Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Aide probleme CID

Invité louise88

Par Invité louise88
dans Analyses et éradication malwares

 Partager

Messages recommandés

Invité louise88

Invité louise88

Posté(e)
Posté(e)

Bonsoir,

 

Voilà, j'ai un petit probleme, je suis envahi de spam CiD... j'ai parcouru les forums d'aide mais étant vraiment très nul en informatique j'y comprend pas grand chose..

Donc si quelqu'un est patient et veut bien m'aider cela serait avec plaisir parceque je commence vraiment à m'énerver des que je vais sur internet!!

 

Merci d'avance

 

Louise

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonsoir,

 

Désactiver les protections résidentes ( Antivirus, etc...), vous les réactiverez ensuite,

* Télécharger Lop S&D de Eric71 sur le bureau,

http://eric.71.mespages.googlepages.com/LopSD.exe

* Double-cliquer dessus pour lancer l'installation

* Puis double-cliquer sur le raccourci Lop S&D présent sur le bureau

* Séléctionner la langue souhaitée , puis choisir l'Option 1 (Recherche)

* Patienter jusqu'à la fin du scan

* Poster le rapport généré (C:\lopR.txt)

 

( Si le Bureau ne réapparait pas presser Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , taper explorer.exe et valider )

 

Relancer Lop S&D

 

* Choisir l'Option 2 (Suppression)

* Ne fermez pas la fenêtre lors de la suppression !

* Poster le rapport généré (C:\lopR.txt)

 

 

(Si le Bureau ne réapparaît pas presser Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , taper explorer.exe et valider)

[/color]

 

*

Téléchargez Hijackthis de TrendMicro.

* Décompressez le dans un dossier à la racine du disque dur

renommer ce dossier par exemple Karcher

Sous Vista,,il faut faire clic-droit >> "Exécuter en tant qu'Administrateur" sur Hijackthis.exe sinon HJT tourne mais ne fixe rien.

* Lancer le fichier Hijackthis.exe

* Cliquer sur Do a system scan and save a log file

* Copier-coller le rapport dans un nouveau message ici

Invité Invité

Invité Invité

Posté(e)
Posté(e)

Voila le premier rapport avec l'option 1

 

-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

 

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]

[ USER : Clara ] [ "C:\Lop SD" ] [ Selection : 1 ]

[ 30/04/2008 | 12:38:35,89 ] [ PC : PC-CLARA ]

[ MAJ : 27-04-2008 | 11:15 ]

[ UAC => 0 ]

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[06/04/2008|08:44] C:\Users\Clara\AppData\Roaming\Adobe\Flash Player

[21/03/2008|20:53] C:\Users\Clara\AppData\Roaming\Adobe\Linguistics

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Adobe\Acrobat

 

[29/04/2008|21:11] C:\Users\Clara\AppData\Roaming\Apple Computer\iTunes

 

[23/02/2008|19:52] C:\Users\Clara\AppData\Roaming\CyberLink\PowerDVD

[23/02/2008|19:52] C:\Users\Clara\AppData\Roaming\CyberLink\PowerCinema

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\CyberLink\MediaCache

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\CyberLink\MagicSports

 

[21/03/2008|18:40] C:\Users\Clara\AppData\Roaming\DivX\DivX Codec

 

[06/04/2008|18:15] C:\Users\Clara\AppData\Roaming\Google\Local Search History

[24/03/2008|20:55] C:\Users\Clara\AppData\Roaming\Google\GoogleEarth

 

[23/02/2008|19:44] C:\Users\Clara\AppData\Roaming\Identities\{2A7ABF83-DE9F-4E32-8879-80329CBF9F3E}

 

[23/02/2008|21:27] C:\Users\Clara\AppData\Roaming\Macromedia\Flash Player

 

 

