Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Malware Defense et un de plus

guidu77

Par guidu77
dans Analyses et éradication malwares

 Partager

Messages recommandés

guidu77 Junior Member

guidu77

Posté(e)
  • Auteur
Posté(e)

Voila le rapport MBAM

 

Malwarebytes' Anti-Malware 1.42

Version de la base de données: 3454

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

30/12/2009 12:21:03

mbam-log-2009-12-30 (12-20-57).txt

 

Type de recherche: Examen rapide

Eléments examinés: 143330

Temps écoulé: 17 minute(s), 6 second(s)

 

Processus mémoire infecté(s): 2

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 13

Valeur(s) du Registre infectée(s): 5

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 4

Fichier(s) infecté(s): 28

 

Processus mémoire infecté(s):

C:\Documents and Settings\GUI\Local Settings\Temp\settdebugx.exe (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken.

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\web.perform (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{b9fd8e0a-17e0-48de-ab1d-70ddaa35d577} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{e498d54b-8307-483a-8ca0-55e4573dd63a} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{ab692f9b-27fe-4511-8885-ed62bb45197b} (Trojan.BHO) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ab692f9b-27fe-4511-8885-ed62bb45197b} (Trojan.BHO) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab692f9b-27fe-4511-8885-ed62bb45197b} (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\web.perform.1 (Trojan.BHO) -> No action taken.

HKEY_CLASSES_ROOT\AppID\{b9fd8e0a-17e0-48de-ab1d-70ddaa35d577} (Adware.WebPerform) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{018b7ec3-eeca-11d3-8e71-0000e82c6c0d} (Adware.ISTBar) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> No action taken.

HKEY_CLASSES_ROOT\AppID\webperform.DLL (Adware.WebPerform) -> No action taken.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\settdebugx.exe (Trojan.FakeAlert) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Rogue.MalwareDefense) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rlist (Malware.Trace) -> No action taken.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

C:\Documents and Settings\All Users\Application Data\11430784 (Rogue.Multiple) -> No action taken.

C:\Documents and Settings\All Users\Application Data\61450779 (Rogue.Multiple) -> No action taken.

C:\Documents and Settings\All Users\Application Data\91440776 (Rogue.Multiple) -> No action taken.

C:\WINDOWS\SYSTEM32\wsnpoem (Trojan.Agent) -> No action taken.

 

Fichier(s) infecté(s):

C:\Documents and Settings\GUI\Local Settings\Application Data\yczzhukhf_navps.dat (Adware.Navipromo.H) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Application Data\yczzhukhf_nav.dat (Adware.Navipromo.H) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Application Data\yczzhukhf.dat (Adware.Navipromo.H) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\settdebugx.exe (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\SYSTEM32\webperform.dll (Trojan.BHO) -> No action taken.

C:\WINDOWS\SYSTEM32\H8SRTkiberxdulh.dll (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\SYSTEM32\DRIVERS\H8SRTkylqjpwbiv.sys (Malware.Packer) -> No action taken.

C:\WINDOWS\Temp\H8SRTc10d.tmp (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\Temp\H8SRTc738.tmp (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\TMPA.tmp (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\TMPB.tmp (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\All Users\Application Data\11430784\11430784.glu (Rogue.Multiple) -> No action taken.

C:\WINDOWS\SYSTEM32\wsnpoem\audio.dll (Trojan.Agent) -> No action taken.

C:\WINDOWS\SYSTEM32\wsnpoem\video.dll (Trojan.Agent) -> No action taken.

C:\WINDOWS\SYSTEM32\krl32mainweq.dll (Trojan.DNSChanger) -> No action taken.

C:\Documents and Settings\GUI\Application Data\wiaserva.log (Malware.Trace) -> No action taken.

C:\EXPLORE.EXE (Trojan.Agent) -> No action taken.

C:\WINDOWS\SYSTEM32\ntos.exe (Backdoor.Bot) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\SYSTEM32\H8SRTvdbabiqsqj.dll (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\SYSTEM32\H8SRTypametltmr.dll (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\SYSTEM32\H8SRTtpfqnshiek.dat (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\Temp\H8SRT8c8b.tmp (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\Temp\H8SRT971a.tmp (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\Temp\H8SRTa7b4.tmp (Rootkit.TDSS) -> No action taken.

C:\WINDOWS\Temp\H8SRTbe7d.tmp (Rootkit.TDSS) -> No action taken.

C:\Documents and Settings\GUI\Local Settings\Temp\H8SRT502e.tmp (Rootkit.TDSS) -> No action taken.

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Ca marque "no action taken" donc rien n'a été fait, il faut recommencer, tu as oublié de supprimer les éléments découverts. Repasse MBAM (si ça ne démarre pas, réutilise Avenger), et n'oublie pas de supprimer ce que MBAM trouve (ce sont les lignes en rouge à la fin des instructions). :P

 

Poste le nouveau rapport MBAM de suppresion quand il sera prêt stp.

