PC infecté [Résolu]

PC infecté [Résolu] - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

Dans la même thématique :

Ceci répond-il à votre question ? Oui | Non

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : PC infecté [Résolu]

denise26

Profil : IDNaute

Plus d'informations

27-04-2008 à 19:37:35

Pourriez-vous m'aider à désinfecter mon PC ? comme je vous l'explique dans mon précédent message, j'ai des pages de pubs qui s'ouvrent de façon intempestives : comme faire pour m'en débarrasser ? Je vous ai envoyé un rapport mais je n'ai pas de réponse. Est-ce normal?

Message édité par denise26 le 13-05-2008 à 18:54:18

Liens

Hades-24-

Profil : IDNaute

Plus d'informations

27-04-2008 à 19:59:38

Masquer

Bonjour,

Il arrive parfois que des posts passe au travers...

Repost le rapport.

denise26

Profil : IDNaute

Plus d'informations

27-04-2008 à 21:08:16

Masquer

Merci ! voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:51, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffe [...] ftPane.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O4 - HKLM\..\Run: [NI.UERSV_9999_N91S1912] "c:\documents and settings\nicou\application data\errorsafefrenchnewreleaseinstall[1].exe" -nag
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [NOUNBALM] C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\firstpileaim.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {011F473E-0880-43D4-99F3-F490A84128AE} (GenimoWebGames Control) - http://jeuxentelechargement.orange [...] ontrol.cab
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.orange.fr/wfr_webab/VoxsyncX.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 9666819156
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Games [...] meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxenligne.orange.fr/onlin [...] uncher.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

--
End of file - 8869 bytes

denise26

Profil : IDNaute

Plus d'informations

28-04-2008 à 22:37:58

Masquer

et maintenant, je fais quoi ?

Merillym

Profil : IDNaute

Plus d'informations

29-04-2008 à 20:21:59

Masquer

:hello: Bonjour,

1) Un peu de politesse serait la bienvenue, comme bonjour ou merci

2) Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention

denise26

Profil : IDNaute

Plus d'informations

02-05-2008 à 20:31:39

Masquer

-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------
Tout d'abord bonsoir, tu as raison ma question était un peu abrupte, mais ne se voulait pas autoritaire ! merci donc de ton aide, voici le rapport :

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Nicou ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 02/05/2008 | 20:26:56,26 ] [ PC : Nicole ]
[ MAJ : 30-04-2008 | 18:35 ]

