nbzlll
-
Compteur de contenus
6 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par nbzlll
-
########## DelFix - Nettoyeur d'outils de désinfection ########## # # DelFix v6.4 - Rapport créé le 17/11/2010 à 21:59 # Mis à jour le 15/11/10 à 17h30 par Xplode # Système d'exploitation : Windows Vista (TM) Home Premium (32 bits) [version 6.0.6001] Service Pack 1 # Nom d'utilisateur : aGe nbzlll - PC-DE-TOAL (Administrateur) # Exécuté depuis : C:\Users\aGe nbzlll\Downloads\DelFix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : C:\USBFix Supprimé : C:\_OTL Supprimé : C:\Lop SD Supprimé : C:\Program Files\trend micro ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\UsbFix.txt Supprimé : C:\UsbFix_Upload_Me_PC-DE-TOAL.zip Supprimé : C:\rapport.txt Supprimé : C:\lopR.txt Supprimé : C:\Windows\System32\VACFix.exe Supprimé : C:\Windows\System32\VCCLSID.exe Supprimé : C:\Windows\System32\IEDFix.exe Supprimé : C:\Windows\System32\WS2Fix.exe Supprimé : C:\Windows\System32\swreg.exe Supprimé : C:\Windows\System32\swsc.exe Supprimé : C:\Windows\System32\swxcacls.exe Supprimé : C:\Windows\System32\SrchSTS.exe Supprimé : C:\Windows\System32\tmp.reg Supprimé : C:\Windows\System32\tmp.txt Supprimé : C:\Windows\System32\dumphive.exe Supprimé : C:\Users\aGe nbzlll\Desktop\OTL.exe Supprimé : C:\Users\aGe nbzlll\Desktop\LopSD.exe Supprimé : C:\Users\aGe nbzlll\Desktop\UsbFix.exe ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\SOFTWARE\USBFix Clé Supprimée : HKLM\Software\OldTimer Tools Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix ########## EOF - "C:\DelFixSuppr.txt" - [1636 octets] ########## meme supprimé les traces qui touchaient a la décontamination,impressionné..(je voulais garder ces petits outil mais bon avec le point de restauration,ça ne sert pas à grand chose je crois) -crée le point de sauvegarde;fruit de notre petit travail collectif;avec beaucoup de "plaisir". -plus qu'a consulter quelque sujets optimisation et il tournera comme un charme,quel "plaisir"! Merci Bernard53! un(e) problème,question,doute,?,vous aussi,adoptez la berny'attitude.. très limpide,dés aujourd'hui accédé a ces explications de luxe! :LollyJokeUnPeuDePubNormaLol: à la prochaine,dans un nouveau topic pour de nouvelles explications nbzlll,
-
j'ai repris la démarche de usbfix depuis le départ et voici le dernier rapport suppression que j'ai obtenu ############################## | UsbFix 7.035 | [suppression] Utilisateur: aGe nbzlll (Administrateur) # PC-DE-TOAL [HP-Pavilion GN743AA-ABF a6204.fr] Mis à jour le 11/11/10 par El Desaparecido / C_XX Lancé à 19:53:47 | 17/11/2010 Site Web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] Contact: eldesaparecido@teamxscript.org CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Activé RAM -> 2046 Mo C:\ (%systemdrive%) -> Disque fixe # 328 Go (110 Go libre(s) - 34%) [HP] # NTFS D:\ -> Disque fixe # 7 Go (986 Mo libre(s) - 13%) [FACTORY_IMAGE] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> CD-ROM M:\ -> Disque fixe # 466 Go (235 Go libre(s) - 51%) [FreeAgent Drive] # NTFS ################## | Éléments infectieux | Supprimé! C:\$RECYCLE.BIN\S-1-5-18 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-4187345744-741533986-2907847201-1001 Supprimé! D:\$RECYCLE.BIN\S-1-5-18 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-4187345744-741533986-2907847201-1001 Supprimé! M:\$RECYCLE.BIN\S-1-5-18 Supprimé! M:\$RECYCLE.BIN\S-1-5-21-4187345744-741533986-2907847201-1001 ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{3a9fa4a8-6c01-11df-ace2-001bb9f35a5f} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{424f4cbf-801d-11df-a2c2-001bb9f35a5f} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{761b8928-9987-11db-9ebb-806e6f6e6963} ################## | Listing | [17/11/2010 - 19:54:24 | SHD ] C:\$Recycle.Bin [29/05/2008 - 00:39:28 | N | 316] C:\-824330763 [16/11/2010 - 14:42:34 | D ] C:\ATI [01/01/2007 - 04:44:11 | N | 74] C:\autoexec.bat [17/11/2010 - 19:52:41 | RASHD ] C:\Autorun.inf [16/12/2008 - 19:20:44 | D ] C:\Boot [19/01/2008 - 08:45:45 | RASH | 333203] C:\bootmgr [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings [17/11/2010 - 18:55:53 | ASH | 2145886208] C:\hiberfil.sys [11/12/2007 - 21:18:28 | D ] C:\hp [11/12/2007 - 22:52:56 | N | 0] C:\IO.SYS [17/11/2010 - 19:01:39 | D ] C:\Lop SD [17/11/2010 - 19:01:39 | N | 14934] C:\lopR.txt [11/12/2007 - 22:52:56 | N | 0] C:\MSDOS.SYS [22/12/2007 - 06:59:12 | D ] C:\NVIDIA [17/11/2010 - 18:55:51 | ASH | 2459709440] C:\pagefile.sys [16/12/2008 - 19:13:49 | D ] C:\PerfLogs [06/05/2010 - 23:56:02 | D ] C:\PFiles [17/11/2010 - 19:08:09 | D ] C:\Program Files [17/11/2010 - 00:31:51 | HD ] C:\ProgramData [16/02/2008 - 18:41:32 | N | 5693] C:\rapport.txt [07/01/2010 - 19:49:56 | N | 90] C:\Setup.log [02/03/2003 - 08:35:52 | N | 2486272] C:\sfv creator.exe [03/06/2008 - 17:40:37 | N | 232] C:\sqmdata00.sqm [03/06/2008 - 17:40:37 | N | 244] C:\sqmnoopt00.sqm [17/11/2010 - 19:03:55 | SHD ] C:\System Volume Information [17/11/2010 - 19:54:24 | D ] C:\UsbFix [17/11/2010 - 19:53:45 | A | 2986] C:\UsbFix.txt [18/06/2010 - 00:52:17 | D ] C:\Users [17/11/2010 - 19:14:11 | D ] C:\Windows [09/11/2010 - 16:45:56 | D ] C:\WOLFSRC [17/11/2010 - 16:19:21 | D ] C:\_OTL [17/11/2010 - 19:54:24 | SHD ] D:\$RECYCLE.BIN [17/11/2010 - 19:52:43 | RASHD ] D:\Autorun.inf [04/10/2006 - 01:02:44 | N | 438328] D:\boo.mgr [01/01/2007 - 14:47:17 | D ] D:\boot [02/11/2006 - 01:53:58 | SH | 438840] D:\bootmgr [13/10/2006 - 16:00:52 | SH | 1322] D:\Desktop.ini [01/01/2007 - 14:47:17 | D ] D:\hp [01/01/2007 - 14:47:15 | N | 111] D:\MASTER.LOG [11/12/2007 - 17:12:50 | D ] D:\PC-Doctor 5 for Win PE [11/12/2007 - 17:12:50 | N | 429] D:\pcdr.ini [01/01/2007 - 14:47:17 | D ] D:\PRELOAD [10/09/2002 - 14:58:12 | N | 181616] D:\Protect.ed [01/01/2007 - 14:47:17 | RD ] D:\RECOVERY [01/01/2007 - 14:47:15 | N | 44] D:\RESTORE.INI [01/01/2007 - 14:47:17 | D ] D:\SOURCES [01/01/2007 - 05:24:55 | SHD ] D:\System Volume Information [11/05/2007 - 10:48:56 | N | 35] D:\SystemRecovery.txt [01/01/2007 - 14:47:17 | D ] D:\Windows [17/11/2010 - 19:54:24 | SHD ] M:\$RECYCLE.BIN [17/11/2010 - 19:52:44 | RASHD ] M:\Autorun.inf [25/09/2009 - 21:18:08 | N | 44902] M:\FreeAgentDesktopNext.ico [23/10/2010 - 13:53:49 | SHD ] M:\RECYCLER [01/10/2009 - 11:17:08 | D ] M:\Seagate [18/06/2010 - 01:01:07 | D ] M:\Seagate Backup [16/01/2009 - 09:14:08 | N | 156312] M:\Setup.exe [26/03/2010 - 18:15:37 | SHD ] M:\System Volume Information ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) M:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-TOAL.zip [url=http://www.teamxscript.org/Sample/Upload.php]Upload pour UsbFix, Ad-Remover & FindyKill[/url] Merci de votre contribution. ################## | E.O.F | c'est tout ce qu'il manquait a ce topic,encore merci pour tout l'ami,A+
-
j'ai répété toutes les étapes qu'on a vu précédemment,vacciné avec usbfix ce qui devaient l'etre et refais une analyse avec MAM et iobit 360 security. plus aucun types de menaces n'a l'air d'etre cachées! Merci de m'avoir aidé et d'avoir pris du temps pour la pauvre buse que je suis,j'ai beaucoup appris! Bernard53 FTW* amicalement,nbzlll
-
bonsoir, pour je ne sais quelle raison je ne peux pas accédé au site d'upload de fichiers,les scans étant petit,ça devrait le faire. -Scan Correction OTL All processes killed ========== OTL ========== Service cpuz132 stopped successfully! Service cpuz132 deleted successfully! File C:\Users\Toal\AppData\Local\Temp\cpuz132\cpuz132_x32.sys not found. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D85B4BE2-07C3-422f-ADE9-B1A2C7D25224}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D85B4BE2-07C3-422f-ADE9-B1A2C7D25224}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D85B4BE2-07C3-422f-ADE9-B1A2C7D25224}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D85B4BE2-07C3-422f-ADE9-B1A2C7D25224}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:catspl.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls deleted successfully. File pInit_DLLs: (bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bitshl.dll bit not found. ========== COMMANDS ========== [EMPTYTEMP] User: aGe nbzlll ->Temp folder emptied: 15185945 bytes ->Temporary Internet Files folder emptied: 1102809 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 99641906 bytes ->Flash cache emptied: 936 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: Toal ->Temp folder emptied: 682367818 bytes ->Temporary Internet Files folder emptied: 199788830 bytes ->Java cache emptied: 33486325 bytes ->FireFox cache emptied: 15416960 bytes ->Google Chrome cache emptied: 311638873 bytes ->Flash cache emptied: 31211 bytes %systemdrive% .tmp files removed: 3 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 53332 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 3330057 bytes RecycleBin emptied: 17044253176 bytes Total Files Cleaned = 17 554,00 mb OTL by OldTimer - Version 3.2.17.3 log created on 11172010_161921 Files\Folders moved on Reboot... Registry entries deleted on Reboot... le scan m'a généré uniquement ce Log Pour ce qui est de malwarebytes,je ne pensais pas pouvoir corriger ces défauts avec la version d'essai +1 je l'ai relancé une deuxième fois,plus aucuns "trucs" n'étaient contaminés.. j'ai fini par lancer usbfix qui m'a généré ce texte ############################## | UsbFix 7.035 | [Recherche] Utilisateur: aGe nbzlll (Administrateur) # PC-DE-TOAL [HP-Pavilion GN743AA-ABF a6204.fr] Mis à jour le 11/11/10 par El Desaparecido / C_XX Lancé à 17:08:06 | 17/11/2010 Site Web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] Contact: eldesaparecido@teamxscript.org CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Activé RAM -> 2046 Mo C:\ (%systemdrive%) -> Disque fixe # 328 Go (109 Go libre(s) - 33%) [HP] # NTFS D:\ -> Disque fixe # 7 Go (986 Mo libre(s) - 13%) [FACTORY_IMAGE] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM H:\ -> CD-ROM M:\ -> Disque fixe # 466 Go (235 Go libre(s) - 51%) [FreeAgent Drive] # NTFS ################## | Éléments infectieux | Présent! M:\Autorun.inf ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{3a9fa4a8-6c01-11df-ace2-001bb9f35a5f} Shell\Auto\Command = G:\AdobeR.exe e Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\AdobeR.exe e HKCU\.\.\.\.\Explorer\MountPoints2\{424f4cbc-801d-11df-a2c2-001bb9f35a5f} Shell\AutoRun\Command = F:\Autorun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{424f4cbf-801d-11df-a2c2-001bb9f35a5f} Shell\AutoRun\Command = H:\Installer.exe HKCU\.\.\.\.\Explorer\MountPoints2\{761b8928-9987-11db-9ebb-806e6f6e6963} Shell\AutoRun\Command = E:\Setup.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | il y a l'air d'avoir des éléments infectés mais je peux te dires que mon Pc respire déjà beaucoup beaucoup mieux! j'attends ton feu vert pour lancer la vaccination de usbfix,en attendant,je reboot et je refais toutes les manipulations qu'on a déjà faite pour m'assurer que tout est Ok et afin de comprendre mieux tous simplement sur ce,à la revoyure...ohh et merci pour ces outils,vraiment impressionnant.
