Tom's Guide > Forum > Sécurité - Virus > virus iexplorer

virus iexplorer

Forum Sécurité - Virus : virus iexplorer

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
ambar24   31-01-2008 à 18:39:32

Bonjour tout le monde! Comme de nombreux internautes me voila avrc un probleme de virus. Dans mon gestionnaire des taches 2 processus nommés iexplorer sont présents alors que je n'utilise pas IE. Je n'arrive pas à les retirer et ces processus me font rammer mon UC. Merci d'avance pour votre aide!

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Angeldark   31-01-2008 à 19:27:50
- 0 +

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ambar24   31-01-2008 à 19:38:52
- 0 +

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:39, on 30/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Pantone\huey\hueyTray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Activedog] "C:\ProgramData\does less less.dacqvl"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hueyTray.lnk = C:\Program Files\Pantone\huey\hueyTray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

Répondre à ambar24
ambar24   31-01-2008 à 19:39:26
- 0 +

voila, et merci d'avance pour ton aide^^

Répondre à ambar24
Angeldark   31-01-2008 à 21:21:59
- 0 +

Commence par désactiver l'UAC.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ambar24   31-01-2008 à 21:50:19
- 0 +

désolé mais je suis un novice donc pourrais tu me dire ce qu'est l'UAC
merci

Répondre à ambar24
ambar24   31-01-2008 à 21:57:04
- 0 +

C'est bon, j'ai trouvé et je viens de le désactiver

Répondre à ambar24
ambar24   31-01-2008 à 22:08:22
- 0 +

merci je me suis renseigné la aussi

Répondre à ambar24
Angeldark   31-01-2008 à 22:50:11
- 0 +

Fais ça maintenant :

Télécharge : http://eric.71.mespages.googlepages.com/LopSDV.zip
Dézippe le sur ton bureau , ouvre le dossier Lop SD
double clique sur Lop S&D.cmd ( le .cmd peut ne pas apparaitre )
laisse faire le scan et poste le rapport

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ambar24   01-02-2008 à 10:11:13
- 0 +


-----------------------------[ Lop S&D V01 ]---------------------------

Microsoft Windows [version 6.0.6000] [ OS : Windows_NT ]

"C:\Users\Florent\Desktop\Lop SD"

[ 01/02/2008 | 10:08:54,21 ] [ PC-DE-FLORENT ]


