Virus nokia 19
Dernière réponse : dans Sécurité
Lassé par la pub ? Créez un compte
bonjour
merci d'éviter le SMS![:)]( ":)")
Télécharge MSNFix.zip (!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
[#ff0000]
Il est indispensable que l'outil soit executé à partir du bureau.
Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.
[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]
Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
->Tutorial de Malekal<-
merci d'éviter le SMS
Télécharge MSNFix.zip (!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
[#ff0000]
Il est indispensable que l'outil soit executé à partir du bureau.
Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.
[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]
Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
->Tutorial de Malekal<-
bonsoir
?![:D]( ":D")
poste le rapport demandé alors
et ajoute ceci:
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Citation :
C'est fait!?
poste le rapport demandé alors
et ajoute ceci:
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
ça c'est celui de MSN FIX
MSNFix 1.551
C:\Documents and Settings\HP_Propri‚taire\Bureau\MSNFix\MSNFix
Fix exécuté le 19/10/2007 - 20:05:27,48 By HP_Propri‚taire
mode normal
************************ Recherche les fichiers présents
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\k3d3t4t8n7l.exe
... C:\log.txt
... C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\removalfile.bat
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Nokia_19_jpg.zip
************************ MSNCHK ***** /!\ beta test /!\
[!] C:\WINDOWS\Nokia_19_jpg.zip is INFECTED
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\log.txt
.. OK ... C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\removalfile.bat
/!\ ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\
.. OK ... C:\Temp\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\LBTWiz.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\HP_Propriétaire\plug_in.ini] 01643A9454B8351FB32DAFF2F22A2D6A
[C:\Documents and Settings\HP_Propriétaire\presets.ini] 8E7BBE45EAEE876D35A502175EA981E8
==> SVP merci d'envoyer le fichier C:\DOCUME~1\HP_PRO~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 19102007_20105831.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
ET CELUI-CI HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:27:10, on 24/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CpuIdle\cpuidle.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\MD5File.exe
C:\WINDOWS\system32\find.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fluo.com/?m=MARADONA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WEB SPEED (armand) AIE!!!!!!!!!!!!!!!!!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.google.fr"); (C:\Documents and Settings\HP_PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\69mve3tz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\HP_PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\69mve3tz.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1053B82F-7492-4A6E-895F-EC5DD199A405} - (no file)
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
O2 - BHO: (no name) - {47EB2D5F-507D-4BA7-9465-04DDF9F174FB} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {A268B9B0-77F5-4B8E-8FB2-09B6CF94A4EE} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - (no file)
O2 - BHO: (no name) - {E95ADF20-37F6-49A4-B6D0-4DA7675C370E} - C:\WINDOWS\system32\pmkhi.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EAkduG] C:\WINDOWS\djekahn.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CpuIdle] C:\Program Files\CpuIdle\cpuidle.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [inter 01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TWOSIT~1\Multi Online Army.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.downlo...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scann...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A13516A3-BE86-4517-813C-B5FF0C8ACDF3} - http://downloadtoontown.goa.com/sv1.5.11.8/ttinst-frenc...
