Problème avec Divocodec...

Problème avec Divocodec... - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

Dans la même thématique :

Ceci répond-il à votre question ? Oui | Non

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : Problème avec Divocodec...

watcha007

Profil : IDNaute

Plus d'informations

02-01-2008 à 18:43:08

Bonjour,

Alors breve description :

Bon certains vont râler car j'ai chopé ce virus en utilisant le P2P pour un film . Le problème c'est que pour lire ce film on m'a demander d'utiliser Divocodec...

Tel le boulet que je suis je ne me suis pas renseigné sur ce "Divocodec" et j'ai apris que c'était un fake...

mon Pare feu me bloque des injections de codes (HIPS) depuis que j'ai installé Divocodec.

Les dossiers qui les injecte sont Admin progam.exe ( que j'ai réussi a trouver mais je n'ose pas supprimer car soit c'est vraiment l'injecteur soit c'est un .exe vital au pc...)

Il y a un autre injecteur mais je neme souviens plus du nom...

En meme temps je voudrai savoir si ce virus...enfin quels sont ses effets ? Est-ce un propagateur de pub ? ou un truc du genre ? ou est plus grave ?

je vous serai vraiment reconnaissant de m'aider
Bonne journée

Message édité par watcha007 le 02-01-2008 à 19:06:09

Liens

XmichouX

Profil : Helper

Plus d'informations

02-01-2008 à 19:10:13

Masquer

Salut,

On va voir.

Télécharge Hijackthis (de Trend Micro)
Poste un rapport en suivant ce tuto.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

watcha007

Profil : IDNaute

Plus d'informations

02-01-2008 à 19:24:56

Masquer

Voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:26, on 02/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast\aswUpdSv.exe
C:\Program Files\Avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Avast\ashMaiSv.exe
C:\Program Files\Avast\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Avast\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\progra~1\steam\steam.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Cyril ze jibes king\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cu [...] earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.yahoo.com/fsc/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\browse data.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fsc-reminder.exe] C:\WINDOWS\reminder\fsc-reminder.exe 2453927 14
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam\steam.exe" -silent
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Drivedrv] C:\DOCUME~1\CYRILZ~1\APPLIC~1\MATHTR~1\Admin Program.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://elbucho007.spaces.live.com/ [...] nPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 11909 bytes

XmichouX

Profil : Helper

Plus d'informations

02-01-2008 à 20:05:21

Masquer

Re,

Infection Lop.

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

watcha007

Profil : IDNaute

Plus d'informations

02-01-2008 à 20:12:38

Masquer

voila :

-----------------------------[ Lop S&D 2.0.1 ]---------------------------

Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

"C:\Program Files\Lop SD"

[ 02/01/2008 | 20:08:03,65 ] [ CYRIL ]

-------------[ Listing des dossiers dans Application Data ]------------

C:\Documents and Settings\Administrateur\APPLIC~1\Macromedia
C:\Documents and Settings\Administrateur\APPLIC~1\Mozilla
C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft
C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
C:\Documents and Settings\Administrateur\APPLIC~1\Identities

C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\Tick Find Close Surf
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Apple
C:\Documents and Settings\All Users\APPLIC~1\FLEXnet
C:\Documents and Settings\All Users\APPLIC~1\YAHOO
C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\WindowsLiveInstaller
C:\Documents and Settings\All Users\APPLIC~1\HoleBalmDefaultFor
C:\Documents and Settings\All Users\APPLIC~1\FlashFXP
C:\Documents and Settings\All Users\APPLIC~1\CyberLink
C:\Documents and Settings\All Users\APPLIC~1\NCH Software
C:\Documents and Settings\All Users\APPLIC~1\NCH Swift Sound
C:\Documents and Settings\All Users\APPLIC~1\Yahoo! Companion
C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
C:\Documents and Settings\All Users\APPLIC~1\vsosdk
C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
C:\Documents and Settings\All Users\APPLIC~1\HP
C:\Documents and Settings\All Users\APPLIC~1\Sonic
C:\Documents and Settings\All Users\APPLIC~1\BOONTY
C:\Documents and Settings\All Users\APPLIC~1\Corel
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\Installer.log
C:\Documents and Settings\All Users\APPLIC~1\Sony Ericsson
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
C:\Documents and Settings\All Users\APPLIC~1\Ahead
C:\Documents and Settings\All Users\APPLIC~1\SBSI

