Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

pub cid

drixlion

Par drixlion
dans Analyses et éradication malwares

 Partager

Messages recommandés

drixlion Junior Member

drixlion

Posté(e)
Posté(e)

Bojour j'ai besoin d'aide j'ai des pub qui m'envahissent si quequ'un peux m'aider !!!!

voici le rapport

merci d'avance!!!!!!

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:20:06, on 17/09/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16711)

Boot mode: Normal

 

Running processes:

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\SysMonitor.exe

C:\Program Files\SiteAdvisor\6261\SiteAdv.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\PROGRA~1\McAfee.com\Agent\mcagent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\WindowsMobile\wmdcBase.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com//

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [siteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"

O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [?????????] ??????????????e

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0

O4 - HKCU\..\Run: [Global Hole] "C:\ProgramData\OpenPingPing.tf0y1j"

O4 - HKCU\..\Run: [itch ford four knob] "C:\ProgramData\DOWNLOAD OPEN DATE.h2n3zc"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Image Transfer.lnk = ?

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab

O16 - DPF: CANALPLAY Installer - http://www.canalplay.com/cabs/CanalInstaller.CAB

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/...NPUpldfr-fr.cab

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe

O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe

O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe

 

--

End of file - 11433 bytes

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Bonjour, bienvenue. :P

 

Messages : 1

Si jamais tu as besoin de quelques infos :

Comment participer à un forum

Retrouver ses messages

 

 

On va s'occuper de ça (et tu as aussi une toolbar de trop).

 

 

Désactive tes protections résidentes (Antivirus, ...) tu les réactivera après le scan

 

Télécharge Lop S&D < ici

 

Double-clique sur Lop S&D.exe présent sur ton bureau

Séléctionne la langue souhaitée, puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

drixlion Junior Member

drixlion

Posté(e)
  • Auteur
Posté(e)
Bonjour, bienvenue. :P

 

 

Si jamais tu as besoin de quelques infos :

Comment participer à un forum

Retrouver ses messages

 

 

On va s'occuper de ça (et tu as aussi une toolbar de trop).

 

 

Désactive tes protections résidentes (Antivirus, ...) tu les réactivera après le scan

 

Télécharge Lop S&D < ici

 

Double-clique sur Lop S&D.exe présent sur ton bureau

Séléctionne la langue souhaitée, puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

drixlion Junior Member

drixlion

Posté(e)
  • Auteur
Posté(e)

voici le rapport

--------------------\\ Lop S&D 4.2.4-3 XP/Vista

 

Microsoft® Windows Vista Édition Familiale Premium ( v6.0.6000 )

X86-based PC ( Multiprocessor Free : Intel® Core2 CPU 6300 @ 1.86GHz )

BIOS : Default System BIOS

USER : shadavace ( Not Administrator ! )

BOOT : Normal boot

Antivirus : McAfee VirusScan (Not Activated)

Firewall : McAfee Personal Firewall (Activated)

C:\ (Local Disk) - NTFS - Total : 113 Go Free : 6 Go

D:\ (Local Disk) - NTFS - Total : 112 Go Free : 111 Go

E:\ (CD or DVD) - UDF - Total : 1 Go Free : 0 Go

G:\ (USB)

H:\ (USB)

I:\ (USB)

K:\ (USB)

 

"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )

Option : [1] ( 17/09/2008|12:52 )

 

[ UAC => 1 ]

 

--------------------\\ Listing des dossiers dans Local

 

[11/07/2007|00:16] C:\Users\SHADAV~1\AppData\Local\Adobe

[15/12/2007|11:01] C:\Users\SHADAV~1\AppData\Local\Ahead

[12/10/2007|00:42] C:\Users\SHADAV~1\AppData\Local\Apple

[20/07/2008|09:56] C:\Users\SHADAV~1\AppData\Local\Apple Computer

[10/07/2007|21:55] C:\Users\SHADAV~1\AppData\Local\Application Data

[06/10/2007|23:22] C:\Users\SHADAV~1\AppData\Local\CyberLink

[02/06/2008|05:53] C:\Users\SHADAV~1\AppData\Local\d3d9caps.dat

[15/09/2008|13:49] C:\Users\SHADAV~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[13/07/2008|07:40] C:\Users\SHADAV~1\AppData\Local\eMule