 

@ toute :P

guidu77 Junior Member

guidu77

Posté(e)
  • Auteur
Posté(e)

J'ai peut-être mis le mauvais rapport car le dernier scan n'a rien trouvé

 

Malwarebytes' Anti-Malware 1.42

Version de la base de données: 3454

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

30/12/2009 15:17:27

mbam-log-2009-12-30 (15-17-27).txt

 

Type de recherche: Examen rapide

Eléments examinés: 142551

Temps écoulé: 16 minute(s), 3 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

guidu77 Junior Member

guidu77

Posté(e)
  • Auteur
Posté(e)

Voici le rapport et pour l'instant l'ordi fonctionne normalement

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:05:23, on 30/12/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\wanmpsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\DSentry.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\PROGRA~1\Wanadoo\CnxMon.exe

C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\AOL 8.0\aoltray.exe

C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

C:\Documents and Settings\GUI\Bureau\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe

O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Active Lies] C:\DOCUME~1\GUI\APPLIC~1\HIDEDU~1\online four.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.miniclip.com/games/down-hill-chill/fr/"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: PowerReg Scheduler.exe

O4 - Global Startup: AOL 8.0 Icône AOL.lnk = C:\Program Files\AOL 8.0\aoltray.exe

O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe

O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab

O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://go.securelive.com/speed/WebInstall.dll

O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11984.kit.carpediem.fr/clara_photos.exe

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://paris.tourismeville.wanadoo.fr/AMC.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O22 - SharedTaskScheduler: baure - {37ba7add-75f6-498f-a07a-2b0403e34401} - C:\WINDOWS\system32\holnvvf.dll (file missing)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe

O23 - Service: Google Update Service (gupdate1c986fb24b23c86) (gupdate1c986fb24b23c86) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\MILLET\LOCALS~1\Temp\hpdj.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

O23 - Service: Network Event Client (WksPatch) - Unknown owner - C:\WINDOWS\System32\drivers\svchost.exe (file missing)

 

--

End of file - 12634 bytes

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Il reste des choses à vérifier, mais le plus gros est fait. :P

 

Désactive tes protections résidentes (Antivirus, ...) tu les réactivera après le scan

 

Télécharge Lop S&D < ici

 

Double-clique sur Lop S&D.exe présent sur ton bureau

Sélectionne la langue souhaitée, puis choisis l'Option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

guidu77 Junior Member

guidu77

Posté(e)
  • Auteur
Posté(e)

voila le rapport

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.66GHz )

BIOS : Phoenix ROM BIOS PLUS Version 1.10 A06

USER : GUI ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:111 Go (Free:42 Go)

D:\ (CD or DVD)

E:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [1] ( 30/12/2009|16:22 )

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[11/11/2003|20:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[27/05/2009|06:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia

[01/12/2007|12:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

 

[23/03/2009|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[21/12/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[27/06/2009|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[16/12/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3

[03/08/2007|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[25/12/2006|10:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[22/12/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[08/03/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\baitwaverealsect

[05/07/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games

[04/09/2007|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft

[02/08/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[30/12/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[19/04/2008|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[14/03/2009|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[25/11/2003|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6

[02/08/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[25/06/2005|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[11/11/2003|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[10/03/2008|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[24/09/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[19/04/2009|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[08/03/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[10/09/2008|06:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

[03/07/2006|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[22/12/2006|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[10/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[11/11/2003|20:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[27/05/2009|06:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[01/12/2007|12:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[27/06/2009|18:00] C:\DOCUME~1\GUI\APPLIC~1\Adobe

[16/12/2008|15:56] C:\DOCUME~1\GUI\APPLIC~1\Apple Computer

[15/04/2007|10:08] C:\DOCUME~1\GUI\APPLIC~1\bang

[02/04/2009|16:19] C:\DOCUME~1\GUI\APPLIC~1\CamfrogWEB

[24/10/2008|18:28] C:\DOCUME~1\GUI\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium

[21/10/2008|18:39] C:\DOCUME~1\GUI\APPLIC~1\DAEMON Tools

[25/11/2009|15:06] C:\DOCUME~1\GUI\APPLIC~1\Desktopicon

[06/01/2008|15:07] C:\DOCUME~1\GUI\APPLIC~1\GetRightToGo

[02/12/2005|16:59] C:\DOCUME~1\GUI\APPLIC~1\Google

[19/11/2003|15:50] C:\DOCUME~1\GUI\APPLIC~1\Help

[08/03/2008|12:46] C:\DOCUME~1\GUI\APPLIC~1\hide dumb byte

[11/11/2003|20:43] C:\DOCUME~1\GUI\APPLIC~1\Identities

[22/07/2005|16:54] C:\DOCUME~1\GUI\APPLIC~1\Leadertech

[20/12/2009|18:37] C:\DOCUME~1\GUI\APPLIC~1\LimeWire

[07/11/2006|18:28] C:\DOCUME~1\GUI\APPLIC~1\Macromedia

[30/12/2009|11:58] C:\DOCUME~1\GUI\APPLIC~1\Malwarebytes

[27/07/2009|19:03] C:\DOCUME~1\GUI\APPLIC~1\Media Player Classic

[03/03/2009|16:35] C:\DOCUME~1\GUI\APPLIC~1\Microsoft

[06/12/2009|14:36] C:\DOCUME~1\GUI\APPLIC~1\Mozilla

[22/08/2007|06:26] C:\DOCUME~1\GUI\APPLIC~1\Nokia

[21/08/2005|11:44] C:\DOCUME~1\GUI\APPLIC~1\OLYMPUS

[14/11/2008|19:35] C:\DOCUME~1\GUI\APPLIC~1\OpenOffice.org

[02/08/2007|18:43] C:\DOCUME~1\GUI\APPLIC~1\PC Suite

[24/08/2009|13:21] C:\DOCUME~1\GUI\APPLIC~1\Red Alert 3

[24/08/2009|15:15] C:\DOCUME~1\GUI\APPLIC~1\Samsung

[23/05/2007|18:43] C:\DOCUME~1\GUI\APPLIC~1\Screenshot Sender

[21/10/2008|14:54] C:\DOCUME~1\GUI\APPLIC~1\SecuROM

[21/03/2006|19:44] C:\DOCUME~1\GUI\APPLIC~1\Sun

[08/03/2008|16:19] C:\DOCUME~1\GUI\APPLIC~1\Symantec

[22/11/2003|12:06] C:\DOCUME~1\GUI\APPLIC~1\Template

[19/01/2009|16:57] C:\DOCUME~1\GUI\APPLIC~1\vghd

[10/09/2008|06:30] C:\DOCUME~1\GUI\APPLIC~1\Viewpoint

[18/11/2008|16:26] C:\DOCUME~1\GUI\APPLIC~1\vlc

[07/01/2008|18:58] C:\DOCUME~1\GUI\APPLIC~1\WinRAR

 

[04/10/2009|09:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe

[17/01/2009|18:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

 

[01/12/2007|12:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[09/04/2005|17:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

[09/02/2006|19:18] C:\DOCUME~1\PASCAL~1\APPLIC~1\Adobe

[11/11/2003|20:43] C:\DOCUME~1\PASCAL~1\APPLIC~1\Identities

[21/03/2006|19:18] C:\DOCUME~1\PASCAL~1\APPLIC~1\Macromedia

[23/11/2006|19:20] C:\DOCUME~1\PASCAL~1\APPLIC~1\Microsoft

[14/03/2008|14:22] C:\DOCUME~1\PASCAL~1\APPLIC~1\PC Suite

[08/03/2008|11:53] C:\DOCUME~1\PASCAL~1\APPLIC~1\Symantec

 

 

[24/02/2004|18:13] C:\DOCUME~1\VALERIE\APPLIC~1\Adobe

[11/11/2003|20:43] C:\DOCUME~1\VALERIE\APPLIC~1\Identities

[25/01/2004|17:51] C:\DOCUME~1\VALERIE\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\VALERIE\APPLIC~1\Symantec

[07/12/2003|10:32] C:\DOCUME~1\VALERIE\APPLIC~1\Template

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[30/12/2009 15:33][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[30/12/2009 14:52][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[28/12/2009 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[30/12/2009 14:52][--ah-----] C:\WINDOWS\tasks\SA.DAT

[30/08/2002 08:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[15/03/2008|11:21] C:\Program Files\Adobe

[30/01/2008|18:27] C:\Program Files\Anuman Interactive

[16/11/2003|16:45] C:\Program Files\AOL 8.0

[11/11/2003|21:14] C:\Program Files\AOL Compagnon

[17/12/2008|07:15] C:\Program Files\Apple Software Update

[22/12/2009|11:30] C:\Program Files\Avira

[25/11/2009|15:41] C:\Program Files\AviSynth 2.5

[18/06/2005|10:38] C:\Program Files\Axis Communications

[16/06/2009|14:34] C:\Program Files\Bonjour

[02/04/2009|16:19] C:\Program Files\CFWebAdvancedU

[27/11/2004|11:07] C:\Program Files\Common Files

[11/11/2003|20:43] C:\Program Files\ComPlus Applications

[11/05/2005|17:52] C:\Program Files\CONEXANT

[04/09/2008|08:25] C:\Program Files\Counter-Strike

[15/03/2009|12:44] C:\Program Files\Counter-Strike Source

[11/11/2003|21:12] C:\Program Files\CyberLink

[11/11/2003|21:11] C:\Program Files\Dell

[11/11/2003|21:12] C:\Program Files\Dell Computer

[02/08/2007|18:42] C:\Program Files\DIFX

[12/04/2005|17:26] C:\Program Files\Digital Illusions CE AB

[11/11/2003|21:12] C:\Program Files\Digital Line Detect

[16/11/2003|17:12] C:\Program Files\directx

[27/06/2009|18:34] C:\Program Files\DivX

[05/08/2009|12:54] C:\Program Files\Electronic Arts

[25/08/2009|08:09] C:\Program Files\Fichiers communs

[27/06/2009|10:17] C:\Program Files\Food Force - Version Fran‡aise

[25/11/2009|15:05] C:\Program Files\FreeTime

[24/12/2009|17:19] C:\Program Files\Google

[27/05/2005|20:10] C:\Program Files\Goto Software

[04/03/2006|17:55] C:\Program Files\GUILD WARS

[25/01/2005|18:49] C:\Program Files\Harry Potter Creative CD

[24/05/2007|06:19] C:\Program Files\hide dumb byte

[28/06/2004|10:19] C:\Program Files\HighMAT CD Writing Wizard

[24/11/2006|20:07] C:\Program Files\Incomplete

[16/12/2009|14:41] C:\Program Files\InstallShield Installation Information

[11/11/2003|21:11] C:\Program Files\Intel

[13/12/2009|12:00] C:\Program Files\Internet Explorer

[21/12/2009|17:11] C:\Program Files\iPod

[21/12/2009|17:12] C:\Program Files\iTunes

[11/11/2003|21:12] C:\Program Files\Jasc Software Inc

[20/01/2009|14:47] C:\Program Files\Java

[09/12/2009|13:29] C:\Program Files\JDownloader

[14/11/2008|19:32] C:\Program Files\JRE

[11/06/2005|15:25] C:\Program Files\JVTorrent

[02/11/2009|09:29] C:\Program Files\LimeWire

[30/12/2009|11:58] C:\Program Files\Malwarebytes' Anti-Malware

[23/03/2008|17:26] C:\Program Files\MediaCoder

[16/09/2008|18:45] C:\Program Files\Messenger

[14/11/2009|14:36] C:\Program Files\Messenger Plus! Live

[14/09/2005|13:50] C:\Program Files\Microids

[05/10/2009|09:14] C:\Program Files\Microsoft

[09/05/2007|14:09] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[11/11/2003|20:43] C:\Program Files\microsoft frontpage