-------------[ Listing des dossiers dans Application Data ]------------

C:\Users\Florent\AppData\Roaming\.myPANTONE palettes\logo.jpg
C:\Users\Florent\AppData\Roaming\.myPANTONE palettes\myPANTONE palettes.dat
C:\Users\Florent\AppData\Roaming\Adobe\Acrobat
C:\Users\Florent\AppData\Roaming\Adobe\After Effects
C:\Users\Florent\AppData\Roaming\Adobe\CameraRaw
C:\Users\Florent\AppData\Roaming\Adobe\ESD
C:\Users\Florent\AppData\Roaming\Adobe\FileBrowser
C:\Users\Florent\AppData\Roaming\Adobe\ImageReady
C:\Users\Florent\AppData\Roaming\Adobe\Lightroom
C:\Users\Florent\AppData\Roaming\Adobe\Photoshop
C:\Users\Florent\AppData\Roaming\Adobe\Workflow
C:\Users\Florent\AppData\Roaming\Apple Computer\iTunes
C:\Users\Florent\AppData\Roaming\avetoasts.ini\avetoasts.ini
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_2nhucxq5xfpcrsl4lmrgwzv5vg3vfdve
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_eu3mxvfhfqhgx1q5cm5pznz3u5geaxdf
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_foil4alctwwhzqzc5w3i4g32s5hh3igu
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_gowy5l350zvueo2grw4krsllc34xptx0
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_t5kvkxjpoo3oi0ygr2z0zrnxabnhyit5
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_xwhvjpotxtbraub2ytxjkyg0hptbw0ea
C:\Users\Florent\AppData\Roaming\CursorArts\IconForge
C:\Users\Florent\AppData\Roaming\DeepBurner\config.cfg
C:\Users\Florent\AppData\Roaming\DeepBurner\DeepBurner.log
C:\Users\Florent\AppData\Roaming\DivX\DivX Codec
C:\Users\Florent\AppData\Roaming\DivX\DivX Player
C:\Users\Florent\AppData\Roaming\dvdcss\CACHEDIR.TAG
C:\Users\Florent\AppData\Roaming\dvdcss\SONY_DVD_RECORDER_VOLUME-2007071218002700
C:\Users\Florent\AppData\Roaming\fdrtools.com\.prefs
C:\Users\Florent\AppData\Roaming\fdrtools.com\arguments.txt
C:\Users\Florent\AppData\Roaming\fdrtools.com\fdrgui 2.0.2
C:\Users\Florent\AppData\Roaming\fdrtools.com\fdrgui 2.0.2.prefs
C:\Users\Florent\AppData\Roaming\FileZilla\filezilla.xml
C:\Users\Florent\AppData\Roaming\FileZilla\filters.xml
C:\Users\Florent\AppData\Roaming\FileZilla\layout.xml
C:\Users\Florent\AppData\Roaming\FileZilla\queue.xml
C:\Users\Florent\AppData\Roaming\FileZilla\recentservers.xml
C:\Users\Florent\AppData\Roaming\FileZilla\sitemanager.xml
C:\Users\Florent\AppData\Roaming\Identities\{5CBA3510-8A5C-489E-B0BE-2F389F5FA8C4}
C:\Users\Florent\AppData\Roaming\InstallShield\ISEngine12.0
C:\Users\Florent\AppData\Roaming\LimeWire\.AppSpecialShare
C:\Users\Florent\AppData\Roaming\LimeWire\.NetworkShare
C:\Users\Florent\AppData\Roaming\LimeWire\414splashfree.png
C:\Users\Florent\AppData\Roaming\LimeWire\active.mojito
C:\Users\Florent\AppData\Roaming\LimeWire\createtimes.cache
C:\Users\Florent\AppData\Roaming\LimeWire\fileurns.bak
C:\Users\Florent\AppData\Roaming\LimeWire\fileurns.cache
C:\Users\Florent\AppData\Roaming\LimeWire\filters.props
C:\Users\Florent\AppData\Roaming\LimeWire\gnutella.net
C:\Users\Florent\AppData\Roaming\LimeWire\installation.props
C:\Users\Florent\AppData\Roaming\LimeWire\library.dat
C:\Users\Florent\AppData\Roaming\LimeWire\limewire.props
C:\Users\Florent\AppData\Roaming\LimeWire\mojito.props
C:\Users\Florent\AppData\Roaming\LimeWire\passive.mojito
C:\Users\Florent\AppData\Roaming\LimeWire\questions.props
C:\Users\Florent\AppData\Roaming\LimeWire\responses.cache
C:\Users\Florent\AppData\Roaming\LimeWire\simpp.xml
C:\Users\Florent\AppData\Roaming\LimeWire\spam.dat
C:\Users\Florent\AppData\Roaming\LimeWire\tables.props
C:\Users\Florent\AppData\Roaming\LimeWire\themes
C:\Users\Florent\AppData\Roaming\LimeWire\ttree.cache
C:\Users\Florent\AppData\Roaming\LimeWire\version.xml
C:\Users\Florent\AppData\Roaming\LimeWire\xml
C:\Users\Florent\AppData\Roaming\Macromedia\Flash Player
C:\Users\Florent\AppData\Roaming\MAGIX\C_Music_Manager_2007
C:\Users\Florent\AppData\Roaming\MAGIX\Video_deluxe_2008_PLUS
C:\Users\Florent\AppData\Roaming\Mozilla\Firefox
C:\Users\Florent\AppData\Roaming\Mozilla\pluginreg.dat
C:\Users\Florent\AppData\Roaming\Mozilla\Profiles
C:\Users\Florent\AppData\Roaming\Mozilla\registry.dat
C:\Users\Florent\AppData\Roaming\Mozilla\Sunbird
C:\Users\Florent\AppData\Roaming\Nokia\ContactsEditor
C:\Users\Florent\AppData\Roaming\Nokia\GetConnectedWizard
C:\Users\Florent\AppData\Roaming\Nokia\Music Manager
C:\Users\Florent\AppData\Roaming\Nokia\PCSync
C:\Users\Florent\AppData\Roaming\Nokia Multimedia Player\Recent.npl
C:\Users\Florent\AppData\Roaming\nvModes.001\nvModes.001
C:\Users\Florent\AppData\Roaming\nvModes.dat\nvModes.dat
C:\Users\Florent\AppData\Roaming\Pantone\huey
C:\Users\Florent\AppData\Roaming\PC Suite\353946012642721
C:\Users\Florent\AppData\Roaming\PC Suite\Settings
C:\Users\Florent\AppData\Roaming\Songbird1\Crash Reports
C:\Users\Florent\AppData\Roaming\Songbird1\Profiles
C:\Users\Florent\AppData\Roaming\Songbird1\profiles.ini
C:\Users\Florent\AppData\Roaming\Talkback\MozillaOrg
C:\Users\Florent\AppData\Roaming\Thunderbird\Profiles
C:\Users\Florent\AppData\Roaming\Thunderbird\profiles.ini
C:\Users\Florent\AppData\Roaming\Thunderbird\registry.dat
C:\Users\Florent\AppData\Roaming\vlc\cache
C:\Users\Florent\AppData\Roaming\vlc\vlcrc
C:\Users\Florent\AppData\Roaming\XnView\category.bak
C:\Users\Florent\AppData\Roaming\XnView\category.db
C:\Users\Florent\AppData\Roaming\XnView\XnView.db
C:\Users\Florent\AppData\Roaming\XnView\xnview.ini