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - Winlogon Notify: iifgeef - iifgeef.dll (file missing)
O20 - Winlogon Notify: pmkhi - C:\WINDOWS\system32\pmkhi.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
--
End of file - 14427 bytes
MSNFix 1.551
C:\Documents and Settings\HP_Propri‚taire\Bureau\MSNFix\MSNFix
Fix exécuté le 19/10/2007 - 20:05:27,48 By HP_Propri‚taire
mode normal
************************ Recherche les fichiers présents
... C:\Program Files\Fichiers communs\Carlson\carlton
... C:\k3d3t4t8n7l.exe
... C:\log.txt
... C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\removalfile.bat
... C:\WINDOWS\LBTWiz.exe
... C:\WINDOWS\Nokia_19_jpg.zip
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Nokia_19_jpg.zip
************************ MSNCHK ***** /!\ beta test /!\
[!] C:\WINDOWS\Nokia_19_jpg.zip is INFECTED
************************ Recherche les dossiers présents
... C:\Program Files\Fichiers communs\Carlson\
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\carlton
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\log.txt
.. OK ... C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\removalfile.bat
/!\ ... C:\WINDOWS\LBTWiz.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\k3d3t4t8n7l.exe
.. OK ... C:\WINDOWS\Nokia_19_jpg.zip
************************ Suppression des dossiers
.. OK ... C:\Program Files\Fichiers communs\Carlson\
.. OK ... C:\Temp\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\LBTWiz.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\HP_Propriétaire\plug_in.ini] 01643A9454B8351FB32DAFF2F22A2D6A
[C:\Documents and Settings\HP_Propriétaire\presets.ini] 8E7BBE45EAEE876D35A502175EA981E8
==> SVP merci d'envoyer le fichier C:\DOCUME~1\HP_PRO~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 19102007_20105831.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
ET CELUI-CI HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:27:10, on 24/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CpuIdle\cpuidle.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\MSNFix\MSNFix\incl\MD5File.exe
C:\WINDOWS\system32\find.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fluo.com/?m=MARADONA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = WEB SPEED (armand) AIE!!!!!!!!!!!!!!!!!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.google.fr"); (C:\Documents and Settings\HP_PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\69mve3tz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\HP_PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\69mve3tz.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1053B82F-7492-4A6E-895F-EC5DD199A405} - (no file)
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.1.0.0\ShprRprt.dll (file missing)
O2 - BHO: (no name) - {47EB2D5F-507D-4BA7-9465-04DDF9F174FB} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {A268B9B0-77F5-4B8E-8FB2-09B6CF94A4EE} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - (no file)
O2 - BHO: (no name) - {E95ADF20-37F6-49A4-B6D0-4DA7675C370E} - C:\WINDOWS\system32\pmkhi.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EAkduG] C:\WINDOWS\djekahn.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CpuIdle] C:\Program Files\CpuIdle\cpuidle.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [inter 01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TWOSIT~1\Multi Online Army.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.downlo...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scann...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A13516A3-BE86-4517-813C-B5FF0C8ACDF3} - http://downloadtoontown.goa.com/sv1.5.11.8/ttinst-frenc...
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPl...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/Mu...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O20 - Winlogon Notify: iifgeef - iifgeef.dll (file missing)
O20 - Winlogon Notify: pmkhi - C:\WINDOWS\system32\pmkhi.dll (file missing)
O20 - Winlogon Notify: ssqpp - C:\WINDOWS\system32\ssqpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
--
End of file - 14427 bytes
Bonsoir ![:D]( ":D")
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat.
Sélectionne la langue en tapant sur 1 puis en validant avec la touche Entrée.
Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat.
Sélectionne la langue en tapant sur 1 puis en validant avec la touche Entrée.
Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
------------------------------[ Lop S&D 1.4 ]----------------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\HP_Propri‚taire\Bureau\Lop S&D"
Rapport créé Le 01/11/2007 à 11:52:16,04 PC : ARIEN
! Faire analyser le rapport par un Helper avant intervention !
-------------[ Listing des Dossiers dans Application Data ]-------------
C:\Documents and settings\All Users\Application Data\Acoustica
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\Apple
C:\Documents and settings\All Users\Application Data\iZotope
C:\Documents and settings\All Users\Application Data\IDOL OBJ POKE PROXY
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\nfo
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\Downloaded Installations
C:\Documents and settings\All Users\Application Data\PC Suite
C:\Documents and settings\All Users\Application Data\vidmon
C:\Documents and settings\All Users\Application Data\Ulead Systems
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Yahoo!
C:\Documents and settings\All Users\Application Data\Sony Corporation
C:\Documents and settings\All Users\Application Data\muvee Technologies
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Macrovision
C:\Documents and settings\All Users\Application Data\pixelStorm
C:\Documents and settings\All Users\Application Data\hpzinstall.log
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\InstallShield
C:\Documents and settings\All Users\Application Data\Hewlett-Packard
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\SampleView
C:\Documents and settings\Default User\Application Data\Apple Computer
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\HP_Propri‚taire\Application Data\OpenOffice.org2
C:\Documents and settings\HP_Propri‚taire\Application Data\Two Site Ford
C:\Documents and settings\HP_Propri‚taire\Application Data\Acoustica
C:\Documents and settings\HP_Propri‚taire\Application Data\DeepBurner
C:\Documents and settings\HP_Propri‚taire\Application Data\ChessBase
C:\Documents and settings\HP_Propri‚taire\Application Data\Nero
C:\Documents and settings\HP_Propri‚taire\Application Data\Ahead
C:\Documents and settings\HP_Propri‚taire\Application Data\wklnhst.dat
C:\Documents and settings\HP_Propri‚taire\Application Data\Help
C:\Documents and settings\HP_Propri‚taire\Application Data\GetRightToGo
C:\Documents and settings\HP_Propri‚taire\Application Data\Smartelectronix
C:\Documents and settings\HP_Propri‚taire\Application Data\Screenshot Sender
C:\Documents and settings\HP_Propri‚taire\Application Data\Publish Providers
C:\Documents and settings\HP_Propri‚taire\Application Data\Sony
C:\Documents and settings\HP_Propri‚taire\Application Data\AdobeUM
C:\Documents and settings\HP_Propri‚taire\Application Data\PC Suite
C:\Documents and settings\HP_Propri‚taire\Application Data\Ulead Systems
C:\Documents and settings\HP_Propri‚taire\Application Data\gtk-2.0
C:\Documents and settings\HP_Propri‚taire\Application Data\Skype
C:\Documents and settings\HP_Propri‚taire\Application Data\Sony Corporation
C:\Documents and settings\HP_Propri‚taire\Application Data\Adobe
C:\Documents and settings\HP_Propri‚taire\Application Data\Talkback
C:\Documents and settings\HP_Propri‚taire\Application Data\Real
C:\Documents and settings\HP_Propri‚taire\Application Data\ICAClient
C:\Documents and settings\HP_Propri‚taire\Application Data\muvee Technologies
C:\Documents and settings\HP_Propri‚taire\Application Data\Microsoft
C:\Documents and settings\HP_Propri‚taire\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
C:\Documents and settings\HP_Propri‚taire\Application Data\Mozilla
C:\Documents and settings\HP_Propri‚taire\Application Data\Google
C:\Documents and settings\HP_Propri‚taire\Application Data\ATI
C:\Documents and settings\HP_Propri‚taire\Application Data\Yahoo!
C:\Documents and settings\HP_Propri‚taire\Application Data\Sun
C:\Documents and settings\HP_Propri‚taire\Application Data\MSNInstaller
C:\Documents and settings\HP_Propri‚taire\Application Data\Sonic
C:\Documents and settings\HP_Propri‚taire\Application Data\Leadertech
C:\Documents and settings\HP_Propri‚taire\Application Data\Template
C:\Documents and settings\HP_Propri‚taire\Application Data\InterVideo
C:\Documents and settings\HP_Propri‚taire\Application Data\Symantec
C:\Documents and settings\HP_Propri‚taire\Application Data\Macromedia
C:\Documents and settings\HP_Propri‚taire\Application Data\SampleView
C:\Documents and settings\HP_Propri‚taire\Application Data\Apple Computer
C:\Documents and settings\HP_Propri‚taire\Application Data\Identities
C:\Documents and settings\HP_Propri‚taire\Application Data\desktop.ini
C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Symantec
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans Program Files ]--------------
C:\Program Files\Activision
C:\Program Files\Adobe
C:\Program Files\Adverts
C:\Program Files\Alice Triway Wi-Fi
C:\Program Files\Alice_Triway_WiFi
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\ATI Technologies
C:\Program Files\Audacity
C:\Program Files\ChessBase
C:\Program Files\Common Files
C:\Program Files\CpuIdle
C:\Program Files\Creative
C:\Program Files\DIFX
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\EA GAMES
C:\Program Files\EA SPORTS
C:\Program Files\Eidos
C:\Program Files\Empire Interactive
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Generic
C:\Program Files\Google
C:\Program Files\Guppy
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\HPQ
C:\Program Files\ILLEGAL STREET RACING
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\iZotope
C:\Program Files\Java
C:\Program Files\KONAMI
C:\Program Files\Labtec
C:\Program Files\LimeWire
C:\Program Files\Logitech
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSECache
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\MyXOFT
C:\Program Files\NetMeeting
C:\Program Files\Nicolas MERLET
C:\Program Files\OpenOffice.org 2.0
C:\Program Files\OpenOffice.org 2.1
C:\Program Files\OpenOffice.org 2.2
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Sonic
C:\Program Files\Steinberg
C:\Program Files\Two Site Ford
C:\Program Files\Unlocker
C:\Program Files\Usability Sciences
C:\Program Files\Viewpoint
C:\Program Files\VirtualDJ
C:\Program Files\VirtualDJ4.2
C:\Program Files\Wanadoo Edition
C:\Program Files\Windows Live
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\Yahoo!