[16/12/2009|14:30] C:\Program Files\Microsoft Games

[14/01/2006|18:48] C:\Program Files\Microsoft Office

[14/01/2006|18:48] C:\Program Files\Microsoft Visual Studio

[22/12/2006|18:53] C:\Program Files\Microsoft Works

[14/01/2006|18:47] C:\Program Files\Microsoft.NET

[26/12/2003|13:57] C:\Program Files\Mindscape

[11/11/2003|21:11] C:\Program Files\Modem Helper

[14/09/2008|18:12] C:\Program Files\Movie Maker

[22/12/2009|15:06] C:\Program Files\Mozilla Firefox

[11/05/2006|19:01] C:\Program Files\mp3

[14/12/2008|13:05] C:\Program Files\MSBuild

[14/09/2008|18:12] C:\Program Files\msn

[11/11/2003|20:43] C:\Program Files\MSN Gaming Zone

[17/11/2006|19:00] C:\Program Files\MSXML 4.0

[14/09/2008|18:07] C:\Program Files\NetMeeting

[11/11/2003|21:12] C:\Program Files\NetWaiting

[25/08/2009|08:09] C:\Program Files\Nokia

[08/03/2008|16:19] C:\Program Files\Norton AntiVirus

[22/07/2005|16:51] C:\Program Files\NovaLogic

[07/06/2008|11:09] C:\Program Files\NTFS Undelete

[11/11/2003|21:14] C:\Program Files\Nullsoft

[25/06/2005|16:16] C:\Program Files\OLYMPUS

[14/11/2008|19:32] C:\Program Files\OpenOffice.org 3

[23/08/2009|18:05] C:\Program Files\Outlook Express

[25/03/2004|18:56] C:\Program Files\Panicware

[02/08/2007|18:41] C:\Program Files\PC Connectivity Solution

[25/06/2005|16:15] C:\Program Files\PIXELA

[28/10/2009|10:17] C:\Program Files\pspvc

[21/12/2009|17:09] C:\Program Files\QuickTime

[14/12/2008|12:59] C:\Program Files\Reference Assemblies

[08/10/2005|13:31] C:\Program Files\ReflexiveArcade

[11/11/2003|21:14] C:\Program Files\Roxio

[24/08/2009|15:06] C:\Program Files\Samsung

[02/09/2009|13:13] C:\Program Files\Satsuki Decoder Pack

[11/11/2003|20:43] C:\Program Files\Services en ligne

[08/10/2005|13:50] C:\Program Files\Slickball

[10/03/2008|17:31] C:\Program Files\Spybot - Search & Destroy

[30/12/2009|14:53] C:\Program Files\Steam

[24/09/2008|18:36] C:\Program Files\Symantec

[23/10/2004|17:12] C:\Program Files\Thomson

[09/05/2007|13:22] C:\Program Files\Ubi Soft

[19/03/2005|17:29] C:\Program Files\Ulead Systems

[09/07/2004|16:37] C:\Program Files\Uninstall Information

[20/01/2009|14:12] C:\Program Files\vghd

[07/06/2008|13:28] C:\Program Files\VideoLAN

[11/11/2003|21:14] C:\Program Files\Viewpoint

[02/02/2007|07:26] C:\Program Files\Virtools

[03/07/2009|17:26] C:\Program Files\Wanadoo

[23/10/2004|17:11] C:\Program Files\Wanadoo Messager

[14/03/2009|14:21] C:\Program Files\Windows Live

[14/03/2009|14:21] C:\Program Files\Windows Live SkyDrive

[16/01/2008|14:20] C:\Program Files\Windows Live Toolbar

[22/12/2006|17:37] C:\Program Files\Windows Media Connect 2

[14/09/2008|18:07] C:\Program Files\Windows Media Player

[14/09/2008|18:07] C:\Program Files\Windows NT

[18/08/2004|11:20] C:\Program Files\WindowsUpdate

[29/09/2009|16:36] C:\Program Files\WinPcap

[07/01/2008|18:58] C:\Program Files\WinRAR

[07/05/2008|15:29] C:\Program Files\WMV9_VCM

[11/11/2003|20:43] C:\Program Files\XEROX

[09/05/2007|13:53] C:\Program Files\Zero G Registry

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[11/11/2003|21:14] C:\Program Files\Fichiers communs\Adaptec Shared

[15/03/2008|11:21] C:\Program Files\Fichiers communs\Adobe

[27/06/2009|18:00] C:\Program Files\Fichiers communs\Adobe AIR

[11/11/2003|21:14] C:\Program Files\Fichiers communs\AOL

[11/11/2003|21:14] C:\Program Files\Fichiers communs\aolshare

[21/12/2009|17:11] C:\Program Files\Fichiers communs\Apple

[30/09/2008|14:13] C:\Program Files\Fichiers communs\Blizzard Entertainment

[14/01/2006|18:48] C:\Program Files\Fichiers communs\DESIGNER

[12/11/2006|11:19] C:\Program Files\Fichiers communs\DirectX

[25/06/2005|16:15] C:\Program Files\Fichiers communs\InstallShield

[30/03/2005|18:22] C:\Program Files\Fichiers communs\Java

[19/04/2009|16:45] C:\Program Files\Fichiers communs\Microsoft Shared

[11/11/2003|20:43] C:\Program Files\Fichiers communs\MSSoap

[11/11/2003|20:43] C:\Program Files\Fichiers communs\ODBC

[12/07/2005|20:07] C:\Program Files\Fichiers communs\Real

[11/11/2003|20:43] C:\Program Files\Fichiers communs\Services

[11/11/2003|20:43] C:\Program Files\Fichiers communs\SpeechEngines

[24/09/2008|14:47] C:\Program Files\Fichiers communs\Symantec Shared

[14/09/2008|18:07] C:\Program Files\Fichiers communs\System

[14/03/2009|14:14] C:\Program Files\Fichiers communs\Windows Live

[10/03/2008|17:43] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 51 Processes )

 

iexplore.exe ~ [PID:4088]

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

C:\DOCUME~1\GUI\LOCALS~1\Temp\msgpl_2c38.tmp

C:\DOCUME~1\GUI\Cookies\gui@advertstream[1].txt

C:\DOCUME~1\GUI\Cookies\gui@d2.advertserve[1].txt

C:\DOCUME~1\GUI\Cookies\gui@adultfriendfinder[2].txt

C:\DOCUME~1\GUI\Cookies\gui@ads.adultadvertising[1].txt

C:\DOCUME~1\GUI\Cookies\gui@advertising[1].txt

C:\DOCUME~1\GUI\Cookies\gui@advertising[2].txt

C:\DOCUME~1\GUI\Cookies\gui@ero-advertising[1].txt

C:\DOCUME~1\GUI\Cookies\gui@www.adultadvertising[2].txt

C:\DOCUME~1\GUI\Cookies\gui@adin.bigpoint[1].txt

C:\DOCUME~1\GUI\Cookies\gui@bigpoint[2].txt

C:\DOCUME~1\GUI\Cookies\gui@bigpoint[3].txt

C:\DOCUME~1\GUI\Cookies\gui@fr.bigpoint.darkorbit[1].txt

C:\DOCUME~1\GUI\Cookies\gui@fr.seafight.bigpoint[2].txt

C:\DOCUME~1\GUI\Cookies\gui@fr1.thepimps.bigpoint[1].txt

C:\DOCUME~1\GUI\Cookies\gui@euroclick[2].txt

C:\DOCUME~1\GUI\Cookies\gui@fr.partypoker[1].txt

C:\DOCUME~1\GUI\Cookies\gui@partypoker[1].txt

C:\DOCUME~1\GUI\Cookies\gui@fr.seafight.bigpoint[2].txt

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-30 16:23:38

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\GUI\Cookies\gui@coolcracks.co.funpic[1].txt

C:\DOCUME~1\GUI\Cookies\gui@newcracks2.ne.funpic[1].txt

C:\DOCUME~1\GUI\Cookies\gui@silentcracks.si.funpic[1].txt

C:\DOCUME~1\GUI\Mes documents\Mes vid‚os\Nouveau dossier\Command & Conquer 3 - Tiberium Wars v.1.0 Crack No-DVD.zip

 

 

[F:903][D:73]-> C:\DOCUME~1\GUI\LOCALS~1\Temp

[F:2366][D:0]-> C:\DOCUME~1\GUI\Cookies

[F:2476][D:17]-> C:\DOCUME~1\GUI\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 30/12/2009|16:25 - Option : [1]

 

--------------------\\ Fin du rapport a 16:25:24

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Débarrasse toi de ces cracks, il n'y a rien de tel pour se faire infecter (sans parler des sites qui les distribuent).

 

Relance Lop S&D

 

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

 

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

guidu77 Junior Member

guidu77

Posté(e)
  • Auteur
Posté(e)

voila le rapport de la suppression

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

 

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.66GHz )

BIOS : Phoenix ROM BIOS PLUS Version 1.10 A06

USER : GUI ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:111 Go (Free:42 Go)

D:\ (CD or DVD)

E:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( 30/12/2009|17:15 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Listing des dossiers dans APPLIC~1

 

[11/11/2003|20:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities

[27/05/2009|06:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia

[01/12/2007|12:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

 

[23/03/2009|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

[21/12/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[27/06/2009|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[16/12/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3

[03/08/2007|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

[25/12/2006|10:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

[22/12/2009|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[08/03/2008|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\baitwaverealsect

[05/07/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Chat Republic Games

[04/09/2007|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft

[02/08/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[30/12/2009|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[19/04/2008|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[14/03/2009|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[25/11/2003|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6

[02/08/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite

[25/06/2005|16:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime

[11/11/2003|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI

[10/03/2008|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

[24/09/2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[19/04/2009|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[08/03/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems

[03/07/2006|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[22/12/2006|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[10/03/2008|17:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

 

[11/11/2003|20:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities

[27/05/2009|06:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia

[01/12/2007|12:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

 

[27/06/2009|18:00] C:\DOCUME~1\GUI\APPLIC~1\Adobe

[16/12/2008|15:56] C:\DOCUME~1\GUI\APPLIC~1\Apple Computer

[15/04/2007|10:08] C:\DOCUME~1\GUI\APPLIC~1\bang

[02/04/2009|16:19] C:\DOCUME~1\GUI\APPLIC~1\CamfrogWEB

[24/10/2008|18:28] C:\DOCUME~1\GUI\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium

[21/10/2008|18:39] C:\DOCUME~1\GUI\APPLIC~1\DAEMON Tools

[25/11/2009|15:06] C:\DOCUME~1\GUI\APPLIC~1\Desktopicon

[06/01/2008|15:07] C:\DOCUME~1\GUI\APPLIC~1\GetRightToGo

[02/12/2005|16:59] C:\DOCUME~1\GUI\APPLIC~1\Google

[19/11/2003|15:50] C:\DOCUME~1\GUI\APPLIC~1\Help

[08/03/2008|12:46] C:\DOCUME~1\GUI\APPLIC~1\hide dumb byte

[11/11/2003|20:43] C:\DOCUME~1\GUI\APPLIC~1\Identities

[22/07/2005|16:54] C:\DOCUME~1\GUI\APPLIC~1\Leadertech

[20/12/2009|18:37] C:\DOCUME~1\GUI\APPLIC~1\LimeWire

[07/11/2006|18:28] C:\DOCUME~1\GUI\APPLIC~1\Macromedia

[30/12/2009|11:58] C:\DOCUME~1\GUI\APPLIC~1\Malwarebytes

[27/07/2009|19:03] C:\DOCUME~1\GUI\APPLIC~1\Media Player Classic

[03/03/2009|16:35] C:\DOCUME~1\GUI\APPLIC~1\Microsoft

[06/12/2009|14:36] C:\DOCUME~1\GUI\APPLIC~1\Mozilla

[22/08/2007|06:26] C:\DOCUME~1\GUI\APPLIC~1\Nokia

[21/08/2005|11:44] C:\DOCUME~1\GUI\APPLIC~1\OLYMPUS

[14/11/2008|19:35] C:\DOCUME~1\GUI\APPLIC~1\OpenOffice.org

[02/08/2007|18:43] C:\DOCUME~1\GUI\APPLIC~1\PC Suite

[24/08/2009|13:21] C:\DOCUME~1\GUI\APPLIC~1\Red Alert 3

[24/08/2009|15:15] C:\DOCUME~1\GUI\APPLIC~1\Samsung

[23/05/2007|18:43] C:\DOCUME~1\GUI\APPLIC~1\Screenshot Sender

[21/10/2008|14:54] C:\DOCUME~1\GUI\APPLIC~1\SecuROM

[21/03/2006|19:44] C:\DOCUME~1\GUI\APPLIC~1\Sun

[08/03/2008|16:19] C:\DOCUME~1\GUI\APPLIC~1\Symantec

[22/11/2003|12:06] C:\DOCUME~1\GUI\APPLIC~1\Template

[19/01/2009|16:57] C:\DOCUME~1\GUI\APPLIC~1\vghd

[18/11/2008|16:26] C:\DOCUME~1\GUI\APPLIC~1\vlc

[07/01/2008|18:58] C:\DOCUME~1\GUI\APPLIC~1\WinRAR

 

[04/10/2009|09:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe

[17/01/2009|18:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

 

 

[01/12/2007|12:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[09/04/2005|17:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

 

[09/02/2006|19:18] C:\DOCUME~1\PASCAL~1\APPLIC~1\Adobe

[11/11/2003|20:43] C:\DOCUME~1\PASCAL~1\APPLIC~1\Identities

[21/03/2006|19:18] C:\DOCUME~1\PASCAL~1\APPLIC~1\Macromedia

[23/11/2006|19:20] C:\DOCUME~1\PASCAL~1\APPLIC~1\Microsoft

[14/03/2008|14:22] C:\DOCUME~1\PASCAL~1\APPLIC~1\PC Suite

[08/03/2008|11:53] C:\DOCUME~1\PASCAL~1\APPLIC~1\Symantec

 

 

[24/02/2004|18:13] C:\DOCUME~1\VALERIE\APPLIC~1\Adobe

[11/11/2003|20:43] C:\DOCUME~1\VALERIE\APPLIC~1\Identities

[25/01/2004|17:51] C:\DOCUME~1\VALERIE\APPLIC~1\Microsoft

[11/11/2003|21:13] C:\DOCUME~1\VALERIE\APPLIC~1\Symantec

[07/12/2003|10:32] C:\DOCUME~1\VALERIE\APPLIC~1\Template

 

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

 

[30/12/2009 16:33][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[30/12/2009 14:52][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[28/12/2009 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[30/12/2009 14:52][--ah-----] C:\WINDOWS\tasks\SA.DAT

[30/08/2002 08:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

 

--------------------\\ Listing des dossiers dans C:\Program Files

 