[20/07/2007|00:54] C:\Users\SHADAV~1\AppData\Local\GDIPFONTCACHEV1.DAT

[12/12/2007|00:54] C:\Users\SHADAV~1\AppData\Local\Google

[10/07/2007|21:55] C:\Users\SHADAV~1\AppData\Local\Historique

[17/09/2008|12:34] C:\Users\SHADAV~1\AppData\Local\IconCache.db

[21/07/2007|13:39] C:\Users\SHADAV~1\AppData\Local\keyfile3.drm

[31/07/2007|23:15] C:\Users\SHADAV~1\AppData\Local\MagicDirector

[06/10/2007|23:23] C:\Users\SHADAV~1\AppData\Local\MCE Deluxe Suite

[12/01/2008|01:24] C:\Users\SHADAV~1\AppData\Local\Microsoft

[16/07/2007|22:59] C:\Users\SHADAV~1\AppData\Local\Microsoft Games

[13/12/2007|11:23] C:\Users\SHADAV~1\AppData\Local\Microsoft Help

[12/12/2007|10:08] C:\Users\SHADAV~1\AppData\Local\MigWiz

[17/03/2008|14:16] C:\Users\SHADAV~1\AppData\Local\Mozilla

[15/12/2007|11:02] C:\Users\SHADAV~1\AppData\Local\Nero

[31/07/2007|23:14] C:\Users\SHADAV~1\AppData\Local\PowerCinema

[06/10/2007|23:22] C:\Users\SHADAV~1\AppData\Local\SoftDMA

[17/09/2008|12:51] C:\Users\SHADAV~1\AppData\Local\Temp

[10/07/2007|21:55] C:\Users\SHADAV~1\AppData\Local\Temporary Internet Files

[12/08/2007|12:49] C:\Users\SHADAV~1\AppData\Local\VirtualStore

[16/12/2007|23:57] C:\Users\SHADAV~1\AppData\Local\Windows Live Writer

 

--------------------\\ Tâches planifiées dans C:\Windows\tasks

 

[12/09/2008 17:47][--a------] C:\Windows\tasks\Norton Security Scan.job

[15/03/2008 02:20][--a------] C:\Windows\tasks\McDefragTask.job

[01/09/2008 01:00][--a------] C:\Windows\tasks\McQcTask.job

[11/12/2007 15:29][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[17/09/2008 11:07][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{4350C85F-E71B-406E-8067-C3F4360CC1B8}.job

[17/09/2008 12:37][--ah-----] C:\Windows\tasks\SA.DAT

[17/09/2008 12:36][--a------] C:\Windows\tasks\SCHEDLGU.TXT

 

--------------------\\ Listing des dossiers dans C:\ProgramData

 

[17/09/2008|12:48] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[13/12/2006|20:41] C:\ProgramData\Adobe

[12/10/2007|00:41] C:\ProgramData\Apple

[27/12/2007|23:53] C:\ProgramData\Apple Computer

[02/11/2006|15:02] C:\ProgramData\Application Data

[10/07/2007|21:51] C:\ProgramData\Bureau

[13/12/2006|20:52] C:\ProgramData\CyberLink

[02/11/2006|15:02] C:\ProgramData\Desktop

[02/11/2006|15:02] C:\ProgramData\Documents

[23/07/2008|18:24] C:\ProgramData\DOWNLOAD OPEN DATE.h2n3zc

[13/07/2008|07:40] C:\ProgramData\eMule

[10/07/2007|21:51] C:\ProgramData\Favoris

[02/11/2006|15:02] C:\ProgramData\Favorites

[12/12/2007|00:20] C:\ProgramData\Google

[17/09/2008|12:51] C:\ProgramData\Google Updater

[10/07/2007|22:00] C:\ProgramData\InstallShield

[23/07/2008|18:20] C:\ProgramData\Lavasoft

[04/04/2008|10:04] C:\ProgramData\LogiShrd

[30/12/2007|23:04] C:\ProgramData\Logitech

[16/07/2008|21:22] C:\ProgramData\Malwarebytes

[11/12/2007|21:32] C:\ProgramData\McAfee

[10/07/2007|21:51] C:\ProgramData\Menu D‚marrer

[02/02/2008|14:29] C:\ProgramData\Messenger Plus!

