield [17/01/2007|00:39] C:\Program Files\Fichiers communs\Java [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logishrd [07/12/2007|02:30] C:\Program Files\Fichiers communs\Logitech [29/01/2008|03:54] C:\Program Files\Fichiers communs\Microsoft Shared [17/01/2007|00:23] C:\Program Files\Fichiers communs\MSSoap [17/01/2007|00:11] C:\Program Files\Fichiers communs\ODBC [24/11/2007|17:21] C:\Program Files\Fichiers communs\Raxco [25/07/2008|02:08] C:\Program Files\Fichiers communs\Real [17/01/2007|00:23] C:\Program Files\Fichiers communs\Services [17/01/2007|00:11] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2008|19:48] C:\Program Files\Fichiers communs\System [29/01/2008|03:54] C:\Program Files\Fichiers communs\WindowsLiveInstaller [31/07/2008|19:47] C:\Program Files\Fichiers communs\Wise Installation Wizard [25/07/2008|02:08] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 54 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\BRUNO\Cookies\bruno@adultfriendfinder[2].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][1].txt C:\DOCUME~1\BRUNO\Cookies\[email protected][2].txt C:\DOCUME~1\BRUNO\Cookies\bruno@cotedazurpalace[1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-11 01:45:19 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 133 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\uCMUxGgh.ini C:\WINDOWS\system32\uCMUxGgh.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-117x1043374x3b2d8.url => C:\DOCUME~1\BRUNO\Favoris\http--www.inthecrack.com-tgp-146x1043374xd42be.url => C:\DOCUME~1\BRUNO\Favoris\nella .inthecrack.com-tgp-129x1054226x8fe42.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-024x1226481xffee8.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-026x1226481x8da35.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-028x1251006x996ba.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-032x1360096x04675.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-034x1226481x88b93.url => C:\DOCUME~1\BRUNO\Favoris\UP\http--www.inthecrack.com-tgp-098x1251006x9d763.url [F:91][D:7]-> C:\DOCUME~1\BRUNO\LOCALS~1\Temp [F:265][D:0]-> C:\DOCUME~1\BRUNO\Cookies [F:3927][D:26]-> C:\DOCUME~1\BRUNO\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 1:46:24,88 J'èspère que tout cela te renseigne d'avantage quant à mon problême, pour ma ma part, j'avoue humblement que du coup je suis dans le flou complêt et en plus il n'est même pas artistique...le flou Bon, vu l'heure qu'il est, je vais aller mettre mes yeux à dormir et faire de beaux rêves. Merçi encore et bonne nuit. CIAO et A+
×
×
  • Créer...