-------------[ Listing des dossiers dans Application Data ]------------

[07/08/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/12/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[23/01/2007|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[07/03/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
[09/04/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[09/04/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimo
[26/05/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/12/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[05/05/2006|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[05/05/2006|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[20/12/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/04/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[19/04/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/11/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[09/07/2006|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[07/12/2006|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayTime
[22/11/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/05/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/05/2006|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/04/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[06/07/2006|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/02/2007|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/08/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[16/08/2004|17:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM
[15/04/2007|13:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/11/2006|19:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/04/2007|23:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/01/2007|19:23] C:\DOCUME~1\Nicou\APPLIC~1\Adobe
[24/01/2007|12:21] C:\DOCUME~1\Nicou\APPLIC~1\AdobeUM
[09/04/2008|19:59] C:\DOCUME~1\Nicou\APPLIC~1\Big Fish Games
[31/03/2007|14:33] C:\DOCUME~1\Nicou\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\Nicou\APPLIC~1\desktop.ini
[10/11/2007|19:08] C:\DOCUME~1\Nicou\APPLIC~1\DivX
[08/04/2007|19:26] C:\DOCUME~1\Nicou\APPLIC~1\EoRezo
[07/03/2008|19:35] C:\DOCUME~1\Nicou\APPLIC~1\FloodLightGames
[04/05/2006|16:09] C:\DOCUME~1\Nicou\APPLIC~1\FotoWire
[09/09/2006|13:03] C:\DOCUME~1\Nicou\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[26/06/2006|16:43] C:\DOCUME~1\Nicou\APPLIC~1\Google
[19/05/2006|16:11] C:\DOCUME~1\Nicou\APPLIC~1\Help
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\Hotbar
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Identities
[19/04/2008|19:08] C:\DOCUME~1\Nicou\APPLIC~1\InstallShield
[30/07/2007|15:03] C:\DOCUME~1\Nicou\APPLIC~1\iWin
[15/04/2007|15:59] C:\DOCUME~1\Nicou\APPLIC~1\Lavasoft
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Leadertech
[19/04/2008|19:20] C:\DOCUME~1\Nicou\APPLIC~1\Logitech
[03/07/2006|22:00] C:\DOCUME~1\Nicou\APPLIC~1\Macromedia
[30/01/2007|20:59] C:\DOCUME~1\Nicou\APPLIC~1\MessengerSkinner
[15/09/2007|20:40] C:\DOCUME~1\Nicou\APPLIC~1\Microsoft
[02/05/2008|20:26] C:\DOCUME~1\Nicou\APPLIC~1\ping blah view
[09/07/2006|11:41] C:\DOCUME~1\Nicou\APPLIC~1\PlayFirst
[19/10/2007|22:42] C:\DOCUME~1\Nicou\APPLIC~1\Pogo Games
[05/06/2006|15:16] C:\DOCUME~1\Nicou\APPLIC~1\Real
[17/12/2007|20:03] C:\DOCUME~1\Nicou\APPLIC~1\Samsung
[06/12/2007|19:24] C:\DOCUME~1\Nicou\APPLIC~1\ShoppingReport
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Sonic
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Symantec
[04/05/2006|23:55] C:\DOCUME~1\Nicou\APPLIC~1\Template
[20/12/2007|21:06] C:\DOCUME~1\Nicou\APPLIC~1\Voxmobili
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\WeatherDPA
[27/04/2008|20:24] C:\DOCUME~1\Nicou\APPLIC~1\Webroot
[26/08/2007|12:13] C:\DOCUME~1\Nicou\APPLIC~1\Wildfire
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\You've Got Pictures Screensaver
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Zylom