C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Vso
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Adobe
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\mathtraydog
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\BitTorrent
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\PnkBstrK.sys
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\InstallShield Installation Information
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FileZilla
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Notepad++
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Sierra Entertainment
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\SecuROM
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Dev-Cpp
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.log
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\ezpinst.exe
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.cat
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.sys
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.inf
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\NCH Swift Sound
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Macromedia
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Microsoft
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Screenshot Sender
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Xfire
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\WinRAR
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Corel
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\AdobeUM
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\teamspeak2
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\HP
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Ahead
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Mozilla
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Nvu
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FastStone
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\iShell
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vlc
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\InstallShield
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\CoffeeCup Software
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Lavasoft
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Google
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FotoWire
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Leadertech
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Sun
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Apple Computer
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\CyberLink
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\MSNInstaller
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Identities
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Template
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Help
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\desktop.ini

C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\Microsoft
C:\Documents and Settings\Default User\APPLIC~1\Identities

C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[02/01/2008 20:00][--ah-----]C:\WINDOWS\tasks\8B091E0D84E691A5.job
[28/12/2007 15:00][--a------]C:\WINDOWS\tasks\Norton Security Scan.job
[31/12/2007 08:48][--a------]C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/01/2008 18:50][--ah-----]C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\3D Flash Animator 4 Release 6
C:\Program Files\ad-aware
C:\Program Files\Adobe
C:\Program Files\AGEIA Technologies
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Apple Software Update
C:\Program Files\Avast
C:\Program Files\BitTorrent
C:\Program Files\Bonjour
C:\Program Files\Bonjour(2)
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Program Files\CamStudio
C:\Program Files\CDBurnerXP Pro 3
C:\Program Files\Circle Developement
C:\Program Files\Codemasters
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\Corel
C:\Program Files\Counter-Strike 1.6
C:\Program Files\CyberLink
C:\Program Files\Cypron Studios
C:\Program Files\DAEMON Tools
C:\Program Files\Demo Battlefield 2
C:\Program Files\Digilex
C:\Program Files\Disc2Phone
C:\Program Files\DivX
C:\Program Files\DreamCatcher
C:\Program Files\EA GAMES
C:\Program Files\Electronic Arts
C:\Program Files\eMule
C:\Program Files\EPSON
C:\Program Files\EsetOnlineScanner
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla Client
C:\Program Files\GameSpy
C:\Program Files\GIMP-2.0
C:\Program Files\Google
C:\Program Files\Google earth
C:\Program Files\Graphex3
C:\Program Files\GUILD WARS
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\i tunes
C:\Program Files\illiminable
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\lda
C:\Program Files\LimeWire
C:\Program Files\Logitech
C:\Program Files\Lop SD
C:\Program Files\Ma‹do Production
C:\Program Files\MAIET
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerDiscovery
C:\Program Files\Micro Application
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\MultiProxy
C:\Program Files\NCH Software
C:\Program Files\NCH Swift Sound
C:\Program Files\NetMeeting
C:\Program Files\Norton Security Scan
C:\Program Files\Notepad++
C:\Program Files\Nvu
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Raccourcis de programmes
C:\Program Files\SAGEM
C:\Program Files\SAGEM Wi-Fi USB 802.11g
C:\Program Files\Serif
C:\Program Files\Services en ligne
C:\Program Files\Setup
C:\Program Files\SHARP GSM GPRS Wizard
C:\Program Files\Sierra On-Line
C:\Program Files\Sony Ericsson
C:\Program Files\SplitCam
C:\Program Files\Steam
C:\Program Files\Sunbelt Software
C:\Program Files\Team MediaPortal
C:\Program Files\test
C:\Program Files\Thomson
C:\Program Files\THQ
C:\Program Files\VCW VicMan's Photo Editor
C:\Program Files\VideoLAN
C:\Program Files\Vinum Master 2D Light
C:\Program Files\VirtualDJ
C:\Program Files\Visicom Media
C:\Program Files\vmntoolbar
C:\Program Files\vso
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Messager
C:\Program Files\Warhammer 40 K
C:\Program Files\webGobbler
C:\Program Files\Windows Live
C:\Program Files\Windows Live Safety Center
C:\Program Files\Windows Media Bonus Pack for Windows XP
C:\Program Files\Windows Media Components
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\EPSON
C:\Program Files\Fichiers communs\FotoWire
C:\Program Files\Fichiers communs\GTK
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\HP
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Macrovision Shared
C:\Program Files\Fichiers communs\Macrovision Shared(2)
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sonic Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Teleca Shared
C:\Program Files\Fichiers communs\Vbox
C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\MATHTR~1