[15/03/2008|11:21] C:\Program Files\Adobe

[30/01/2008|18:27] C:\Program Files\Anuman Interactive

[16/11/2003|16:45] C:\Program Files\AOL 8.0

[11/11/2003|21:14] C:\Program Files\AOL Compagnon

[17/12/2008|07:15] C:\Program Files\Apple Software Update

[22/12/2009|11:30] C:\Program Files\Avira

[25/11/2009|15:41] C:\Program Files\AviSynth 2.5

[18/06/2005|10:38] C:\Program Files\Axis Communications

[16/06/2009|14:34] C:\Program Files\Bonjour

[02/04/2009|16:19] C:\Program Files\CFWebAdvancedU

[27/11/2004|11:07] C:\Program Files\Common Files

[11/11/2003|20:43] C:\Program Files\ComPlus Applications

[11/05/2005|17:52] C:\Program Files\CONEXANT

[04/09/2008|08:25] C:\Program Files\Counter-Strike

[15/03/2009|12:44] C:\Program Files\Counter-Strike Source

[11/11/2003|21:12] C:\Program Files\CyberLink

[11/11/2003|21:11] C:\Program Files\Dell

[11/11/2003|21:12] C:\Program Files\Dell Computer

[02/08/2007|18:42] C:\Program Files\DIFX

[12/04/2005|17:26] C:\Program Files\Digital Illusions CE AB

[11/11/2003|21:12] C:\Program Files\Digital Line Detect

[16/11/2003|17:12] C:\Program Files\directx

[27/06/2009|18:34] C:\Program Files\DivX

[05/08/2009|12:54] C:\Program Files\Electronic Arts

[25/08/2009|08:09] C:\Program Files\Fichiers communs

[27/06/2009|10:17] C:\Program Files\Food Force - Version Fran‡aise

[25/11/2009|15:05] C:\Program Files\FreeTime

[24/12/2009|17:19] C:\Program Files\Google

[27/05/2005|20:10] C:\Program Files\Goto Software

[04/03/2006|17:55] C:\Program Files\GUILD WARS

[25/01/2005|18:49] C:\Program Files\Harry Potter Creative CD

[24/05/2007|06:19] C:\Program Files\hide dumb byte

[28/06/2004|10:19] C:\Program Files\HighMAT CD Writing Wizard

[24/11/2006|20:07] C:\Program Files\Incomplete

[16/12/2009|14:41] C:\Program Files\InstallShield Installation Information

[11/11/2003|21:11] C:\Program Files\Intel

[13/12/2009|12:00] C:\Program Files\Internet Explorer

[21/12/2009|17:11] C:\Program Files\iPod

[21/12/2009|17:12] C:\Program Files\iTunes

[11/11/2003|21:12] C:\Program Files\Jasc Software Inc

[20/01/2009|14:47] C:\Program Files\Java

[09/12/2009|13:29] C:\Program Files\JDownloader

[14/11/2008|19:32] C:\Program Files\JRE

[11/06/2005|15:25] C:\Program Files\JVTorrent

[02/11/2009|09:29] C:\Program Files\LimeWire

[30/12/2009|11:58] C:\Program Files\Malwarebytes' Anti-Malware

[23/03/2008|17:26] C:\Program Files\MediaCoder

[16/09/2008|18:45] C:\Program Files\Messenger

[14/11/2009|14:36] C:\Program Files\Messenger Plus! Live

[14/09/2005|13:50] C:\Program Files\Microids

[05/10/2009|09:14] C:\Program Files\Microsoft

[09/05/2007|14:09] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[11/11/2003|20:43] C:\Program Files\microsoft frontpage

[16/12/2009|14:30] C:\Program Files\Microsoft Games

[14/01/2006|18:48] C:\Program Files\Microsoft Office

[14/01/2006|18:48] C:\Program Files\Microsoft Visual Studio

[22/12/2006|18:53] C:\Program Files\Microsoft Works

[14/01/2006|18:47] C:\Program Files\Microsoft.NET

[26/12/2003|13:57] C:\Program Files\Mindscape

[11/11/2003|21:11] C:\Program Files\Modem Helper

[14/09/2008|18:12] C:\Program Files\Movie Maker

[22/12/2009|15:06] C:\Program Files\Mozilla Firefox

[11/05/2006|19:01] C:\Program Files\mp3

[14/12/2008|13:05] C:\Program Files\MSBuild

[14/09/2008|18:12] C:\Program Files\msn

[11/11/2003|20:43] C:\Program Files\MSN Gaming Zone

[17/11/2006|19:00] C:\Program Files\MSXML 4.0

[14/09/2008|18:07] C:\Program Files\NetMeeting

[11/11/2003|21:12] C:\Program Files\NetWaiting

[25/08/2009|08:09] C:\Program Files\Nokia

[08/03/2008|16:19] C:\Program Files\Norton AntiVirus

[22/07/2005|16:51] C:\Program Files\NovaLogic

[07/06/2008|11:09] C:\Program Files\NTFS Undelete

[11/11/2003|21:14] C:\Program Files\Nullsoft

[25/06/2005|16:16] C:\Program Files\OLYMPUS

[14/11/2008|19:32] C:\Program Files\OpenOffice.org 3

[23/08/2009|18:05] C:\Program Files\Outlook Express

[25/03/2004|18:56] C:\Program Files\Panicware

[02/08/2007|18:41] C:\Program Files\PC Connectivity Solution

[25/06/2005|16:15] C:\Program Files\PIXELA

[28/10/2009|10:17] C:\Program Files\pspvc

[21/12/2009|17:09] C:\Program Files\QuickTime

[14/12/2008|12:59] C:\Program Files\Reference Assemblies

[08/10/2005|13:31] C:\Program Files\ReflexiveArcade

[11/11/2003|21:14] C:\Program Files\Roxio

[24/08/2009|15:06] C:\Program Files\Samsung

[02/09/2009|13:13] C:\Program Files\Satsuki Decoder Pack

[11/11/2003|20:43] C:\Program Files\Services en ligne

[08/10/2005|13:50] C:\Program Files\Slickball

[10/03/2008|17:31] C:\Program Files\Spybot - Search & Destroy

[30/12/2009|14:53] C:\Program Files\Steam

[24/09/2008|18:36] C:\Program Files\Symantec

[23/10/2004|17:12] C:\Program Files\Thomson

[09/05/2007|13:22] C:\Program Files\Ubi Soft

[19/03/2005|17:29] C:\Program Files\Ulead Systems

[09/07/2004|16:37] C:\Program Files\Uninstall Information

[20/01/2009|14:12] C:\Program Files\vghd

[07/06/2008|13:28] C:\Program Files\VideoLAN

[02/02/2007|07:26] C:\Program Files\Virtools

[03/07/2009|17:26] C:\Program Files\Wanadoo

[23/10/2004|17:11] C:\Program Files\Wanadoo Messager

[14/03/2009|14:21] C:\Program Files\Windows Live

[14/03/2009|14:21] C:\Program Files\Windows Live SkyDrive

[16/01/2008|14:20] C:\Program Files\Windows Live Toolbar

[22/12/2006|17:37] C:\Program Files\Windows Media Connect 2

[14/09/2008|18:07] C:\Program Files\Windows Media Player

[14/09/2008|18:07] C:\Program Files\Windows NT

[18/08/2004|11:20] C:\Program Files\WindowsUpdate

[29/09/2009|16:36] C:\Program Files\WinPcap

[07/01/2008|18:58] C:\Program Files\WinRAR

[07/05/2008|15:29] C:\Program Files\WMV9_VCM

[11/11/2003|20:43] C:\Program Files\XEROX

[09/05/2007|13:53] C:\Program Files\Zero G Registry

 

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

 

[11/11/2003|21:14] C:\Program Files\Fichiers communs\Adaptec Shared

[15/03/2008|11:21] C:\Program Files\Fichiers communs\Adobe

[27/06/2009|18:00] C:\Program Files\Fichiers communs\Adobe AIR

[11/11/2003|21:14] C:\Program Files\Fichiers communs\AOL

[11/11/2003|21:14] C:\Program Files\Fichiers communs\aolshare

[21/12/2009|17:11] C:\Program Files\Fichiers communs\Apple

[30/09/2008|14:13] C:\Program Files\Fichiers communs\Blizzard Entertainment

[14/01/2006|18:48] C:\Program Files\Fichiers communs\DESIGNER

[12/11/2006|11:19] C:\Program Files\Fichiers communs\DirectX

[25/06/2005|16:15] C:\Program Files\Fichiers communs\InstallShield

[30/03/2005|18:22] C:\Program Files\Fichiers communs\Java

[19/04/2009|16:45] C:\Program Files\Fichiers communs\Microsoft Shared

[11/11/2003|20:43] C:\Program Files\Fichiers communs\MSSoap

[11/11/2003|20:43] C:\Program Files\Fichiers communs\ODBC

[12/07/2005|20:07] C:\Program Files\Fichiers communs\Real

[11/11/2003|20:43] C:\Program Files\Fichiers communs\Services

[11/11/2003|20:43] C:\Program Files\Fichiers communs\SpeechEngines

[24/09/2008|14:47] C:\Program Files\Fichiers communs\Symantec Shared

[14/09/2008|18:07] C:\Program Files\Fichiers communs\System

[14/03/2009|14:14] C:\Program Files\Fichiers communs\Windows Live

[10/03/2008|17:43] C:\Program Files\Fichiers communs\WindowsLiveInstaller

 

--------------------\\ Process

 

( 49 Processes )

 

... OK !

 

--------------------\\ Recherche avec S_Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Recherche de Fichiers / Dossiers Lop

 

Aucun fichier / dossier Lop trouvé !

 

--------------------\\ Verification du Registre

 

..... OK !

 

--------------------\\ Verification du fichier Hosts

 

Fichier Hosts PROPRE

 

 

--------------------\\ Recherche de fichiers avec Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-30 17:17:45

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Recherche d'autres infections

 

 

Aucune autre infection trouvée !

 

[F:879][D:73]-> C:\DOCUME~1\GUI\LOCALS~1\Temp

[F:2346][D:0]-> C:\DOCUME~1\GUI\Cookies

[F:2497][D:17]-> C:\DOCUME~1\GUI\LOCALS~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - 30/12/2009|16:25 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 30/12/2009|16:57 - Option : [2]

3 - "C:\Lop SD\LopR_3.txt" - 30/12/2009|17:12 - Option : [2]

4 - "C:\Lop SD\LopR_4.txt" - 30/12/2009|17:18 - Option : [2]

 

--------------------\\ Fin du rapport a 17:18:32

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Relance HijackThis, clique sur "Do a system scan only" puis coche ceci et clique sur le bouton "Fix checked", en bas à gauche :

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKLM\..\Run: [avserve.exe] C:\WINDOWS\avserve.exe

O4 - HKCU\..\Run: [Active Lies] C:\DOCUME~1\GUI\APPLIC~1\HIDEDU~1\online four.exe

O22 - SharedTaskScheduler: baure - {37ba7add-75f6-498f-a07a-2b0403e34401} - C:\WINDOWS\system32\holnvvf.dll (file missing)

O23 - Service: Network Event Client (WksPatch) - Unknown owner - C:\WINDOWS\System32\drivers\svchost.exe (file missing)

 

On peut aussi alléger un peu le démarrage, si tu le souhaites.

 

Je vois Antivir à côté de Norton, ce n'est pas normal, ça fait 2 antivirus, qui se concurrencent et ralentissent ta machine.

Si tu as payé pour Norton, il faudrait finir ton abonnement, mais si c'est une démo (ou du cracké), tu peux t'en débarrasser, avec cet outil officiel, qui fera le travail. Il supprime tous les produits Norton/Symantec.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...