[09/05/2007|19:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/04/2008 21:53][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[04/05/2006 15:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
[05/04/2005 20:31][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[02/05/2008 20:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/11/2007|21:12] C:\Program Files\AC3Filter
[16/02/2007|22:53] C:\Program Files\Adobe
[07/11/2007|20:53] C:\Program Files\Alawar
[05/05/2006|01:22] C:\Program Files\Alwil Software
[25/12/2006|12:34] C:\Program Files\Ashampoo
[30/09/2006|12:42] C:\Program Files\Atari
[27/04/2008|19:42] C:\Program Files\BitDownload
[20/04/2008|23:19] C:\Program Files\BitTorrent Fastest Tool
[20/04/2008|23:14] C:\Program Files\Conduit
[05/05/2006|00:26] C:\Program Files\CyberLink
[04/05/2006|19:29] C:\Program Files\Digitale Huehnerjagd
[03/04/2008|19:19] C:\Program Files\Discovery Multimedia
[24/03/2008|13:52] C:\Program Files\DivX
[07/08/2007|18:23] C:\Program Files\Elaborate Bytes
[27/04/2008|21:11] C:\Program Files\eMule
[08/04/2007|19:26] C:\Program Files\eoRezo
[19/04/2008|19:08] C:\Program Files\Fichiers communs
[10/06/2007|13:11] C:\Program Files\Free Audio Pack
[19/10/2007|22:18] C:\Program Files\GameHouse
[09/04/2008|19:59] C:\Program Files\GamesBar
[22/08/2007|15:46] C:\Program Files\Google
[09/09/2006|13:02] C:\Program Files\Hewlett-Packard
[05/05/2006|00:18] C:\Program Files\HP
[24/03/2008|13:15] C:\Program Files\iGraal
[05/05/2006|11:49] C:\Program Files\Illustrate
[28/01/2008|17:58] C:\Program Files\IncrediMail
[19/04/2008|19:08] C:\Program Files\InstallShield Installation Information
[09/04/2008|15:55] C:\Program Files\Internet Explorer
[05/10/2006|18:57] C:\Program Files\Inventel
[09/10/2007|20:24] C:\Program Files\Java
[15/04/2007|15:59] C:\Program Files\Lavasoft
[05/05/2006|00:26] C:\Program Files\Learn2.com
[21/12/2006|10:55] C:\Program Files\Logiciel Photo Orange
[19/04/2008|19:08] C:\Program Files\Logitech
[05/05/2006|01:57] C:\Program Files\Messenger
[03/03/2007|20:08] C:\Program Files\Micro Application
[21/05/2007|21:24] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/05/2006|00:26] C:\Program Files\microsoft frontpage
[17/02/2007|21:10] C:\Program Files\Microsoft Money 2005
[05/05/2006|01:41] C:\Program Files\microsoft office
[26/05/2007|19:36] C:\Program Files\Microsoft R‚f‚rence
[05/05/2006|00:29] C:\Program Files\Microsoft Works
[05/05/2006|00:26] C:\Program Files\Microsoft.NET
[05/05/2006|00:29] C:\Program Files\Movie Maker
[16/02/2007|22:02] C:\Program Files\MSN
[05/05/2006|00:26] C:\Program Files\MSN Gaming Zone
[16/11/2006|10:30] C:\Program Files\MSXML 4.0
[05/05/2006|00:29] C:\Program Files\NetMeeting
[23/05/2007|20:45] C:\Program Files\orange
[13/06/2007|22:50] C:\Program Files\Outlook Express
[20/12/2007|19:11] C:\Program Files\Outlook Express Quick Backup
[02/12/2006|19:58] C:\Program Files\PhotoFiltre
[02/05/2008|20:25] C:\Program Files\ping blah view
[05/05/2006|00:29] C:\Program Files\QuickTime
[05/05/2006|00:26] C:\Program Files\Real
[05/05/2006|00:26] C:\Program Files\Realtek
[20/04/2008|22:44] C:\Program Files\ReflexiveArcade
[04/05/2006|16:13] C:\Program Files\SAGEM
[17/12/2007|19:16] C:\Program Files\Samsung
[04/04/2008|20:18] C:\Program Files\scrabbleproB1.0.7
[05/10/2006|21:41] C:\Program Files\Securitoo
[05/05/2006|00:30] C:\Program Files\Services en ligne
[03/04/2008|19:31] C:\Program Files\Sierra On-Line
[05/05/2006|00:26] C:\Program Files\Sonic
[06/01/2008|20:16] C:\Program Files\StudioLine Photo Basic
[05/05/2006|01:17] C:\Program Files\Symantec
[14/07/2006|17:50] C:\Program Files\The Adventure Company
[15/06/2006|19:44] C:\Program Files\TMFX Studios
[20/04/2008|23:14] C:\Program Files\torrent_search
[21/04/2008|20:35] C:\Program Files\Trend Micro
[23/10/2007|20:23] C:\Program Files\Twilight
[05/05/2006|00:26] C:\Program Files\Uninstall Information
[05/05/2006|00:26] C:\Program Files\Viewpoint
[19/10/2006|19:50] C:\Program Files\VirginMega
[02/05/2008|20:25] C:\Program Files\Wanadoo
[20/05/2007|12:40] C:\Program Files\Wanadoo Messager
[27/04/2008|20:24] C:\Program Files\Webroot
[04/03/2008|19:51] C:\Program Files\Windows Live
[30/11/2007|10:08] C:\Program Files\Windows Live Toolbar
[28/12/2006|21:24] C:\Program Files\Windows Media Connect 2
[31/05/2007|15:15] C:\Program Files\Windows Media Player
[05/05/2006|00:30] C:\Program Files\Windows NT
[05/05/2006|00:26] C:\Program Files\WindowsUpdate
[30/04/2007|16:55] C:\Program Files\WinLemm
[03/01/2007|19:46] C:\Program Files\WinRAR
[06/04/2008|14:17] C:\Program Files\Winsos
[05/05/2006|00:26] C:\Program Files\xerox
[18/10/2007|18:51] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[15/05/2006|14:49] C:\Program Files\Fichiers communs\Adobe
[05/05/2006|00:28] C:\Program Files\Fichiers communs\AOL
[05/05/2006|00:28] C:\Program Files\Fichiers communs\aolshare
[05/05/2006|00:28] C:\Program Files\Fichiers communs\DESIGNER
[04/05/2006|16:09] C:\Program Files\Fichiers communs\FotoWire
[05/05/2006|00:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/05/2006|00:20] C:\Program Files\Fichiers communs\HP
[04/05/2006|16:06] C:\Program Files\Fichiers communs\InstallShield
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Java
[19/04/2008|19:09] C:\Program Files\Fichiers communs\Logishrd
[04/05/2006|16:08] C:\Program Files\Fichiers communs\Logitech
[19/04/2008|19:11] C:\Program Files\Fichiers communs\Microsoft Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\MSSoap
[25/01/2007|04:52] C:\Program Files\Fichiers communs\NMSAccessU.exe
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Nullsoft
[15/04/2008|21:19] C:\Program Files\Fichiers communs\Oberon Media
[05/05/2006|00:26] C:\Program Files\Fichiers communs\ODBC
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Real
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Services
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Sonic Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\SpeechEngines
[15/08/2007|16:01] C:\Program Files\Fichiers communs\SureThing Shared
[05/05/2006|01:20] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|22:50] C:\Program Files\Fichiers communs\System
[04/03/2008|19:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/05/2006|00:26] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 50