[11/12/2007|15:41] C:\ProgramData\Microsoft

[11/09/2008|03:03] C:\ProgramData\Microsoft Help

[10/07/2007|21:51] C:\ProgramData\ModŠles

[09/03/2008|15:51] C:\ProgramData\NCH Software

[01/04/2008|08:56] C:\ProgramData\Nero

[05/08/2008|10:01] C:\ProgramData\OpenPingPing.0wg2x

[07/08/2008|13:18] C:\ProgramData\OpenPingPing.25zps

[07/08/2008|08:34] C:\ProgramData\OpenPingPing.3h167ws

[22/06/2008|09:29] C:\ProgramData\OpenPingPing.4p10e

[06/08/2008|22:38] C:\ProgramData\OpenPingPing.52jwwf

[06/08/2008|23:00] C:\ProgramData\OpenPingPing.5sl9tbd

[07/08/2008|08:12] C:\ProgramData\OpenPingPing.7fphu

[05/08/2008|08:33] C:\ProgramData\OpenPingPing.84vqhe

[05/08/2008|11:06] C:\ProgramData\OpenPingPing.90yfynl

[05/08/2008|23:27] C:\ProgramData\OpenPingPing.9ghuq72

[08/08/2008|12:04] C:\ProgramData\OpenPingPing.9im8i

[05/08/2008|12:08] C:\ProgramData\OpenPingPing.a5yn99

[08/08/2008|11:43] C:\ProgramData\OpenPingPing.a7lzjl

[15/06/2008|22:18] C:\ProgramData\OpenPingPing.afjnh4w

[05/08/2008|20:49] C:\ProgramData\OpenPingPing.aikytt

[05/08/2008|10:45] C:\ProgramData\OpenPingPing.b5niuc

[08/08/2008|10:37] C:\ProgramData\OpenPingPing.ba5r60x

[23/07/2008|18:23] C:\ProgramData\OpenPingPing.c3atva

[06/08/2008|09:52] C:\ProgramData\OpenPingPing.cyrn0s

[08/08/2008|11:21] C:\ProgramData\OpenPingPing.ddfza7

[05/08/2008|20:06] C:\ProgramData\OpenPingPing.e0uof

[05/08/2008|08:55] C:\ProgramData\OpenPingPing.e1h9abp

[05/08/2008|21:33] C:\ProgramData\OpenPingPing.e9t9y

[07/08/2008|12:34] C:\ProgramData\OpenPingPing.etd4g

[23/07/2008|18:23] C:\ProgramData\OpenPingPing.gfb8mv7

[08/08/2008|12:26] C:\ProgramData\OpenPingPing.ha81x

[07/08/2008|11:51] C:\ProgramData\OpenPingPing.huxarb

[07/08/2008|12:12] C:\ProgramData\OpenPingPing.hyuly

[06/08/2008|08:25] C:\ProgramData\OpenPingPing.i2xj8p

[08/08/2008|13:10] C:\ProgramData\OpenPingPing.i8xtjw

[06/08/2008|23:22] C:\ProgramData\OpenPingPing.i9oum2

[05/08/2008|23:05] C:\ProgramData\OpenPingPing.iuzj5ou

[07/08/2008|11:29] C:\ProgramData\OpenPingPing.iw6fk

[05/08/2008|22:43] C:\ProgramData\OpenPingPing.jjy7m

[07/08/2008|09:18] C:\ProgramData\OpenPingPing.lxt37

[07/08/2008|08:56] C:\ProgramData\OpenPingPing.m4jv4c

[08/08/2008|12:48] C:\ProgramData\OpenPingPing.mzjg91

[07/08/2008|14:02] C:\ProgramData\OpenPingPing.nnf4kfy

[05/08/2008|10:23] C:\ProgramData\OpenPingPing.o6m9c

