Aller au contenu

charlotte06

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    28

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par charlotte06

  1. charlotte06
    bonjour, merci a vous de me repondre aussi vite. Je vous envoie le rapport du scan. --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.20GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:186 Go (Free:164 Go) D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total:37 Go (Free:35 Go) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [2] ( 26/11/2008|14:10 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping\README INFO.exe Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\city internet gram.exe Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\closeknobbitswma.exe Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\Pile Heck Bleh.exe Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\pyjgkjxd.exe Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.casinoking[2].txt Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@casinoking[1].txt Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[1].txt Supprime! - C:\DOCUME~1\ADMINI~1\Cookies\administrateur@pacificpoker[2].txt Supprime! - C:\WINDOWS\Tasks\ABFF08EE9194BE52.job Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1 Supprime! - C:\Program Files\itchhi~1 Supprime! - C:\Program Files\Circle Developement \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [14/09/2008|16:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead [24/08/2008|22:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft [19/07/2008|13:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google [22/08/2008|23:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help [17/07/2008|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [24/08/2008|18:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [18/11/2008|13:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/11/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Spyware Terminator [30/08/2008|15:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\U3 [17/07/2008|10:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR [14/09/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [17/07/2008|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [17/07/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [17/07/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [17/07/2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [24/08/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [17/11/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/11/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [17/07/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [19/07/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [24/11/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator [22/11/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/07/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [19/11/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/07/2008|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [17/07/2008|09:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [17/07/2008|09:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/11/2008|16:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/11/2008 13:50][--ah-----] C:\WINDOWS\tasks\SA.DAT [02/10/2001 17:16][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [19/07/2008|12:50] C:\Program Files\ANI [24/08/2008|18:22] C:\Program Files\ArcSoft [17/07/2008|10:03] C:\Program Files\Avira [17/07/2008|09:54] C:\Program Files\CCleaner [17/07/2008|08:59] C:\Program Files\ComPlus Applications [17/07/2008|10:13] C:\Program Files\CyberLink [24/08/2008|18:20] C:\Program Files\Digital Video [17/07/2008|10:10] C:\Program Files\DivX [19/07/2008|12:50] C:\Program Files\D-Link [17/07/2008|10:38] C:\Program Files\DVD Shrink [19/07/2008|13:19] C:\Program Files\DVDFab Decrypter 3 [24/08/2008|18:22] C:\Program Files\Fichiers communs [17/07/2008|10:16] C:\Program Files\Google [10/09/2008|18:02] C:\Program Files\InstallShield Installation Information [17/07/2008|09:57] C:\Program Files\Intel [19/11/2008|14:09] C:\Program Files\Internet Explorer [22/08/2008|23:08] C:\Program Files\Livre Album Fuji Photo [17/11/2008|19:42] C:\Program Files\Messenger Plus! Live [17/07/2008|09:04] C:\Program Files\microsoft frontpage [19/11/2008|14:16] C:\Program Files\Microsoft SQL Server Compact Edition [17/07/2008|09:04] C:\Program Files\movie maker [17/07/2008|09:04] C:\Program Files\msn gaming zone [25/11/2008|16:17] C:\Program Files\Navilog1 [17/07/2008|10:21] C:\Program Files\Nero [17/07/2008|09:01] C:\Program Files\NetMeeting [17/07/2008|09:06] C:\Program Files\Outlook Express [19/07/2008|14:14] C:\Program Files\QuickTime [24/11/2008|17:50] C:\Program Files\RegCleaner [10/09/2008|18:01] C:\Program Files\Samsung [17/07/2008|09:01] C:\Program Files\Services en ligne [20/11/2008|14:14] C:\Program Files\SFR [24/11/2008|17:42] C:\Program Files\Spyware Terminator [17/07/2008|09:47] C:\Program Files\Uninstall Information [10/09/2008|17:56] C:\Program Files\WIDCOMM [20/11/2008|14:12] C:\Program Files\Windows Live [20/11/2008|14:00] C:\Program Files\Windows Live Toolbar [17/07/2008|09:04] C:\Program Files\Windows Media Player [17/07/2008|09:04] C:\Program Files\Windows NT [17/07/2008|09:01] C:\Program Files\WindowsUpdate [17/07/2008|09:52] C:\Program Files\WinRAR [17/07/2008|09:04] C:\Program Files\xerox [17/07/2008|09:54] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [17/07/2008|10:25] C:\Program Files\Fichiers communs\Ahead [24/08/2008|18:22] C:\Program Files\Fichiers communs\ArcSoft [19/07/2008|12:50] C:\Program Files\Fichiers communs\InstallShield [17/07/2008|10:25] C:\Program Files\Fichiers communs\LightScribe [17/07/2008|10:32] C:\Program Files\Fichiers communs\Microsoft Shared [17/07/2008|09:01] C:\Program Files\Fichiers communs\MSSoap [17/07/2008|10:55] C:\Program Files\Fichiers communs\ODBC [17/07/2008|09:01] C:\Program Files\Fichiers communs\Services [17/07/2008|10:55] C:\Program Files\Fichiers communs\SpeechEngines [17/07/2008|09:06] C:\Program Files\Fichiers communs\System [17/07/2008|10:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 34 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@partypoker[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@32vegas[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.32vegas[2].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-26 14:15:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:3][D:1]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp [F:127][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies [F:2607][D:8]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 25/11/2008|16:30 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 26/11/2008|14:17 - Option : [2] --------------------\\ Fin du rapport a 14:17:49 Bon courage , a plus.
