Bonjour,
Comme malheuresement beaucoup de personnes, j'ai des spams incessants de pubs diverses.
Voici mon scan Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:28:15, on 03/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Trust\WB-3500T USB2 Webcam\SnapTrap.exe
C:\WINDOWS\vsnpstd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Propriétaire\Mes documents\logs\turbolaunch\turbolaunch\TurboLaunch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\killVBS.vbs
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [STICAP] C:\Program Files\Trust\WB-3500T USB2 Webcam\SnapTrap.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\16 cast.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link okay] C:\DOCUME~1\PROPRI~1\APPLIC~1\BORETI~1\DUPE FRAG SCR.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TurboLaunch.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 8072 bytes
Merci bcp pour votre aide
Bonjour,
Télécharge Lop S&D.exe sur ton Bureau.
- Double-clique dessus pour lancer l'installation
- Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
Merci pour cette reponse si rapide !
voici le rapport :
------------------------------[ Lop S&D 2.0 ]----------------------------
Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
"C:\Program Files\Lop SD"
[ 03/12/2007 | 20:43:39,15 ] [ WAVRANT ]
-------------[ Listing des dossiers dans Application Data ]------------
C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
C:\Documents and Settings\All Users\APPLIC~1\Proxy Long Chin Ping
C:\Documents and Settings\All Users\APPLIC~1\Dupe About Kind Mp3
C:\Documents and Settings\All Users\APPLIC~1\TomTom
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\LauncherAccess.dt
C:\Documents and Settings\All Users\APPLIC~1\dog inter pile proxy
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Apple
C:\Documents and Settings\All Users\APPLIC~1\WinZip
C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\Windows Live Toolbar
C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\Sony Corporation
C:\Documents and Settings\All Users\APPLIC~1\Skype
C:\Documents and Settings\All Users\APPLIC~1\Symantec
C:\Documents and Settings\All Users\APPLIC~1\QuickTime
C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\Pinnacle
C:\Documents and Settings\All Users\APPLIC~1\SmartSound Software Inc
C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\Microsoft
C:\Documents and Settings\LocalService\APPLIC~1\Xfire
C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
C:\Documents and Settings\NetworkService\APPLIC~1\Xfire
C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
C:\Documents and Settings\NetworkService\APPLIC~1\Symantec
C:\Documents and Settings\PropriǸtaire\APPLIC~1\Macromedia
C:\Documents and Settings\Propri‚taire\APPLIC~1\Skype
C:\Documents and Settings\Propri‚taire\APPLIC~1\TurboLaunch_IconCache.dat
C:\Documents and Settings\Propri‚taire\APPLIC~1\teamspeak2
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active
C:\Documents and Settings\Propri‚taire\APPLIC~1\TomTom
C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
C:\Documents and Settings\Propri‚taire\APPLIC~1\Samsung
C:\Documents and Settings\Propri‚taire\APPLIC~1\Apple Computer
C:\Documents and Settings\Propri‚taire\APPLIC~1\Xfire
C:\Documents and Settings\Propri‚taire\APPLIC~1\FarStone
C:\Documents and Settings\Propri‚taire\APPLIC~1\Screenshot Sender
C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeUM
C:\Documents and Settings\Propri‚taire\APPLIC~1\Creative
C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
C:\Documents and Settings\Propri‚taire\APPLIC~1\Real
C:\Documents and Settings\Propri‚taire\APPLIC~1\Sun
C:\Documents and Settings\Propri‚taire\APPLIC~1\Sony Corporation
C:\Documents and Settings\Propri‚taire\APPLIC~1\Talkback
C:\Documents and Settings\Propri‚taire\APPLIC~1\Mozilla
C:\Documents and Settings\Propri‚taire\APPLIC~1\Macromedia
C:\Documents and Settings\Propri‚taire\APPLIC~1\Help
C:\Documents and Settings\Propri‚taire\APPLIC~1\Google
C:\Documents and Settings\Propri‚taire\APPLIC~1\.bittorrent
C:\Documents and Settings\Propri‚taire\APPLIC~1\Lavasoft
C:\Documents and Settings\Propri‚taire\APPLIC~1\Symantec
C:\Documents and Settings\Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini
C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\AB5217E1918595B9.job
C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
C:\Program Files\Adobe
C:\Program Files\AdorageI-GfxDatas
C:\Program Files\AdorageI-SAL
C:\Program Files\Apple Software Update
C:\Program Files\ASUSTeK
C:\Program Files\Audible
C:\Program Files\Belkin
C:\Program Files\BitTorrent
C:\Program Files\bore tick active
C:\Program Files\CCP
C:\Program Files\ComPlus Applications
C:\Program Files\Creative
C:\Program Files\DIFX
C:\Program Files\DivX
C:\Program Files\eMule
C:\Program Files\FarStone
C:\Program Files\Fichiers communs
C:\Program Files\FLVPlayer
C:\Program Files\Google
C:\Program Files\Gpotato.eu
C:\Program Files\GUILD WARS
C:\Program Files\HighMAT CD Writing Wizard
C:\Program Files\Ihsv
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\Jeux classiques
C:\Program Files\Lavasoft
C:\Program Files\Lop SD
C:\Program Files\Ludiclub
C:\Program Files\Maxis
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\No‰l Danjou
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\Pinnacle
C:\Program Files\proDAD
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Samsung
C:\Program Files\Services en ligne
C:\Program Files\Skype
C:\Program Files\SLD Codec Pack
C:\Program Files\SmartSound Software
C:\Program Files\Sony
C:\Program Files\Sony Corporation
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Symantec
C:\Program Files\SymNetDrv
C:\Program Files\Teamspeak2_RC2
C:\Program Files\THQ
C:\Program Files\TomTom HOME
C:\Program Files\TomTom HOME 2
C:\Program Files\Trend Micro
C:\Program Files\Trust
C:\Program Files\Tweak-XP Pro 4
C:\Program Files\Warcraft III
C:\Program Files\Windows Live
C:\Program Files\Windows Live Toolbar
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinHTTrack
C:\Program Files\WinRAR
C:\Program Files\WinZip
C:\Program Files\World of Warcraft
C:\Program Files\WoW-BurningCrusade-frFR-Full-Installer
C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\Blizzard Entertainment
C:\Program Files\Fichiers communs\Creative
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Wise Installation Wizard
C:\Program Files\Fichiers communs\xing shared
----------------------[ Recherche avec S_Lop ]---------------------
C:\Documents and Settings\All Users\APPLIC~1\Proxy Long Chin Ping\16 cast.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\DUPE FRAG SCR.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\frubwssb.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\joy does noun soft.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\mess acid dale.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\mess anti does.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\muupgrqr.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\prgemxxl.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\snheuuly.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\wynjiwmh.exe
C:\Documents and Settings\Propri‚taire\APPLIC~1\bore tick active\xcqwuerr.exe
C:\Documents and Settings\All Users\APPLIC~1\PROXYL~1
C:\Documents and Settings\Propri‚taire\APPLIC~1\BORETI~1
C:\Program Files\BORETI~1
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\WINDOWS\Tasks\AB5217E1918595B9.job
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Link okay"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\BORETI~1\\DUPE FRAG SCR.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHIN PING PHONE PILE"="C:\\Documents and Settings\\All Users\\Application Data\\Proxy Long Chin Ping\\16 cast.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-03 20:46:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport a 20:46:27,40 ]----------------------
Re,
Relance Lop S&D
- Choisis cette fois ci l'Option 2 (Suppression)
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Répondre à Angeldark
re,
Voici le nouveau rapport :
------------------------------[ Lop S&D 2.0 ]----------------------------
Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
"C:\Program Files\Lop SD"
[ 03/12/2007 | 21:21:07,95 ] [ WAVRANT ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\WINDOWS\Tasks\AB5217E1918595B9.job
Supprimé! - C:\Documents and Settings\All Users\APPLIC~1\PROXYL~1
Supprimé! - C:\Documents and Settings\Propri‚taire\APPLIC~1\BORETI~1
Supprimé! - C:\Program Files\BORETI~1
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
C:\Documents and Settings\All Users\APPLIC~1\Dupe About Kind Mp3
C:\Documents and Settings\All Users\APPLIC~1\TomTom
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\LauncherAccess.dt
C:\Documents and Settings\All Users\APPLIC~1\dog inter pile proxy
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Apple
C:\Documents and Settings\All Users\APPLIC~1\WinZip
C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\Windows Live Toolbar
C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\Sony Corporation
C:\Documents and Settings\All Users\APPLIC~1\Skype
C:\Documents and Settings\All Users\APPLIC~1\Symantec
C:\Documents and Settings\All Users\APPLIC~1\QuickTime
C:\Documents and Settings\All Users\APPLIC~1\Spybot - Search & Destroy
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\Pinnacle