[06/08/2008|09:30] C:\ProgramData\OpenPingPing.ohjdtl

[07/08/2008|13:40] C:\ProgramData\OpenPingPing.owwfecw

[07/08/2008|11:07] C:\ProgramData\OpenPingPing.pisgrs

[07/08/2008|10:23] C:\ProgramData\OpenPingPing.qf5ut0p

[08/08/2008|10:15] C:\ProgramData\OpenPingPing.qy6lc

[05/08/2008|20:28] C:\ProgramData\OpenPingPing.rcnmhf

[08/08/2008|21:38] C:\ProgramData\OpenPingPing.rdftc

[05/08/2008|09:39] C:\ProgramData\OpenPingPing.rumgu

[05/08/2008|09:17] C:\ProgramData\OpenPingPing.s0b9ko

[08/08/2008|22:00] C:\ProgramData\OpenPingPing.tf0y1j

[07/08/2008|12:56] C:\ProgramData\OpenPingPing.titcew4

[08/08/2008|09:53] C:\ProgramData\OpenPingPing.txryat

[07/08/2008|10:45] C:\ProgramData\OpenPingPing.usrnc0z

[07/08/2008|09:39] C:\ProgramData\OpenPingPing.uwwwf

[07/08/2008|14:23] C:\ProgramData\OpenPingPing.v38qu

[05/08/2008|22:21] C:\ProgramData\OpenPingPing.w4gv9

[06/08/2008|09:09] C:\ProgramData\OpenPingPing.wp2awna

[08/08/2008|10:59] C:\ProgramData\OpenPingPing.wsbwk2

[06/08/2008|08:47] C:\ProgramData\OpenPingPing.x0ogli9

[05/08/2008|21:11] C:\ProgramData\OpenPingPing.xhr7xf

[05/08/2008|11:46] C:\ProgramData\OpenPingPing.y0nyqo

[07/08/2008|10:01] C:\ProgramData\OpenPingPing.z64pq9

[05/08/2008|21:55] C:\ProgramData\OpenPingPing.zz2rkp

[08/08/2008|10:40] C:\ProgramData\Phonebold

[11/12/2007|21:32] C:\ProgramData\SiteAdvisor

[24/08/2008|21:46] C:\ProgramData\Spybot - Search & Destroy

[02/11/2006|15:02] C:\ProgramData\Start Menu

[11/12/2007|21:19] C:\ProgramData\Symantec

[02/11/2006|15:02] C:\ProgramData\Templates

[23/07/2008|18:24] C:\ProgramData\third lies itch ford

[07/04/2008|15:40] C:\ProgramData\UltiDev

[02/01/2008|21:14] C:\ProgramData\WLInstaller

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[10/07/2007|22:00] C:\Program Files\Acer Inc

[13/12/2006|20:55] C:\Program Files\Acer Zone

[13/12/2006|20:41] C:\Program Files\Adobe

[17/09/2008|12:48] C:\Program Files\Apple Software Update

[15/12/2007|10:21] C:\Program Files\AskTBar

[20/06/2008|21:59] C:\Program Files\BitDownload

[15/06/2008|22:23] C:\Program Files\BitTorrent Fastest Tool

[17/09/2008|12:40] C:\Program Files\Bonjour

[24/08/2008|21:53] C:\Program Files\Common Files

[13/12/2006|20:52] C:\Program Files\CyberLink

[13/07/2008|07:40] C:\Program Files\eMule

[10/07/2007|21:51] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]