------[ Listing des dossiers dans Program Files\Fichiers Communs ]------
C:\program files\fichiers communs\{380B0145-0B75-1036-0622-050504140021}
C:\program files\fichiers communs\{D80B0145-0B75-1036-0622-050504140021}
C:\program files\fichiers communs\{D80B0145-0B76-1036-0622-050504140021}
C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\Apple
C:\program files\fichiers communs\Digidesign
C:\program files\fichiers communs\DirectX
C:\program files\fichiers communs\GTK
C:\program files\fichiers communs\Hewlett-Packard
C:\program files\fichiers communs\HP
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\iZotope
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\L&H
C:\program files\fichiers communs\Labtec
C:\program files\fichiers communs\Macrovision Shared
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\mozilla.org
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\muvee Technologies
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Sonic Shared
C:\program files\fichiers communs\Sony Shared
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SureThing Shared
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\TiVo Shared
C:\program files\fichiers communs\WinSoftware
C:\program files\fichiers communs\xing shared
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"inter 01"="C:\\DOCUME~1\\HP_PRO~1\\APPLIC~1\\TWOSIT~1\\Multi Online Army.exe"
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\Documents and settings\HP_Propri‚taire\Application Data\TWOSIT~1
C:\Program Files\TWOSIT~1
C:\Program Files\Adverts
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
--------------[ Recherche de fichiers cachés avec Catchme ]---------------
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-01 11:52:49
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden services & system hive ...
scanning hidden files ...
C:\WINDOWS\system32\gkxqebcyuh.dat
C:\WINDOWS\system32\gkxqebcyuh.exe
C:\WINDOWS\system32\gkxqebcyuh_nav.dat
C:\WINDOWS\system32\gkxqebcyuh_navps.dat
C:\WINDOWS\system32\msplock32.dll
scan completed successfully
hidden files: 5
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\pack.epk
! EGDACCESS Possible !
D:\Autorun.inf
--------------------[ Fin du rapport à 11:53:21,56 ]----------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\HP_Propri‚taire\Bureau\Lop S&D"
Rapport créé Le 01/11/2007 à 11:52:16,04 PC : ARIEN
! Faire analyser le rapport par un Helper avant intervention !
-------------[ Listing des Dossiers dans Application Data ]-------------
C:\Documents and settings\All Users\Application Data\Acoustica
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\Apple
C:\Documents and settings\All Users\Application Data\iZotope
C:\Documents and settings\All Users\Application Data\IDOL OBJ POKE PROXY
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\nfo
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\Downloaded Installations
C:\Documents and settings\All Users\Application Data\PC Suite
C:\Documents and settings\All Users\Application Data\vidmon
C:\Documents and settings\All Users\Application Data\Ulead Systems
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Yahoo!