iexplore.exe ~ [3760]
iexplore.exe ~ [164]

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\firstpileaim.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\nugcaemu.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\rjylyngf.exe
C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\ThirdGplSize.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Download hole.exe
C:\Program Files\Bitdownload
C:\Program Files\Bitdownload\session.store
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-2EAB6E97.pf
C:\WINDOWS\Tasks\AA39E4FF918A99F3.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hopedoescreative]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Nicou\\APPLIC~1\\PINGBL~1\\firstpileaim.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NOUNBALM"="C:\\DOCUME~1\\Nicou\\APPLIC~1\\PINGBL~1\\firstpileaim.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AXIS TONS THE MP3"="C:\\Documents and Settings\\All Users\\Application Data\\Readme Live Axis Tons\\Download hole.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 20:29:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif

/!\ [Fich:16][Doss:108] C:\DOCUME~1\Nicou\LOCALS~1\Temp
/!\ [Fich:90][Doss:0] C:\DOCUME~1\Nicou\Cookies
/!\ [Fich:122][Doss:9] C:\DOCUME~1\Nicou\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:29:39,17 ]----------------------

Merillym

Profil : IDNaute

Plus d'informations

02-05-2008 à 23:08:26

Masquer

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

+ nouveau rapport hijackthis.

---------------
Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention

denise26

Profil : IDNaute

Plus d'informations

02-05-2008 à 23:21:38

Masquer

Voici le nouveau rapport :

-----------------------[ Lop S&D 4.2.0-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Nicou ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 02/05/2008 | 23:17:11,56 ] [ PC : Nicole ]
[ MAJ : 30-04-2008 | 18:35 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons\Download hole.exe
Supprimé! - C:\Program Files\Bitdownload\session.store
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprimé! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprimé! - C:\WINDOWS\Tasks\AA39E4FF918A99F3.job
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\firstpileaim.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\nugcaemu.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\rjylyngf.exe
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1\ThirdGplSize.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Readme Live Axis Tons
Supprimé! - C:\Program Files\Bitdownload
Supprimé! - C:\Program Files\BitTorrent Fastest Tool
Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\PINGBL~1
Supprimé! - C:\Program Files\PINGBL~1
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\DOCUME~1\Nicou\APPLIC~1\ShoppingReport

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Listing des dossiers dans Application Data ]------------