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\Windows\tasks\User_Feed_Synchronization-{B23C60A6-FBBD-4139-9819-E1494536683F}.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
C:\ProgramData\Adobe
C:\ProgramData\Apple
C:\ProgramData\Apple Computer
C:\ProgramData\Application Data
C:\ProgramData\Axis that
C:\ProgramData\Bureau
C:\ProgramData\CanonBJ
C:\ProgramData\CanonCP
C:\ProgramData\Desktop
C:\ProgramData\Documents
C:\ProgramData\does less less.67xhyc
C:\ProgramData\does less less.dacqvl
C:\ProgramData\does less less.lejv4n
C:\ProgramData\eMule
C:\ProgramData\Favoris
C:\ProgramData\Favorites
C:\ProgramData\Google
C:\ProgramData\Grid Blue Memo Site
C:\ProgramData\Installations
C:\ProgramData\Lavasoft
C:\ProgramData\Logishrd
C:\ProgramData\Logitech
C:\ProgramData\Macrovision
C:\ProgramData\MAGIX
C:\ProgramData\McAfee
C:\ProgramData\Menu D‚marrer
C:\ProgramData\Microsoft
C:\ProgramData\Microsoft Help
C:\ProgramData\ModŠles
C:\ProgramData\PC Suite
C:\ProgramData\Pinnacle
C:\ProgramData\Setup Bend Option.j04q1ko
C:\ProgramData\SongbirdVLC
C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\Start Menu
C:\ProgramData\Templates
C:\ProgramData\Windows Genuine Advantage
C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
C:\Program Files\ActivIcons
C:\Program Files\Adobe
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\Astonsoft
C:\Program Files\AusLogics Disk Defrag
C:\Program Files\Azureus
C:\Program Files\CanonBJ
C:\Program Files\CCleaner
C:\Program Files\Clavier+
C:\Program Files\Common Files
C:\Program Files\CyberLink
C:\Program Files\desktop.ini
C:\Program Files\DIFX
C:\Program Files\DivX
C:\Program Files\Duplicate Music Files Finder
C:\Program Files\eMule
C:\Program Files\Fichiers communs
C:\Program Files\Free iPod Video Converter
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\InstallShield Installation Information
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iPodConverter
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\Lavasoft
C:\Program Files\LimeWire
C:\Program Files\MAGIX
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Small Business
C:\Program Files\Microsoft SQL Server
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\Mozilla Sunbird
C:\Program Files\Mozilla Thunderbird
C:\Program Files\mozilla.org
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSXML 4.0
C:\Program Files\Nokia
C:\Program Files\OrangeHSS
C:\Program Files\Pantone
C:\Program Files\PC Connectivity Solution
C:\Program Files\PENTAX
C:\Program Files\PENTAX Corporation
C:\Program Files\Photomatix
C:\Program Files\ProtectDisc Driver Installer
C:\Program Files\QuickTime
C:\Program Files\Realtek
C:\Program Files\Reference Assemblies
C:\Program Files\Samsung
C:\Program Files\Songbird
C:\Program Files\Sony Ericsson
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Stardock
C:\Program Files\Synaptics
C:\Program Files\The GodFather
C:\Program Files\Trend Micro
C:\Program Files\Uninstall Information
C:\Program Files\VideoLAN
C:\Program Files\vLite
C:\Program Files\Windows Calendar
C:\Program Files\Windows Collaboration
C:\Program Files\Windows Defender
C:\Program Files\Windows Journal
C:\Program Files\Windows Live
C:\Program Files\Windows Mail
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Photo Gallery
C:\Program Files\Windows Sidebar
C:\Program Files\WinRAR
C:\Program Files\XBudget
C:\Program Files\XnView

---------------[ C:\Program Files\Common Files ]--------------

C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\Adobe Systems Shared
C:\Program Files\Common Files\Apple
C:\Program Files\Common Files\DESIGNER
C:\Program Files\Common Files\France Telecom
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\Java
C:\Program Files\Common Files\MAGIX Shared
C:\Program Files\Common Files\microsoft shared
C:\Program Files\Common Files\MSSoap
C:\Program Files\Common Files\Nokia
C:\Program Files\Common Files\PCSuite
C:\Program Files\Common Files\PX Storage Engine
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\Stardock
C:\Program Files\Common Files\System
C:\Program Files\Common Files\Vbox
C:\Program Files\Common Files\WindowsLiveInstaller
C:\Program Files\Common Files\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\does less less.67xhyc
C:\ProgramData\does less less.dacqvl

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\uninstall\bows ref error]
"DisplayName"="CiD Help"
"UninstallString"="C:\\PROGRA~2\\AXISTH~1\\windowexit.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Activedog"="\"C:\\ProgramData\\does less less.dacqvl\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 localhost
::1 localhost

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 10:10:34
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 10:10:48,35 ]----------------------

Répondre à ambar24
ambar24   01-02-2008 à 10:11:58
- 0 +

au fait, sa ma fait apparaitre un virus que j'ai tout de suite supprimer. Est-ce normal?

Répondre à ambar24
Angeldark   01-02-2008 à 14:02:36
- 0 +

Il faut désactive ton antivirus. Passe l'option 2 maintenant :)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
ambar24   01-02-2008 à 14:46:15
- 0 +


-----------------------------[ Lop S&D V01 ]---------------------------

Microsoft Windows [version 6.0.6000] [ OS : Windows_NT ]

"C:\Users\Florent\Desktop\Lop SD"

[ 01/02/2008 | 14:44:17,55 ] [ PC-DE-FLORENT ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload
Supprimé! - C:\ProgramData\does less less.67xhyc
Supprimé! - C:\ProgramData\does less less.dacqvl
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

C:\Users\Florent\AppData\Roaming\.myPANTONE palettes\logo.jpg
C:\Users\Florent\AppData\Roaming\.myPANTONE palettes\myPANTONE palettes.dat
C:\Users\Florent\AppData\Roaming\Adobe\Acrobat
C:\Users\Florent\AppData\Roaming\Adobe\After Effects
C:\Users\Florent\AppData\Roaming\Adobe\CameraRaw
C:\Users\Florent\AppData\Roaming\Adobe\ESD
C:\Users\Florent\AppData\Roaming\Adobe\FileBrowser
C:\Users\Florent\AppData\Roaming\Adobe\ImageReady
C:\Users\Florent\AppData\Roaming\Adobe\Lightroom
C:\Users\Florent\AppData\Roaming\Adobe\Photoshop
C:\Users\Florent\AppData\Roaming\Adobe\Workflow
C:\Users\Florent\AppData\Roaming\Apple Computer\iTunes
C:\Users\Florent\AppData\Roaming\avetoasts.ini\avetoasts.ini
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_2nhucxq5xfpcrsl4lmrgwzv5vg3vfdve
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_eu3mxvfhfqhgx1q5cm5pznz3u5geaxdf
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_foil4alctwwhzqzc5w3i4g32s5hh3igu
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_gowy5l350zvueo2grw4krsllc34xptx0
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_t5kvkxjpoo3oi0ygr2z0zrnxabnhyit5
C:\Users\Florent\AppData\Roaming\Bao_Nguyen\Switcher.exe_Url_xwhvjpotxtbraub2ytxjkyg0hptbw0ea
C:\Users\Florent\AppData\Roaming\CursorArts\IconForge
C:\Users\Florent\AppData\Roaming\DeepBurner\config.cfg
C:\Users\Florent\AppData\Roaming\DeepBurner\DeepBurner.log
C:\Users\Florent\AppData\Roaming\DivX\DivX Codec
C:\Users\Florent\AppData\Roaming\DivX\DivX Player
C:\Users\Florent\AppData\Roaming\dvdcss\CACHEDIR.TAG
C:\Users\Florent\AppData\Roaming\dvdcss\SONY_DVD_RECORDER_VOLUME-2007071218002700
C:\Users\Florent\AppData\Roaming\fdrtools.com\.prefs
C:\Users\Florent\AppData\Roaming\fdrtools.com\arguments.txt
C:\Users\Florent\AppData\Roaming\fdrtools.com\fdrgui 2.0.2
C:\Users\Florent\AppData\Roaming\fdrtools.com\fdrgui 2.0.2.prefs
C:\Users\Florent\AppData\Roaming\FileZilla\filezilla.xml
C:\Users\Florent\AppData\Roaming\FileZilla\filters.xml
C:\Users\Florent\AppData\Roaming\FileZilla\layout.xml
C:\Users\Florent\AppData\Roaming\FileZilla\queue.xml
C:\Users\Florent\AppData\Roaming\FileZilla\recentservers.xml
C:\Users\Florent\AppData\Roaming\FileZilla\sitemanager.xml
C:\Users\Florent\AppData\Roaming\Identities\{5CBA3510-8A5C-489E-B0BE-2F389F5FA8C4}
C:\Users\Florent\AppData\Roaming\InstallShield\ISEngine12.0
C:\Users\Florent\AppData\Roaming\LimeWire\.AppSpecialShare
C:\Users\Florent\AppData\Roaming\LimeWire\.NetworkShare
C:\Users\Florent\AppData\Roaming\LimeWire\414splashfree.png
C:\Users\Florent\AppData\Roaming\LimeWire\active.mojito
C:\Users\Florent\AppData\Roaming\LimeWire\createtimes.cache
C:\Users\Florent\AppData\Roaming\LimeWire\fileurns.bak
C:\Users\Florent\AppData\Roaming\LimeWire\fileurns.cache
C:\Users\Florent\AppData\Roaming\LimeWire\filters.props
C:\Users\Florent\AppData\Roaming\LimeWire\gnutella.net
C:\Users\Florent\AppData\Roaming\LimeWire\installation.props
C:\Users\Florent\AppData\Roaming\LimeWire\library.dat
C:\Users\Florent\AppData\Roaming\LimeWire\limewire.props
C:\Users\Florent\AppData\Roaming\LimeWire\mojito.props
C:\Users\Florent\AppData\Roaming\LimeWire\passive.mojito
C:\Users\Florent\AppData\Roaming\LimeWire\questions.props
C:\Users\Florent\AppData\Roaming\LimeWire\responses.cache
C:\Users\Florent\AppData\Roaming\LimeWire\simpp.xml
C:\Users\Florent\AppData\Roaming\LimeWire\spam.dat
C:\Users\Florent\AppData\Roaming\LimeWire\tables.props
C:\Users\Florent\AppData\Roaming\LimeWire\themes
C:\Users\Florent\AppData\Roaming\LimeWire\ttree.cache
C:\Users\Florent\AppData\Roaming\LimeWire\version.xml
C:\Users\Florent\AppData\Roaming\LimeWire\xml
C:\Users\Florent\AppData\Roaming\Macromedia\Flash Player
C:\Users\Florent\AppData\Roaming\MAGIX\C_Music_Manager_2007
C:\Users\Florent\AppData\Roaming\MAGIX\Video_deluxe_2008_PLUS
C:\Users\Florent\AppData\Roaming\Mozilla\Firefox
C:\Users\Florent\AppData\Roaming\Mozilla\pluginreg.dat
C:\Users\Florent\AppData\Roaming\Mozilla\Profiles
C:\Users\Florent\AppData\Roaming\Mozilla\registry.dat
C:\Users\Florent\AppData\Roaming\Mozilla\Sunbird
C:\Users\Florent\AppData\Roaming\Nokia\ContactsEditor
C:\Users\Florent\AppData\Roaming\Nokia\GetConnectedWizard
C:\Users\Florent\AppData\Roaming\Nokia\Music Manager
C:\Users\Florent\AppData\Roaming\Nokia\PCSync
C:\Users\Florent\AppData\Roaming\Nokia Multimedia Player\Recent.npl
C:\Users\Florent\AppData\Roaming\nvModes.001\nvModes.001
C:\Users\Florent\AppData\Roaming\nvModes.dat\nvModes.dat
C:\Users\Florent\AppData\Roaming\Pantone\huey
C:\Users\Florent\AppData\Roaming\PC Suite\353946012642721
C:\Users\Florent\AppData\Roaming\PC Suite\Settings
C:\Users\Florent\AppData\Roaming\Songbird1\Crash Reports
C:\Users\Florent\AppData\Roaming\Songbird1\Profiles
C:\Users\Florent\AppData\Roaming\Songbird1\profiles.ini
C:\Users\Florent\AppData\Roaming\Talkback\MozillaOrg
C:\Users\Florent\AppData\Roaming\Thunderbird\Profiles
C:\Users\Florent\AppData\Roaming\Thunderbird\profiles.ini
C:\Users\Florent\AppData\Roaming\Thunderbird\registry.dat
C:\Users\Florent\AppData\Roaming\vlc\cache
C:\Users\Florent\AppData\Roaming\vlc\vlcrc
C:\Users\Florent\AppData\Roaming\XnView\category.bak
C:\Users\Florent\AppData\Roaming\XnView\category.db
C:\Users\Florent\AppData\Roaming\XnView\XnView.db
C:\Users\Florent\AppData\Roaming\XnView\xnview.ini

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
C:\Windows\tasks\User_Feed_Synchronization-{B23C60A6-FBBD-4139-9819-E1494536683F}.job
C:\Windows\tasks\SA.DAT
C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
C:\ProgramData\Adobe
C:\ProgramData\Apple
C:\ProgramData\Apple Computer
C:\ProgramData\Application Data
C:\ProgramData\Axis that
C:\ProgramData\Bureau
C:\ProgramData\CanonBJ
C:\ProgramData\CanonCP
C:\ProgramData\Desktop
C:\ProgramData\Documents
C:\ProgramData\does less less.lejv4n
C:\ProgramData\eMule
C:\ProgramData\Favoris
C:\ProgramData\Favorites
C:\ProgramData\Google
C:\ProgramData\Grid Blue Memo Site
C:\ProgramData\Installations
C:\ProgramData\Lavasoft
C:\ProgramData\Logishrd
C:\ProgramData\Logitech
C:\ProgramData\Macrovision
C:\ProgramData\MAGIX
C:\ProgramData\McAfee
C:\ProgramData\Menu D‚marrer
C:\ProgramData\Microsoft
C:\ProgramData\Microsoft Help
C:\ProgramData\ModŠles
C:\ProgramData\PC Suite
C:\ProgramData\Pinnacle
C:\ProgramData\Setup Bend Option.j04q1ko
C:\ProgramData\SongbirdVLC
C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\Start Menu
C:\ProgramData\Templates
C:\ProgramData\Windows Genuine Advantage
C:\ProgramData\WLInstaller

---------------[ Listing des dossiers dans C:\Program Files ]--------------

C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
C:\Program Files\ActivIcons
C:\Program Files\Adobe
C:\Program Files\Alwil Software
C:\Program Files\Apple Software Update
C:\Program Files\Astonsoft
C:\Program Files\AusLogics Disk Defrag
C:\Program Files\Azureus
C:\Program Files\CanonBJ
C:\Program Files\CCleaner
C:\Program Files\Clavier+
C:\Program Files\Common Files
C:\Program Files\CyberLink
C:\Program Files\desktop.ini
C:\Program Files\DIFX
C:\Program Files\DivX
C:\Program Files\Duplicate Music Files Finder
C:\Program Files\eMule
C:\Program Files\Fichiers communs
C:\Program Files\Free iPod Video Converter
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\InstallShield Installation Information
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\Inventel
C:\Program Files\iPod
C:\Program Files\iPodConverter
C:\Program Files\iTunes
C:\Program Files\Java
C:\Program Files\Lavasoft
C:\Program Files\LimeWire
C:\Program Files\MAGIX
C:\Program Files\Microsoft CAPICOM 2.1.0.2
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft Small Business
C:\Program Files\Microsoft SQL Server
C:\Program Files\Microsoft SQL Server Compact Edition
C:\Program Files\Microsoft Visual Studio
C:\Program Files\Microsoft Works
C:\Program Files\Microsoft.NET
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\Mozilla Sunbird
C:\Program Files\Mozilla Thunderbird
C:\Program Files\mozilla.org
C:\Program Files\MSBuild
C:\Program Files\MSN
C:\Program Files\MSXML 4.0
C:\Program Files\Nokia
C:\Program Files\OrangeHSS
C:\Program Files\Pantone
C:\Program Files\PC Connectivity Solution
C:\Program Files\PENTAX
C:\Program Files\PENTAX Corporation
C:\Program Files\Photomatix
C:\Program Files\ProtectDisc Driver Installer
C:\Program Files\QuickTime
C:\Program Files\Realtek
C:\Program Files\Reference Assemblies
C:\Program Files\Samsung
C:\Program Files\Songbird
C:\Program Files\Sony Ericsson
C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Stardock
C:\Program Files\Synaptics
C:\Program Files\The GodFather
C:\Program Files\Trend Micro
C:\Program Files\Uninstall Information
C:\Program Files\VideoLAN
C:\Program Files\vLite
C:\Program Files\Windows Calendar
C:\Program Files\Windows Collaboration
C:\Program Files\Windows Defender
C:\Program Files\Windows Journal
C:\Program Files\Windows Live
C:\Program Files\Windows Mail
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\Windows Photo Gallery
C:\Program Files\Windows Sidebar
C:\Program Files\WinRAR
C:\Program Files\XBudget
C:\Program Files\XnView

---------------[ C:\Program Files\Common Files ]--------------

C:\Program Files\Common Files\Adobe
C:\Program Files\Common Files\Adobe Systems Shared
C:\Program Files\Common Files\Apple
C:\Program Files\Common Files\DESIGNER
C:\Program Files\Common Files\France Telecom
C:\Program Files\Common Files\InstallShield
C:\Program Files\Common Files\Java
C:\Program Files\Common Files\MAGIX Shared
C:\Program Files\Common Files\microsoft shared
C:\Program Files\Common Files\MSSoap
C:\Program Files\Common Files\Nokia
C:\Program Files\Common Files\PCSuite
C:\Program Files\Common Files\PX Storage Engine
C:\Program Files\Common Files\Services
C:\Program Files\Common Files\SpeechEngines
C:\Program Files\Common Files\Stardock
C:\Program Files\Common Files\System
C:\Program Files\Common Files\Vbox
C:\Program Files\Common Files\WindowsLiveInstaller
C:\Program Files\Common Files\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 14:45:28
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

--------------------[ Fin du rapport a 14:45:38,05 ]----------------------

Répondre à ambar24
ambar24   01-02-2008 à 14:46:59
- 0 +

voila le rapport de la suppression, je te dis si çà à marcher

Répondre à ambar24
ambar24   01-02-2008 à 14:49:12
- 0 +

eMerci beaucoup, tout est revenu à la normale, chapeau bas! Et surtout merci beaucoup pour ton aide!!!

Répondre à ambar24
Angeldark   01-02-2008 à 18:28:34
- 0 +

Reposte un rapport Hijackthis.

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > virus iexplorer
Aller à :

Il y a 2491 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,322 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens