Tom's Guide > Forum > Sécurité - Virus > Help - Mon ordi est complètement spamé, plus rien ne fonctionne

Help - Mon ordi est complètement spamé, plus rien ne fonctionne

Forum Sécurité - Virus : Help - Mon ordi est complètement spamé, plus rien ne fonctionne

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
e-emergence@IDN   09-04-2008 à 13:28:59

bonjour,
Je sollicite votre aide pour me dire ce qu'il faut que je fasse pour nettoyer mon ordi. Meci
voici le rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 13:13:41, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Micro Application\9 Dictionnaires Utiles\MediaDICO9Ut.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Micro Application\9 Dictionnaires Utiles\Rac9Ut.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\dany\Bureau\HijackThis.exe
C:\Documents and Settings\dany\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nordnet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE YHT PC Camera
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Support audio cool poll] C:\Documents and Settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO\PROGRAM BITS.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO9Ut] C:\Program Files\Micro Application\9 Dictionnaires Utiles\LanceMediaDICO9Ut.exe Lancement
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [magsbias] C:\DOCUME~1\dany\APPLIC~1\SURFDE~1\PhoneList.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSN2Lite\Psn2Lite.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?17b9069862d44ae3850bac03a07f1d78
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?17b9069862d44ae3850bac03a07f1d78
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.nordnet.fr
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telecharg [...] sicDnl.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe


Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Angeldark   09-04-2008 à 14:31:31
- 0 +

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)


(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
e-emergence@IDN   09-04-2008 à 17:00:32
- 0 +

Merci A

-----------------------[ Lop S&D 4.1.0-9 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : dany ] [ "C:\Lop SD" ]
[ 09/04/2008 | 16:54:33,64 ] [ PC : DCBL622J ]
[ MAJ : 08-04-2008 | 23:37 ]

-------------[ Listing des dossiers dans Application Data ]------------

[25/01/2006|10:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[25/01/2006|10:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[25/01/2006|10:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
[01/09/2005|08:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[01/09/2005|08:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[01/09/2005|08:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[25/01/2006|10:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[25/01/2006|10:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

