Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

virus

david11

Par david11
dans Analyses et éradication malwares

 Partager

Messages recommandés

david11 Member

david11

Posté(e)
  • Auteur
Posté(e)

Bonjour,

Voici le premier rapport.

 

 

 

-----------------------[ Lop S&D 4.1.0-5 XP/Vista ]---------------------

 

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : david ] [ "C:\Lop SD" ]

[ 2008-04-02 | 15:07:52.18 ] [ PC : ACER-FE8B363750 ]

[ MAJ : 01-03-2008 | 22:16 ]

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[2006-05-24|16:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[2005-11-02|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[2005-11-02|16:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[2005-11-02|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2005-11-02|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[2006-05-24|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[2007-01-13|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[2006-08-16|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[2005-11-02|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[2007-03-27|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb

[2006-09-12|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[2006-09-17|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[2005-11-02|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[2006-07-28|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive

[2006-08-02|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs

[2006-09-21|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy

[2005-11-02|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[2006-07-26|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL

[2006-11-12|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[2006-09-04|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[2006-08-13|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

 

[2006-05-24|16:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[2005-11-02|15:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2006-08-23|16:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

[2006-05-24|16:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[2007-12-12|17:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe

[2005-11-02|15:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[2007-06-16|15:17] C:\DOCUME~1\david\APPLIC~1\$_hpcst$.hpc

[2006-07-20|22:08] C:\DOCUME~1\david\APPLIC~1\.

[2006-07-20|22:08] C:\DOCUME~1\david\APPLIC~1\..

[2006-08-02|16:49] C:\DOCUME~1\david\APPLIC~1\Adobe

[2006-08-31|10:18] C:\DOCUME~1\david\APPLIC~1\AdobeUM

[2006-08-25|14:37] C:\DOCUME~1\david\APPLIC~1\CyberLink

[2005-11-02|15:47] C:\DOCUME~1\david\APPLIC~1\desktop.ini

[2006-12-26|18:16] C:\DOCUME~1\david\APPLIC~1\DivX

[2007-03-27|18:24] C:\DOCUME~1\david\APPLIC~1\Else plus

[2006-08-08|13:49] C:\DOCUME~1\david\APPLIC~1\EPSON

[2006-09-07|17:42] C:\DOCUME~1\david\APPLIC~1\Google

[2006-08-16|14:40] C:\DOCUME~1\david\APPLIC~1\Help

[2005-11-02|16:01] C:\DOCUME~1\david\APPLIC~1\Identities

[2008-01-08|19:31] C:\DOCUME~1\david\APPLIC~1\LimeWire

[2006-08-02|11:54] C:\DOCUME~1\david\APPLIC~1\Macromedia

[2005-11-02|15:47] C:\DOCUME~1\david\APPLIC~1\Microsoft

[2006-08-14|23:31] C:\DOCUME~1\david\APPLIC~1\Microsoft Web Folders

[2006-08-29|11:35] C:\DOCUME~1\david\APPLIC~1\Mozilla

[2006-08-02|13:36] C:\DOCUME~1\david\APPLIC~1\MSNInstaller

[2007-03-27|18:24] C:\DOCUME~1\david\APPLIC~1\Screenshot Sender

[2006-09-07|17:36] C:\DOCUME~1\david\APPLIC~1\Sun

[2005-11-02|16:09] C:\DOCUME~1\david\APPLIC~1\Symantec

[2006-11-12|16:45] C:\DOCUME~1\david\APPLIC~1\Ulead Systems

 

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

 

[2008-04-01 21:35][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[2008-04-02 15:00][--ah-----] C:\WINDOWS\tasks\B95F67D39035109F.job

[2008-03-29 00:37][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - david.job

[2008-04-02 14:35][--ah-----] C:\WINDOWS\tasks\SA.DAT

[2004-08-05 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[2006-05-24|16:21] C:\Program Files\.

[2006-05-24|16:21] C:\Program Files\..

[2005-11-02|16:04] C:\Program Files\Adobe

[2007-03-27|18:24] C:\Program Files\Adverts

[2006-07-22|15:53] C:\Program Files\Atari

[2006-09-17|22:02] C:\Program Files\BitComet

[2006-07-28|19:25] C:\Program Files\BroadJump

[2006-07-28|19:27] C:\Program Files\Club-Internet

[2006-07-28|19:28] C:\Program Files\Common Files

[2005-11-02|15:51] C:\Program Files\ComPlus Applications

[2005-11-02|16:07] C:\Program Files\CyberLink

[2006-08-31|21:57] C:\Program Files\david10.exe

[2006-08-24|15:39] C:\Program Files\directx

[2006-08-29|11:34] C:\Program Files\DivX

[2006-07-22|09:46] C:\Program Files\Eidos Interactive

[2007-04-01|18:17] C:\Program Files\Else plus

[2006-09-19|16:50] C:\Program Files\eMule

[2006-07-26|19:21] C:\Program Files\epson

[2006-09-03|21:28] C:\Program Files\ewido anti-spyware 4.0

[2005-11-02|15:47] C:\Program Files\Fichiers communs

[2006-07-22|16:02] C:\Program Files\GameSpy Arcade

[2006-08-29|11:35] C:\Program Files\Google

[2005-11-02|16:00] C:\Program Files\InstallShield Installation Information

[2006-07-26|20:53] C:\Program Files\Intel

[2005-11-02|15:52] C:\Program Files\Internet Explorer

[2006-09-07|17:41] C:\Program Files\Java

[2008-01-08|19:30] C:\Program Files\LimeWire

[2006-07-22|15:43] C:\Program Files\Logitech

[2006-09-30|13:58] C:\Program Files\Masta

[2005-11-02|15:51] C:\Program Files\Messenger

[2006-08-22|16:18] C:\Program Files\Messenger Plus! Live

[2006-09-04|21:40] C:\Program Files\MessengerPlus! 3

[2006-11-12|15:43] C:\Program Files\Micro Application

[2006-08-24|15:34] C:\Program Files\Microids

[2007-06-16|15:15] C:\Program Files\Microsoft ActiveSync

[2007-05-11|03:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[2005-11-02|15:53] C:\Program Files\microsoft frontpage

[2006-08-14|23:31] C:\Program Files\Microsoft Office

[2006-08-16|18:43] C:\Program Files\Microsoft Visual Studio

[2006-07-28|19:27] C:\Program Files\Motive

[2005-11-02|15:52] C:\Program Files\Movie Maker

[2006-08-29|11:35] C:\Program Files\Mozilla Firefox

[2005-11-02|15:51] C:\Program Files\MSN

[2005-11-02|15:51] C:\Program Files\MSN Gaming Zone

[2006-08-13|11:50] C:\Program Files\MSN Messenger

[2006-11-15|22:58] C:\Program Files\MSXML 4.0

[2005-11-02|15:52] C:\Program Files\NetMeeting

[2005-11-02|16:07] C:\Program Files\NewTech Infosystems

[2006-11-15|14:55] C:\Program Files\Norton Internet Security

[2005-11-02|15:51] C:\Program Files\Online Services

[2005-11-02|15:52] C:\Program Files\Outlook Express

[2007-11-05|09:31] C:\Program Files\PacificPoker4

[2007-11-25|21:15] C:\Program Files\PokerStars

[2005-11-02|16:02] C:\Program Files\Realtek AC97

[2005-11-02|15:52] C:\Program Files\Services en ligne

[2006-07-20|22:09] C:\Program Files\SiS VGA Utilities V3.68

[2005-11-02|16:00] C:\Program Files\sisagp

[2006-07-20|21:50] C:\Program Files\SiSLan

[2005-11-02|16:09] C:\Program Files\Symantec

[2007-01-30|10:25] C:\Program Files\Ulead Systems

[2005-11-02|16:01] C:\Program Files\Uninstall Information

[2006-07-26|20:50] C:\Program Files\Waywardxs

[2006-10-15|15:50] C:\Program Files\Windows Journal Viewer

[2007-10-02|16:59] C:\Program Files\Windows Live

[2006-08-13|11:52] C:\Program Files\Windows Live Toolbar

[2007-02-08|15:28] C:\Program Files\Windows Media Connect 2

[2005-11-02|15:51] C:\Program Files\Windows Media Player

[2005-11-02|15:51] C:\Program Files\Windows NT

[2005-11-02|15:52] C:\Program Files\WindowsUpdate

[2005-11-02|15:53] C:\Program Files\xerox

[2006-08-20|22:54] C:\Program Files\Yahoo!

 

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

 

[2006-05-24|16:21] C:\Program Files\Fichiers communs\.

[2006-05-24|16:21] C:\Program Files\Fichiers communs\..

[2007-01-13|13:23] C:\Program Files\Fichiers communs\Adobe

[2006-08-14|23:34] C:\Program Files\Fichiers communs\Designer

[2005-11-02|16:00] C:\Program Files\Fichiers communs\InstallShield

[2006-09-07|17:40] C:\Program Files\Fichiers communs\Java

[2006-08-19|15:52] C:\Program Files\Fichiers communs\Labtec

[2006-07-22|15:43] C:\Program Files\Fichiers communs\Logitech

[2006-11-12|15:43] C:\Program Files\Fichiers communs\Micro Application Shared

[2005-11-02|15:47] C:\Program Files\Fichiers communs\Microsoft Shared

[2006-07-28|19:28] C:\Program Files\Fichiers communs\Motive

[2005-11-02|15:52] C:\Program Files\Fichiers communs\MSSoap

[2005-11-02|16:07] C:\Program Files\Fichiers communs\muvee Technologies

[2005-11-02|16:07] C:\Program Files\Fichiers communs\NewTech Infosystems

[2005-11-02|15:47] C:\Program Files\Fichiers communs\ODBC

[2005-11-02|15:52] C:\Program Files\Fichiers communs\Services

[2005-11-02|15:47] C:\Program Files\Fichiers communs\SpeechEngines

[2005-11-02|16:09] C:\Program Files\Fichiers communs\Symantec Shared

[2005-11-02|15:52] C:\Program Files\Fichiers communs\System

[2007-01-30|10:24] C:\Program Files\Fichiers communs\Ulead Systems

 

----------------------[ Recherche avec S_Lop ]---------------------

 

Aucun fichier / dossier Lop trouvé !

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

C:\DOCUME~1\david\APPLIC~1\ELSE PLUS

C:\DOCUME~1\david\APPLIC~1\ELSE PLUS\lvvocvkn.exe

C:\DOCUME~1\david\APPLIC~1\ELSE PLUS\hivkvlrn.exe

C:\Program Files\ELSE PLUS

C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb

C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb\grid dart.exe

C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb\tool soft.exe

C:\Program Files\Adverts

C:\Program Files\Adverts\uninst.exe

C:\WINDOWS\Tasks\B95F67D39035109F.job

 

----------------------[ Verification du Registre ]----------------------

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts PROPRE

 

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-02 15:09:43

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden files ...

scan completed successfully

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

Aucune autre infection trouvée !

 

/!\ [Fich:6][Doss:2] C:\DOCUME~1\david\LOCALS~1\Temp

/!\ [Fich:2949][Doss:0] C:\DOCUME~1\david\Cookies

/!\ [Fich:1032][Doss:20] C:\DOCUME~1\david\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------[ Fin du rapport a 15:09:50.93 ]----------------------

david11 Member

david11

Posté(e)
  • Auteur
Posté(e)

Et voici le deuxieme.

 

 

 

-----------------------[ Lop S&D 4.1.0-5 XP/Vista ]---------------------

 

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]

[ USER : david ] [ "C:\Lop SD" ]

[ 2008-04-02 | 15:14:35.42 ] [ PC : ACER-FE8B363750 ]

[ MAJ : 01-03-2008 | 22:16 ]

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

 

Supprimé! - C:\DOCUME~1\david\APPLIC~1\ELSE PLUS\lvvocvkn.exe

Supprimé! - C:\DOCUME~1\david\APPLIC~1\ELSE PLUS\hivkvlrn.exe

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb\grid dart.exe

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb\tool soft.exe

Supprimé! - C:\Program Files\Adverts\uninst.exe

Supprimé! - C:\WINDOWS\Tasks\B95F67D39035109F.job

Supprimé! - C:\DOCUME~1\david\APPLIC~1\ELSE PLUS

Supprimé! - C:\Program Files\ELSE PLUS

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\filmtimeupcurb

Supprimé! - C:\Program Files\Adverts

 

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[2006-05-24|16:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..

[2005-11-02|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini

[2005-11-02|16:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[2005-11-02|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[2005-11-02|16:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[2006-05-24|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..

[2007-01-13|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[2006-08-16|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink

[2005-11-02|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini

[2006-09-12|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google

[2006-09-17|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[2005-11-02|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[2006-07-28|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive

[2006-08-02|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs

[2006-09-21|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NtiDvdCopy

[2005-11-02|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[2006-07-26|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL

[2006-11-12|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[2006-09-04|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[2006-08-13|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

 

[2006-05-24|16:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\..

[2005-11-02|15:47] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[2006-08-23|16:51] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

[2006-05-24|16:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\.

[2006-05-24|16:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\..

[2007-12-12|17:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe

[2005-11-02|15:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

[2007-06-16|15:17] C:\DOCUME~1\david\APPLIC~1\$_hpcst$.hpc

[2006-07-20|22:08] C:\DOCUME~1\david\APPLIC~1\.

[2006-07-20|22:08] C:\DOCUME~1\david\APPLIC~1\..

[2006-08-02|16:49] C:\DOCUME~1\david\APPLIC~1\Adobe

[2006-08-31|10:18] C:\DOCUME~1\david\APPLIC~1\AdobeUM

[2006-08-25|14:37] C:\DOCUME~1\david\APPLIC~1\CyberLink

[2005-11-02|15:47] C:\DOCUME~1\david\APPLIC~1\desktop.ini

[2006-12-26|18:16] C:\DOCUME~1\david\APPLIC~1\DivX

[2006-08-08|13:49] C:\DOCUME~1\david\APPLIC~1\EPSON

[2006-09-07|17:42] C:\DOCUME~1\david\APPLIC~1\Google

[2006-08-16|14:40] C:\DOCUME~1\david\APPLIC~1\Help

[2005-11-02|16:01] C:\DOCUME~1\david\APPLIC~1\Identities

[2008-01-08|19:31] C:\DOCUME~1\david\APPLIC~1\LimeWire

[2006-08-02|11:54] C:\DOCUME~1\david\APPLIC~1\Macromedia

[2005-11-02|15:47] C:\DOCUME~1\david\APPLIC~1\Microsoft

[2006-08-14|23:31] C:\DOCUME~1\david\APPLIC~1\Microsoft Web Folders

[2006-08-29|11:35] C:\DOCUME~1\david\APPLIC~1\Mozilla

[2006-08-02|13:36] C:\DOCUME~1\david\APPLIC~1\MSNInstaller

[2007-03-27|18:24] C:\DOCUME~1\david\APPLIC~1\Screenshot Sender

[2006-09-07|17:36] C:\DOCUME~1\david\APPLIC~1\Sun

[2005-11-02|16:09] C:\DOCUME~1\david\APPLIC~1\Symantec

[2006-11-12|16:45] C:\DOCUME~1\david\APPLIC~1\Ulead Systems

 

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

 

[2008-04-01 21:35][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[2008-03-29 00:37][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Effectuer une analyse complŠte du systŠme - david.job

[2008-04-02 14:35][--ah-----] C:\WINDOWS\tasks\SA.DAT

[2004-08-05 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[2006-05-24|16:21] C:\Program Files\.

[2006-05-24|16:21] C:\Program Files\..

[2005-11-02|16:04] C:\Program Files\Adobe

[2006-07-22|15:53] C:\Program Files\Atari

[2006-09-17|22:02] C:\Program Files\BitComet

[2006-07-28|19:25] C:\Program Files\BroadJump

[2006-07-28|19:27] C:\Program Files\Club-Internet

[2006-07-28|19:28] C:\Program Files\Common Files

[2005-11-02|15:51] C:\Program Files\ComPlus Applications

[2005-11-02|16:07] C:\Program Files\CyberLink

[2006-08-31|21:57] C:\Program Files\david10.exe

[2006-08-24|15:39] C:\Program Files\directx

[2006-08-29|11:34] C:\Program Files\DivX

[2006-07-22|09:46] C:\Program Files\Eidos Interactive

[2006-09-19|16:50] C:\Program Files\eMule

[2006-07-26|19:21] C:\Program Files\epson

[2006-09-03|21:28] C:\Program Files\ewido anti-spyware 4.0

[2005-11-02|15:47] C:\Program Files\Fichiers communs

[2006-07-22|16:02] C:\Program Files\GameSpy Arcade

[2006-08-29|11:35] C:\Program Files\Google

[2005-11-02|16:00] C:\Program Files\InstallShield Installation Information

[2006-07-26|20:53] C:\Program Files\Intel

[2005-11-02|15:52] C:\Program Files\Internet Explorer

[2006-09-07|17:41] C:\Program Files\Java

[2008-01-08|19:30] C:\Program Files\LimeWire

[2006-07-22|15:43] C:\Program Files\Logitech

[2006-09-30|13:58] C:\Program Files\Masta

[2005-11-02|15:51] C:\Program Files\Messenger

[2006-08-22|16:18] C:\Program Files\Messenger Plus! Live

[2006-09-04|21:40] C:\Program Files\MessengerPlus! 3

[2006-11-12|15:43] C:\Program Files\Micro Application

[2006-08-24|15:34] C:\Program Files\Microids

[2007-06-16|15:15] C:\Program Files\Microsoft ActiveSync

[2007-05-11|03:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[2005-11-02|15:53] C:\Program Files\microsoft frontpage

[2006-08-14|23:31] C:\Program Files\Microsoft Office

[2006-08-16|18:43] C:\Program Files\Microsoft Visual Studio

[2006-07-28|19:27] C:\Program Files\Motive

[2005-11-02|15:52] C:\Program Files\Movie Maker

[2006-08-29|11:35] C:\Program Files\Mozilla Firefox

[2005-11-02|15:51] C:\Program Files\MSN

[2005-11-02|15:51] C:\Program Files\MSN Gaming Zone

[2006-08-13|11:50] C:\Program Files\MSN Messenger

[2006-11-15|22:58] C:\Program Files\MSXML 4.0

[2005-11-02|15:52] C:\Program Files\NetMeeting

[2005-11-02|16:07] C:\Program Files\NewTech Infosystems

[2006-11-15|14:55] C:\Program Files\Norton Internet Security

[2005-11-02|15:51] C:\Program Files\Online Services

[2005-11-02|15:52] C:\Program Files\Outlook Express

[2007-11-05|09:31] C:\Program Files\PacificPoker4

[2007-11-25|21:15] C:\Program Files\PokerStars

[2005-11-02|16:02] C:\Program Files\Realtek AC97

[2005-11-02|15:52] C:\Program Files\Services en ligne

[2006-07-20|22:09] C:\Program Files\SiS VGA Utilities V3.68

[2005-11-02|16:00] C:\Program Files\sisagp

[2006-07-20|21:50] C:\Program Files\SiSLan

[2005-11-02|16:09] C:\Program Files\Symantec

[2007-01-30|10:25] C:\Program Files\Ulead Systems

[2005-11-02|16:01] C:\Program Files\Uninstall Information

[2006-07-26|20:50] C:\Program Files\Waywardxs

[2006-10-15|15:50] C:\Program Files\Windows Journal Viewer

[2007-10-02|16:59] C:\Program Files\Windows Live

[2006-08-13|11:52] C:\Program Files\Windows Live Toolbar

[2007-02-08|15:28] C:\Program Files\Windows Media Connect 2

[2005-11-02|15:51] C:\Program Files\Windows Media Player

[2005-11-02|15:51] C:\Program Files\Windows NT

[2005-11-02|15:52] C:\Program Files\WindowsUpdate

[2005-11-02|15:53] C:\Program Files\xerox

[2006-08-20|22:54] C:\Program Files\Yahoo!

 

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

 

[2006-05-24|16:21] C:\Program Files\Fichiers communs\.

[2006-05-24|16:21] C:\Program Files\Fichiers communs\..

[2007-01-13|13:23] C:\Program Files\Fichiers communs\Adobe

[2006-08-14|23:34] C:\Program Files\Fichiers communs\Designer

[2005-11-02|16:00] C:\Program Files\Fichiers communs\InstallShield

[2006-09-07|17:40] C:\Program Files\Fichiers communs\Java

[2006-08-19|15:52] C:\Program Files\Fichiers communs\Labtec

[2006-07-22|15:43] C:\Program Files\Fichiers communs\Logitech

[2006-11-12|15:43] C:\Program Files\Fichiers communs\Micro Application Shared

[2005-11-02|15:47] C:\Program Files\Fichiers communs\Microsoft Shared

[2006-07-28|19:28] C:\Program Files\Fichiers communs\Motive

[2005-11-02|15:52] C:\Program Files\Fichiers communs\MSSoap

[2005-11-02|16:07] C:\Program Files\Fichiers communs\muvee Technologies

[2005-11-02|16:07] C:\Program Files\Fichiers communs\NewTech Infosystems

[2005-11-02|15:47] C:\Program Files\Fichiers communs\ODBC

[2005-11-02|15:52] C:\Program Files\Fichiers communs\Services

[2005-11-02|15:47] C:\Program Files\Fichiers communs\SpeechEngines

[2005-11-02|16:09] C:\Program Files\Fichiers communs\Symantec Shared

[2005-11-02|15:52] C:\Program Files\Fichiers communs\System

[2007-01-30|10:24] C:\Program Files\Fichiers communs\Ulead Systems

 

----------------------[ Recherche avec S_Lop ]---------------------

 

Aucun fichier / dossier Lop trouvé !

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

Aucun fichier / dossier Lop trouvé !

 

----------------------[ Verification du Registre ]----------------------

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts PROPRE

 

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-02 15:16:28

Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden files ...

scan completed successfully

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

Aucune autre infection trouvée !

 

/!\ [Fich:6][Doss:2] C:\DOCUME~1\david\LOCALS~1\Temp

/!\ [Fich:2949][Doss:0] C:\DOCUME~1\david\Cookies

/!\ [Fich:381][Doss:20] C:\DOCUME~1\david\LOCALS~1\TEMPOR~1\content.IE5

 

--------------------[ Fin du rapport a 15:16:35.29 ]----------------------

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

est ce mieux désormais ?

 

Faire un scan en ligne avec Panda http://www.nanoscan.com/as/v1/principal.aspx?Lang=en

En images ici > http://www.malekal.com/scan_Av_en_ligne.php#mozTocId131054

Attention!! Panda et Avast entrent en conflit, il faut désactiver le bouclier web d'Avast ,en cliquant sur le bouton "Pause" avant de commencer ce scan .

vous le réactiverez après avoir sauvegardé le rapport.

 

* Il faut choisir Full Scan (et pas QuickScan) >

* Poster le rapport qu'il affichera à la fin.

pear Devil Member !

pear

Posté(e)
Posté(e)

Essayez Nod32:

 

Cliquer sur le lien suivant > ESET Online Scanner Link

http://www.eset.com/onlinescan/

 

* Cocher la case YES, I accept the Terms Of Use

* Cliquer sur le bouton Start

* Cliquer ensuite sur le bouton Install

* Clique sur Start

* Le scanner va se mettre à jour.

* Ne pas cocher la case Remove found threats

* Clique sur le bouton Scan

* Le scan va se lancer:

* Lorsque le scan s'achève, cliquer sur le menu Details

* Copier/coller le contenu du rapport généré:

il se trouve ici > C:\Program Files\EsetOnlineScanner et se nomme log.txt

david11 Member

david11

Posté(e)
  • Auteur
Posté(e)

Bonsoir,

Voici le rapport de Nod32

 

# version=4

# OnlineScanner.ocx=1.0.0.635

# OnlineScannerDLLA.dll=1, 0, 0, 79

# OnlineScannerDLLW.dll=1, 0, 0, 78

# OnlineScannerUninstaller.exe=1, 0, 0, 49

# vers_standard_module=2995 (20080402)

# vers_arch_module=1.064 (20080214)

# vers_adv_heur_module=1.064 (20070717)

# EOSSerial=f23b4bb42a392f488573a9b824d7c5a2

# end=finished

# remove_checked=false

# unwanted_checked=false

# utc_time=2008-04-02 04:45:18

# local_time=2008-04-02 06:45:18 (+0100, Paris, Madrid)

# country="France"

# osver=5.1.2600 NT Service Pack 2

# scanned=333283

# found=49

# scan_time=4637

C:\Documents and Settings\david\Local Settings\Temp\Av-test.txt Eicar test file 1195B64D237F57E6289D3CD105228D93

C:\Documents and Settings\david\Bureau\sdfix david\SDFix\backups\backups.zip multiple infiltrations 540EA64A3F3DFFC434BA7CAE04345BB5

C:\Documents and Settings\david\Bureau\sdfix david\SDFix\backups\backups.zip »ZIP »backups/mrofinu1188.exe Win32/TrojanDownloader.Agent.BLS trojan 00000000000000000000000000000000

C:\Documents and Settings\david\Bureau\sdfix david\SDFix\backups\backups.zip »ZIP »backups/svchost.exe probably a variant of Win32/Genetik trojan 00000000000000000000000000000000

C:\Documents and Settings\david\Bureau\sdfix david\SDFix\backups\backups.zip »ZIP »backups/winlogon.exe probably a variant of Win32/Genetik trojan 00000000000000000000000000000000

C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP517\A0054657.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP517\A0054658.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP518\A0055740.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP518\A0055741.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP519\A0055794.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP519\A0055795.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP521\A0055821.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP521\A0055822.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP522\A0055862.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP522\A0055863.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP522\A0055890.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP522\A0055891.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP523\A0055930.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP523\A0055931.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP524\A0055962.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP524\A0055963.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP526\A0056991.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP526\A0056992.dll Win32/BHO.NDA trojan 0CEA62B48299CDFF294C1C18DACDBA53

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057508.dll Win32/Adware.Virtumonde application C7E047AFB36E7A726409865D60327ED4

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057567.exe Win32/TrojanDownloader.Agent.BLS trojan 9CB9C37743FE81247BFB2D829126C340

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057568.exe probably a variant of Win32/Genetik trojan 6F5F56C29516BF466D33AEE4339E4F2C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057569.EXE probably a variant of Win32/Genetik trojan 6F5F56C29516BF466D33AEE4339E4F2C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057577.exe Win32/TrojanDownloader.Agent.BLS trojan 9CB9C37743FE81247BFB2D829126C340

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057578.exe probably a variant of Win32/Genetik trojan 6F5F56C29516BF466D33AEE4339E4F2C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP536\A0057579.exe probably a variant of Win32/Genetik trojan 6F5F56C29516BF466D33AEE4339E4F2C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP537\A0057660.dll Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP537\A0057661.dll Win32/BHO.NDF trojan C92B0FC02492CFFF0D46ADA328CC00BA

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP537\A0057663.dll Win32/BHO.NDF trojan 89A018558698C20D520B4634C1138C5A

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP537\A0057664.DLL Win32/Adware.AdMedia application 07A000FACD13BEA3D1C693D223D8B105

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP537\A0057667.dll Win32/Adware.Comet application 1AEC69858C40A40E0E257E98C1913D6E

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP538\A0057933.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP538\A0057934.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP538\A0057935.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP538\A0057936.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\System Volume Information\_restore{EADA2B13-36AE-4518-A8C2-3D8B7D759571}\RP538\A0057937.exe Win32/Obfuscated.A1 trojan AF093801E470A3DB669FD15B461FEAE4

C:\QooBox\Quarantine\C\Program Files\Starware354\bin\Starware354.dll.vir Win32/Adware.Comet application 1AEC69858C40A40E0E257E98C1913D6E

C:\QooBox\Quarantine\C\WINDOWS\system32\nss3D.dll.vir Win32/BHO.NCZ trojan 1727958C8B8CE26C21DA459FE766D228

C:\QooBox\Quarantine\C\WINDOWS\system32\ulcjccqi.dll.vir Win32/BHO.NDF trojan 89A018558698C20D520B4634C1138C5A

C:\Lop SD\Backup-Lop\F\lvvocvkn.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\Lop SD\Backup-Lop\F\hivkvlrn.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\Lop SD\Backup-Lop\F\grid dart.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\Lop SD\Backup-Lop\F\tool soft.exe Win32/Obfuscated.A1 trojan D9C6EC2C800A5F7456D0F46F3233AE5C

C:\Lop SD\Backup-Lop\F\uninst.exe Win32/Obfuscated.A1 trojan AF093801E470A3DB669FD15B461FEAE4

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonsoir,

 

C'est bon, apparemment.

 

Télécharger ToolsCleaner! de A.Rothstein pour enlever les programmes utilisés pendant la procédure.

http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

* Enregistrer ToolsCleaner2.exe sur le Bureau.

Sous Vista,Clic-droit > Exécuter en tant que Administrateur

* Double-cliquer dessus, puis cliquer sur Recherche --> Le programme va chercher les utilitaires installés

------> Il se peut que la fenêtre devienne blanche pendant le scan, c'est normal !

* Copier-coller le contenu du rapport qui apparait dans la fenêtre blanche.

david11 Member

david11

Posté(e)
  • Auteur
Posté(e)

bonsoir,

Voici le rapport de Toolscleaner2

 

-->- Recherche:

 

C:\SDFIX: trouvé !

C:\Combofix: trouvé !

C:\Lop SD: trouvé !

C:\Qoobox: trouvé !

C:\Documents and Settings\david\Menu Démarrer\Programmes\Lop S&D: trouvé !

C:\Documents and Settings\david\Recent\HijackThis.lnk: trouvé !

C:\Documents and Settings\david\Bureau\SdFix.exe: trouvé !

C:\Documents and Settings\david\Bureau\Lop S&D.lnk: trouvé !

C:\Documents and Settings\david\Bureau\LopSD.exe: trouvé !

C:\Documents and Settings\david\Bureau\ComboFix.exe: trouvé !

C:\Documents and Settings\david\Bureau\HijackThis.exe: trouvé !

C:\Documents and Settings\david\Bureau\sdfix david\SDFIX: trouvé !

C:\Lop SD\Lop S&D.lnk: trouvé !

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonsoir,

 

Seulement faire attention aux sites que vous fréquentez et scanner tout fichier téléchargé avant de l'ouvrir.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...