agatheyou

Membres

Afficher le profil Afficher son activité

Compteur de contenus
5
Inscription
le 1 septembre 2008
Dernière visite
le 5 septembre 2008

Autres informations

Mes langues
FRANCAIS

agatheyou's Achievements

Junior Member (3/12)

Réputation sur la communauté

spam cid

agatheyou a répondu à un(e) sujet de agatheyou dans Analyses et éradication malwares

mon ordinateur n'a plus de probleme de sapm cid deja pour commencer ensuite sincerement si tu ne m'avais pas dit qu'il y avait un probleme je n'aurais rien remarquer lol peut etre juste qu'il est un peu lent mais bon je n'en sais rien vu que c'est l'ordinateur d'une amie qui m'as demander de faire un peu le menage en tout cas meric pour ton aide!!!!!!!!!!! C:\Program Files\DeafOnlineSite moved successfully. C:\WINDOWS\system32\abeeg.bak1 moved successfully. C:\WINDOWS\system32\abeeg.ini moved successfully. C:\WINDOWS\system32\acbeg.bak1 moved successfully. C:\WINDOWS\system32\acbeg.ini moved successfully. C:\WINDOWS\system32\cbadd.bak1 moved successfully. C:\WINDOWS\system32\cbadd.ini moved successfully. C:\WINDOWS\system32\cbeeg.bak1 moved successfully. C:\WINDOWS\system32\cbeeg.ini moved successfully. C:\WINDOWS\system32\dfhkj.bak1 moved successfully. C:\WINDOWS\system32\dfhkj.ini moved successfully. C:\WINDOWS\system32\gjjlm.bak1 moved successfully. C:\WINDOWS\system32\gjjlm.ini moved successfully. C:\WINDOWS\system32\hhhkj.bak1 moved successfully. C:\WINDOWS\system32\hhhkj.ini moved successfully. C:\WINDOWS\system32\ihkmp.bak1 moved successfully. C:\WINDOWS\system32\ihkmp.bak2 moved successfully. C:\WINDOWS\system32\ihkmp.ini moved successfully. C:\WINDOWS\system32\ijkkj.bak1 moved successfully. C:\WINDOWS\system32\ijkkj.bak2 moved successfully. C:\WINDOWS\system32\ijkkj.ini moved successfully. C:\WINDOWS\system32\jlnmp.bak1 moved successfully. C:\WINDOWS\system32\jlnmp.ini moved successfully. C:\WINDOWS\system32\kjkkj.bak1 moved successfully. C:\WINDOWS\system32\kjkkj.ini moved successfully. C:\WINDOWS\system32\npqss.bak1 moved successfully. C:\WINDOWS\system32\npqss.ini moved successfully. C:\WINDOWS\system32\nqstv.bak1 moved successfully. C:\WINDOWS\system32\nqstv.bak2 moved successfully. C:\WINDOWS\system32\nqstv.ini moved successfully. C:\WINDOWS\system32\nqtss.bak1 moved successfully. C:\WINDOWS\system32\nqtss.ini moved successfully. C:\WINDOWS\system32\pqstv.bak1 moved successfully. C:\WINDOWS\system32\pqstv.ini moved successfully. C:\WINDOWS\system32\vybeg.bak1 moved successfully. C:\WINDOWS\system32\vybeg.ini moved successfully. C:\WINDOWS\system32\xbadd.bak1 moved successfully. C:\WINDOWS\system32\xbadd.bak2 moved successfully. C:\WINDOWS\system32\xbadd.ini moved successfully. C:\WINDOWS\system32\ybadd.bak1 moved successfully. C:\WINDOWS\system32\ybadd.ini moved successfully. C:\WINDOWS\system32\rtutv.bak2 moved successfully. C:\WINDOWS\system32\rtutv.ini moved successfully. File/Folder C:\WINDOWS\system32\ddabc.dll not found. File/Folder C:\WINDOWS\system32\ddabx.dll not found. File/Folder C:\WINDOWS\system32\gebyv.dll not found. File/Folder C:\WINDOWS\system32\geebc.dll not found. File/Folder C:\WINDOWS\system32\jkhfd.dll not found. File/Folder C:\WINDOWS\system32\jkkji.dll not found. File/Folder C:\WINDOWS\system32\jkkjk.dll not found. File/Folder C:\WINDOWS\system32\mljjg.dll not found. File/Folder C:\WINDOWS\system32\ssqpn.dll not found. File/Folder C:\WINDOWS\system32\sstqn.dll not found. File/Folder C:\WINDOWS\system32\vtsqp.dll not found. File/Folder C:\WINDOWS\system32\obdlpvsv.dll not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15c5fbd8-52bc-6a5b-ceb4-fd4bd7b92d58} > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15c5fbd8-52bc-6a5b-ceb4-fd4bd7b92d58}\\ not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddabc > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddabc \\ not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddabx > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddabx \\ not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebyv > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebyv\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\geebc > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\geebc \\ not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkhfd > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkhfd\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkji > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkji\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkjk > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkjk\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljjg > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mljjg\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqpn > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqpn \\ not found. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sstqn > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sstqn\\ deleted successfully. < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtsqp > Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtsqp\\ deleted successfully. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09042008_142207 rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:24:54, on 04/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\VPro610.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: {15c5fbd8-52bc-6a5b-ceb4-fd4bd7b92d58} - {85d29b7d-b4df-4bec-b5a6-cb258dbf5c51} - C:\WINDOWS\system32\obdlpvsv.dll (file missing) O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VProperty.lnk = C:\WINDOWS\VPro610.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neff...ffyLauncher.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0073744.dat O20 - Winlogon Notify: ddabc - C:\WINDOWS\system32\ddabc.dll (file missing) O20 - Winlogon Notify: ddabx - C:\WINDOWS\system32\ddabx.dll (file missing) O20 - Winlogon Notify: geebc - C:\WINDOWS\system32\geebc.dll (file missing) O20 - Winlogon Notify: ssqpn - C:\WINDOWS\system32\ssqpn.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 9543 bytes
- le 4 septembre 2008
- 9 réponses
spam cid