[16/01/2008|21:36] C:\Program Files\FileZilla FTP Client

[07/08/2008|11:10] C:\Program Files\Google

[25/10/2007|09:27] C:\Program Files\GRETECH

[10/05/2008|16:15] C:\Program Files\InstallShield Installation Information

[15/08/2008|20:13] C:\Program Files\Internet Explorer

[17/09/2008|12:47] C:\Program Files\iPod

[17/09/2008|12:48] C:\Program Files\iTunes

[26/07/2008|10:03] C:\Program Files\Java

[29/08/2008|10:19] C:\Program Files\LimeWire

[04/04/2008|10:04] C:\Program Files\Logitech

[12/09/2008|08:12] C:\Program Files\McAfee

[11/12/2007|21:30] C:\Program Files\McAfee.com

[29/03/2008|16:19] C:\Program Files\Messenger Plus! Live

[02/11/2006|14:37] C:\Program Files\Microsoft Games

[19/07/2007|22:39] C:\Program Files\Microsoft Office

[19/07/2007|22:39] C:\Program Files\Microsoft Visual Studio

[19/07/2007|22:36] C:\Program Files\Microsoft Visual Studio 8

[19/07/2007|22:40] C:\Program Files\Microsoft Works

[19/07/2007|22:39] C:\Program Files\Microsoft.NET

[16/09/2007|19:38] C:\Program Files\Mindscape

[02/11/2006|14:42] C:\Program Files\Movie Maker

[03/08/2008|13:08] C:\Program Files\Mozilla Firefox

[19/07/2007|22:39] C:\Program Files\MSBuild

[02/11/2006|14:37] C:\Program Files\MSN

[12/12/2007|10:12] C:\Program Files\MSXML 4.0

[10/03/2008|23:54] C:\Program Files\NCH Software

[16/10/2007|23:43] C:\Program Files\NCH Swift Sound

[15/12/2007|10:43] C:\Program Files\Nero

[13/12/2006|20:45] C:\Program Files\NewTech Infosystems

[16/05/2008|16:19] C:\Program Files\Norton Security Scan

[09/08/2007|15:48] C:\Program Files\PIXELA

[17/09/2008|12:46] C:\Program Files\QuickTime

[17/03/2008|14:14] C:\Program Files\Real

[10/07/2007|21:55] C:\Program Files\Realtek

[02/11/2006|14:37] C:\Program Files\Reference Assemblies

[19/07/2008|14:59] C:\Program Files\Safari

[23/05/2008|17:21] C:\Program Files\SiteAdvisor

[09/08/2007|15:47] C:\Program Files\Sony Corporation

[24/08/2008|21:48] C:\Program Files\Spybot - Search & Destroy

[26/07/2008|10:03] C:\Program Files\Sun

[17/09/2008|09:18] C:\Program Files\Trend Micro

[07/04/2008|15:40] C:\Program Files\UltiDev

[02/11/2006|15:01] C:\Program Files\Uninstall Information

[15/12/2007|11:18] C:\Program Files\Veoh Networks

[14/07/2007|20:28] C:\Program Files\VideoLAN

[07/05/2008|15:44] C:\Program Files\Virtools

[07/04/2008|15:41] C:\Program Files\WebGuide

[12/12/2007|10:31] C:\Program Files\Windows Calendar

[02/11/2006|14:42] C:\Program Files\Windows Collaboration

[12/12/2007|10:31] C:\Program Files\Windows Defender

[02/11/2006|14:42] C:\Program Files\Windows Journal

[05/03/2008|23:25] C:\Program Files\Windows Live

[12/01/2008|01:24] C:\Program Files\Windows Live Safety Center

[11/12/2007|15:29] C:\Program Files\Windows Live Toolbar

[15/08/2008|19:50] C:\Program Files\Windows Mail

[05/09/2008|22:19] C:\Program Files\Windows Media Player

[18/02/2008|17:56] C:\Program Files\Windows Mobile Device Handbook

[10/07/2007|21:51] C:\Program Files\Windows NT

[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery

[10/01/2008|04:40] C:\Program Files\Windows Sidebar

[14/07/2007|20:25] C:\Program Files\WinRAR

[15/12/2007|11:19] C:\Program Files\Yahoo!