[19/03/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[19/03/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[16/12/2006|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/07/2006|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[04/01/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/02/2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/03/2006|13:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[05/09/2007|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[01/09/2005|08:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[02/11/2006|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[11/07/2007|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[25/01/2006|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[19/03/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO
[16/03/2006|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[25/01/2006|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[25/01/2006|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[31/01/2006|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
[21/11/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[25/04/2006|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/02/2006|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[29/05/2006|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[02/02/2006|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/02/2006|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/01/2006|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[13/09/2006|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[08/05/2006|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[25/01/2006|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[13/09/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[14/09/2007|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[11/10/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[27/03/2008|19:26] C:\DOCUME~1\dany\APPLIC~1\.
[27/03/2008|19:26] C:\DOCUME~1\dany\APPLIC~1\..
[05/07/2006|20:34] C:\DOCUME~1\dany\APPLIC~1\3M
[05/07/2006|20:53] C:\DOCUME~1\dany\APPLIC~1\7Wonders
[15/12/2007|22:46] C:\DOCUME~1\dany\APPLIC~1\Adobe
[16/12/2006|23:13] C:\DOCUME~1\dany\APPLIC~1\AdobeDLM.log
[16/12/2006|23:13] C:\DOCUME~1\dany\APPLIC~1\AdobeUM
[07/05/2006|21:04] C:\DOCUME~1\dany\APPLIC~1\Ahead
[22/01/2008|13:51] C:\DOCUME~1\dany\APPLIC~1\Apple Computer
[30/01/2007|23:09] C:\DOCUME~1\dany\APPLIC~1\ArcSoft
[21/09/2007|08:22] C:\DOCUME~1\dany\APPLIC~1\Corel
[01/02/2006|20:33] C:\DOCUME~1\dany\APPLIC~1\Corel Photo Album
[01/09/2005|08:08] C:\DOCUME~1\dany\APPLIC~1\desktop.ini
[16/12/2006|23:13] C:\DOCUME~1\dany\APPLIC~1\dm.ini
[05/09/2006|20:49] C:\DOCUME~1\dany\APPLIC~1\dvdcss
[25/04/2006|20:15] C:\DOCUME~1\dany\APPLIC~1\EoRezo
[06/12/2006|19:25] C:\DOCUME~1\dany\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[02/11/2006|13:07] C:\DOCUME~1\dany\APPLIC~1\Google
[06/05/2006|12:27] C:\DOCUME~1\dany\APPLIC~1\Help
[01/09/2005|08:25] C:\DOCUME~1\dany\APPLIC~1\Identities
[11/07/2007|09:26] C:\DOCUME~1\dany\APPLIC~1\InstallShield
[22/03/2006|15:27] C:\DOCUME~1\dany\APPLIC~1\Lavasoft
[01/02/2006|20:28] C:\DOCUME~1\dany\APPLIC~1\Leadertech
[05/07/2006|20:59] C:\DOCUME~1\dany\APPLIC~1\Macromedia
[31/01/2006|19:40] C:\DOCUME~1\dany\APPLIC~1\McAfee.com Personal Firewall
[27/03/2008|19:26] C:\DOCUME~1\dany\APPLIC~1\MessengerSkinner
[02/12/2007|16:34] C:\DOCUME~1\dany\APPLIC~1\Micro Application
[14/09/2007|16:01] C:\DOCUME~1\dany\APPLIC~1\Microsoft
[10/09/2007|23:20] C:\DOCUME~1\dany\APPLIC~1\Mozilla
[02/02/2006|18:27] C:\DOCUME~1\dany\APPLIC~1\MSNInstaller
[07/05/2006|21:07] C:\DOCUME~1\dany\APPLIC~1\Nero
[10/09/2007|23:20] C:\DOCUME~1\dany\APPLIC~1\Netscape
[09/04/2008|16:43] C:\DOCUME~1\dany\APPLIC~1\OpenOffice.org2
[10/09/2007|23:19] C:\DOCUME~1\dany\APPLIC~1\Photodex
[05/07/2006|21:00] C:\DOCUME~1\dany\APPLIC~1\PlayFirst
[29/07/2006|14:47] C:\DOCUME~1\dany\APPLIC~1\Real
[25/03/2008|22:23] C:\DOCUME~1\dany\APPLIC~1\Skype
[01/02/2006|20:28] C:\DOCUME~1\dany\APPLIC~1\Sonic
[20/01/2008|19:20] C:\DOCUME~1\dany\APPLIC~1\Sony Corporation
[05/07/2006|19:50] C:\DOCUME~1\dany\APPLIC~1\Starware
[25/01/2006|10:47] C:\DOCUME~1\dany\APPLIC~1\Sun
[19/03/2008|21:47] C:\DOCUME~1\dany\APPLIC~1\SurfDefaultMath
[10/07/2007|19:46] C:\DOCUME~1\dany\APPLIC~1\URSoft
[05/07/2006|20:35] C:\DOCUME~1\dany\APPLIC~1\vlc
[25/01/2006|10:56] C:\DOCUME~1\dany\APPLIC~1\You've Got Pictures Screensaver