-
merci de prendre un peu de temps bernard53 pour me répondre, pour commencé j'ai supprimer les 3 fichiers qui avaient l'air suspect,désactivé mes protections puis j'ai lancé lopS&D/option2 qui a l'air d'avoir bien agit --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : aGe nbzlll ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:328 Go (Free:110 Go) D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (USB) M:\ (Local Disk) - NTFS - Total:465 Go (Free:235 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 17/11/2010| 0:31 ) [ UAC => 1 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\Users\AGENBZ~1\AppData\Roaming\MICROS~1\Windows\Cookies\system@advertstream[1].txt Supprime! - C:\ProgramData\seek user user.tk9jl Supprime! - C:\ProgramData\seek user user.406e4b Supprime! - C:\ProgramData\seek user user.c1n8gf Supprime! - C:\ProgramData\Grim grid bind.84owt2p Supprime! - C:\ProgramData\seek user user.6qcs06t Supprime! - C:\ProgramData\Htm Support Bait Deaf - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans Local [29/07/2010|01:25] C:\Users\AGENBZ~1\AppData\Local\Adobe [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Application Data [14/11/2010|15:57] C:\Users\AGENBZ~1\AppData\Local\ApplicationHistory [18/06/2010|06:03] C:\Users\AGENBZ~1\AppData\Local\Apps [17/07/2010|14:57] C:\Users\AGENBZ~1\AppData\Local\ATI [26/09/2010|20:39] C:\Users\AGENBZ~1\AppData\Local\cache [23/10/2010|13:42] C:\Users\AGENBZ~1\AppData\Local\continuum [23/10/2010|11:04] C:\Users\AGENBZ~1\AppData\Local\crazyloader Air [11/09/2010|11:05] C:\Users\AGENBZ~1\AppData\Local\d3d8caps.dat [29/10/2010|13:58] C:\Users\AGENBZ~1\AppData\Local\d3d9caps.dat [24/10/2010|18:24] C:\Users\AGENBZ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [23/10/2010|13:28] C:\Users\AGENBZ~1\AppData\Local\Deployment [18/06/2010|03:09] C:\Users\AGENBZ~1\AppData\Local\eMule [04/10/2010|01:08] C:\Users\AGENBZ~1\AppData\Local\Full Tilt Poker.Fr [29/09/2010|13:27] C:\Users\AGENBZ~1\AppData\Local\FullTiltPoker.fr [14/11/2010|15:29] C:\Users\AGENBZ~1\AppData\Local\fusioncache.dat [14/11/2010|15:57] C:\Users\AGENBZ~1\AppData\Local\GDIPFONTCACHEV1.DAT [23/10/2010|14:16] C:\Users\AGENBZ~1\AppData\Local\Google [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Hewlett-Packard [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Historique [14/11/2010|15:42] C:\Users\AGENBZ~1\AppData\Local\Logishrd [11/11/2010|02:37] C:\Users\AGENBZ~1\AppData\Local\Microsoft [15/07/2010|00:40] C:\Users\AGENBZ~1\AppData\Local\Microsoft Games [24/10/2010|09:17] C:\Users\AGENBZ~1\AppData\Local\Mozilla [09/07/2010|23:47] C:\Users\AGENBZ~1\AppData\Local\PunkBuster [26/06/2010|13:28] C:\Users\AGENBZ~1\AppData\Local\Sony [16/11/2010|03:25] C:\Users\AGENBZ~1\AppData\Local\TeamSpeak 3 Client [17/11/2010|00:31] C:\Users\AGENBZ~1\AppData\Local\Temp [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Temporary Internet Files [17/08/2010|18:56] C:\Users\AGENBZ~1\AppData\Local\VirtualStore --------------------\\ Tâches planifiées dans C:\Windows\tasks [16/11/2010 07:56][--a------] C:\Windows\tasks\IObit Security 360.job [16/11/2010 15:12][--a------] C:\Windows\tasks\SCHEDLGU.TXT [16/11/2010 17:44][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{AD5B73C6-A7CB-449C-8105-0048BBAC7FB8}.job [16/11/2010 23:58][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4187345744-741533986-2907847201-1000UA.job [16/11/2010 06:58][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4187345744-741533986-2907847201-1000Core.job [17/11/2010 00:30][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E6B7204A-2436-41F2-AF93-4ECB56BBD442}.job [16/11/2010 17:41][--ah-----] C:\Windows\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\ProgramData [29/07/2010|01:21] C:\ProgramData\Adobe [29/07/2010|16:12] C:\ProgramData\Adobe Systems [02/11/2006|14:02] C:\ProgramData\Application Data [16/11/2010|14:45] C:\ProgramData\ATI [11/12/2007|17:07] C:\ProgramData\Bureau [02/11/2006|14:02] C:\ProgramData\Desktop [02/11/2006|14:02] C:\ProgramData\Documents [07/06/2010|05:23] C:\ProgramData\Driver Whiz [25/06/2010|22:40] C:\ProgramData\eMule [11/12/2007|17:07] C:\ProgramData\Favoris [02/11/2006|14:02] C:\ProgramData\Favorites [19/06/2009|20:39] C:\ProgramData\Google [16/02/2008|14:40] C:\ProgramData\Google Updater [11/12/2007|17:19] C:\ProgramData\Hewlett-Packard [01/01/2007|04:34] C:\ProgramData\HP [16/11/2010|00:53] C:\ProgramData\IObit [16/11/2010|02:48] C:\ProgramData\Kaspersky Lab [15/06/2009|22:16] C:\ProgramData\Lavasoft [14/11/2010|15:43] C:\ProgramData\Logishrd [12/01/2008|23:35] C:\ProgramData\LUUnInstall.LiveUpdate [14/06/2009|21:31] C:\ProgramData\Malwarebytes [16/07/2010|01:15] C:\ProgramData\Media Center Programs [11/12/2007|17:07] C:\ProgramData\Menu D‚marrer [09/01/2010|13:38] C:\ProgramData\Microsoft [11/12/2007|17:07] C:\ProgramData\ModŠles [16/02/2008|04:09] C:\ProgramData\Mozilla [18/06/2010|01:02] C:\ProgramData\muvee Technologies [10/01/2010|18:13] C:\ProgramData\Norton [10/01/2010|18:11] C:\ProgramData\NortonInstaller [04/11/2010|12:40] C:\ProgramData\ntuser.pol [12/12/2008|02:40] C:\ProgramData\NVIDIA [14/06/2009|22:02] C:\ProgramData\Open Store Bows [01/01/2007|04:49] C:\ProgramData\PC-Doctor [13/11/2010|19:24] C:\ProgramData\RealHideIP [14/01/2008|21:50] C:\ProgramData\Roxio [18/06/2010|01:00] C:\ProgramData\Seagate [09/11/2010|17:17] C:\ProgramData\Setting.dat [01/01/2007|04:35] C:\ProgramData\Sonic [26/06/2010|13:16] C:\ProgramData\Sony [16/02/2008|02:43] C:\ProgramData\Spybot - Search & Destroy [02/11/2006|14:02] C:\ProgramData\Start Menu [22/05/2010|01:31] C:\ProgramData\Sun [10/01/2010|18:11] C:\ProgramData\Symantec [16/02/2008|14:50] C:\ProgramData\TEMP [02/11/2006|14:02] C:\ProgramData\Templates [09/02/2008|18:52] C:\ProgramData\WLInstaller [10/11/2010|16:33] C:\ProgramData\Xfire --------------------\\ Listing des dossiers dans C:\Program Files [29/07/2010|18:14] C:\Program Files\7-Zip [29/07/2010|18:24] C:\Program Files\Adobe [16/02/2008|04:25] C:\Program Files\Adobe(1104) [16/07/2010|01:15] C:\Program Files\AGEIA Technologies [25/06/2010|06:52] C:\Program Files\Alcohol Soft [17/07/2010|14:50] C:\Program Files\ATI [16/11/2010|14:44] C:\Program Files\ATI Technologies [23/10/2010|12:05] C:\Program Files\CodeGazer [16/11/2010|02:48] C:\Program Files\Common Files [23/10/2010|10:57] C:\Program Files\CrazyLoader [23/10/2010|10:57] C:\Program Files\DebugMode [17/06/2009|23:58] C:\Program Files\DivX [16/02/2008|17:39] C:\Program Files\DOSBox-0.72 [16/07/2010|01:18] C:\Program Files\Dragon Age [11/07/2010|12:05] C:\Program Files\EA Sports [01/01/2007|12:29] C:\Program Files\EasyBits [11/12/2007|17:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files] [13/01/2010|17:28] C:\Program Files\FileZilla FTP Client [29/07/2010|17:45] C:\Program Files\GIMP-2.0 [19/06/2009|20:39] C:\Program Files\Google [18/12/2008|04:29] C:\Program Files\Hewlett-Packard [01/01/2007|04:45] C:\Program Files\HP [04/11/2010|12:25] C:\Program Files\Ideazon [14/11/2010|15:37] C:\Program Files\InstallShield Installation Information [04/11/2010|12:20] C:\Program Files\Internet Explorer [16/11/2010|00:53] C:\Program Files\IObit [22/05/2010|01:31] C:\Program Files\Java [16/11/2010|02:48] C:\Program Files\Kaspersky Lab [15/02/2008|22:33] C:\Program Files\Lavasoft(3000) [22/10/2010|12:43] C:\Program Files\Left 4 Dead 2 [09/11/2010|16:25] C:\Program Files\LimeWire [14/11/2010|15:40] C:\Program Files\Logitech [16/11/2010|20:05] C:\Program Files\Malwarebytes' Anti-Malware [19/06/2009|20:33] C:\Program Files\Memeo [09/01/2010|13:49] C:\Program Files\Microsoft [23/10/2010|10:56] C:\Program Files\Microsoft Games [21/12/2007|21:23] C:\Program Files\Microsoft Office [16/11/2010|07:54] C:\Program Files\Microsoft Silverlight [26/01/2008|15:54] C:\Program Files\Microsoft SQL Server Compact Edition [14/06/2009|02:01] C:\Program Files\Microsoft Works [02/03/2010|05:07] C:\Program Files\mnProjects [16/12/2008|19:14] C:\Program Files\Movie Maker [28/10/2010|16:54] C:\Program Files\Mozilla Firefox [02/11/2006|13:37] C:\Program Files\MSBuild [23/12/2007|05:02] C:\Program Files\MSXML 4.0 [01/01/2007|04:43] C:\Program Files\muvee Technologies [25/02/2010|16:44] C:\Program Files\Name Maker Studio G2 [10/01/2010|18:13] C:\Program Files\Norton Security Scan [16/02/2008|17:40] C:\Program Files\PC-Doctor 5 for Windows [19/06/2009|20:45] C:\Program Files\Picasa2 [09/01/2010|12:01] C:\Program Files\Project Wolf [16/11/2010|14:42] C:\Program Files\Ray Adams [10/11/2010|00:41] C:\Program Files\Rcon Unlimited [02/03/2010|22:00] C:\Program Files\Reference Assemblies [03/08/2010|16:08] C:\Program Files\Return to Castle Wolfenstein [26/06/2010|11:42] C:\Program Files\Return to Castle Wolfenstein - demoviewer [16/09/2010|13:48] C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO [27/06/2010|12:20] C:\Program Files\Rockstar Games [01/01/2007|04:42] C:\Program Files\Roxio [01/03/2010|21:33] C:\Program Files\RtCW Animator [09/11/2010|18:01] C:\Program Files\S.A.D [07/01/2010|19:49] C:\Program Files\SAGEM [13/01/2008|19:45] C:\Program Files\Samsung [18/06/2010|01:00] C:\Program Files\Seagate [07/01/2010|19:48] C:\Program Files\Securitoo [01/01/2007|04:53] C:\Program Files\Services en ligne [14/06/2009|22:31] C:\Program Files\SmitfraudFix [26/06/2010|13:15] C:\Program Files\Sony [15/02/2008|23:30] C:\Program Files\Spybot - Search & Destroy [16/02/2008|05:01] C:\Program Files\Spyware Doctor [12/01/2008|23:35] C:\Program Files\Symantec [16/02/2008|17:40] C:\Program Files\SystemRequirementsLab [23/10/2010|11:02] C:\Program Files\TeamViewer [18/12/2008|04:20] C:\Program Files\ToniArts [16/02/2008|17:35] C:\Program Files\Trend Micro [03/10/2010|01:06] C:\Program Files\Trust [12/07/2010|11:40] C:\Program Files\Ubisoft [02/11/2006|14:01] C:\Program Files\Uninstall Information [25/05/2010|03:45] C:\Program Files\VideoLAN [16/02/2008|17:40] C:\Program Files\Wanadoo [19/06/2009|20:33] C:\Program Files\Western Digital [19/06/2009|20:32] C:\Program Files\Western Digital Corporation [16/12/2008|19:14] C:\Program Files\Windows Calendar [16/12/2008|19:14] C:\Program Files\Windows Collaboration [16/12/2008|19:14] C:\Program Files\Windows Defender [16/12/2008|19:14] C:\Program Files\Windows Journal [09/01/2010|13:53] C:\Program Files\Windows Live [09/01/2010|13:49] C:\Program Files\Windows Live SkyDrive [16/12/2008|19:14] C:\Program Files\Windows Mail [14/06/2009|02:07] C:\Program Files\Windows Media Player [16/02/2008|17:34] C:\Program Files\Windows NT [16/12/2008|19:14] C:\Program Files\Windows Photo Gallery [16/12/2008|19:14] C:\Program Files\Windows Sidebar [16/02/2008|17:40] C:\Program Files\WinRAR [09/07/2010|23:42] C:\Program Files\Wolfenstein - Enemy Territory [02/03/2010|22:04] C:\Program Files\Wolflauncher [01/03/2010|21:54] C:\Program Files\WolfNameAnimator [14/07/2010|19:55] C:\Program Files\Xfire --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [29/07/2010|18:24] C:\Program Files\Common Files\Adobe [29/07/2010|01:24] C:\Program Files\Common Files\Adobe Systems Shared [16/02/2008|04:27] C:\Program Files\Common Files\Adobe(1105) [17/07/2010|14:52] C:\Program Files\Common Files\ATI Technologies [16/07/2010|01:15] C:\Program Files\Common Files\BioWare [17/06/2009|23:58] C:\Program Files\Common Files\DivX Shared [01/01/2007|04:34] C:\Program Files\Common Files\HP [07/01/2010|19:49] C:\Program Files\Common Files\InstallShield [22/05/2010|01:31] C:\Program Files\Common Files\Java [16/02/2008|17:39] C:\Program Files\Common Files\LightScribe [14/11/2010|15:42] C:\Program Files\Common Files\Logishrd [01/01/2007|04:43] C:\Program Files\Common Files\LS Getting Started [14/06/2009|02:02] C:\Program Files\Common Files\microsoft shared [18/06/2010|00:58] C:\Program Files\Common Files\muvee Technologies [16/02/2008|17:39] C:\Program Files\Common Files\PX Storage Engine [01/01/2007|04:42] C:\Program Files\Common Files\Roxio Shared [02/11/2006|12:18] C:\Program Files\Common Files\Services [16/02/2008|17:39] C:\Program Files\Common Files\Sonic Shared [16/02/2008|17:34] C:\Program Files\Common Files\SpeechEngines [19/09/2010|10:11] C:\Program Files\Common Files\Steam [09/06/2008|22:12] C:\Program Files\Common Files\SureThing Shared [13/01/2010|16:21] C:\Program Files\Common Files\Symantec Shared [16/12/2008|19:14] C:\Program Files\Common Files\System [09/01/2010|13:38] C:\Program Files\Common Files\Windows Live [16/02/2008|17:39] C:\Program Files\Common Files\WindowsLiveInstaller [16/07/2010|01:15] C:\Program Files\Common Files\Wise Installation Wizard --------------------\\ Process ( 65 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url] Rootkit scan 2010-11-17 00:33:11 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:29][D:8]-> C:\Users\AGENBZ~1\AppData\Local\Temp [F:53][D:1]-> C:\Users\AGENBZ~1\AppData\Roaming\MICROS~1\Windows\Cookies [F:61][D:5]-> C:\Users\AGENBZ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:132][D:18]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - 16/11/2010|17:57 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 17/11/2010| 0:35 - Option : [2] --------------------\\ Fin du rapport a 0:35:48 [ UAC => 1 ] ensuite j'ai lancé Otl,inscris le code et 2 scans en sont ressortis -OTL.Txt Extras.txt encore du chinois... j'ai vu en consultant d'autres problèmes qu'un scan de malwarebytes'anti-malwares pouvait aider les "aideurs" ,j'ai donc fais un scan qui je trouve a plutot l'air d'etre inquiétant.. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5128 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 17/11/2010 00:11:31 mbam-log-2010-11-17 (00-11-31).txt Type d'examen: Examen complet (C:\|D:\|F:\|) Elément(s) analysé(s): 345144 Temps écoulé: 1 heure(s), 10 minute(s), 39 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 8 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\Windows\System32\bitshl.dll (Trojan.Agent) -> No action taken. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{56acb669-4139-5611-cbba-f5acb0f4db09} (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Users\aGe nbzlll\AppData\Roaming\OfferBox (PUP.OfferBox) -> No action taken. C:\Users\Toal\AppData\Roaming\OfferBox (PUP.OfferBox) -> No action taken. Fichier(s) infecté(s): C:\Windows\System32\bitshl.dll (Trojan.Agent) -> No action taken. C:\Users\Toal\AppData\Local\Temp\OB.exe (PUP.Offerbox) -> No action taken. C:\Windows\System32\catspl.dll (Trojan.P2P.Agent) -> No action taken. C:\Users\aGe nbzlll\AppData\Roaming\OfferBox\config.dat (PUP.OfferBox) -> No action taken. C:\Users\aGe nbzlll\AppData\Roaming\OfferBox\config.xml (PUP.OfferBox) -> No action taken. C:\Users\Toal\AppData\Roaming\OfferBox\config.dat (PUP.OfferBox) -> No action taken. C:\Users\Toal\AppData\Roaming\OfferBox\config.xml (PUP.OfferBox) -> No action taken. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.LNK (PUP.OfferBox) y'a du registre,mémoire infecté,ça ne sent pas trop bon surtout que je n'ai pas la version finale de MAM,que faire....? des forum douteux,quelques télèchargement suspects accepté à la dernière seconde,pas d'anti-virus pendant plusieurs temps et voilii... en tous cas merci de passer du temps sur ce casse-tete.. je suis rincé,je continuerai mes recherches fortes instructives dés demain matin,bonne nuit!