agatheyou a répondu à un(e) sujet de agatheyou dans Analyses et éradication malwares

re alors merci encore et encore j'ai fait la manip je sais pas si je l'ai faite correctement --------------------\\ Lop S&D 4.2.3-8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Turion 64 Mobile Technology ML-34 ) BIOS : Ver 1.00PARTTBL USER : Stephanie ( Administrator ) BOOT : Normal boot Antivirus : Norton 360 2007 (Activated) Firewall : Norton 360 2007 (Activated) "C:\Lop SD" ( MAJ : 31-08-2008|15:45 ) Option : [4] ( 03/09/2008|18:58 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@advertising[2].txt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/04/2006|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [04/07/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [04/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [29/10/2007|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [31/08/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [13/04/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [31/08/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [02/09/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LUUnInstall.LiveUpdate [19/01/2008|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/09/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [29/08/2008|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [24/06/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [13/04/2006|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [13/04/2006|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [02/09/2008|22:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [17/06/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [29/09/2007|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [13/04/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [13/04/2006|08:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [14/08/2008|19:04] C:\DOCUME~1\Julien\APPLIC~1\Microsoft [28/05/2007|17:35] C:\DOCUME~1\Julien\APPLIC~1\MSNInstaller [23/05/2007|12:18] C:\DOCUME~1\Julien\APPLIC~1\Sonic [03/06/2007|15:22] C:\DOCUME~1\Julien\APPLIC~1\Sun [13/01/2008|17:16] C:\DOCUME~1\Julien\APPLIC~1\Symantec [10/07/2007|15:52] C:\DOCUME~1\Julien\APPLIC~1\uTorrent [23/12/2007|17:41] C:\DOCUME~1\Julien\APPLIC~1\Windows Desktop Search [29/09/2007|09:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\Adobe [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\AdobeUM [14/08/2008|19:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Apple Computer [26/03/2007|11:20] C:\DOCUME~1\STEPHA~1\APPLIC~1\ArcSoft [17/09/2006|21:32] C:\DOCUME~1\STEPHA~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\STEPHA~1\APPLIC~1\desktop.ini [25/04/2007|18:18] C:\DOCUME~1\STEPHA~1\APPLIC~1\Google [01/12/2006|10:59] C:\DOCUME~1\STEPHA~1\APPLIC~1\Help [31/08/2006|17:55] C:\DOCUME~1\STEPHA~1\APPLIC~1\HP [13/04/2006|16:19] C:\DOCUME~1\STEPHA~1\APPLIC~1\Identities [14/08/2008|19:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Image Zone Express [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Leadertech [25/04/2007|18:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Macromedia [27/05/2007|12:12] C:\DOCUME~1\STEPHA~1\APPLIC~1\Media Player Classic [13/03/2008|20:16] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft [31/08/2006|18:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft Web Folders [17/06/2007|16:28] C:\DOCUME~1\STEPHA~1\APPLIC~1\MSNInstaller [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sonic [26/07/2007|21:03] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sun [02/09/2008|22:34] C:\DOCUME~1\STEPHA~1\APPLIC~1\Symantec [25/06/2007|22:05] C:\DOCUME~1\STEPHA~1\APPLIC~1\U3 [29/09/2007|11:17] C:\DOCUME~1\STEPHA~1\APPLIC~1\Windows Desktop Search --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [28/07/2008 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [03/09/2008 17:39][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/04/2006|08:41] C:\Program Files\Adobe [06/04/2007|12:21] C:\Program Files\Alice [25/04/2007|18:59] C:\Program Files\Alwil Software [13/04/2006|08:41] C:\Program Files\AMD [04/07/2008|22:19] C:\Program Files\Apple Software Update [13/04/2006|08:30] C:\Program Files\ATI Technologies [13/04/2006|16:19] C:\Program Files\ComPlus Applications [13/04/2006|07:23] C:\Program Files\CONEXANT [17/06/2007|18:16] C:\Program Files\Controle Parental [18/01/2008|23:28] C:\Program Files\DeafOnlineSite [15/02/2008|19:35] C:\Program Files\Dofus [02/09/2008|22:31] C:\Program Files\Fichiers communs [14/11/2007|12:13] C:\Program Files\Google [13/04/2006|09:12] C:\Program Files\Hewlett-Packard [31/08/2006|19:14] C:\Program Files\HP [31/08/2006|17:45] C:\Program Files\HPQ [17/06/2007|18:09] C:\Program Files\InstallShield Installation Information [29/08/2008|21:21] C:\Program Files\Internet Explorer [14/05/2007|10:04] C:\Program Files\Inventel [13/04/2006|08:33] C:\Program Files\Java [27/05/2007|12:10] C:\Program Files\K-Lite Codec Pack [29/08/2008|21:24] C:\Program Files\Messenger [05/07/2008|00:32] C:\Program Files\Messenger Plus! Live [18/06/2007|21:35] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [31/08/2006|18:29] C:\Program Files\microsoft frontpage [08/06/2007|17:42] C:\Program Files\Microsoft Office [29/09/2007|09:43] C:\Program Files\Microsoft SQL Server Compact Edition [31/08/2006|18:33] C:\Program Files\Microsoft Visual Studio [08/06/2007|17:27] C:\Program Files\Microsoft Works [08/06/2007|17:25] C:\Program Files\Microsoft.NET [14/08/2008|19:23] C:\Program Files\MioNet [13/04/2006|16:19] C:\Program Files\Movie Maker [08/06/2007|17:27] C:\Program Files\MSBuild [08/06/2007|17:14] C:\Program Files\MSECache [17/06/2007|16:28] C:\Program Files\MSN [13/04/2006|16:19] C:\Program Files\MSN Gaming Zone [29/09/2007|09:33] C:\Program Files\MSN Messenger [11/06/2007|22:02] C:\Program Files\MSXML 4.0 [27/06/2007|13:55] C:\Program Files\Neffy [17/02/2008|18:07] C:\Program Files\NetMeeting [03/09/2008|17:55] C:\Program Files\Norton 360 [13/04/2006|16:19] C:\Program Files\Online Services [13/06/2007|22:09] C:\Program Files\Outlook Express [26/03/2007|11:14] C:\Program Files\Philips [04/07/2008|22:21] C:\Program Files\QuickTime [13/04/2006|09:09] C:\Program Files\Services en ligne [18/11/2007|21:57] C:\Program Files\Silkroad [13/04/2006|08:56] C:\Program Files\Sonic [02/09/2008|22:32] C:\Program Files\Symantec [13/04/2006|08:58] C:\Program Files\Synaptics [01/09/2008|20:51] C:\Program Files\Trend Micro [13/04/2006|16:19] C:\Program Files\Uninstall Information [29/09/2007|09:39] C:\Program Files\Windows Desktop Search [27/02/2008|22:35] C:\Program Files\Windows Live [25/08/2008|19:38] C:\Program Files\Windows Live Toolbar [13/04/2006|09:10] C:\Program Files\Windows Media Player [13/04/2006|16:19] C:\Program Files\Windows NT [02/09/2008|22:30] C:\Program Files\Windows Sidebar [13/04/2006|16:19] C:\Program Files\WindowsUpdate [13/04/2006|16:19] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [24/05/2007|22:50] C:\Program Files\Fichiers communs\Adobe [26/03/2007|11:15] C:\Program Files\Fichiers communs\ArcSoft [31/08/2006|18:33] C:\Program Files\Fichiers communs\Designer [31/08/2006|19:09] C:\Program Files\Fichiers communs\Hewlett-Packard [13/04/2006|08:42] C:\Program Files\Fichiers communs\HP [13/04/2006|08:57] C:\Program Files\Fichiers communs\InstallShield [13/04/2006|08:33] C:\Program Files\Fichiers communs\Java [13/04/2006|09:12] C:\Program Files\Fichiers communs\LightScribe [02/09/2008|21:49] C:\Program Files\Fichiers communs\Microsoft Shared [13/04/2006|16:19] C:\Program Files\Fichiers communs\MSSoap [13/04/2006|16:19] C:\Program Files\Fichiers communs\ODBC [13/04/2006|16:19] C:\Program Files\Fichiers communs\Services [13/04/2006|08:56] C:\Program Files\Fichiers communs\Sonic Shared [26/03/2007|11:15] C:\Program Files\Fichiers communs\SPC610NC [13/04/2006|16:19] C:\Program Files\Fichiers communs\SpeechEngines [13/04/2006|08:56] C:\Program Files\Fichiers communs\SureThing Shared [03/09/2008|17:39] C:\Program Files\Fichiers communs\Symantec Shared [13/06/2007|22:09] C:\Program Files\Fichiers communs\System [13/04/2006|08:56] C:\Program Files\Fichiers communs\TiVo Shared --------------------\\ Process ( 47 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-03 18:59:48 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 188 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\abeeg.bak1 C:\WINDOWS\system32\abeeg.ini C:\WINDOWS\system32\acbeg.bak1 C:\WINDOWS\system32\acbeg.ini C:\WINDOWS\system32\cbadd.bak1 C:\WINDOWS\system32\cbadd.ini C:\WINDOWS\system32\cbeeg.bak1 C:\WINDOWS\system32\cbeeg.ini C:\WINDOWS\system32\dfhkj.bak1 C:\WINDOWS\system32\dfhkj.ini C:\WINDOWS\system32\gjjlm.bak1 C:\WINDOWS\system32\gjjlm.ini C:\WINDOWS\system32\hhhkj.bak1 C:\WINDOWS\system32\hhhkj.ini C:\WINDOWS\system32\ihkmp.bak1 C:\WINDOWS\system32\ihkmp.bak2 C:\WINDOWS\system32\ihkmp.ini C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.bak2 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\jlnmp.bak1 C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\kjkkj.bak1 C:\WINDOWS\system32\kjkkj.ini C:\WINDOWS\system32\npqss.bak1 C:\WINDOWS\system32\npqss.ini C:\WINDOWS\system32\nqstv.bak1 C:\WINDOWS\system32\nqstv.bak2 C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\nqtss.bak1 C:\WINDOWS\system32\nqtss.ini C:\WINDOWS\system32\pqstv.bak1 C:\WINDOWS\system32\pqstv.ini C:\WINDOWS\system32\vybeg.bak1 C:\WINDOWS\system32\vybeg.ini C:\WINDOWS\system32\xbadd.bak1 C:\WINDOWS\system32\xbadd.bak2 C:\WINDOWS\system32\xbadd.ini C:\WINDOWS\system32\ybadd.bak1 C:\WINDOWS\system32\ybadd.ini C:\WINDOWS\system32\rtutv.bak2 C:\WINDOWS\system32\rtutv.ini ==> VUNDO <== [F:17][D:1]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp [F:345][D:0]-> C:\DOCUME~1\STEPHA~1\Cookies [F:785][D:17]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 01/09/2008| 9:01 - Option : [1] 1 - 01/09/2008|21:01 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 01/09/2008|21:01 - Option : [1] 3 - 02/09/2008|19:09 - Option : [2] 5 - "C:\Lop SD\LopR_5.txt" - 02/09/2008|19:09 - Option : [2] 5 - 02/09/2008|21:34 - Option : [1] 7 - "C:\Lop SD\LopR_7.txt" - 02/09/2008|21:34 - Option : [1] 7 - 02/09/2008|21:37 - Option : [2] 9 - "C:\Lop SD\LopR_9.txt" - 02/09/2008|21:37 - Option : [2] 9 - 03/09/2008|19:00 - Option : [4] 11 - "C:\Lop SD\LopR_11.txt" - 03/09/2008|19:00 - Option : [4] --------------------\\ Fin du rapport a 19:01:00 voila !!!!!! :P :P
- le 3 septembre 2008
- 9 réponses
spam cid

agatheyou a répondu à un(e) sujet de agatheyou dans Analyses et éradication malwares

pour l'adware vundo je n'ai rien fit j'ai untiliser ad aware sur les conseils de mon pere je ne sais pas trop a quoi cela a servi mais bon ... En tout cas encore merci!!!!!!!!!!!!!!! --------------------\\ Lop S&D 4.2.3-8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Turion 64 Mobile Technology ML-34 ) BIOS : Ver 1.00PARTTBL USER : Stephanie ( Administrator ) BOOT : Normal boot Antivirus : Norton 360 2007 (Activated) Firewall : Norton 360 2007 (Activated) "C:\Lop SD" ( MAJ : 31-08-2008|15:45 ) Option : [2] ( 02/09/2008|19:07 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Soap this.exe Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@bizadverts[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@d2.advertserve[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@adex.bigpoint[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@casinoking[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.cotedazurpalace[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@cotedazurpalace[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@adopt.euroclick[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@sr2.livemediasrv[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@sr2.livemediasrv[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@partypoker[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@partypoker[3].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.32vegas[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@www.lop[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@2xmoinscher[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@www.2xmoinscher[2].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@888[1].txt Supprime! - C:\DOCUME~1\STEPHA~1\Cookies\stephanie@888[2].txt Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf Supprime! - C:\Program Files\Circle Developement \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13/04/2006|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [04/07/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [04/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [29/10/2007|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [31/08/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [13/04/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [31/08/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [19/01/2008|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/09/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [29/08/2008|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [24/06/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [13/04/2006|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [13/04/2006|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [02/09/2008|18:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [17/06/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [29/09/2007|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [13/04/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [13/04/2006|08:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [14/08/2008|19:04] C:\DOCUME~1\Julien\APPLIC~1\Microsoft [28/05/2007|17:35] C:\DOCUME~1\Julien\APPLIC~1\MSNInstaller [23/05/2007|12:18] C:\DOCUME~1\Julien\APPLIC~1\Sonic [03/06/2007|15:22] C:\DOCUME~1\Julien\APPLIC~1\Sun [13/01/2008|17:16] C:\DOCUME~1\Julien\APPLIC~1\Symantec [10/07/2007|15:52] C:\DOCUME~1\Julien\APPLIC~1\uTorrent [23/12/2007|17:41] C:\DOCUME~1\Julien\APPLIC~1\Windows Desktop Search [29/09/2007|09:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\Adobe [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\AdobeUM [14/08/2008|19:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Apple Computer [26/03/2007|11:20] C:\DOCUME~1\STEPHA~1\APPLIC~1\ArcSoft [17/09/2006|21:32] C:\DOCUME~1\STEPHA~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\STEPHA~1\APPLIC~1\desktop.ini [25/04/2007|18:18] C:\DOCUME~1\STEPHA~1\APPLIC~1\Google [01/12/2006|10:59] C:\DOCUME~1\STEPHA~1\APPLIC~1\Help [31/08/2006|17:55] C:\DOCUME~1\STEPHA~1\APPLIC~1\HP [13/04/2006|16:19] C:\DOCUME~1\STEPHA~1\APPLIC~1\Identities [14/08/2008|19:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Image Zone Express [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Leadertech [25/04/2007|18:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Macromedia [27/05/2007|12:12] C:\DOCUME~1\STEPHA~1\APPLIC~1\Media Player Classic [13/03/2008|20:16] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft [31/08/2006|18:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft Web Folders [17/06/2007|16:28] C:\DOCUME~1\STEPHA~1\APPLIC~1\MSNInstaller [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sonic [26/07/2007|21:03] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sun [29/11/2007|22:32] C:\DOCUME~1\STEPHA~1\APPLIC~1\Symantec [25/06/2007|22:05] C:\DOCUME~1\STEPHA~1\APPLIC~1\U3 [29/09/2007|11:17] C:\DOCUME~1\STEPHA~1\APPLIC~1\Windows Desktop Search --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [28/07/2008 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [02/09/2008 18:08][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/04/2006|08:41] C:\Program Files\Adobe [06/04/2007|12:21] C:\Program Files\Alice [25/04/2007|18:59] C:\Program Files\Alwil Software [13/04/2006|08:41] C:\Program Files\AMD [04/07/2008|22:19] C:\Program Files\Apple Software Update [13/04/2006|08:30] C:\Program Files\ATI Technologies [13/04/2006|16:19] C:\Program Files\ComPlus Applications [13/04/2006|07:23] C:\Program Files\CONEXANT [17/06/2007|18:16] C:\Program Files\Controle Parental [18/01/2008|23:28] C:\Program Files\DeafOnlineSite [15/02/2008|19:35] C:\Program Files\Dofus [31/08/2008|15:50] C:\Program Files\Fichiers communs [14/11/2007|12:13] C:\Program Files\Google [13/04/2006|09:12] C:\Program Files\Hewlett-Packard [31/08/2006|19:14] C:\Program Files\HP [31/08/2006|17:45] C:\Program Files\HPQ [17/06/2007|18:09] C:\Program Files\InstallShield Installation Information [29/08/2008|21:21] C:\Program Files\Internet Explorer [14/05/2007|10:04] C:\Program Files\Inventel [13/04/2006|08:33] C:\Program Files\Java [27/05/2007|12:10] C:\Program Files\K-Lite Codec Pack [29/08/2008|21:24] C:\Program Files\Messenger [05/07/2008|00:32] C:\Program Files\Messenger Plus! Live [18/06/2007|21:35] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [31/08/2006|18:29] C:\Program Files\microsoft frontpage [08/06/2007|17:42] C:\Program Files\Microsoft Office [29/09/2007|09:43] C:\Program Files\Microsoft SQL Server Compact Edition [31/08/2006|18:33] C:\Program Files\Microsoft Visual Studio [08/06/2007|17:27] C:\Program Files\Microsoft Works [08/06/2007|17:25] C:\Program Files\Microsoft.NET [14/08/2008|19:23] C:\Program Files\MioNet [13/04/2006|16:19] C:\Program Files\Movie Maker [08/06/2007|17:27] C:\Program Files\MSBuild [08/06/2007|17:14] C:\Program Files\MSECache [17/06/2007|16:28] C:\Program Files\MSN [13/04/2006|16:19] C:\Program Files\MSN Gaming Zone [29/09/2007|09:33] C:\Program Files\MSN Messenger [11/06/2007|22:02] C:\Program Files\MSXML 4.0 [27/06/2007|13:55] C:\Program Files\Neffy [17/02/2008|18:07] C:\Program Files\NetMeeting [09/07/2008|21:46] C:\Program Files\Norton 360 [13/04/2006|16:19] C:\Program Files\Online Services [13/06/2007|22:09] C:\Program Files\Outlook Express [26/03/2007|11:14] C:\Program Files\Philips [04/07/2008|22:21] C:\Program Files\QuickTime [13/04/2006|09:09] C:\Program Files\Services en ligne [18/11/2007|21:57] C:\Program Files\Silkroad [13/04/2006|08:56] C:\Program Files\Sonic [31/05/2008|14:00] C:\Program Files\Symantec [13/04/2006|08:58] C:\Program Files\Synaptics [01/09/2008|20:51] C:\Program Files\Trend Micro [13/04/2006|16:19] C:\Program Files\Uninstall Information [29/09/2007|09:39] C:\Program Files\Windows Desktop Search [27/02/2008|22:35] C:\Program Files\Windows Live [25/08/2008|19:38] C:\Program Files\Windows Live Toolbar [13/04/2006|09:10] C:\Program Files\Windows Media Player [13/04/2006|16:19] C:\Program Files\Windows NT [13/04/2006|16:19] C:\Program Files\WindowsUpdate [13/04/2006|16:19] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [24/05/2007|22:50] C:\Program Files\Fichiers communs\Adobe [26/03/2007|11:15] C:\Program Files\Fichiers communs\ArcSoft [31/08/2006|18:33] C:\Program Files\Fichiers communs\Designer [31/08/2006|19:09] C:\Program Files\Fichiers communs\Hewlett-Packard [13/04/2006|08:42] C:\Program Files\Fichiers communs\HP [13/04/2006|08:57] C:\Program Files\Fichiers communs\InstallShield [13/04/2006|08:33] C:\Program Files\Fichiers communs\Java [13/04/2006|09:12] C:\Program Files\Fichiers communs\LightScribe [29/08/2008|21:16] C:\Program Files\Fichiers communs\Microsoft Shared [13/04/2006|16:19] C:\Program Files\Fichiers communs\MSSoap [13/04/2006|16:19] C:\Program Files\Fichiers communs\ODBC [13/04/2006|16:19] C:\Program Files\Fichiers communs\Services [13/04/2006|08:56] C:\Program Files\Fichiers communs\Sonic Shared [26/03/2007|11:15] C:\Program Files\Fichiers communs\SPC610NC [13/04/2006|16:19] C:\Program Files\Fichiers communs\SpeechEngines [13/04/2006|08:56] C:\Program Files\Fichiers communs\SureThing Shared [31/08/2008|11:36] C:\Program Files\Fichiers communs\Symantec Shared [13/06/2007|22:09] C:\Program Files\Fichiers communs\System [13/04/2006|08:56] C:\Program Files\Fichiers communs\TiVo Shared --------------------\\ Process ( 45 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\STEPHA~1\Cookies\stephanie@advertising[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.casinoking[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@casinoking[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@pacificpoker[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@32vegas[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.32vegas[3].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-02 19:08:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 188 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\abeeg.bak1 C:\WINDOWS\system32\abeeg.ini C:\WINDOWS\system32\acbeg.bak1 C:\WINDOWS\system32\acbeg.ini C:\WINDOWS\system32\cbadd.bak1 C:\WINDOWS\system32\cbadd.ini C:\WINDOWS\system32\cbeeg.bak1 C:\WINDOWS\system32\cbeeg.ini C:\WINDOWS\system32\dfhkj.bak1 C:\WINDOWS\system32\dfhkj.ini C:\WINDOWS\system32\gjjlm.bak1 C:\WINDOWS\system32\gjjlm.ini C:\WINDOWS\system32\hhhkj.bak1 C:\WINDOWS\system32\hhhkj.ini C:\WINDOWS\system32\ihkmp.bak1 C:\WINDOWS\system32\ihkmp.bak2 C:\WINDOWS\system32\ihkmp.ini C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.bak2 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\jlnmp.bak1 C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\kjkkj.bak1 C:\WINDOWS\system32\kjkkj.ini C:\WINDOWS\system32\npqss.bak1 C:\WINDOWS\system32\npqss.ini C:\WINDOWS\system32\nqstv.bak1 C:\WINDOWS\system32\nqstv.bak2 C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\nqtss.bak1 C:\WINDOWS\system32\nqtss.ini C:\WINDOWS\system32\pqstv.bak1 C:\WINDOWS\system32\pqstv.ini C:\WINDOWS\system32\vybeg.bak1 C:\WINDOWS\system32\vybeg.ini C:\WINDOWS\system32\xbadd.bak1 C:\WINDOWS\system32\xbadd.bak2 C:\WINDOWS\system32\xbadd.ini C:\WINDOWS\system32\ybadd.bak1 C:\WINDOWS\system32\ybadd.ini C:\WINDOWS\system32\rtutv.bak2 C:\WINDOWS\system32\rtutv.ini ==> VUNDO <== [F:52][D:5]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp [F:808][D:0]-> C:\DOCUME~1\STEPHA~1\Cookies [F:8692][D:17]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 01/09/2008| 9:01 - Option : [1] 1 - 01/09/2008|21:01 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 01/09/2008|21:01 - Option : [1] 3 - 02/09/2008|19:09 - Option : [2] 5 - "C:\Lop SD\LopR_5.txt" - 02/09/2008|19:09 - Option : [2] --------------------\\ Fin du rapport a 19:09:50
- le 2 septembre 2008
- 9 réponses
spam cid