  2. charlotte06
    bonsoir, voici le rapport du scan --------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Celeron® CPU 2.20GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Not Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:186 Go (Free:164 Go) D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total:37 Go (Free:35 Go) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [1] ( 25/11/2008|16:20 ) --------------------\\ Listing des dossiers dans APPLIC~1 [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [14/09/2008|16:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead [24/08/2008|22:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft [19/07/2008|13:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google [22/08/2008|23:04] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help [17/07/2008|09:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [24/08/2008|18:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield [17/11/2008|19:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Itch hide [17/07/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia [18/11/2008|13:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/11/2008|17:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\Spyware Terminator [30/08/2008|15:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\U3 [17/07/2008|10:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR [14/09/2008|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead [17/07/2008|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [17/11/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping [17/07/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [17/07/2008|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink [17/07/2008|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [24/08/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe [17/11/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/11/2008|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [17/07/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero [19/07/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [24/11/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator [22/11/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/07/2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [19/11/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [17/07/2008|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [17/07/2008|09:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [17/07/2008|09:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/11/2008|16:39] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [25/11/2008 16:00][--ah-----] C:\WINDOWS\tasks\ABFF08EE9194BE52.job [25/11/2008 15:59][--ah-----] C:\WINDOWS\tasks\SA.DAT [02/10/2001 17:16][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( ABFF08EE9194BE52.job )=( c:\docume~1\admini~1\applic~1\itchhi~1\cityinternetgram.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [19/07/2008|12:50] C:\Program Files\ANI [24/08/2008|18:22] C:\Program Files\ArcSoft [17/07/2008|10:03] C:\Program Files\Avira [17/07/2008|09:54] C:\Program Files\CCleaner [21/11/2008|18:01] C:\Program Files\Circle Developement [17/07/2008|08:59] C:\Program Files\ComPlus Applications [17/07/2008|10:13] C:\Program Files\CyberLink [24/08/2008|18:20] C:\Program Files\Digital Video [17/07/2008|10:10] C:\Program Files\DivX [19/07/2008|12:50] C:\Program Files\D-Link [17/07/2008|10:38] C:\Program Files\DVD Shrink [19/07/2008|13:19] C:\Program Files\DVDFab Decrypter 3 [24/08/2008|18:22] C:\Program Files\Fichiers communs [17/07/2008|10:16] C:\Program Files\Google [10/09/2008|18:02] C:\Program Files\InstallShield Installation Information [17/07/2008|09:57] C:\Program Files\Intel [19/11/2008|14:09] C:\Program Files\Internet Explorer [17/11/2008|19:42] C:\Program Files\Itch hide [22/08/2008|23:08] C:\Program Files\Livre Album Fuji Photo [17/11/2008|19:42] C:\Program Files\Messenger Plus! Live [17/07/2008|09:04] C:\Program Files\microsoft frontpage [19/11/2008|14:16] C:\Program Files\Microsoft SQL Server Compact Edition [17/07/2008|09:04] C:\Program Files\movie maker [17/07/2008|09:04] C:\Program Files\msn gaming zone [25/11/2008|16:17] C:\Program Files\Navilog1 [17/07/2008|10:21] C:\Program Files\Nero [17/07/2008|09:01] C:\Program Files\NetMeeting [17/07/2008|09:06] C:\Program Files\Outlook Express [19/07/2008|14:14] C:\Program Files\QuickTime [24/11/2008|17:50] C:\Program Files\RegCleaner [10/09/2008|18:01] C:\Program Files\Samsung [17/07/2008|09:01] C:\Program Files\Services en ligne [20/11/2008|14:14] C:\Program Files\SFR [24/11/2008|17:42] C:\Program Files\Spyware Terminator [17/07/2008|09:47] C:\Program Files\Uninstall Information [10/09/2008|17:56] C:\Program Files\WIDCOMM [20/11/2008|14:12] C:\Program Files\Windows Live [20/11/2008|14:00] C:\Program Files\Windows Live Toolbar [17/07/2008|09:04] C:\Program Files\Windows Media Player [17/07/2008|09:04] C:\Program Files\Windows NT [17/07/2008|09:01] C:\Program Files\WindowsUpdate [17/07/2008|09:52] C:\Program Files\WinRAR [17/07/2008|09:04] C:\Program Files\xerox [17/07/2008|09:54] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [17/07/2008|10:25] C:\Program Files\Fichiers communs\Ahead [24/08/2008|18:22] C:\Program Files\Fichiers communs\ArcSoft [19/07/2008|12:50] C:\Program Files\Fichiers communs\InstallShield [17/07/2008|10:25] C:\Program Files\Fichiers communs\LightScribe [17/07/2008|10:32] C:\Program Files\Fichiers communs\Microsoft Shared [17/07/2008|09:01] C:\Program Files\Fichiers communs\MSSoap [17/07/2008|10:55] C:\Program Files\Fichiers communs\ODBC [17/07/2008|09:01] C:\Program Files\Fichiers communs\Services [17/07/2008|10:55] C:\Program Files\Fichiers communs\SpeechEngines [17/07/2008|09:06] C:\Program Files\Fichiers communs\System [17/07/2008|10:32] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 34 Processes ) iexplore.exe ~ [PID:220] iexplore.exe ~ [PID:448] iexplore.exe ~ [PID:3268] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ball mapi owns ping\README INFO.exe C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1 C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\city internet gram.exe C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\closeknobbitswma.exe C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\Pile Heck Bleh.exe C:\DOCUME~1\ADMINI~1\APPLIC~1\itchhi~1\pyjgkjxd.exe C:\Program Files\itchhi~1 C:\Program Files\Circle Developement C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.casinoking[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@casinoking[1].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@banner.cotedazurpalace[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@cotedazurpalace[1].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@pacificpoker[2].txt C:\DOCUME~1\ADMINI~1\Cookies\administrateur@partypoker[1].txt C:\WINDOWS\Tasks\ABFF08EE9194BE52.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Tons slow"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\ITCHHI~1\\Pile Heck Bleh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-25 16:27:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:2][D:1]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp [F:107][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies [F:2131][D:8]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 25/11/2008|16:30 - Option : [1] --------------------\\ Fin du rapport a 16:30:30
  3. charlotte06
    Bonsoir, Le titre est explicite, j'ai tout essayé. Je vous poste ici mon scan Navilog et mon rapport Hijackthis, merci de m'aider Search Navipromo version 3.6.9 commencé le 24/11/2008 à 18:29:47,81 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Administrateur" Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 6.0.2900.2180 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Administrateur\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Administrateur\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Administrateur\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Administrateur\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Administrateur\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 24/11/2008 à 18:32:20,26 *** -------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:29, on 24/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\explorer.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\NOTEPAD.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX03.953\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gocyberlink.com/registration/re...in&Lang=Fra R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {c4d8cc23-d6d6-446b-802e-19da94501a93} - C:\WINDOWS\system32\hajakari.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [CPM37b3719f] Rundll32.exe "c:\windows\system32\pegatijo.dll",a O4 - HKLM\..\Run: [wabahivedu] Rundll32.exe "C:\WINDOWS\system32\jasamohu.dll",s O4 - HKLM\..\Run: [34804203] rundll32.exe "C:\WINDOWS\system32\wehemeru.dll",b O4 - HKCU\..\Run: [Tons slow] C:\DOCUME~1\ADMINI~1\APPLIC~1\ITCHHI~1\Pile Heck Bleh.exe O4 - HKUS\S-1-5-19\..\Run: [wabahivedu] Rundll32.exe "C:\WINDOWS\system32\jasamohu.dll",s (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [wabahivedu] Rundll32.exe "C:\WINDOWS\system32\jasamohu.dll",s (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1216286335015 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1216468512312 O20 - AppInit_DLLs: C:\WINDOWS\system32\jibilidi.dll c:\windows\system32\pegatijo.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\pegatijo.dll O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\pegatijo.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 6568 bytes
×
×
  • Créer...