[01/06/2008|12:10] C:\Program Files\Zapu

 

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

 

[13/12/2006|20:41] C:\Program Files\Common Files\Adobe

[17/09/2008|12:45] C:\Program Files\Common Files\Apple

[19/07/2007|22:39] C:\Program Files\Common Files\DESIGNER

[10/07/2007|22:00] C:\Program Files\Common Files\InstallShield

[12/12/2007|16:57] C:\Program Files\Common Files\Java

[13/12/2006|20:45] C:\Program Files\Common Files\LightScribe

[04/04/2008|10:10] C:\Program Files\Common Files\LogiShrd

[11/12/2007|21:30] C:\Program Files\Common Files\McAfee

[12/07/2008|10:53] C:\Program Files\Common Files\microsoft shared

[13/12/2006|20:45] C:\Program Files\Common Files\NewTech Infosystems

[17/03/2008|14:16] C:\Program Files\Common Files\Real

[02/11/2006|13:18] C:\Program Files\Common Files\Services

[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines

[11/12/2007|21:20] C:\Program Files\Common Files\Symantec Shared

[12/12/2007|10:31] C:\Program Files\Common Files\System

[11/12/2007|15:23] C:\Program Files\Common Files\WindowsLiveInstaller

[17/03/2008|14:16] C:\Program Files\Common Files\xing shared

 

--------------------\\ Process

 

( 88 Processes )

 

iexplore.exe ~ [PID:4996]

iexplore.exe ~ [PID:6436]

 

--------------------\\ Recherche avec S_Lop

 