C:\Documents and settings\All Users\Application Data\Sony Corporation
C:\Documents and settings\All Users\Application Data\muvee Technologies
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Macrovision
C:\Documents and settings\All Users\Application Data\pixelStorm
C:\Documents and settings\All Users\Application Data\hpzinstall.log
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\InstallShield
C:\Documents and settings\All Users\Application Data\Hewlett-Packard
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\Symantec
C:\Documents and settings\Default User\Application Data\SampleView
C:\Documents and settings\Default User\Application Data\Apple Computer
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\HP_Propri‚taire\Application Data\OpenOffice.org2
C:\Documents and settings\HP_Propri‚taire\Application Data\Two Site Ford
C:\Documents and settings\HP_Propri‚taire\Application Data\Acoustica
C:\Documents and settings\HP_Propri‚taire\Application Data\DeepBurner
C:\Documents and settings\HP_Propri‚taire\Application Data\ChessBase
C:\Documents and settings\HP_Propri‚taire\Application Data\Nero
C:\Documents and settings\HP_Propri‚taire\Application Data\Ahead
C:\Documents and settings\HP_Propri‚taire\Application Data\wklnhst.dat
C:\Documents and settings\HP_Propri‚taire\Application Data\Help
C:\Documents and settings\HP_Propri‚taire\Application Data\GetRightToGo
C:\Documents and settings\HP_Propri‚taire\Application Data\Smartelectronix
C:\Documents and settings\HP_Propri‚taire\Application Data\Screenshot Sender
C:\Documents and settings\HP_Propri‚taire\Application Data\Publish Providers
C:\Documents and settings\HP_Propri‚taire\Application Data\Sony
C:\Documents and settings\HP_Propri‚taire\Application Data\AdobeUM
C:\Documents and settings\HP_Propri‚taire\Application Data\PC Suite
C:\Documents and settings\HP_Propri‚taire\Application Data\Ulead Systems
C:\Documents and settings\HP_Propri‚taire\Application Data\gtk-2.0
C:\Documents and settings\HP_Propri‚taire\Application Data\Skype
C:\Documents and settings\HP_Propri‚taire\Application Data\Sony Corporation
C:\Documents and settings\HP_Propri‚taire\Application Data\Adobe
C:\Documents and settings\HP_Propri‚taire\Application Data\Talkback
C:\Documents and settings\HP_Propri‚taire\Application Data\Real
C:\Documents and settings\HP_Propri‚taire\Application Data\ICAClient
C:\Documents and settings\HP_Propri‚taire\Application Data\muvee Technologies
C:\Documents and settings\HP_Propri‚taire\Application Data\Microsoft
C:\Documents and settings\HP_Propri‚taire\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
C:\Documents and settings\HP_Propri‚taire\Application Data\Mozilla
C:\Documents and settings\HP_Propri‚taire\Application Data\Google
C:\Documents and settings\HP_Propri‚taire\Application Data\ATI
C:\Documents and settings\HP_Propri‚taire\Application Data\Yahoo!
C:\Documents and settings\HP_Propri‚taire\Application Data\Sun
C:\Documents and settings\HP_Propri‚taire\Application Data\MSNInstaller
C:\Documents and settings\HP_Propri‚taire\Application Data\Sonic
C:\Documents and settings\HP_Propri‚taire\Application Data\Leadertech
C:\Documents and settings\HP_Propri‚taire\Application Data\Template
C:\Documents and settings\HP_Propri‚taire\Application Data\InterVideo
C:\Documents and settings\HP_Propri‚taire\Application Data\Symantec
C:\Documents and settings\HP_Propri‚taire\Application Data\Macromedia
C:\Documents and settings\HP_Propri‚taire\Application Data\SampleView
C:\Documents and settings\HP_Propri‚taire\Application Data\Apple Computer
C:\Documents and settings\HP_Propri‚taire\Application Data\Identities
C:\Documents and settings\HP_Propri‚taire\Application Data\desktop.ini
C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\Symantec
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans Program Files ]--------------
C:\Program Files\Activision
C:\Program Files\Adobe
C:\Program Files\Adverts
C:\Program Files\Alice Triway Wi-Fi
C:\Program Files\Alice_Triway_WiFi
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\ATI Technologies
C:\Program Files\Audacity
C:\Program Files\ChessBase
C:\Program Files\Common Files
C:\Program Files\CpuIdle
C:\Program Files\Creative
C:\Program Files\DIFX
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\EA GAMES
C:\Program Files\EA SPORTS
C:\Program Files\Eidos
C:\Program Files\Empire Interactive
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla
C:\Program Files\Generic
C:\Program Files\Google
C:\Program Files\Guppy
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\HPQ
C:\Program Files\ILLEGAL STREET RACING
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\InterVideo
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\iZotope
C:\Program Files\Java
C:\Program Files\KONAMI
C:\Program Files\Labtec
C:\Program Files\LimeWire
C:\Program Files\Logitech
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Works
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSECache
C:\Program Files\MSN
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\MyXOFT
C:\Program Files\NetMeeting
C:\Program Files\Nicolas MERLET
C:\Program Files\OpenOffice.org 2.0
C:\Program Files\OpenOffice.org 2.1
C:\Program Files\OpenOffice.org 2.2
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Sonic
C:\Program Files\Steinberg
C:\Program Files\Two Site Ford
C:\Program Files\Unlocker
C:\Program Files\Usability Sciences
C:\Program Files\Viewpoint
C:\Program Files\VirtualDJ
C:\Program Files\VirtualDJ4.2
C:\Program Files\Wanadoo Edition
C:\Program Files\Windows Live
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\Yahoo!
------[ Listing des dossiers dans Program Files\Fichiers Communs ]------
C:\program files\fichiers communs\{380B0145-0B75-1036-0622-050504140021}
C:\program files\fichiers communs\{D80B0145-0B75-1036-0622-050504140021}
C:\program files\fichiers communs\{D80B0145-0B76-1036-0622-050504140021}
C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\Apple
C:\program files\fichiers communs\Digidesign
C:\program files\fichiers communs\DirectX
C:\program files\fichiers communs\GTK
C:\program files\fichiers communs\Hewlett-Packard
C:\program files\fichiers communs\HP
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\iZotope
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\L&H
C:\program files\fichiers communs\Labtec
C:\program files\fichiers communs\Macrovision Shared
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\mozilla.org
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\muvee Technologies
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\Sonic Shared
C:\program files\fichiers communs\Sony Shared
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\SureThing Shared
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\TiVo Shared
C:\program files\fichiers communs\WinSoftware
C:\program files\fichiers communs\xing shared
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"inter 01"="C:\\DOCUME~1\\HP_PRO~1\\APPLIC~1\\TWOSIT~1\\Multi Online Army.exe"
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\Documents and settings\HP_Propri‚taire\Application Data\TWOSIT~1
C:\Program Files\TWOSIT~1
C:\Program Files\Adverts
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
--------------[ Recherche de fichiers cachés avec Catchme ]---------------
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-01 11:52:49
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden services & system hive ...
scanning hidden files ...
C:\WINDOWS\system32\gkxqebcyuh.dat
C:\WINDOWS\system32\gkxqebcyuh.exe
C:\WINDOWS\system32\gkxqebcyuh_nav.dat
C:\WINDOWS\system32\gkxqebcyuh_navps.dat
C:\WINDOWS\system32\msplock32.dll
scan completed successfully
hidden files: 5
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\pack.epk
! EGDACCESS Possible !
D:\Autorun.inf
--------------------[ Fin du rapport à 11:53:21,56 ]----------------------
bonsoir
tu as encore pas mal d'infections sur ta machine...
1
redémarre en mode sans echec (f8 au démarrage)
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer.exe puis valide.
2
Télécharge Navilog1.exe ([#ff0000]IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
3
Télécharge Flash Disinfector
Connectes tes supports amovibles sur ton PC. (lecteur mp3, DD externe, clé USB...)
Connecte tous les périphériques externes ( DD , USB , ..... )
Double clique sur Flash Disinfector et laisse toi guider
4
supprime:
D:\Autorun.inf
Note :
Panneau de configuration/Options des dossiers/onglet Affichage/cocher Afficher les fichiers et dossiers cachés, décocher Masquer les extensions de fichiers connus, décocher Masquer les fichiers protégés du Système.
Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.
tu as encore pas mal d'infections sur ta machine...
1
redémarre en mode sans echec (f8 au démarrage)
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat. Tape sur "S" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer.exe puis valide.
2
Télécharge Navilog1.exe ([#ff0000]IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
3
Télécharge Flash Disinfector
Connectes tes supports amovibles sur ton PC. (lecteur mp3, DD externe, clé USB...)
Connecte tous les périphériques externes ( DD , USB , ..... )
Double clique sur Flash Disinfector et laisse toi guider
4
supprime:
D:\Autorun.inf
Note :
Citation :
Pour afficher les dossiers et fichiers cachés du système: Panneau de configuration/Options des dossiers/onglet Affichage/cocher Afficher les fichiers et dossiers cachés, décocher Masquer les extensions de fichiers connus, décocher Masquer les fichiers protégés du Système.
Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumHelp svp pour un virus nokia 19
- ForumInfecte par le virus nokia 19
- ForumVirus nokia 19 vraiment debutant
- ForumInfection virus nokia 19
- ForumImpossible de supprimer virus nokia 19
- ForumVirus nokia 19 jpg pour super debutante
- ForumRapport msnfix suite a virus nokia 19
- ForumComment virer le virus nokia 19 svp
- ForumVirus 3d3t4t8n7l et nokia 19 zip
- ForumTelechager anti virus pour nokia
- Voir plus