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\WINDOWS\Tasks\8B091E0D84E691A5.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\grey site kind]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\CYRILZ~1\\APPLIC~1\\MATHTR~1\\Admin Program.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Drivedrv"="C:\\DOCUME~1\\CYRILZ~1\\APPLIC~1\\MATHTR~1\\Admin Program.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 20:11:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 20:11:40,78 ]----------------------

XmichouX

Profil : Helper

Plus d'informations

02-01-2008 à 21:08:11

Masquer

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

watcha007

Profil : IDNaute

Plus d'informations

02-01-2008 à 21:30:17

Masquer

-----------------------------[ Lop S&D 2.0.1 ]---------------------------

Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]

"C:\Program Files\Lop SD"

[ 02/01/2008 | 21:25:28,28 ] [ CYRIL ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\WINDOWS\Tasks\8B091E0D84E691A5.job
Supprimé! - C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\MATHTR~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

C:\Documents and Settings\Administrateur\APPLIC~1\Macromedia
C:\Documents and Settings\Administrateur\APPLIC~1\Mozilla
C:\Documents and Settings\Administrateur\APPLIC~1\Microsoft
C:\Documents and Settings\Administrateur\APPLIC~1\desktop.ini
C:\Documents and Settings\Administrateur\APPLIC~1\Identities

C:\Documents and Settings\All Users\APPLIC~1\Adobe
C:\Documents and Settings\All Users\APPLIC~1\Tick Find Close Surf
C:\Documents and Settings\All Users\APPLIC~1\Apple Computer
C:\Documents and Settings\All Users\APPLIC~1\Apple
C:\Documents and Settings\All Users\APPLIC~1\FLEXnet
C:\Documents and Settings\All Users\APPLIC~1\YAHOO
C:\Documents and Settings\All Users\APPLIC~1\nView_Profiles
C:\Documents and Settings\All Users\APPLIC~1\Messenger Plus!
C:\Documents and Settings\All Users\APPLIC~1\Microsoft
C:\Documents and Settings\All Users\APPLIC~1\WindowsLiveInstaller
C:\Documents and Settings\All Users\APPLIC~1\HoleBalmDefaultFor
C:\Documents and Settings\All Users\APPLIC~1\FlashFXP
C:\Documents and Settings\All Users\APPLIC~1\CyberLink
C:\Documents and Settings\All Users\APPLIC~1\NCH Software
C:\Documents and Settings\All Users\APPLIC~1\NCH Swift Sound
C:\Documents and Settings\All Users\APPLIC~1\Yahoo! Companion
C:\Documents and Settings\All Users\APPLIC~1\WLInstaller
C:\Documents and Settings\All Users\APPLIC~1\vsosdk
C:\Documents and Settings\All Users\APPLIC~1\hpzinstall.log
C:\Documents and Settings\All Users\APPLIC~1\HP
C:\Documents and Settings\All Users\APPLIC~1\Sonic
C:\Documents and Settings\All Users\APPLIC~1\BOONTY
C:\Documents and Settings\All Users\APPLIC~1\Corel
C:\Documents and Settings\All Users\APPLIC~1\Google
C:\Documents and Settings\All Users\APPLIC~1\Installer.log
C:\Documents and Settings\All Users\APPLIC~1\Sony Ericsson
C:\Documents and Settings\All Users\APPLIC~1\Windows Genuine Advantage
C:\Documents and Settings\All Users\APPLIC~1\desktop.ini
C:\Documents and Settings\All Users\APPLIC~1\Ahead
C:\Documents and Settings\All Users\APPLIC~1\SBSI

C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Vso
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Adobe
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\BitTorrent
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\PnkBstrK.sys
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\InstallShield Installation Information
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FileZilla
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Notepad++
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\wklnhst.dat
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Sierra Entertainment
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\SecuROM
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Dev-Cpp
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.log
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.cat
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\ezpinst.exe
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.inf
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\pcouffin.sys
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\NCH Swift Sound
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Macromedia
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Microsoft
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Screenshot Sender
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Xfire
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\WinRAR
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Corel
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\AdobeUM
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\teamspeak2
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\HP
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Ahead
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Mozilla
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Nvu
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FastStone
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\iShell
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vlc
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\InstallShield
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\CoffeeCup Software
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Lavasoft
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Google
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\FotoWire
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Leadertech
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Sun
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Apple Computer
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\CyberLink
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\MSNInstaller
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Identities
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Template
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\Help
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\desktop.ini