agatheyou a répondu à un(e) sujet de agatheyou dans Analyses et éradication malwares

MERCI DE TON AIDE VOICI LE RAPPORT HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:53:53, on 01/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\VPro610.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: {15c5fbd8-52bc-6a5b-ceb4-fd4bd7b92d58} - {85d29b7d-b4df-4bec-b5a6-cb258dbf5c51} - C:\WINDOWS\system32\obdlpvsv.dll (file missing) O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\Soap this.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VProperty.lnk = C:\WINDOWS\VPro610.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neff...ffyLauncher.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0073744.dat O20 - Winlogon Notify: ddabc - C:\WINDOWS\system32\ddabc.dll (file missing) O20 - Winlogon Notify: ddabx - C:\WINDOWS\system32\ddabx.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\system32\gebyv.dll (file missing) O20 - Winlogon Notify: geebc - C:\WINDOWS\system32\geebc.dll (file missing) O20 - Winlogon Notify: jkhfd - C:\WINDOWS\system32\jkhfd.dll (file missing) O20 - Winlogon Notify: jkkji - C:\WINDOWS\system32\jkkji.dll (file missing) O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing) O20 - Winlogon Notify: mljjg - C:\WINDOWS\system32\mljjg.dll (file missing) O20 - Winlogon Notify: ssqpn - C:\WINDOWS\system32\ssqpn.dll (file missing) O20 - Winlogon Notify: sstqn - C:\WINDOWS\system32\sstqn.dll (file missing) O20 - Winlogon Notify: vtsqp - C:\WINDOWS\system32\vtsqp.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 10122 bytes PUIS ENFIN LE RAPPORT LOP S&D --------------------\\ Lop S&D 4.2.3-8 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : AMD Turion 64 Mobile Technology ML-34 ) BIOS : Ver 1.00PARTTBL USER : Stephanie ( Administrator ) BOOT : Normal boot Antivirus : Norton 360 2007 (Activated) Firewall : Norton 360 2007 (Activated) "C:\Lop SD" ( MAJ : 31-08-2008|15:45 ) Option : [1] ( 01/09/2008|20:58 ) --------------------\\ Listing des dossiers dans APPLIC~1 [13/04/2006|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [04/07/2008|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [04/07/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [29/10/2007|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [13/04/2006|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [31/08/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [13/04/2006|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [31/08/2008|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [19/01/2008|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [29/09/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [29/08/2008|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help [24/06/2007|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [13/04/2006|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [13/04/2006|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic [01/09/2008|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [18/01/2008|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf [17/06/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [29/09/2007|09:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [13/04/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [13/04/2006|08:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [14/08/2008|19:04] C:\DOCUME~1\Julien\APPLIC~1\Microsoft [28/05/2007|17:35] C:\DOCUME~1\Julien\APPLIC~1\MSNInstaller [23/05/2007|12:18] C:\DOCUME~1\Julien\APPLIC~1\Sonic [03/06/2007|15:22] C:\DOCUME~1\Julien\APPLIC~1\Sun [13/01/2008|17:16] C:\DOCUME~1\Julien\APPLIC~1\Symantec [10/07/2007|15:52] C:\DOCUME~1\Julien\APPLIC~1\uTorrent [23/12/2007|17:41] C:\DOCUME~1\Julien\APPLIC~1\Windows Desktop Search [29/09/2007|09:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities [29/09/2007|09:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\Adobe [24/05/2007|22:50] C:\DOCUME~1\STEPHA~1\APPLIC~1\AdobeUM [14/08/2008|19:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Apple Computer [26/03/2007|11:20] C:\DOCUME~1\STEPHA~1\APPLIC~1\ArcSoft [17/09/2006|21:32] C:\DOCUME~1\STEPHA~1\APPLIC~1\CyberLink [17/08/2004|13:06] C:\DOCUME~1\STEPHA~1\APPLIC~1\desktop.ini [25/04/2007|18:18] C:\DOCUME~1\STEPHA~1\APPLIC~1\Google [01/12/2006|10:59] C:\DOCUME~1\STEPHA~1\APPLIC~1\Help [31/08/2006|17:55] C:\DOCUME~1\STEPHA~1\APPLIC~1\HP [13/04/2006|16:19] C:\DOCUME~1\STEPHA~1\APPLIC~1\Identities [14/08/2008|19:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Image Zone Express [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Leadertech [25/04/2007|18:23] C:\DOCUME~1\STEPHA~1\APPLIC~1\Macromedia [27/05/2007|12:12] C:\DOCUME~1\STEPHA~1\APPLIC~1\Media Player Classic [13/03/2008|20:16] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft [31/08/2006|18:29] C:\DOCUME~1\STEPHA~1\APPLIC~1\Microsoft Web Folders [17/06/2007|16:28] C:\DOCUME~1\STEPHA~1\APPLIC~1\MSNInstaller [20/11/2006|19:49] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sonic [26/07/2007|21:03] C:\DOCUME~1\STEPHA~1\APPLIC~1\Sun [29/11/2007|22:32] C:\DOCUME~1\STEPHA~1\APPLIC~1\Symantec [25/06/2007|22:05] C:\DOCUME~1\STEPHA~1\APPLIC~1\U3 [29/09/2007|11:17] C:\DOCUME~1\STEPHA~1\APPLIC~1\Windows Desktop Search --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [28/07/2008 16:18][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [01/09/2008 19:38][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/2004 10:00][-rah-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13/04/2006|08:41] C:\Program Files\Adobe [06/04/2007|12:21] C:\Program Files\Alice [25/04/2007|18:59] C:\Program Files\Alwil Software [13/04/2006|08:41] C:\Program Files\AMD [04/07/2008|22:19] C:\Program Files\Apple Software Update [13/04/2006|08:30] C:\Program Files\ATI Technologies [14/03/2008|12:58] C:\Program Files\Circle Developement [13/04/2006|16:19] C:\Program Files\ComPlus Applications [13/04/2006|07:23] C:\Program Files\CONEXANT [17/06/2007|18:16] C:\Program Files\Controle Parental [18/01/2008|23:28] C:\Program Files\DeafOnlineSite [15/02/2008|19:35] C:\Program Files\Dofus [31/08/2008|15:50] C:\Program Files\Fichiers communs [14/11/2007|12:13] C:\Program Files\Google [13/04/2006|09:12] C:\Program Files\Hewlett-Packard [31/08/2006|19:14] C:\Program Files\HP [31/08/2006|17:45] C:\Program Files\HPQ [17/06/2007|18:09] C:\Program Files\InstallShield Installation Information [29/08/2008|21:21] C:\Program Files\Internet Explorer [14/05/2007|10:04] C:\Program Files\Inventel [13/04/2006|08:33] C:\Program Files\Java [27/05/2007|12:10] C:\Program Files\K-Lite Codec Pack [29/08/2008|21:24] C:\Program Files\Messenger [05/07/2008|00:32] C:\Program Files\Messenger Plus! Live [18/06/2007|21:35] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [31/08/2006|18:29] C:\Program Files\microsoft frontpage [08/06/2007|17:42] C:\Program Files\Microsoft Office [29/09/2007|09:43] C:\Program Files\Microsoft SQL Server Compact Edition [31/08/2006|18:33] C:\Program Files\Microsoft Visual Studio [08/06/2007|17:27] C:\Program Files\Microsoft Works [08/06/2007|17:25] C:\Program Files\Microsoft.NET [14/08/2008|19:23] C:\Program Files\MioNet [13/04/2006|16:19] C:\Program Files\Movie Maker [08/06/2007|17:27] C:\Program Files\MSBuild [08/06/2007|17:14] C:\Program Files\MSECache [17/06/2007|16:28] C:\Program Files\MSN [13/04/2006|16:19] C:\Program Files\MSN Gaming Zone [29/09/2007|09:33] C:\Program Files\MSN Messenger [11/06/2007|22:02] C:\Program Files\MSXML 4.0 [27/06/2007|13:55] C:\Program Files\Neffy [17/02/2008|18:07] C:\Program Files\NetMeeting [09/07/2008|21:46] C:\Program Files\Norton 360 [13/04/2006|16:19] C:\Program Files\Online Services [13/06/2007|22:09] C:\Program Files\Outlook Express [26/03/2007|11:14] C:\Program Files\Philips [04/07/2008|22:21] C:\Program Files\QuickTime [13/04/2006|09:09] C:\Program Files\Services en ligne [18/11/2007|21:57] C:\Program Files\Silkroad [13/04/2006|08:56] C:\Program Files\Sonic [31/05/2008|14:00] C:\Program Files\Symantec [13/04/2006|08:58] C:\Program Files\Synaptics [01/09/2008|20:51] C:\Program Files\Trend Micro [13/04/2006|16:19] C:\Program Files\Uninstall Information [29/09/2007|09:39] C:\Program Files\Windows Desktop Search [27/02/2008|22:35] C:\Program Files\Windows Live [25/08/2008|19:38] C:\Program Files\Windows Live Toolbar [13/04/2006|09:10] C:\Program Files\Windows Media Player [13/04/2006|16:19] C:\Program Files\Windows NT [13/04/2006|16:19] C:\Program Files\WindowsUpdate [13/04/2006|16:19] C:\Program Files\xerox --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [24/05/2007|22:50] C:\Program Files\Fichiers communs\Adobe [26/03/2007|11:15] C:\Program Files\Fichiers communs\ArcSoft [31/08/2006|18:33] C:\Program Files\Fichiers communs\Designer [31/08/2006|19:09] C:\Program Files\Fichiers communs\Hewlett-Packard [13/04/2006|08:42] C:\Program Files\Fichiers communs\HP [13/04/2006|08:57] C:\Program Files\Fichiers communs\InstallShield [13/04/2006|08:33] C:\Program Files\Fichiers communs\Java [13/04/2006|09:12] C:\Program Files\Fichiers communs\LightScribe [29/08/2008|21:16] C:\Program Files\Fichiers communs\Microsoft Shared [13/04/2006|16:19] C:\Program Files\Fichiers communs\MSSoap [13/04/2006|16:19] C:\Program Files\Fichiers communs\ODBC [13/04/2006|16:19] C:\Program