C:\Documents and Settings\All Users\APPLIC~1\SmartSound Software Inc
C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\Microsoft
C:\Documents and Settings\LocalService\APPLIC~1\Xfire
C:\Documents and Settings\LocalService\APPLIC~1\Microsoft
C:\Documents and Settings\NetworkService\APPLIC~1\Xfire
C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft
C:\Documents and Settings\NetworkService\APPLIC~1\Symantec
C:\Documents and Settings\PropriǸtaire\APPLIC~1\Macromedia
C:\Documents and Settings\Propri‚taire\APPLIC~1\Skype
C:\Documents and Settings\Propri‚taire\APPLIC~1\TurboLaunch_IconCache.dat
C:\Documents and Settings\Propri‚taire\APPLIC~1\teamspeak2
C:\Documents and Settings\Propri‚taire\APPLIC~1\TomTom
C:\Documents and Settings\Propri‚taire\APPLIC~1\Microsoft
C:\Documents and Settings\Propri‚taire\APPLIC~1\Samsung
C:\Documents and Settings\Propri‚taire\APPLIC~1\Apple Computer
C:\Documents and Settings\Propri‚taire\APPLIC~1\Xfire
C:\Documents and Settings\Propri‚taire\APPLIC~1\FarStone
C:\Documents and Settings\Propri‚taire\APPLIC~1\Screenshot Sender
C:\Documents and Settings\Propri‚taire\APPLIC~1\AdobeUM
C:\Documents and Settings\Propri‚taire\APPLIC~1\Creative
C:\Documents and Settings\Propri‚taire\APPLIC~1\Adobe
C:\Documents and Settings\Propri‚taire\APPLIC~1\Real
C:\Documents and Settings\Propri‚taire\APPLIC~1\Sun
C:\Documents and Settings\Propri‚taire\APPLIC~1\Sony Corporation
C:\Documents and Settings\Propri‚taire\APPLIC~1\Talkback
C:\Documents and Settings\Propri‚taire\APPLIC~1\Mozilla
C:\Documents and Settings\Propri‚taire\APPLIC~1\Macromedia
C:\Documents and Settings\Propri‚taire\APPLIC~1\Help
C:\Documents and Settings\Propri‚taire\APPLIC~1\Google
C:\Documents and Settings\Propri‚taire\APPLIC~1\.bittorrent
C:\Documents and Settings\Propri‚taire\APPLIC~1\Lavasoft
C:\Documents and Settings\Propri‚taire\APPLIC~1\Symantec
C:\Documents and Settings\Propri‚taire\APPLIC~1\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\Propri‚taire\APPLIC~1\desktop.ini
C:\Documents and Settings\Propri‚taire\APPLIC~1\Identities
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
C:\Program Files\Adobe
C:\Program Files\AdorageI-GfxDatas
C:\Program Files\AdorageI-SAL
C:\Program Files\Apple Software Update
C:\Program Files\ASUSTeK
C:\Program Files\Audible
C:\Program Files\Belkin
C:\Program Files\BitTorrent
C:\Program Files\CCP
C:\Program Files\ComPlus Applications
C:\Program Files\Creative
C:\Program Files\DIFX
C:\Program Files\DivX
C:\Program Files\eMule
C:\Program Files\FarStone
C:\Program Files\Fichiers communs
C:\Program Files\FLVPlayer
C:\Program Files\Google
C:\Program Files\Gpotato.eu
C:\Program Files\GUILD WARS
C:\Program Files\HighMAT CD Writing Wizard
C:\Program Files\Ihsv
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\Jeux classiques
C:\Program Files\Lavasoft
C:\Program Files\Lop SD
C:\Program Files\Ludiclub
C:\Program Files\Maxis
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\NetMeeting
C:\Program Files\No‰l Danjou
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\Pinnacle
C:\Program Files\proDAD
C:\Program Files\QuickTime
C:\Program Files\Real
C:\Program Files\Samsung
C:\Program Files\Services en ligne
C:\Program Files\Skype
C:\Program Files\SLD Codec Pack
C:\Program Files\SmartSound Software
C:\Program Files\Sony
C:\Program Files\Sony Corporation
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Symantec
C:\Program Files\SymNetDrv
C:\Program Files\Teamspeak2_RC2
C:\Program Files\THQ
C:\Program Files\TomTom HOME
C:\Program Files\TomTom HOME 2
C:\Program Files\Trend Micro
C:\Program Files\Trust
C:\Program Files\Tweak-XP Pro 4
C:\Program Files\Warcraft III
C:\Program Files\Windows Live
C:\Program Files\Windows Live Toolbar
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinHTTrack
C:\Program Files\WinRAR
C:\Program Files\WinZip
C:\Program Files\World of Warcraft
C:\Program Files\WoW-BurningCrusade-frFR-Full-Installer
C:\Program Files\xerox
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Apple
C:\Program Files\Fichiers communs\Blizzard Entertainment
C:\Program Files\Fichiers communs\Creative
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Real
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sony Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Wise Installation Wizard
C:\Program Files\Fichiers communs\xing shared
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-03 21:22:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport a 21:22:35,21 ]----------------------
Merci beaucoup je n'ai plus de soucis
Ce n'est pas fini.
Reposte un rapport Hijackthis.
Répondre à Angeldark
Il y a 1818 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