C:\ProgramData\OpenPingPing.0wg2x

C:\ProgramData\OpenPingPing.25zps

C:\ProgramData\OpenPingPing.4p10e

C:\ProgramData\OpenPingPing.7fphu

C:\ProgramData\OpenPingPing.9im8i

C:\ProgramData\OpenPingPing.e0uof

C:\ProgramData\OpenPingPing.e9t9y

C:\ProgramData\OpenPingPing.etd4g

C:\ProgramData\OpenPingPing.ha81x

C:\ProgramData\OpenPingPing.hyuly

C:\ProgramData\OpenPingPing.iw6fk

C:\ProgramData\OpenPingPing.jjy7m

C:\ProgramData\OpenPingPing.lxt37

C:\ProgramData\OpenPingPing.o6m9c

C:\ProgramData\OpenPingPing.qy6lc

C:\ProgramData\OpenPingPing.rdftc

C:\ProgramData\OpenPingPing.rumgu

C:\ProgramData\OpenPingPing.uwwwf

C:\ProgramData\OpenPingPing.v38qu

C:\ProgramData\OpenPingPing.w4gv9

C:\ProgramData\DOWNLOAD OPEN DATE.h2n3zc

C:\ProgramData\OpenPingPing.52jwwf

C:\ProgramData\OpenPingPing.84vqhe

C:\ProgramData\OpenPingPing.a5yn99

C:\ProgramData\OpenPingPing.a7lzjl

C:\ProgramData\OpenPingPing.aikytt

C:\ProgramData\OpenPingPing.b5niuc

C:\ProgramData\OpenPingPing.c3atva

C:\ProgramData\OpenPingPing.cyrn0s

C:\ProgramData\OpenPingPing.ddfza7

C:\ProgramData\OpenPingPing.huxarb

C:\ProgramData\OpenPingPing.i2xj8p

C:\ProgramData\OpenPingPing.i8xtjw

C:\ProgramData\OpenPingPing.i9oum2

C:\ProgramData\OpenPingPing.m4jv4c

C:\ProgramData\OpenPingPing.mzjg91

C:\ProgramData\OpenPingPing.ohjdtl

C:\ProgramData\OpenPingPing.pisgrs

C:\ProgramData\OpenPingPing.rcnmhf

C:\ProgramData\OpenPingPing.s0b9ko

C:\ProgramData\OpenPingPing.tf0y1j

C:\ProgramData\OpenPingPing.txryat

C:\ProgramData\OpenPingPing.wsbwk2

C:\ProgramData\OpenPingPing.xhr7xf

C:\ProgramData\OpenPingPing.y0nyqo

C:\ProgramData\OpenPingPing.z64pq9

C:\ProgramData\OpenPingPing.zz2rkp

C:\ProgramData\OpenPingPing.3h167ws

C:\ProgramData\OpenPingPing.5sl9tbd

C:\ProgramData\OpenPingPing.90yfynl

C:\ProgramData\OpenPingPing.9ghuq72

C:\ProgramData\OpenPingPing.afjnh4w

C:\ProgramData\OpenPingPing.ba5r60x

C:\ProgramData\OpenPingPing.e1h9abp

C:\ProgramData\OpenPingPing.gfb8mv7

C:\ProgramData\OpenPingPing.iuzj5ou

C:\ProgramData\OpenPingPing.nnf4kfy

C:\ProgramData\OpenPingPing.owwfecw

C:\ProgramData\OpenPingPing.qf5ut0p

C:\ProgramData\OpenPingPing.titcew4

C:\ProgramData\OpenPingPing.usrnc0z

C:\ProgramData\OpenPingPing.wp2awna

C:\ProgramData\OpenPingPing.x0ogli9

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\ProgramData\third lies itch ford

C:\ProgramData\third lies itch ford\SITE TRAY.exe

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\BitDownload

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\BitDownload\BitDownload.lnk

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\BitDownload\Uninstall BitDownload.lnk

C:\Program Files\BitDownload

C:\Program Files\BitDownload\BitDownload.exe

C:\Program Files\BitDownload\settings.ini

C:\Program Files\BitDownload\settings.stp

C:\Program Files\BitDownload\SkinCrafterDll.dll

C:\Program Files\BitDownload\Skins

C:\Program Files\BitDownload\state.dht

C:\Program Files\BitDownload\unins000.dat

C:\Program Files\BitDownload\unins000.exe

C:\Program Files\BitTorrent Fastest Tool

C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe

C:\Program Files\BitTorrent Fastest Tool\BitP.exe

C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG

C:\Users\SHADAV~1\AppData\Roaming\MICROS~1\Windows\Cookies\shadavace@adopt.euroclick[2].txt

 

--------------------\\ Verification du Registre

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Global Hole"="\"C:\\ProgramData\\OpenPingPing.tf0y1j\""

"Itch ford four knob"="\"C:\\ProgramData\\DOWNLOAD OPEN DATE.h2n3zc\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-17 12:52:34

Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 184

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\SHADAV~1\Music\Jay-Z-Collection-VERY_NICE-All 16 Folders!\Jay-Z-The_Blueprint_2-The_Gift_And_The_Curse-2CD-2002-iNT-OSM\210-jay-z-as_one_feat_memphis_bleek_freeway_young_guns_peedi_crack_sparks_and_rell-osm.mp3

C:\Users\SHADAV~1\Music\Jay-Z-Collection-VERY_NICE-All 16 Folders!\Jay-Z-Vol_1_In_My_Lifetime-1997-VMA\12-jay-z-rap_game-crack_game-vma.mp3

 

 

[F:136][D:13]-> C:\Users\SHADAV~1\AppData\Local\Temp

[F:764][D:1]-> C:\Users\SHADAV~1\AppData\Roaming\MICROS~1\Windows\Cookies

[F:74][D:4]-> C:\Users\SHADAV~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[F:283][D:2]-> C:\$Recycle.Bin

 

1 - "C:\Lop SD\LopR_1.txt" - 17/09/2008|12:22 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 17/09/2008|12:55 - Option : [1]

 

--------------------\\ Fin du rapport a 12:55:17

[ UAC => 1 ]

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Relance Lop S&D

 

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste sur le forum le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

 

Après avoir posté le rapport Lop S&D, poste aussi un nouveau rapport HijackThis stp.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...