-
bonjour, pour commencer,j'espère que je post dans le bon topic. mon problème est pénible,mon PC ne fait que de ramer dernièrement depuis que j'ai désinstallé mon ancien antivirus;je ne sais pas si je peux faire de la pub donc dans le doute...;pour un nouveau qui m'a détecté 48 nouvelles vulnérabilités et cette "chose" qui me fait peur Misleading.Antivirus - Supprimer, Registry Key, HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}, 4-31290 j'ai pris soin de faire un petit scan histoire de vous faire une idée plus précise Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : aGe nbzlll ( Administrator ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:328 Go (Free:115 Go) D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go) E:\ (CD or DVD) F:\ (CD or DVD) H:\ (CD or DVD) I:\ (USB) J:\ (USB) K:\ (USB) L:\ (USB) M:\ (Local Disk) - NTFS - Total:465 Go (Free:235 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 16/11/2010|17:53 ) [ UAC => 1 ] --------------------\\ Listing des dossiers dans Local [29/07/2010|01:25] C:\Users\AGENBZ~1\AppData\Local\Adobe [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Application Data [14/11/2010|15:57] C:\Users\AGENBZ~1\AppData\Local\ApplicationHistory [18/06/2010|06:03] C:\Users\AGENBZ~1\AppData\Local\Apps [17/07/2010|14:57] C:\Users\AGENBZ~1\AppData\Local\ATI [26/09/2010|20:39] C:\Users\AGENBZ~1\AppData\Local\cache [23/10/2010|13:42] C:\Users\AGENBZ~1\AppData\Local\continuum [23/10/2010|11:04] C:\Users\AGENBZ~1\AppData\Local\crazyloader Air [11/09/2010|11:05] C:\Users\AGENBZ~1\AppData\Local\d3d8caps.dat [29/10/2010|13:58] C:\Users\AGENBZ~1\AppData\Local\d3d9caps.dat [24/10/2010|18:24] C:\Users\AGENBZ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [23/10/2010|13:28] C:\Users\AGENBZ~1\AppData\Local\Deployment [18/06/2010|03:09] C:\Users\AGENBZ~1\AppData\Local\eMule [04/10/2010|01:08] C:\Users\AGENBZ~1\AppData\Local\Full Tilt Poker.Fr [29/09/2010|13:27] C:\Users\AGENBZ~1\AppData\Local\FullTiltPoker.fr [14/11/2010|15:29] C:\Users\AGENBZ~1\AppData\Local\fusioncache.dat [14/11/2010|15:57] C:\Users\AGENBZ~1\AppData\Local\GDIPFONTCACHEV1.DAT [23/10/2010|14:16] C:\Users\AGENBZ~1\AppData\Local\Google [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Hewlett-Packard [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Historique [14/11/2010|15:42] C:\Users\AGENBZ~1\AppData\Local\Logishrd [11/11/2010|02:37] C:\Users\AGENBZ~1\AppData\Local\Microsoft [15/07/2010|00:40] C:\Users\AGENBZ~1\AppData\Local\Microsoft Games [24/10/2010|09:17] C:\Users\AGENBZ~1\AppData\Local\Mozilla [09/07/2010|23:47] C:\Users\AGENBZ~1\AppData\Local\PunkBuster [26/06/2010|13:28] C:\Users\AGENBZ~1\AppData\Local\Sony [16/11/2010|03:25] C:\Users\AGENBZ~1\AppData\Local\TeamSpeak 3 Client [16/11/2010|17:51] C:\Users\AGENBZ~1\AppData\Local\Temp [18/06/2010|00:52] C:\Users\AGENBZ~1\AppData\Local\Temporary Internet Files [17/08/2010|18:56] C:\Users\AGENBZ~1\AppData\Local\VirtualStore --------------------\\ Tâches planifiées dans C:\Windows\tasks [16/11/2010 07:56][--a------] C:\Windows\tasks\IObit Security 360.job [16/11/2010 15:12][--a------] C:\Windows\tasks\SCHEDLGU.TXT [16/11/2010 17:44][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{AD5B73C6-A7CB-449C-8105-0048BBAC7FB8}.job [16/11/2010 13:58][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4187345744-741533986-2907847201-1000UA.job [16/11/2010 06:58][--a------] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4187345744-741533986-2907847201-1000Core.job [16/11/2010 17:50][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{E6B7204A-2436-41F2-AF93-4ECB56BBD442}.job [16/11/2010 17:41][--ah-----] C:\Windows\tasks\SA.DAT --------------------\\ Listing des dossiers dans C:\ProgramData [29/07/2010|01:21] C:\ProgramData\Adobe [29/07/2010|16:12] C:\ProgramData\Adobe Systems [02/11/2006|14:02] C:\ProgramData\Application Data [16/11/2010|14:45] C:\ProgramData\ATI [11/12/2007|17:07] C:\ProgramData\Bureau [02/11/2006|14:02] C:\ProgramData\Desktop [02/11/2006|14:02] C:\ProgramData\Documents [07/06/2010|05:23] C:\ProgramData\Driver Whiz [25/06/2010|22:40] C:\ProgramData\eMule [11/12/2007|17:07] C:\ProgramData\Favoris [02/11/2006|14:02] C:\ProgramData\Favorites [19/06/2009|20:39] C:\ProgramData\Google [16/02/2008|14:40] C:\ProgramData\Google Updater [16/02/2008|11:34] C:\ProgramData\Grim grid bind.84owt2p [11/12/2007|17:19] C:\ProgramData\Hewlett-Packard [01/01/2007|04:34] C:\ProgramData\HP [14/06/2009|18:57] C:\ProgramData\Htm Support Bait Deaf [16/11/2010|00:53] C:\ProgramData\IObit [16/11/2010|02:48] C:\ProgramData\Kaspersky Lab [15/06/2009|22:16] C:\ProgramData\Lavasoft [14/11/2010|15:43] C:\ProgramData\Logishrd [12/01/2008|23:35] C:\ProgramData\LUUnInstall.LiveUpdate [14/06/2009|21:31] C:\ProgramData\Malwarebytes [16/07/2010|01:15] C:\ProgramData\Media Center Programs [11/12/2007|17:07] C:\ProgramData\Menu D‚marrer [09/01/2010|13:38] C:\ProgramData\Microsoft [11/12/2007|17:07] C:\ProgramData\ModŠles [16/02/2008|04:09] C:\ProgramData\Mozilla [18/06/2010|01:02] C:\ProgramData\muvee Technologies [10/01/2010|18:13] C:\ProgramData\Norton [10/01/2010|18:11] C:\ProgramData\NortonInstaller [04/11/2010|12:40] C:\ProgramData\ntuser.pol [12/12/2008|02:40] C:\ProgramData\NVIDIA [14/06/2009|22:02] C:\ProgramData\Open Store Bows [01/01/2007|04:49] C:\ProgramData\PC-Doctor [13/11/2010|19:24] C:\ProgramData\RealHideIP [14/01/2008|21:50] C:\ProgramData\Roxio [18/06/2010|01:00] C:\ProgramData\Seagate [13/01/2008|02:28] C:\ProgramData\seek user user.406e4b [30/01/2008|11:07] C:\ProgramData\seek user user.6qcs06t [16/02/2008|11:34] C:\ProgramData\seek user user.c1n8gf [16/02/2008|11:34] C:\ProgramData\seek user user.tk9jl [09/11/2010|17:17] C:\ProgramData\Setting.dat [01/01/2007|04:35] C:\ProgramData\Sonic [26/06/2010|13:16] C:\ProgramData\Sony [16/02/2008|02:43] C:\ProgramData\Spybot - Search & Destroy [02/11/2006|14:02] C:\ProgramData\Start Menu [22/05/2010|01:31] C:\ProgramData\Sun [10/01/2010|18:11] C:\ProgramData\Symantec [16/02/2008|14:50] C:\ProgramData\TEMP [02/11/2006|14:02] C:\ProgramData\Templates [09/02/2008|18:52] C:\ProgramData\WLInstaller [10/11/2010|16:33] C:\ProgramData\Xfire --------------------\\ Listing des dossiers dans C:\Program Files [29/07/2010|18:14] C:\Program Files\7-Zip [29/07/2010|18:24] C:\Program Files\Adobe [16/02/2008|04:25] C:\Program Files\Adobe(1104) [16/07/2010|01:15] C:\Program Files\AGEIA Technologies [25/06/2010|06:52] C:\Program Files\Alcohol Soft [17/07/2010|14:50] C:\Program Files\ATI [16/11/2010|14:44] C:\Program Files\ATI Technologies [23/10/2010|12:05] C:\Program Files\CodeGazer [16/11/2010|02:48] C:\Program Files\Common Files [23/10/2010|10:57] C:\Program Files\CrazyLoader [23/10/2010|10:57] C:\Program Files\DebugMode [17/06/2009|23:58] C:\Program Files\DivX [16/02/2008|17:39] C:\Program Files\DOSBox-0.72 [16/07/2010|01:18] C:\Program Files\Dragon Age [11/07/2010|12:05] C:\Program Files\EA Sports [01/01/2007|12:29] C:\Program Files\EasyBits [11/12/2007|17:07] C:\Program Files\Fichiers communs [C:\Program Files\Common Files] [13/01/2010|17:28] C:\Program Files\FileZilla FTP Client [29/07/2010|17:45] C:\Program Files\GIMP-2.0 [19/06/2009|20:39] C:\Program Files\Google [18/12/2008|04:29] C:\Program Files\Hewlett-Packard [01/01/2007|04:45] C:\Program Files\HP [04/11/2010|12:25] C:\Program Files\Ideazon [14/11/2010|15:37] C:\Program Files\InstallShield Installation Information [04/11/2010|12:20] C:\Program Files\Internet Explorer [16/11/2010|00:53] C:\Program Files\IObit [22/05/2010|01:31] C:\Program Files\Java [16/11/2010|02:48] C:\Program Files\Kaspersky Lab [15/02/2008|22:33] C:\Program Files\Lavasoft(3000) [22/10/2010|12:43] C:\Program Files\Left 4 Dead 2 [09/11/2010|16:25] C:\Program Files\LimeWire [14/11/2010|15:40] C:\Program Files\Logitech [19/06/2009|20:33] C:\Program Files\Memeo [09/01/2010|13:49] C:\Program Files\Microsoft [23/10/2010|10:56] C:\Program Files\Microsoft Games [21/12/2007|21:23] C:\Program Files\Microsoft Office [16/11/2010|07:54] C:\Program Files\Microsoft Silverlight [26/01/2008|15:54] C:\Program Files\Microsoft SQL Server Compact Edition [14/06/2009|02:01] C:\Program Files\Microsoft Works [02/03/2010|05:07] C:\Program Files\mnProjects [16/12/2008|19:14] C:\Program Files\Movie Maker [28/10/2010|16:54] C:\Program Files\Mozilla Firefox [02/11/2006|13:37] C:\Program Files\MSBuild [23/12/2007|05:02] C:\Program Files\MSXML 4.0 [01/01/2007|04:43] C:\Program Files\muvee Technologies [25/02/2010|16:44] C:\Program Files\Name Maker Studio G2 [10/01/2010|18:13] C:\Program Files\Norton Security Scan [16/02/2008|17:40] C:\Program Files\PC-Doctor 5 for Windows [19/06/2009|20:45] C:\Program Files\Picasa2 [09/01/2010|12:01] C:\Program Files\Project Wolf [16/11/2010|14:42] C:\Program Files\Ray Adams [10/11/2010|00:41] C:\Program Files\Rcon Unlimited [10/11/2010|16:35] C:\Program Files\RealHideIP [02/03/2010|22:00] C:\Program Files\Reference Assemblies [03/08/2010|16:08] C:\Program Files\Return to Castle Wolfenstein [26/06/2010|11:42] C:\Program Files\Return to Castle Wolfenstein - demoviewer [16/09/2010|13:48] C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO [27/06/2010|12:20] C:\Program Files\Rockstar Games [01/01/2007|04:42] C:\Program Files\Roxio [01/03/2010|21:33] C:\Program Files\RtCW Animator [09/11/2010|18:01] C:\Program Files\S.A.D [07/01/2010|19:49] C:\Program Files\SAGEM [13/01/2008|19:45] C:\Program Files\Samsung [18/06/2010|01:00] C:\Program