[25/01/2006|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[25/01/2006|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[25/01/2006|10:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
[01/09/2005|08:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/09/2005|08:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[01/09/2005|08:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[25/01/2006|10:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[25/01/2006|10:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[25/03/2008|16:16] C:\DOCUME~1\lisa\APPLIC~1\.
[25/03/2008|16:16] C:\DOCUME~1\lisa\APPLIC~1\..
[05/07/2006|21:14] C:\DOCUME~1\lisa\APPLIC~1\3M
[05/07/2006|23:13] C:\DOCUME~1\lisa\APPLIC~1\7Wonders
[15/12/2007|21:19] C:\DOCUME~1\lisa\APPLIC~1\Adobe
[13/05/2006|15:00] C:\DOCUME~1\lisa\APPLIC~1\Ahead
[24/01/2008|21:46] C:\DOCUME~1\lisa\APPLIC~1\Apple Computer
[12/09/2007|10:20] C:\DOCUME~1\lisa\APPLIC~1\Corel
[02/02/2006|13:53] C:\DOCUME~1\lisa\APPLIC~1\Corel Photo Album
[01/09/2005|08:08] C:\DOCUME~1\lisa\APPLIC~1\desktop.ini
[23/09/2007|20:15] C:\DOCUME~1\lisa\APPLIC~1\eMule
[25/04/2006|14:41] C:\DOCUME~1\lisa\APPLIC~1\EoRezo
[18/01/2007|18:30] C:\DOCUME~1\lisa\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
[02/11/2006|16:19] C:\DOCUME~1\lisa\APPLIC~1\Google
[01/09/2005|08:25] C:\DOCUME~1\lisa\APPLIC~1\Identities
[25/04/2006|20:05] C:\DOCUME~1\lisa\APPLIC~1\Lavasoft
[30/04/2006|13:26] C:\DOCUME~1\lisa\APPLIC~1\Leadertech
[31/05/2006|20:46] C:\DOCUME~1\lisa\APPLIC~1\Macromedia
[31/01/2006|19:57] C:\DOCUME~1\lisa\APPLIC~1\McAfee.com Personal Firewall
[04/12/2007|16:48] C:\DOCUME~1\lisa\APPLIC~1\Micro Application
[13/02/2008|17:24] C:\DOCUME~1\lisa\APPLIC~1\Microsoft
[17/02/2006|19:06] C:\DOCUME~1\lisa\APPLIC~1\Microsoft Games
[28/07/2007|12:51] C:\DOCUME~1\lisa\APPLIC~1\Mozilla
[03/02/2006|13:15] C:\DOCUME~1\lisa\APPLIC~1\MSNInstaller
[04/04/2008|19:51] C:\DOCUME~1\lisa\APPLIC~1\OpenOffice.org2
[17/10/2007|11:42] C:\DOCUME~1\lisa\APPLIC~1\Photodex
[29/05/2006|12:39] C:\DOCUME~1\lisa\APPLIC~1\PlayFirst
[13/02/2006|14:03] C:\DOCUME~1\lisa\APPLIC~1\Skype
[30/04/2006|13:27] C:\DOCUME~1\lisa\APPLIC~1\Sonic
[02/02/2008|10:38] C:\DOCUME~1\lisa\APPLIC~1\Sony Corporation
[25/01/2006|10:47] C:\DOCUME~1\lisa\APPLIC~1\Sun
[25/03/2008|16:33] C:\DOCUME~1\lisa\APPLIC~1\SurfDefaultMath
[05/07/2006|21:15] C:\DOCUME~1\lisa\APPLIC~1\vlc
[22/03/2006|12:02] C:\DOCUME~1\lisa\APPLIC~1\Wildfire
[25/01/2006|10:56] C:\DOCUME~1\lisa\APPLIC~1\You've Got Pictures Screensaver