Files\Fichiers communs\Services [13/04/2006|08:56] C:\Program Files\Fichiers communs\Sonic Shared [26/03/2007|11:15] C:\Program Files\Fichiers communs\SPC610NC [13/04/2006|16:19] C:\Program Files\Fichiers communs\SpeechEngines [13/04/2006|08:56] C:\Program Files\Fichiers communs\SureThing Shared [31/08/2008|11:36] C:\Program Files\Fichiers communs\Symantec Shared [13/06/2007|22:09] C:\Program Files\Fichiers communs\System [13/04/2006|08:56] C:\Program Files\Fichiers communs\TiVo Shared --------------------\\ Process ( 49 Processus ) IEXPLORE.EXE ~ [PID:2804] iexplore.exe ~ [PID:1472] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\Soap this.exe C:\Program Files\Circle Developement C:\DOCUME~1\STEPHA~1\Cookies\stephanie@bizadverts[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@d2.advertserve[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@advertising[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@adex.bigpoint[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@casinoking[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.cotedazurpalace[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@cotedazurpalace[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@adopt.euroclick[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@sr2.livemediasrv[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@sr2.livemediasrv[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@partypoker[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@partypoker[3].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@32vegas[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@banner.32vegas[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@www.lop[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@2xmoinscher[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@www.2xmoinscher[2].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@888[1].txt C:\DOCUME~1\STEPHA~1\Cookies\stephanie@888[2].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "close surf mail dupe"="C:\\Documents and Settings\\All Users\\Application Data\\Tick Find Close Surf\\Soap this.exe" --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-01 20:59:18 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 188 --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\abeeg.bak1 C:\WINDOWS\system32\abeeg.ini C:\WINDOWS\system32\acbeg.bak1 C:\WINDOWS\system32\acbeg.ini C:\WINDOWS\system32\cbadd.bak1 C:\WINDOWS\system32\cbadd.ini C:\WINDOWS\system32\cbeeg.bak1 C:\WINDOWS\system32\cbeeg.ini C:\WINDOWS\system32\dfhkj.bak1 C:\WINDOWS\system32\dfhkj.ini C:\WINDOWS\system32\gjjlm.bak1 C:\WINDOWS\system32\gjjlm.ini C:\WINDOWS\system32\hhhkj.bak1 C:\WINDOWS\system32\hhhkj.ini C:\WINDOWS\system32\ihkmp.bak1 C:\WINDOWS\system32\ihkmp.bak2 C:\WINDOWS\system32\ihkmp.ini C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.bak2 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\jlnmp.bak1 C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\kjkkj.bak1 C:\WINDOWS\system32\kjkkj.ini C:\WINDOWS\system32\npqss.bak1 C:\WINDOWS\system32\npqss.ini C:\WINDOWS\system32\nqstv.bak1 C:\WINDOWS\system32\nqstv.bak2 C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\nqtss.bak1 C:\WINDOWS\system32\nqtss.ini C:\WINDOWS\system32\pqstv.bak1 C:\WINDOWS\system32\pqstv.ini C:\WINDOWS\system32\vybeg.bak1 C:\WINDOWS\system32\vybeg.ini C:\WINDOWS\system32\xbadd.bak1 C:\WINDOWS\system32\xbadd.bak2 C:\WINDOWS\system32\xbadd.ini C:\WINDOWS\system32\ybadd.bak1 C:\WINDOWS\system32\ybadd.ini C:\WINDOWS\system32\rtutv.bak2 C:\WINDOWS\system32\rtutv.ini ==> VUNDO <== [F:44][D:5]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp [F:813][D:0]-> C:\DOCUME~1\STEPHA~1\Cookies [F:7811][D:17]-> C:\DOCUME~1\STEPHA~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 01/09/2008| 9:01 - Option : [1] 1 - 01/09/2008|21:01 - Option : [1] 3 - "C:\Lop SD\LopR_3.txt" - 01/09/2008|21:01 - Option : [1] --------------------\\ Fin du rapport a 21:01:00 Encore merci !!
- le 1 septembre 2008
- 9 réponses
spam cid

agatheyou a posté un sujet dans Analyses et éradication malwares

Bonjour j'ai vu qu'il y avait deja pas mal de sujet la dessus mais pourriez vous m'aider svp. En effet g des fenetres de pub CID qui s'ouvre toutes les cinqs minutes je ne sais plus comment faire pour m'en debarasser merci d'avance pour votre aide.
- le 1 septembre 2008
- 9 réponses

Connexion

agatheyou

Compteur de contenus

Inscription

Dernière visite

Autres informations

agatheyou's Achievements

Junior Member (3/12)

Réputation sur la communauté

spam cid

spam cid

spam cid

spam cid

spam cid

Zebulon

Outils en ligne

Naviguer