Files\Seagate [07/01/2010|19:48] C:\Program Files\Securitoo [01/01/2007|04:53] C:\Program Files\Services en ligne [14/06/2009|22:31] C:\Program Files\SmitfraudFix [26/06/2010|13:15] C:\Program Files\Sony [15/02/2008|23:30] C:\Program Files\Spybot - Search & Destroy [16/02/2008|05:01] C:\Program Files\Spyware Doctor [12/01/2008|23:35] C:\Program Files\Symantec [16/02/2008|17:40] C:\Program Files\SystemRequirementsLab [23/10/2010|11:02] C:\Program Files\TeamViewer [18/12/2008|04:20] C:\Program Files\ToniArts [16/02/2008|17:35] C:\Program Files\Trend Micro [03/10/2010|01:06] C:\Program Files\Trust [12/07/2010|11:40] C:\Program Files\Ubisoft [02/11/2006|14:01] C:\Program Files\Uninstall Information [25/05/2010|03:45] C:\Program Files\VideoLAN [16/02/2008|17:40] C:\Program Files\Wanadoo [19/06/2009|20:33] C:\Program Files\Western Digital [19/06/2009|20:32] C:\Program Files\Western Digital Corporation [16/12/2008|19:14] C:\Program Files\Windows Calendar [16/12/2008|19:14] C:\Program Files\Windows Collaboration [16/12/2008|19:14] C:\Program Files\Windows Defender [16/12/2008|19:14] C:\Program Files\Windows Journal [09/01/2010|13:53] C:\Program Files\Windows Live [09/01/2010|13:49] C:\Program Files\Windows Live SkyDrive [16/12/2008|19:14] C:\Program Files\Windows Mail [14/06/2009|02:07] C:\Program Files\Windows Media Player [16/02/2008|17:34] C:\Program Files\Windows NT [16/12/2008|19:14] C:\Program Files\Windows Photo Gallery [16/12/2008|19:14] C:\Program Files\Windows Sidebar [16/02/2008|17:40] C:\Program Files\WinRAR [09/07/2010|23:42] C:\Program Files\Wolfenstein - Enemy Territory [02/03/2010|22:04] C:\Program Files\Wolflauncher [01/03/2010|21:54] C:\Program Files\WolfNameAnimator [14/07/2010|19:55] C:\Program Files\Xfire --------------------\\ Listing des dossiers dans C:\Program Files\Common Files [29/07/2010|18:24] C:\Program Files\Common Files\Adobe [29/07/2010|01:24] C:\Program Files\Common Files\Adobe Systems Shared [16/02/2008|04:27] C:\Program Files\Common Files\Adobe(1105) [17/07/2010|14:52] C:\Program Files\Common Files\ATI Technologies [16/07/2010|01:15] C:\Program Files\Common Files\BioWare [17/06/2009|23:58] C:\Program Files\Common Files\DivX Shared [01/01/2007|04:34] C:\Program Files\Common Files\HP [07/01/2010|19:49] C:\Program Files\Common Files\InstallShield [22/05/2010|01:31] C:\Program Files\Common Files\Java [16/02/2008|17:39] C:\Program Files\Common Files\LightScribe [14/11/2010|15:42] C:\Program Files\Common Files\Logishrd [01/01/2007|04:43] C:\Program Files\Common Files\LS Getting Started [14/06/2009|02:02] C:\Program Files\Common Files\microsoft shared [18/06/2010|00:58] C:\Program Files\Common Files\muvee Technologies [16/02/2008|17:39] C:\Program Files\Common Files\PX Storage Engine [01/01/2007|04:42] C:\Program Files\Common Files\Roxio Shared [02/11/2006|12:18] C:\Program Files\Common Files\Services [16/02/2008|17:39] C:\Program Files\Common Files\Sonic Shared [16/02/2008|17:34] C:\Program Files\Common Files\SpeechEngines [19/09/2010|10:11] C:\Program Files\Common Files\Steam [09/06/2008|22:12] C:\Program Files\Common Files\SureThing Shared [13/01/2010|16:21] C:\Program Files\Common Files\Symantec Shared [16/12/2008|19:14] C:\Program Files\Common Files\System [09/01/2010|13:38] C:\Program Files\Common Files\Windows Live [16/02/2008|17:39] C:\Program Files\Common Files\WindowsLiveInstaller [16/07/2010|01:15] C:\Program Files\Common Files\Wise Installation Wizard --------------------\\ Process ( 65 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop C:\ProgramData\seek user user.tk9jl C:\ProgramData\seek user user.406e4b C:\ProgramData\seek user user.c1n8gf C:\ProgramData\Grim grid bind.84owt2p C:\ProgramData\seek user user.6qcs06t --------------------\\ Recherche de Fichiers / Dossiers Lop C:\ProgramData\Htm Support Bait Deaf C:\Users\AGENBZ~1\AppData\Roaming\MICROS~1\Windows\Cookies\system@advertstream[1].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url] Rootkit scan 2010-11-16 17:54:39 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\Users\AGENBZ~1\Downloads\Real Hide IP V3.6.3.8 + Crack {blaze69}(2).rar C:\Users\AGENBZ~1\Downloads\Real Hide IP V3.6.3.8 + Crack {blaze69}.rar C:\Users\AGENBZ~1\Downloads\eMule\Incoming\Left.4.Dead.2.Crack.Only-Razor1911.rar [F:27][D:7]-> C:\Users\AGENBZ~1\AppData\Local\Temp [F:54][D:1]-> C:\Users\AGENBZ~1\AppData\Roaming\MICROS~1\Windows\Cookies [F:61][D:5]-> C:\Users\AGENBZ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5 [F:2][D:2]-> C:\$Recycle.Bin 1 - "C:\Lop SD\LopR_1.txt" - 16/11/2010|17:57 - Option : [1] --------------------\\ Fin du rapport a 17:57:22 [ UAC => 1 ] j'espère que ceci vous aideras a m'aidé car cela ressemble à du chinois pour moi,merci d'avance