C:\Documents and Settings\Default User\APPLIC~1\desktop.ini
C:\Documents and Settings\Default User\APPLIC~1\Microsoft
C:\Documents and Settings\Default User\APPLIC~1\Identities

C:\Documents and Settings\LocalService\APPLIC~1\Microsoft

C:\Documents and Settings\NetworkService\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/12/2007 15:00][--a------]C:\WINDOWS\tasks\Norton Security Scan.job
[31/12/2007 08:48][--a------]C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[02/01/2008 18:50][--ah-----]C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----]C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\3D Flash Animator 4 Release 6
C:\Program Files\ad-aware
C:\Program Files\Adobe
C:\Program Files\AGEIA Technologies
C:\Program Files\Ahead
C:\Program Files\Alcohol Soft
C:\Program Files\Apple Software Update
C:\Program Files\Avast
C:\Program Files\BitTorrent
C:\Program Files\Bonjour
C:\Program Files\Bonjour(2)
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Program Files\CamStudio
C:\Program Files\CDBurnerXP Pro 3
C:\Program Files\Circle Developement
C:\Program Files\Codemasters
C:\Program Files\Common Files
C:\Program Files\ComPlus Applications
C:\Program Files\Corel
C:\Program Files\Counter-Strike 1.6
C:\Program Files\CyberLink
C:\Program Files\Cypron Studios
C:\Program Files\DAEMON Tools
C:\Program Files\Demo Battlefield 2
C:\Program Files\Digilex
C:\Program Files\Disc2Phone
C:\Program Files\DivX
C:\Program Files\DreamCatcher
C:\Program Files\EA GAMES
C:\Program Files\Electronic Arts
C:\Program Files\eMule
C:\Program Files\EPSON
C:\Program Files\EsetOnlineScanner
C:\Program Files\Fichiers communs
C:\Program Files\FileZilla Client
C:\Program Files\GameSpy
C:\Program Files\GIMP-2.0
C:\Program Files\Google
C:\Program Files\Google earth
C:\Program Files\Graphex3
C:\Program Files\GUILD WARS
C:\Program Files\Hewlett-Packard
C:\Program Files\HP
C:\Program Files\i tunes
C:\Program Files\illiminable
C:\Program Files\Internet Explorer
C:\Program Files\Java
C:\Program Files\lda
C:\Program Files\LimeWire
C:\Program Files\Logitech
C:\Program Files\Lop SD
C:\Program Files\Ma‹do Production
C:\Program Files\MAIET
C:\Program Files\Messenger Plus! Live
C:\Program Files\MessengerDiscovery
C:\Program Files\Micro Application
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN Apps
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSXML 4.0
C:\Program Files\MultiProxy
C:\Program Files\NCH Software
C:\Program Files\NCH Swift Sound
C:\Program Files\NetMeeting
C:\Program Files\Norton Security Scan
C:\Program Files\Notepad++
C:\Program Files\Nvu
C:\Program Files\Online Services
C:\Program Files\Outlook Express
C:\Program Files\QuickTime
C:\Program Files\Raccourcis de programmes
C:\Program Files\SAGEM
C:\Program Files\SAGEM Wi-Fi USB 802.11g
C:\Program Files\Serif
C:\Program Files\Services en ligne
C:\Program Files\Setup
C:\Program Files\SHARP GSM GPRS Wizard
C:\Program Files\Sierra On-Line
C:\Program Files\Sony Ericsson
C:\Program Files\SplitCam
C:\Program Files\Steam
C:\Program Files\Sunbelt Software
C:\Program Files\Team MediaPortal
C:\Program Files\test
C:\Program Files\Thomson
C:\Program Files\THQ
C:\Program Files\VCW VicMan's Photo Editor
C:\Program Files\VideoLAN
C:\Program Files\Vinum Master 2D Light
C:\Program Files\VirtualDJ
C:\Program Files\Visicom Media
C:\Program Files\vmntoolbar
C:\Program Files\vso
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Messager
C:\Program Files\Warhammer 40 K
C:\Program Files\webGobbler
C:\Program Files\Windows Live
C:\Program Files\Windows Live Safety Center
C:\Program Files\Windows Media Bonus Pack for Windows XP
C:\Program Files\Windows Media Components
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\xerox
C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

C:\Program Files\Fichiers communs\Adobe
C:\Program Files\Fichiers communs\Ahead
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\DESIGNER
C:\Program Files\Fichiers communs\EPSON
C:\Program Files\Fichiers communs\FotoWire
C:\Program Files\Fichiers communs\GTK
C:\Program Files\Fichiers communs\Hewlett-Packard
C:\Program Files\Fichiers communs\HP
C:\Program Files\Fichiers communs\InstallShield
C:\Program Files\Fichiers communs\Java
C:\Program Files\Fichiers communs\Logitech
C:\Program Files\Fichiers communs\Macrovision Shared
C:\Program Files\Fichiers communs\Macrovision Shared(2)
C:\Program Files\Fichiers communs\Microsoft Shared
C:\Program Files\Fichiers communs\MSSoap
C:\Program Files\Fichiers communs\ODBC
C:\Program Files\Fichiers communs\Services
C:\Program Files\Fichiers communs\Sonic Shared
C:\Program Files\Fichiers communs\SpeechEngines
C:\Program Files\Fichiers communs\Symantec Shared
C:\Program Files\Fichiers communs\System
C:\Program Files\Fichiers communs\Teleca Shared
C:\Program Files\Fichiers communs\Vbox
C:\Program Files\Fichiers communs\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-02 21:29:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 21:29:34,76 ]----------------------

XmichouX

Profil : Helper

Plus d'informations

02-01-2008 à 21:41:36

Masquer

Re,

Télécharge OTMoveIt > Tuto <

Sauvegarde-le sur le Bureau

Séléctionne l'encadré ci-dessous

C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Windows Live Safety Center
C:\Program Files\vmntoolbar
C:\Program Files\Boonty
C:\Documents and Settings\All Users\APPLIC~1\BOONTY
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar
C:\Documents and Settings\All Users\APPLIC~1\Tick Find Close Surf

Lance maintenant OTMoveIt .
Assure toi que la case unregister dll’s and ocx’s soit cochée.
Deux cadres apparaissent , clique droit sur le cadre de gauche , puis colle l'encadré ci desssus.
Et clique sur Movelt !

Si le programme te demande de redemarrer, accepte.

Poste le rapport qui se trouve dans : C:\_OTMoveIt\MovedFiles\date de création!

NOTE : Si tu obtiens un message comme quoi le rapport ne peut pas être créé, copie/colle ce qui apparaît dans la colonne droite de l’outil.

Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt

Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité/Prévention

watcha007

Profil : IDNaute

Plus d'informations

02-01-2008 à 21:54:12

Masquer

le rapport Otmovelt :

C:\Program Files\Fichiers communs\BOONTY Shared\Service moved successfully.
C:\Program Files\Fichiers communs\BOONTY Shared moved successfully.
C:\Program Files\Windows Live Safety Center moved successfully.
C:\Program Files\vmntoolbar moved successfully.
C:\Program Files\Boonty\Components moved successfully.
C:\Program Files\Boonty moved successfully.
C:\Documents and Settings\All Users\APPLIC~1\BOONTY\Licenses moved successfully.
C:\Documents and Settings\All Users\APPLIC~1\BOONTY moved successfully.
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar\NewCfg moved successfully.
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar\downfile moved successfully.
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar\1 moved successfully.
C:\Documents and Settings\Cyril ze jibes king\APPLIC~1\vmntoolbar moved successfully.
C:\Documents and Settings\All Users\APPLIC~1\Tick Find Close Surf moved successfully.

Created on 01/02/2008 21:45:13
-------------------------------------------------------------------------------------

le rapport Clean :

02/01/2008 a 21:48:44,18

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\Documents and Settings\Cyril ze jibes king\Application Data\ezpinst.exe" FOUND

*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !

XmichouX

Profil : Helper

Plus d'informations

Messages similaires

Dans l'actualité

Les téléchargements

Les dernières actualités

Les derniers dossiers

Messages similaires

Dans l'actualité

Les téléchargements

Les dernières actualités

Les derniers dossiers

Merci