[07/08/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
[06/12/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[23/01/2007|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[26/05/2007|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
[07/03/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Friends Games
[09/04/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GamesBar
[09/04/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genimo
[26/05/2007|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/12/2007|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotbarSA
[05/05/2006|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[05/05/2006|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[20/12/2007|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
[19/04/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[19/04/2008|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[15/04/2008|21:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/11/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[09/07/2006|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[07/12/2006|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayTime
[22/11/2006|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[05/05/2006|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[15/04/2008|22:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[05/05/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[06/07/2006|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16/02/2007|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/03/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[26/08/2007|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[16/08/2004|17:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[05/05/2006|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[05/12/2007|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM
[15/04/2007|13:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[29/11/2006|19:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[13/04/2007|23:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/01/2007|19:23] C:\DOCUME~1\Nicou\APPLIC~1\Adobe
[24/01/2007|12:21] C:\DOCUME~1\Nicou\APPLIC~1\AdobeUM
[09/04/2008|19:59] C:\DOCUME~1\Nicou\APPLIC~1\Big Fish Games
[31/03/2007|14:33] C:\DOCUME~1\Nicou\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\Nicou\APPLIC~1\desktop.ini
[10/11/2007|19:08] C:\DOCUME~1\Nicou\APPLIC~1\DivX
[08/04/2007|19:26] C:\DOCUME~1\Nicou\APPLIC~1\EoRezo
[07/03/2008|19:35] C:\DOCUME~1\Nicou\APPLIC~1\FloodLightGames
[04/05/2006|16:09] C:\DOCUME~1\Nicou\APPLIC~1\FotoWire
[09/09/2006|13:03] C:\DOCUME~1\Nicou\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
[26/06/2006|16:43] C:\DOCUME~1\Nicou\APPLIC~1\Google
[19/05/2006|16:11] C:\DOCUME~1\Nicou\APPLIC~1\Help
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\Hotbar
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Identities
[19/04/2008|19:08] C:\DOCUME~1\Nicou\APPLIC~1\InstallShield
[30/07/2007|15:03] C:\DOCUME~1\Nicou\APPLIC~1\iWin
[15/04/2007|15:59] C:\DOCUME~1\Nicou\APPLIC~1\Lavasoft
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Leadertech
[19/04/2008|19:20] C:\DOCUME~1\Nicou\APPLIC~1\Logitech
[03/07/2006|22:00] C:\DOCUME~1\Nicou\APPLIC~1\Macromedia
[30/01/2007|20:59] C:\DOCUME~1\Nicou\APPLIC~1\MessengerSkinner
[15/09/2007|20:40] C:\DOCUME~1\Nicou\APPLIC~1\Microsoft
[09/07/2006|11:41] C:\DOCUME~1\Nicou\APPLIC~1\PlayFirst
[19/10/2007|22:42] C:\DOCUME~1\Nicou\APPLIC~1\Pogo Games
[05/06/2006|15:16] C:\DOCUME~1\Nicou\APPLIC~1\Real
[17/12/2007|20:03] C:\DOCUME~1\Nicou\APPLIC~1\Samsung
[10/05/2006|09:27] C:\DOCUME~1\Nicou\APPLIC~1\Sonic
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Sun
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\Symantec
[04/05/2006|23:55] C:\DOCUME~1\Nicou\APPLIC~1\Template
[20/12/2007|21:06] C:\DOCUME~1\Nicou\APPLIC~1\Voxmobili
[06/12/2007|19:22] C:\DOCUME~1\Nicou\APPLIC~1\WeatherDPA
[27/04/2008|20:24] C:\DOCUME~1\Nicou\APPLIC~1\Webroot
[26/08/2007|12:13] C:\DOCUME~1\Nicou\APPLIC~1\Wildfire
[05/05/2006|00:26] C:\DOCUME~1\Nicou\APPLIC~1\You've Got Pictures Screensaver
[26/08/2007|19:37] C:\DOCUME~1\Nicou\APPLIC~1\Zylom

[09/05/2007|19:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[02/05/2008 22:53][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[04/05/2006 15:54][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 3.job
[05/04/2005 20:31][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[02/05/2008 20:18][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[05/11/2007|21:12] C:\Program Files\AC3Filter
[16/02/2007|22:53] C:\Program Files\Adobe
[07/11/2007|20:53] C:\Program Files\Alawar
[05/05/2006|01:22] C:\Program Files\Alwil Software
[25/12/2006|12:34] C:\Program Files\Ashampoo
[30/09/2006|12:42] C:\Program Files\Atari
[20/04/2008|23:14] C:\Program Files\Conduit
[05/05/2006|00:26] C:\Program Files\CyberLink
[04/05/2006|19:29] C:\Program Files\Digitale Huehnerjagd
[03/04/2008|19:19] C:\Program Files\Discovery Multimedia
[24/03/2008|13:52] C:\Program Files\DivX
[07/08/2007|18:23] C:\Program Files\Elaborate Bytes
[27/04/2008|21:11] C:\Program Files\eMule
[08/04/2007|19:26] C:\Program Files\eoRezo
[19/04/2008|19:08] C:\Program Files\Fichiers communs
[10/06/2007|13:11] C:\Program Files\Free Audio Pack
[19/10/2007|22:18] C:\Program Files\GameHouse
[09/04/2008|19:59] C:\Program Files\GamesBar
[22/08/2007|15:46] C:\Program Files\Google
[09/09/2006|13:02] C:\Program Files\Hewlett-Packard
[05/05/2006|00:18] C:\Program Files\HP
[24/03/2008|13:15] C:\Program Files\iGraal
[05/05/2006|11:49] C:\Program Files\Illustrate
[28/01/2008|17:58] C:\Program Files\IncrediMail
[19/04/2008|19:08] C:\Program Files\InstallShield Installation Information
[09/04/2008|15:55] C:\Program Files\Internet Explorer
[05/10/2006|18:57] C:\Program Files\Inventel
[09/10/2007|20:24] C:\Program Files\Java
[15/04/2007|15:59] C:\Program Files\Lavasoft
[05/05/2006|00:26] C:\Program Files\Learn2.com
[21/12/2006|10:55] C:\Program Files\Logiciel Photo Orange
[19/04/2008|19:08] C:\Program Files\Logitech
[05/05/2006|01:57] C:\Program Files\Messenger
[03/03/2007|20:08] C:\Program Files\Micro Application
[21/05/2007|21:24] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[05/05/2006|00:26] C:\Program Files\microsoft frontpage
[17/02/2007|21:10] C:\Program Files\Microsoft Money 2005
[05/05/2006|01:41] C:\Program Files\microsoft office
[26/05/2007|19:36] C:\Program Files\Microsoft R‚f‚rence
[05/05/2006|00:29] C:\Program Files\Microsoft Works
[05/05/2006|00:26] C:\Program Files\Microsoft.NET
[05/05/2006|00:29] C:\Program Files\Movie Maker
[16/02/2007|22:02] C:\Program Files\MSN
[05/05/2006|00:26] C:\Program Files\MSN Gaming Zone
[16/11/2006|10:30] C:\Program Files\MSXML 4.0
[05/05/2006|00:29] C:\Program Files\NetMeeting
[23/05/2007|20:45] C:\Program Files\orange
[13/06/2007|22:50] C:\Program Files\Outlook Express
[20/12/2007|19:11] C:\Program Files\Outlook Express Quick Backup
[02/12/2006|19:58] C:\Program Files\PhotoFiltre
[05/05/2006|00:29] C:\Program Files\QuickTime
[05/05/2006|00:26] C:\Program Files\Real
[05/05/2006|00:26] C:\Program Files\Realtek
[20/04/2008|22:44] C:\Program Files\ReflexiveArcade
[04/05/2006|16:13] C:\Program Files\SAGEM
[17/12/2007|19:16] C:\Program Files\Samsung
[04/04/2008|20:18] C:\Program Files\scrabbleproB1.0.7
[05/10/2006|21:41] C:\Program Files\Securitoo
[05/05/2006|00:30] C:\Program Files\Services en ligne
[03/04/2008|19:31] C:\Program Files\Sierra On-Line
[05/05/2006|00:26] C:\Program Files\Sonic
[06/01/2008|20:16] C:\Program Files\StudioLine Photo Basic
[05/05/2006|01:17] C:\Program Files\Symantec
[14/07/2006|17:50] C:\Program Files\The Adventure Company
[15/06/2006|19:44] C:\Program Files\TMFX Studios
[20/04/2008|23:14] C:\Program Files\torrent_search
[21/04/2008|20:35] C:\Program Files\Trend Micro
[23/10/2007|20:23] C:\Program Files\Twilight
[05/05/2006|00:26] C:\Program Files\Uninstall Information
[05/05/2006|00:26] C:\Program Files\Viewpoint
[19/10/2006|19:50] C:\Program Files\VirginMega
[02/05/2008|23:14] C:\Program Files\Wanadoo
[20/05/2007|12:40] C:\Program Files\Wanadoo Messager
[27/04/2008|20:24] C:\Program Files\Webroot
[04/03/2008|19:51] C:\Program Files\Windows Live
[30/11/2007|10:08] C:\Program Files\Windows Live Toolbar
[28/12/2006|21:24] C:\Program Files\Windows Media Connect 2
[31/05/2007|15:15] C:\Program Files\Windows Media Player
[05/05/2006|00:30] C:\Program Files\Windows NT
[05/05/2006|00:26] C:\Program Files\WindowsUpdate
[30/04/2007|16:55] C:\Program Files\WinLemm
[03/01/2007|19:46] C:\Program Files\WinRAR
[06/04/2008|14:17] C:\Program Files\Winsos
[05/05/2006|00:26] C:\Program Files\xerox
[18/10/2007|18:51] C:\Program Files\Zylom Games

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[15/05/2006|14:49] C:\Program Files\Fichiers communs\Adobe
[05/05/2006|00:28] C:\Program Files\Fichiers communs\AOL
[05/05/2006|00:28] C:\Program Files\Fichiers communs\aolshare
[05/05/2006|00:28] C:\Program Files\Fichiers communs\DESIGNER
[04/05/2006|16:09] C:\Program Files\Fichiers communs\FotoWire
[05/05/2006|00:17] C:\Program Files\Fichiers communs\Hewlett-Packard
[05/05/2006|00:20] C:\Program Files\Fichiers communs\HP
[04/05/2006|16:06] C:\Program Files\Fichiers communs\InstallShield
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Java
[19/04/2008|19:09] C:\Program Files\Fichiers communs\Logishrd
[04/05/2006|16:08] C:\Program Files\Fichiers communs\Logitech
[19/04/2008|19:11] C:\Program Files\Fichiers communs\Microsoft Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\MSSoap
[25/01/2007|04:52] C:\Program Files\Fichiers communs\NMSAccessU.exe
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Nullsoft
[15/04/2008|21:19] C:\Program Files\Fichiers communs\Oberon Media
[05/05/2006|00:26] C:\Program Files\Fichiers communs\ODBC
[05/05/2006|00:26] C:\Program Files\Fichiers communs\Real
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Services
[05/05/2006|00:28] C:\Program Files\Fichiers communs\Sonic Shared
[05/05/2006|00:26] C:\Program Files\Fichiers communs\SpeechEngines
[15/08/2007|16:01] C:\Program Files\Fichiers communs\SureThing Shared
[05/05/2006|01:20] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|22:50] C:\Program Files\Fichiers communs\System
[04/03/2008|19:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[05/05/2006|00:26] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 50

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-02 23:18:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\Documents and Settings\Nicou\Local Settings\Application Data\IM\Runtime\EmoticonCenter\cracker.gif

/!\ [Fich:17][Doss:108] C:\DOCUME~1\Nicou\LOCALS~1\Temp
/!\ [Fich:90][Doss:0] C:\DOCUME~1\Nicou\Cookies
/!\ [Fich:25][Doss:9] C:\DOCUME~1\Nicou\LOCALS~1\TEMPOR~1\content.IE5

Rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:20:18, on 02/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\FTRTSVC.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffe [...] ftPane.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O4 - HKLM\..\Run: [NI.UERSV_9999_N91S1912] "c:\documents and settings\nicou\application data\errorsafefrenchnewreleaseinstall[1].exe" -nag
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [^SetupICWDesktop] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {011F473E-0880-43D4-99F3-F490A84128AE} (GenimoWebGames Control) - http://jeuxentelechargement.orange [...] ontrol.cab
O16 - DPF: {3E82BB3F-ABE4-458D-9281-0187286A4E51} (VoxsyncCtrl Class) - http://contacts.orange.fr/wfr_webab/VoxsyncX.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 9666819156
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Games [...] meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://jeuxenligne.orange.fr/onlin [...] uncher.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\

Messages similaires

Dans l'actualité

Les téléchargements

Les dernières actualités

Les derniers dossiers