[27/04/2008|19:01] C:\Users\Clara\AppData\Roaming\Microsoft\Templates

[17/04/2008|19:42] C:\Users\Clara\AppData\Roaming\Microsoft\MSN Messenger

[13/04/2008|19:49] C:\Users\Clara\AppData\Roaming\Microsoft\HTML Help

[12/04/2008|16:07] C:\Users\Clara\AppData\Roaming\Microsoft\UProof

[12/04/2008|16:06] C:\Users\Clara\AppData\Roaming\Microsoft\Office

[08/04/2008|20:55] C:\Users\Clara\AppData\Roaming\Microsoft\OIS

[03/04/2008|19:28] C:\Users\Clara\AppData\Roaming\Microsoft\Word

[24/03/2008|21:24] C:\Users\Clara\AppData\Roaming\Microsoft\Excel

[22/03/2008|18:37] C:\Users\Clara\AppData\Roaming\Microsoft\Windows Photo Gallery

[16/03/2008|17:01] C:\Users\Clara\AppData\Roaming\Microsoft\Network

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\Proof

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\Document Building Blocks

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\AddIns

[01/03/2008|11:20] C:\Users\Clara\AppData\Roaming\Microsoft\MMC

[29/02/2008|21:56] C:\Users\Clara\AppData\Roaming\Microsoft\IdentityCRL

[28/02/2008|20:53] C:\Users\Clara\AppData\Roaming\Microsoft\Internet Explorer

[24/02/2008|14:37] C:\Users\Clara\AppData\Roaming\Microsoft\Crypto

[24/02/2008|14:37] C:\Users\Clara\AppData\Roaming\Microsoft\eHome

[23/02/2008|23:23] C:\Users\Clara\AppData\Roaming\Microsoft\Works

[23/02/2008|20:03] C:\Users\Clara\AppData\Roaming\Microsoft\Windows

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Microsoft\CLR Security Config

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Microsoft\SystemCertificates

[23/02/2008|19:44] C:\Users\Clara\AppData\Roaming\Microsoft\Protect

[23/02/2008|19:33] C:\Users\Clara\AppData\Roaming\Microsoft\Credentials

 

[16/04/2008|10:50] C:\Users\Clara\AppData\Roaming\Mozilla\Firefox

 

[30/04/2008|12:38] C:\Users\Clara\AppData\Roaming\nvModes.001\nvModes.001

 

[16/04/2008|11:01] C:\Users\Clara\AppData\Roaming\nvModes.dat\nvModes.dat

 

[30/04/2008|12:38] C:\Users\Clara\AppData\Roaming\Packard Bell\Setup my PC

[20/03/2008|15:54] C:\Users\Clara\AppData\Roaming\Packard Bell\iUpdator

[20/03/2008|15:52] C:\Users\Clara\AppData\Roaming\Packard Bell\IDCard

[29/02/2008|22:13] C:\Users\Clara\AppData\Roaming\Packard Bell\Smart Restore

[24/02/2008|14:28] C:\Users\Clara\AppData\Roaming\Packard Bell\InfoCentre

 

 

[17/04/2008|11:08] C:\Users\Clara\AppData\Roaming\Roxio\MediaManager9

 

[23/02/2008|20:01] C:\Users\Clara\AppData\Roaming\Talkback\MozillaOrg

 

[24/01/2007|05:02] C:\Users\Clara\AppData\Roaming\Template\Normal.wpt

 

[01/03/2008|11:18] C:\Users\Clara\AppData\Roaming\UserTile.png\UserTile.png

 

[28/04/2008|18:35] C:\Users\Clara\AppData\Roaming\wklnhst.dat\wklnhst.dat

 

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

 

[29/04/2008 19:31][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B8D67D34-D14F-4195-B2CF-1A296C07F01E}.job

[30/04/2008 12:30][--a------] C:\Windows\tasks\Extension de garantie.job

[30/04/2008 12:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job

[30/04/2008 12:38][--ah-----] C:\Windows\tasks\SA.DAT

[30/04/2008 12:37][--a------] C:\Windows\tasks\SCHEDLGU.TXT

 

------[ Listing des dossiers dans C:\ProgramData ]------

 

[08/04/2007|05:11] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[29/02/2008|22:59] C:\ProgramData\Active the bore sect

[21/03/2008|21:11] C:\ProgramData\Adobe

[23/03/2008|14:51] C:\ProgramData\Apple

[25/04/2008|17:09] C:\ProgramData\Apple Computer

[02/11/2006|15:02] C:\ProgramData\Application Data

[23/02/2008|19:30] C:\ProgramData\Bureau

[29/02/2008|21:58] C:\ProgramData\CyberLink

[02/11/2006|15:02] C:\ProgramData\Desktop

[02/11/2006|15:02] C:\ProgramData\Documents

[29/02/2008|22:59] C:\ProgramData\dumb ace ace.d7wdr

[29/02/2008|22:59] C:\ProgramData\dumb ace ace.n17ceg

[23/02/2008|19:30] C:\ProgramData\Favoris

[02/11/2006|15:02] C:\ProgramData\Favorites

[08/04/2007|04:58] C:\ProgramData\Google

[08/04/2007|04:56] C:\ProgramData\InstallShield

[29/02/2008|22:59] C:\ProgramData\loud love kind.xffpa

[23/02/2008|19:30] C:\ProgramData\Menu D‚marrer

[01/03/2008|13:59] C:\ProgramData\Messenger Plus!

[13/04/2008|19:49] C:\ProgramData\Microsoft

[08/04/2008|21:07] C:\ProgramData\Microsoft Help

[23/02/2008|19:30] C:\ProgramData\ModŠles

[08/04/2007|05:18] C:\ProgramData\NVIDIA

[29/02/2008|22:59] C:\ProgramData\OnlinePop

[08/04/2007|05:16] C:\ProgramData\Roxio

[08/04/2007|05:12] C:\ProgramData\Skype

[01/03/2008|09:34] C:\ProgramData\Sonic

[16/04/2008|10:59] C:\ProgramData\Spybot - Search & Destroy

[02/11/2006|15:02] C:\ProgramData\Start Menu

[15/03/2008|15:51] C:\ProgramData\Symantec

[02/11/2006|15:02] C:\ProgramData\Templates

[28/02/2008|20:07] C:\ProgramData\WLInstaller

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[08/04/2007|05:11] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

[21/03/2008|21:10] C:\Program Files\Adobe

[28/02/2008|20:11] C:\Program Files\Alwil Software

[25/04/2008|16:45] C:\Program Files\Apple Software Update

[23/03/2008|14:54] C:\Program Files\Bonjour

[29/02/2008|22:58] C:\Program Files\Circle Developement

[23/03/2008|14:51] C:\Program Files\Common Files

[08/04/2007|04:39] C:\Program Files\CONEXANT

[08/04/2007|04:58] C:\Program Files\CyberLink

[08/04/2007|04:27] C:\Program Files\desktop.ini

[14/03/2008|22:05] C:\Program Files\DivX

[23/02/2008|19:30] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]

[08/04/2007|04:40] C:\Program Files\ForceHCResetOnResume

[24/03/2008|20:51] C:\Program Files\Google

[08/04/2007|04:48] C:\Program Files\HDReg

[24/02/2008|14:53] C:\Program Files\InstallShield Installation Information

[08/04/2008|21:23] C:\Program Files\Internet Explorer

[25/04/2008|17:09] C:\Program Files\iPod

[25/04/2008|17:09] C:\Program Files\iTunes

[29/03/2008|16:04] C:\Program Files\Messenger Plus! Live

[28/02/2008|21:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[02/11/2006|14:37] C:\Program Files\Microsoft Games

[08/04/2007|05:09] C:\Program Files\Microsoft Office

[08/04/2007|05:09] C:\Program Files\Microsoft Works

[08/04/2007|05:08] C:\Program Files\Microsoft.NET

[08/04/2007|13:41] C:\Program Files\Movie Maker

[08/04/2007|04:57] C:\Program Files\Mozilla Firefox

[02/11/2006|14:37] C:\Program Files\MSBuild

[02/11/2006|14:37] C:\Program Files\MSN

[28/02/2008|21:09] C:\Program Files\MSXML 4.0

[15/03/2008|15:49] C:\Program Files\Norton 360

[29/02/2008|22:13] C:\Program Files\Packard Bell

[28/02/2008|20:30] C:\Program Files\Picasa2

[25/04/2008|17:07] C:\Program Files\QuickTime

[08/04/2007|04:44] C:\Program Files\Realtek Semiconductor Corp

[02/11/2006|14:37] C:\Program Files\Reference Assemblies

[08/04/2007|04:56] C:\Program Files\Roxio

[24/02/2008|14:53] C:\Program Files\SAGEM

[08/04/2007|05:12] C:\Program Files\Skype

[16/04/2008|10:34] C:\Program Files\Spybot - Search & Destroy

[08/04/2007|04:41] C:\Program Files\Synaptics

[02/11/2006|15:01] C:\Program Files\Uninstall Information

[08/04/2007|13:49] C:\Program Files\Windows Calendar

[08/04/2007|13:41] C:\Program Files\Windows Collaboration

[08/04/2007|14:03] C:\Program Files\Windows Defender

[08/04/2007|13:41] C:\Program Files\Windows Journal

[28/02/2008|20:19] C:\Program Files\Windows Live

[08/04/2008|21:23] C:\Program Files\Windows Mail

[01/03/2008|09:32] C:\Program Files\Windows Media Player

[23/02/2008|19:30] C:\Program Files\Windows NT

[08/04/2007|13:41] C:\Program Files\Windows Photo Gallery

[01/03/2008|09:32] C:\Program Files\Windows Sidebar

[14/03/2008|21:59] C:\Program Files\Xvid

 

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

 

[21/03/2008|21:11] C:\Program Files\Common Files\Adobe

[23/03/2008|14:51] C:\Program Files\Common Files\Apple

[08/04/2007|05:09] C:\Program Files\Common Files\DESIGNER

[08/04/2007|04:58] C:\Program Files\Common Files\InstallShield

[28/02/2008|20:20] C:\Program Files\Common Files\microsoft shared

[08/04/2007|04:56] C:\Program Files\Common Files\Roxio Shared

[02/11/2006|13:18] C:\Program Files\Common Files\Services

[08/04/2007|05:12] C:\Program Files\Common Files\Skype

[08/04/2007|04:56] C:\Program Files\Common Files\Sonic Shared

[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines

[08/04/2007|04:56] C:\Program Files\Common Files\SureThing Shared

[15/03/2008|15:51] C:\Program Files\Common Files\Symantec Shared

[08/04/2007|13:42] C:\Program Files\Common Files\System

[28/02/2008|20:19] C:\Program Files\Common Files\WindowsLiveInstaller

 

---------------------------[ Process ]--------------------------

 

... 72

 

iexplore.exe ~ [3484]

iexplore.exe ~ [3660]

 

----------------------[ Recherche avec S_Lop ]---------------------

 

C:\ProgramData\dumb ace ace.d7wdr

C:\ProgramData\dumb ace ace.n17ceg

C:\ProgramData\loud love kind.xffpa

C:\ProgramData\dumb ace ace.d7wdr

C:\ProgramData\dumb ace ace.n17ceg

C:\ProgramData\loud love kind.xffpa

C:\Users\Clara\AppData\Local\Temp\bis9179.exe

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

C:\ProgramData\Active the bore sect

C:\ProgramData\Active the bore sect\meet wave.exe

C:\Program Files\Circle Developement

C:\Program Files\Circle Developement\Uninstall.exe

 

----------------------[ Verification du Registre ]----------------------

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts PROPRE

 

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-30 12:39:36

Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

 

Aucune autre infection trouvée !

 

/!\ [Fich:736][Doss:34] C:\Users\Clara\AppData\Local\Temp

/!\ [Fich:341][Doss:1] C:\Users\Clara\AppData\Roaming\MICROS~1\Windows\Cookies

/!\ [Fich:84][Doss:6] C:\Users\Clara\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

 

[ UAC => 1 ]

 

--------------------[ Fin du rapport a 12:41:43,21 ]----------------------

Invité Invité

Invité Invité

Posté(e)
Posté(e)

deuxieme rapport

 

 

-----------------------[ Lop S&D 4.2.0-2 XP/Vista ]---------------------

 

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]

[ USER : Clara ] [ "C:\Lop SD" ] [ Selection : 2 ]

[ 30/04/2008 | 12:47:39,71 ] [ PC : PC-CLARA ]

[ MAJ : 27-04-2008 | 11:15 ]

[ UAC => 0 ]

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

 

Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe

Supprimé! - C:\ProgramData\dumb ace ace.d7wdr

Supprimé! - C:\Users\Clara\AppData\Local\Temp\bis9179.exe

Supprimé! - C:\ProgramData\Active the bore sect

Supprimé! - C:\Program Files\Circle Developement

Restauré! - Fichier Hosts

 

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

-------------[ Listing des dossiers dans Application Data ]------------

 

[06/04/2008|08:44] C:\Users\Clara\AppData\Roaming\Adobe\Flash Player

[21/03/2008|20:53] C:\Users\Clara\AppData\Roaming\Adobe\Linguistics

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Adobe\Acrobat

 

[29/04/2008|21:11] C:\Users\Clara\AppData\Roaming\Apple Computer\iTunes

 

[23/02/2008|19:52] C:\Users\Clara\AppData\Roaming\CyberLink\PowerDVD

[23/02/2008|19:52] C:\Users\Clara\AppData\Roaming\CyberLink\PowerCinema

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\CyberLink\MediaCache

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\CyberLink\MagicSports

 

[21/03/2008|18:40] C:\Users\Clara\AppData\Roaming\DivX\DivX Codec

 

[06/04/2008|18:15] C:\Users\Clara\AppData\Roaming\Google\Local Search History

[24/03/2008|20:55] C:\Users\Clara\AppData\Roaming\Google\GoogleEarth

 

[23/02/2008|19:44] C:\Users\Clara\AppData\Roaming\Identities\{2A7ABF83-DE9F-4E32-8879-80329CBF9F3E}

 

[23/02/2008|21:27] C:\Users\Clara\AppData\Roaming\Macromedia\Flash Player

 

 

[27/04/2008|19:01] C:\Users\Clara\AppData\Roaming\Microsoft\Templates

[17/04/2008|19:42] C:\Users\Clara\AppData\Roaming\Microsoft\MSN Messenger

[13/04/2008|19:49] C:\Users\Clara\AppData\Roaming\Microsoft\HTML Help

[12/04/2008|16:07] C:\Users\Clara\AppData\Roaming\Microsoft\UProof

[12/04/2008|16:06] C:\Users\Clara\AppData\Roaming\Microsoft\Office

[08/04/2008|20:55] C:\Users\Clara\AppData\Roaming\Microsoft\OIS

[03/04/2008|19:28] C:\Users\Clara\AppData\Roaming\Microsoft\Word

[24/03/2008|21:24] C:\Users\Clara\AppData\Roaming\Microsoft\Excel

[22/03/2008|18:37] C:\Users\Clara\AppData\Roaming\Microsoft\Windows Photo Gallery

[16/03/2008|17:01] C:\Users\Clara\AppData\Roaming\Microsoft\Network

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\Proof

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\Document Building Blocks

[15/03/2008|14:41] C:\Users\Clara\AppData\Roaming\Microsoft\AddIns

[01/03/2008|11:20] C:\Users\Clara\AppData\Roaming\Microsoft\MMC

[29/02/2008|21:56] C:\Users\Clara\AppData\Roaming\Microsoft\IdentityCRL

[28/02/2008|20:53] C:\Users\Clara\AppData\Roaming\Microsoft\Internet Explorer

[24/02/2008|14:37] C:\Users\Clara\AppData\Roaming\Microsoft\Crypto

[24/02/2008|14:37] C:\Users\Clara\AppData\Roaming\Microsoft\eHome

[23/02/2008|23:23] C:\Users\Clara\AppData\Roaming\Microsoft\Works

[23/02/2008|20:03] C:\Users\Clara\AppData\Roaming\Microsoft\Windows

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Microsoft\CLR Security Config

[23/02/2008|19:45] C:\Users\Clara\AppData\Roaming\Microsoft\SystemCertificates

[23/02/2008|19:44] C:\Users\Clara\AppData\Roaming\Microsoft\Protect

[23/02/2008|19:33] C:\Users\Clara\AppData\Roaming\Microsoft\Credentials

 

[16/04/2008|10:50] C:\Users\Clara\AppData\Roaming\Mozilla\Firefox

 

[30/04/2008|12:47] C:\Users\Clara\AppData\Roaming\nvModes.001\nvModes.001

 

[16/04/2008|11:01] C:\Users\Clara\AppData\Roaming\nvModes.dat\nvModes.dat

 

[30/04/2008|12:47] C:\Users\Clara\AppData\Roaming\Packard Bell\Setup my PC

[20/03/2008|15:54] C:\Users\Clara\AppData\Roaming\Packard Bell\iUpdator

[20/03/2008|15:52] C:\Users\Clara\AppData\Roaming\Packard Bell\IDCard

[29/02/2008|22:13] C:\Users\Clara\AppData\Roaming\Packard Bell\Smart Restore

[24/02/2008|14:28] C:\Users\Clara\AppData\Roaming\Packard Bell\InfoCentre

 

 

[17/04/2008|11:08] C:\Users\Clara\AppData\Roaming\Roxio\MediaManager9

 

[23/02/2008|20:01] C:\Users\Clara\AppData\Roaming\Talkback\MozillaOrg

 

[24/01/2007|05:02] C:\Users\Clara\AppData\Roaming\Template\Normal.wpt

 

[01/03/2008|11:18] C:\Users\Clara\AppData\Roaming\UserTile.png\UserTile.png

 

[28/04/2008|18:35] C:\Users\Clara\AppData\Roaming\wklnhst.dat\wklnhst.dat

 

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

 

[29/04/2008 19:31][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{B8D67D34-D14F-4195-B2CF-1A296C07F01E}.job

[30/04/2008 12:30][--a------] C:\Windows\tasks\Extension de garantie.job

[30/04/2008 12:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job

[30/04/2008 12:47][--ah-----] C:\Windows\tasks\SA.DAT

[30/04/2008 12:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT

 

------[ Listing des dossiers dans C:\ProgramData ]------

 

[08/04/2007|05:11] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

[21/03/2008|21:11] C:\ProgramData\Adobe

[23/03/2008|14:51] C:\ProgramData\Apple

[25/04/2008|17:09] C:\ProgramData\Apple Computer

[02/11/2006|15:02] C:\ProgramData\Application Data

[23/02/2008|19:30] C:\ProgramData\Bureau

[29/02/2008|21:58] C:\ProgramData\CyberLink

[02/11/2006|15:02] C:\ProgramData\Desktop

[02/11/2006|15:02] C:\ProgramData\Documents

[30/04/2008|12:44] C:\ProgramData\dumb ace ace.ey3lsno

[30/04/2008|12:44] C:\ProgramData\dumb ace ace.meuvluu

[23/02/2008|19:30] C:\ProgramData\Favoris

[02/11/2006|15:02] C:\ProgramData\Favorites

[08/04/2007|04:58] C:\ProgramData\Google

[08/04/2007|04:56] C:\ProgramData\InstallShield

[23/02/2008|19:30] C:\ProgramData\Menu D‚marrer

[01/03/2008|13:59] C:\ProgramData\Messenger Plus!

[13/04/2008|19:49] C:\ProgramData\Microsoft

[08/04/2008|21:07] C:\ProgramData\Microsoft Help

[23/02/2008|19:30] C:\ProgramData\ModŠles

[08/04/2007|05:18] C:\ProgramData\NVIDIA

[30/04/2008|12:45] C:\ProgramData\OnlinePop

[08/04/2007|05:16] C:\ProgramData\Roxio

[30/04/2008|12:45] C:\ProgramData\rule face up.y3ka444

[08/04/2007|05:12] C:\ProgramData\Skype

[01/03/2008|09:34] C:\ProgramData\Sonic

[16/04/2008|10:59] C:\ProgramData\Spybot - Search & Destroy

[02/11/2006|15:02] C:\ProgramData\Start Menu

[15/03/2008|15:51] C:\ProgramData\Symantec

[02/11/2006|15:02] C:\ProgramData\Templates

[28/02/2008|20:07] C:\ProgramData\WLInstaller

 

---------------[ Listing des dossiers dans C:\Program Files ]--------------

 

[08/04/2007|05:11] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites

[21/03/2008|21:10] C:\Program Files\Adobe

[28/02/2008|20:11] C:\Program Files\Alwil Software

[25/04/2008|16:45] C:\Program Files\Apple Software Update

[23/03/2008|14:54] C:\Program Files\Bonjour

[23/03/2008|14:51] C:\Program Files\Common Files

[08/04/2007|04:39] C:\Program Files\CONEXANT

[08/04/2007|04:58] C:\Program Files\CyberLink

[08/04/2007|04:27] C:\Program Files\desktop.ini

[14/03/2008|22:05] C:\Program Files\DivX

[23/02/2008|19:30] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]

[08/04/2007|04:40] C:\Program Files\ForceHCResetOnResume

[24/03/2008|20:51] C:\Program Files\Google

[08/04/2007|04:48] C:\Program Files\HDReg

[24/02/2008|14:53] C:\Program Files\InstallShield Installation Information

[08/04/2008|21:23] C:\Program Files\Internet Explorer

[25/04/2008|17:09] C:\Program Files\iPod

[25/04/2008|17:09] C:\Program Files\iTunes

[29/03/2008|16:04] C:\Program Files\Messenger Plus! Live

[28/02/2008|21:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[02/11/2006|14:37] C:\Program Files\Microsoft Games

[08/04/2007|05:09] C:\Program Files\Microsoft Office

[08/04/2007|05:09] C:\Program Files\Microsoft Works

[08/04/2007|05:08] C:\Program Files\Microsoft.NET

[08/04/2007|13:41] C:\Program Files\Movie Maker

[08/04/2007|04:57] C:\Program Files\Mozilla Firefox

[02/11/2006|14:37] C:\Program Files\MSBuild

[02/11/2006|14:37] C:\Program Files\MSN

[28/02/2008|21:09] C:\Program Files\MSXML 4.0

[15/03/2008|15:49] C:\Program Files\Norton 360

[30/04/2008|12:44] C:\Program Files\OnlinePop

[29/02/2008|22:13] C:\Program Files\Packard Bell

[28/02/2008|20:30] C:\Program Files\Picasa2

[25/04/2008|17:07] C:\Program Files\QuickTime

[08/04/2007|04:44] C:\Program Files\Realtek Semiconductor Corp

[02/11/2006|14:37] C:\Program Files\Reference Assemblies

[08/04/2007|04:56] C:\Program Files\Roxio

[24/02/2008|14:53] C:\Program Files\SAGEM

[08/04/2007|05:12] C:\Program Files\Skype

[16/04/2008|10:34] C:\Program Files\Spybot - Search & Destroy

[08/04/2007|04:41] C:\Program Files\Synaptics

[02/11/2006|15:01] C:\Program Files\Uninstall Information

[08/04/2007|13:49] C:\Program Files\Windows Calendar

[08/04/2007|13:41] C:\Program Files\Windows Collaboration

[08/04/2007|14:03] C:\Program Files\Windows Defender

[08/04/2007|13:41] C:\Program Files\Windows Journal

[28/02/2008|20:19] C:\Program Files\Windows Live

[08/04/2008|21:23] C:\Program Files\Windows Mail

[01/03/2008|09:32] C:\Program Files\Windows Media Player

[23/02/2008|19:30] C:\Program Files\Windows NT

[08/04/2007|13:41] C:\Program Files\Windows Photo Gallery

[01/03/2008|09:32] C:\Program Files\Windows Sidebar

[14/03/2008|21:59] C:\Program Files\Xvid

 

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

 

[21/03/2008|21:11] C:\Program Files\Common Files\Adobe

[23/03/2008|14:51] C:\Program Files\Common Files\Apple

[08/04/2007|05:09] C:\Program Files\Common Files\DESIGNER

[08/04/2007|04:58] C:\Program Files\Common Files\InstallShield

[28/02/2008|20:20] C:\Program Files\Common Files\microsoft shared

[08/04/2007|04:56] C:\Program Files\Common Files\Roxio Shared

[02/11/2006|13:18] C:\Program Files\Common Files\Services

[08/04/2007|05:12] C:\Program Files\Common Files\Skype

[08/04/2007|04:56] C:\Program Files\Common Files\Sonic Shared

[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines

[08/04/2007|04:56] C:\Program Files\Common Files\SureThing Shared

[15/03/2008|15:51] C:\Program Files\Common Files\Symantec Shared

[08/04/2007|13:42] C:\Program Files\Common Files\System

[28/02/2008|20:19] C:\Program Files\Common Files\WindowsLiveInstaller

 

---------------------------[ Process ]--------------------------

 

... 69

 

... OK !

 

----------------------[ Recherche avec S_Lop ]---------------------

 

C:\ProgramData\dumb ace ace.ey3lsno

C:\ProgramData\dumb ace ace.meuvluu

C:\ProgramData\rule face up.y3ka444

C:\ProgramData\dumb ace ace.ey3lsno

C:\ProgramData\dumb ace ace.meuvluu

C:\ProgramData\rule face up.y3ka444

 

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

 

Aucun fichier / dossier Lop trouvé !

 

----------------------[ Verification du Registre ]----------------------

 

..... OK !

 

--------------------[ Verification du fichier Hosts ]---------------------

 

Fichier Hosts PROPRE

 

 

----------------[ Recherche de fichiers avec Catchme ]-----------------

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-30 12:48:29

Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------[ Recherche d'autres infections ]---------------------

 

 

Aucune autre infection trouvée !

 

/!\ [Fich:736][Doss:34] C:\Users\Clara\AppData\Local\Temp

/!\ [Fich:347][Doss:1] C:\Users\Clara\AppData\Roaming\MICROS~1\Windows\Cookies

/!\ [Fich:87][Doss:6] C:\Users\Clara\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

 

[ UAC => 1 ]

 

--------------------[ Fin du rapport a 12:50:53,73 ]----------------------

Invité Invité

Invité Invité

Posté(e)
Posté(e)

troisieme rapport, en tout cas merci beaucoup!!

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:58:55, on 30/04/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Windows\system32\cmd.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Windows\explorer.exe

C:\Windows\system32\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe

O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Download Dvd] "C:\ProgramData\dumb ace ace.ey3lsno"

O4 - HKLM\..\Run: [bore sect creative support] "C:\ProgramData\rule face up.y3ka444"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [bore sect creative support] "C:\ProgramData\loud love kind.xffpa"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{14F10CD9-DDBE-4589-8FFE-45282444FC8B}: NameServer = 192.168.1.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

 

--

End of file - 9483 bytes

Invité Invité

Invité Invité

Posté(e)
Posté(e)

Bonjour

 

Est-ce qu'il serait possible d'avoir une réponse avant 15h30?

 

Je ne suis plus chez moi après (cause du long week-end), sinon c'est pas grave, j'attendrais.

 

Merci beaucoup!

 

Louise

Invité Invité

Invité Invité

Posté(e)
Posté(e)

Effectivement il n'y a plus rien, je n'avais pas remarqué!

 

En tout cas merci beaucoup (j'me répète et tant pis)

 

Louise

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...