[31/01/2006|19:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[31/01/2006|19:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[31/01/2006|19:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[09/10/2007|22:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/09/2005|08:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[01/09/2005|08:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[01/09/2005|08:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[08/04/2008 10:00][--ah-----] C:\WINDOWS\tasks\AEC183A8939A3554.job
[05/04/2008 18:53][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/04/2008 13:14][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[01/02/2006 21:00][--a------] C:\WINDOWS\tasks\Rappel d'abonnement 1 auprŠs de l'ISP.job
[09/04/2008 16:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[27/03/2008|19:25] C:\Program Files\.
[27/03/2008|19:25] C:\Program Files\..
[05/07/2006|20:33] C:\Program Files\3M
[05/07/2006|20:52] C:\Program Files\7 Wonders
[10/10/2007|17:45] C:\Program Files\Adobe
[27/07/2007|11:28] C:\Program Files\ADSL Autoconnect
[05/07/2006|20:35] C:\Program Files\Ahead
[02/02/2006|16:57] C:\Program Files\Alwil Software
[04/01/2008|20:51] C:\Program Files\Apple Software Update
[07/05/2006|19:07] C:\Program Files\ArcSoft
[25/01/2006|10:52] C:\Program Files\ATI Technologies
[25/12/2007|17:53] C:\Program Files\Bethesda Softworks
[02/02/2008|18:42] C:\Program Files\Bonjour
[15/09/2006|19:50] C:\Program Files\Bridge Builder
[19/03/2008|21:42] C:\Program Files\Circle Developement
[01/09/2005|08:13] C:\Program Files\ComPlus Applications
[25/01/2006|10:36] C:\Program Files\CONEXANT
[05/07/2006|20:57] C:\Program Files\Dart 'm Up
[25/01/2006|10:56] C:\Program Files\Dell
[06/05/2006|12:15] C:\Program Files\Dell Computer
[25/01/2006|10:53] C:\Program Files\Digital Line Detect
[10/09/2007|17:52] C:\Program Files\Digital Photo Navigator 1.5
[13/02/2008|17:56] C:\Program Files\Diner Dash
[05/07/2006|21:00] C:\Program Files\Diner Dash 2
[28/01/2007|19:05] C:\Program Files\Disney Interactive
[02/02/2006|17:22] C:\Program Files\DivX
[22/03/2008|23:47] C:\Program Files\eMule
[04/01/2008|20:49] C:\Program Files\Fichiers communs
[14/02/2007|20:14] C:\Program Files\Free Audio Pack
[01/09/2005|08:27] C:\Program Files\FrenchOtto
[01/09/2005|08:27] C:\Program Files\GemMasterFrench
[08/02/2007|10:37] C:\Program Files\Google
[11/07/2007|09:29] C:\Program Files\Grisoft
[02/02/2008|16:14] C:\Program Files\Incomplete
[03/12/2006|22:46] C:\Program Files\IncrediMail
[20/01/2008|19:01] C:\Program Files\InstallShield Installation Information
[25/01/2006|10:52] C:\Program Files\Intel
[25/01/2006|10:52] C:\Program Files\InterActual
[13/02/2008|17:01] C:\Program Files\Internet Explorer
[02/02/2008|18:43] C:\Program Files\iPod
[02/02/2008|18:43] C:\Program Files\iTunes
[06/05/2006|12:15] C:\Program Files\Jasc Software Inc
[27/07/2007|11:27] C:\Program Files\Java
[09/07/2007|23:06] C:\Program Files\Kaspersky Lab
[25/04/2006|20:05] C:\Program Files\Lavasoft
[25/01/2006|10:56] C:\Program Files\Learn2.com
[28/12/2007|19:58] C:\Program Files\LG Electronics
[28/12/2007|19:57] C:\Program Files\LGE GSM PC Sync
[02/02/2008|16:01] C:\Program Files\LimeWire
[08/03/2007|23:52] C:\Program Files\Luxor
[27/03/2008|19:21] C:\Program Files\Macrogaming
[11/07/2007|09:26] C:\Program Files\Macrovision Corporation
[25/01/2006|10:59] C:\Program Files\McAfee
[27/08/2006|00:07] C:\Program Files\Messenger
[19/03/2008|21:42] C:\Program Files\Messenger Plus! Live
[04/04/2008|17:08] C:\Program Files\MessengerSkinner
[23/12/2007|14:38] C:\Program Files\Micro Application
[01/09/2005|08:18] C:\Program Files\microsoft frontpage
[29/12/2006|21:40] C:\Program Files\Microsoft Games
[25/04/2006|20:27] C:\Program Files\Microsoft Office
[27/08/2006|00:07] C:\Program Files\Microsoft Works
[29/08/2007|20:56] C:\Program Files\Modem Helper
[08/11/2007|19:05] C:\Program Files\Movie Maker
[09/04/2008|13:22] C:\Program Files\Mozilla Firefox
[01/09/2005|08:12] C:\Program Files\MSN Gaming Zone
[21/11/2007|18:55] C:\Program Files\MSN Messenger
[19/11/2006|22:16] C:\Program Files\MSXML 4.0
[01/09/2005|08:15] C:\Program Files\NetMeeting
[25/01/2006|10:53] C:\Program Files\NetWaiting
[01/02/2006|17:50] C:\Program Files\Nikon
[27/07/2007|12:17] C:\Program Files\OpenOffice.org 2.2
[15/06/2007|01:04] C:\Program Files\Outlook Express
[13/07/2006|18:10] C:\Program Files\Petits jeux flash
[15/08/2007|00:44] C:\Program Files\Photo Story 3 for Windows
[10/09/2007|23:20] C:\Program Files\Photodex
[10/09/2007|23:20] C:\Program Files\Photodex Presenter
[06/02/2008|11:50] C:\Program Files\Picasa2
[30/05/2007|20:55] C:\Program Files\Player Tool
[05/07/2006|21:03] C:\Program Files\poolmup
[05/07/2006|20:31] C:\Program Files\PrivacyEraser Computing
[02/02/2008|18:42] C:\Program Files\QuickTime
[07/05/2006|12:37] C:\Program Files\Real
[03/09/2006|12:44] C:\Program Files\ReflexiveArcade
[05/07/2006|21:05] C:\Program Files\Sea War The Battles 2
[01/09/2005|08:15] C:\Program Files\Services en ligne
[25/01/2006|10:50] C:\Program Files\Sigmatel
[02/02/2006|17:43] C:\Program Files\Skype
[27/08/2006|00:07] C:\Program Files\SLD Codec Pack
[20/01/2008|18:52] C:\Program Files\Sony
[13/09/2006|14:20] C:\Program Files\SuperCopier
[19/03/2008|21:44] C:\Program Files\SurfDefaultMath
[08/11/2007|19:02] C:\Program Files\SWiSHpix
[15/09/2006|09:16] C:\Program Files\Symantec
[01/09/2005|08:25] C:\Program Files\Uninstall Information
[05/07/2006|20:34] C:\Program Files\VideoLAN
[11/03/2006|14:46] C:\Program Files\WildTangent
[21/11/2007|18:55] C:\Program Files\Windows Live
[01/12/2007|07:26] C:\Program Files\Windows Live Favorites
[01/12/2007|07:26] C:\Program Files\Windows Live Toolbar
[09/10/2007|21:39] C:\Program Files\Windows Media Connect 2
[09/10/2007|21:43] C:\Program Files\Windows Media Player
[01/09/2005|08:12] C:\Program Files\Windows NT
[01/09/2005|08:12] C:\Program Files\Windows Plus
[10/09/2007|22:31] C:\Program Files\Windows XP Fun Pack
[01/09/2005|08:15] C:\Program Files\WindowsUpdate
[30/08/2007|12:14] C:\Program Files\wt3d.ini
[01/09/2005|08:18] C:\Program Files\xerox
[11/10/2006|18:57] C:\Program Files\Yahoo!
[05/07/2006|21:04] C:\Program Files\Yetisports
[10/07/2007|19:56] C:\Program Files\Your Uninstaller 2006
[05/07/2006|21:06] C:\Program Files\Zuma

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[04/01/2008|20:49] C:\Program Files\Fichiers communs\.
[04/01/2008|20:49] C:\Program Files\Fichiers communs\..
[16/12/2006|23:09] C:\Program Files\Fichiers communs\Adobe
[05/07/2006|20:35] C:\Program Files\Fichiers communs\Ahead
[04/01/2008|20:49] C:\Program Files\Fichiers communs\Apple
[10/10/2007|17:43] C:\Program Files\Fichiers communs\Corel
[04/06/2006|13:49] C:\Program Files\Fichiers communs\InstallShield
[25/01/2006|10:46] C:\Program Files\Fichiers communs\Java
[16/03/2006|14:38] C:\Program Files\Fichiers communs\Macrovision Shared
[23/12/2007|14:38] C:\Program Files\Fichiers communs\Micro Application Shared
[14/09/2007|15:56] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2005|08:15] C:\Program Files\Fichiers communs\MSSoap
[07/05/2006|19:06] C:\Program Files\Fichiers communs\Nikon
[25/01/2006|10:55] C:\Program Files\Fichiers communs\Nullsoft
[01/09/2005|08:08] C:\Program Files\Fichiers communs\ODBC
[25/01/2006|10:55] C:\Program Files\Fichiers communs\Real
[01/09/2005|08:15] C:\Program Files\Fichiers communs\Services
[01/09/2005|08:08] C:\Program Files\Fichiers communs\SpeechEngines
[15/09/2006|09:16] C:\Program Files\Fichiers communs\Symantec Shared
[15/06/2007|01:04] C:\Program Files\Fichiers communs\System

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\dany\LOCALS~1\Temp\bis1.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO
C:\DOCUME~1\ALLUSE~1\APPLIC~1\INTERNET SPAM SUPPORT AUDIO\PROGRAM BITS.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\AEC183A8939A3554.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Support audio cool poll"="C:\\Documents and Settings\\All Users\\Application Data\\INTERNET SPAM SUPPORT AUDIO\\PROGRAM BITS.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 72 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 16:55:29
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwEnumerateValueKey, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
C:\documents and settings\dany\local settings\application data\kvrvifh.exe [2080]
scanning hidden files ...
C:\WINDOWS\Prefetch\KVRVIFH.EXE-110FB6AD.pf 38840 bytes
scan completed successfully
hidden processes: 1
hidden files: 1

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\yapudkdva_navps.dat
C:\WINDOWS\system32\yapudkdva.exe
C:\WINDOWS\system32\yapudkdva.dat
C:\WINDOWS\system32\yapudkdva_nav.dat
! EGDACCESS !


/!\ [Fich:2640][Doss:63] C:\DOCUME~1\dany\LOCALS~1\Temp
/!\ [Fich:654][Doss:0] C:\DOCUME~1\dany\Cookies
/!\ [Fich:15354][Doss:18] C:\DOCUME~1\dany\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 16:57:34,48 ]----------------------

Répondre à e-emergence@IDN
Angeldark   10-04-2008 à 18:08:46
- 0 +

Re,

Relance Lop S&D

  • Choisis cette fois ci l'Option 2 (Suppression)
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)


(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

------------------------------ Prévention & Protection||Vous m'aimez ? Cliquez :o
 Répondre à Angeldark
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > Help - Mon ordi est complètement spamé, plus rien ne fonctionne
Aller à :

Il y a 268 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,261 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens