traduction du scan...?
Forum Sécurité - Virus : traduction du scan...?
Bonsoir tout le monde!!
Voila je sais que j'ai un virus adware mais je voudrais savoir ce que signifie le bilan de mon scan:
Processus :
C:\Program Files\Internet Explorer\IEXPLORE.EXE
Infection :
c:\program files\circle developement\uninstall.exe
c:\users\chloé\appdata\local\temp\bis745d.exe
c:\users\chloé\appdata\local\temp\bisa4b0.exe
c:\programdata\acidthatmail\dumbcampplanmapi.exe
c:\programdata\acidthatmail\title beep dvd.exe
c:\programdata\acidthatmail\tyiifzeq.exe
c:\programdata\acidthatmail\ubygachn.exe
Fichier :
c:\users\chloé\appdata\roaming\microsoft\windows\cookies\chloé@network.adsmarket[1].txt
Base de registres :
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\Software\Microsoft\Internet Explorer\Main->AutoSearch
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\Software\Microsoft\Internet Explorer\Main->Use Custom Search URL
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\Software\Microsoft\Internet Explorer\Main->Use Search Asst
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-501\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1000\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-501\SOFTWARE\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com/avcenter/fix_homepage
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1000\SOFTWARE\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com/avcenter/fix_homepage
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com/avcenter/fix_homepage
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\SOFTWARE\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com/avcenter/fix_homepage
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com/avcenter/fix_homepage
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-501\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1000\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_USERS\S-1-5-21-223331130-1203351803-2398933310-1001\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE
Système :
Cache du navigateur
Répertoire :
c:\programdata\acidthatmail
c:\program files\circle developement
Merci de m'aider parce que moi j'y comprend vraiment rien!!!
Bonjour,
Ton bilan de scan ?
Répondre à Angeldark
oui c'est mon bilan de scan! IL n'y a que Norton Security Scan qui le trouve et tous les autres anti-virus ne le trouve pas (Ad-Aware, Pack sécurité plus de Neuf, window defender...). Mais le truc c'est que Norton Security Scan ne peut pas le supprimer vu qu'il est concu que pour scanner! Merci de m'aider!!
Re,
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Répondre à Angeldark
Oh ya un problème!! Après avoir selectionné l'option recherche, le fond qui était bleu devient rouge et ça me marque:
"Relancez le programme comme ceci: Clique droit executer en tant qu'administrateur puis appuyez sur une touche pour continuer". mais le truc c'est que quand je fais clique droit il n'y a pas "executer en tant qu'administrateur mais selectionner ou tout selectionner...! Alors j'appuie sur une touche et la fenêtre se ferme et puis plus rien!! Et je dois recommencer mais c'est toujours la même chose!!
Il faut faire ça sur l'icone.
Répondre à Angeldark
Nan c'est bon j'ai carrément enlever la protection administrateur pour l'application. Alors voila le rapport du scan:
-----------------------[ Lop S&D 4.2.1-8 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Chlo‚ ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 25/06/2008 | 13:39:43,26 ] [ PC : PC-DE-MIKE ]
[ MAJ : 24-06-2008 | 11:00 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Roaming ]------------
[02/06/2008|15:46] C:\Users\CHLO~1\AppData\Roaming\Adobe\Flash Player
[31/03/2008|15:15] C:\Users\CHLO~1\AppData\Roaming\Adobe\Linguistics
[31/03/2008|15:14] C:\Users\CHLO~1\AppData\Roaming\Adobe\Acrobat
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\ATI\ACE
[18/06/2008|19:22] C:\Users\CHLO~1\AppData\Roaming\Canon\MP Navigator EX V10
[18/06/2008|19:20] C:\Users\CHLO~1\AppData\Roaming\Canon\MP210 series
[17/03/2008|21:37] C:\Users\CHLO~1\AppData\Roaming\CyberLink\PowerStarter
[06/06/2008|23:19] C:\Users\CHLO~1\AppData\Roaming\DivX\DivX Player
[06/06/2008|15:05] C:\Users\CHLO~1\AppData\Roaming\DivX\DivX Codec
[05/06/2008|14:26] C:\Users\CHLO~1\AppData\Roaming\F-Secure\Spam Control
[23/06/2008|18:59] C:\Users\CHLO~1\AppData\Roaming\Google\Local Search History
[04/06/2008|11:32] C:\Users\CHLO~1\AppData\Roaming\Google\GoogleEarth
[16/03/2008|12:36] C:\Users\CHLO~1\AppData\Roaming\Hewlett-Packard\HPAdvisor
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Identities\{BDEEBEE2-23BE-467B-9D93-4999AC84D54D}
[05/04/2008|11:28] C:\Users\CHLO~1\AppData\Roaming\Macromedia\Flash Player
[16/03/2008|14:31] C:\Users\CHLO~1\AppData\Roaming\Macromedia\Director MX 2004
[14/06/2008|11:49] C:\Users\CHLO~1\AppData\Roaming\Microsoft\MSN Messenger
[07/06/2008|18:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Crypto
[04/06/2008|17:10] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Internet Explorer
[04/06/2008|11:08] C:\Users\CHLO~1\AppData\Roaming\Microsoft\IdentityCRL
[16/05/2008|21:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[10/05/2008|16:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Works
[10/05/2008|16:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\UProof
[09/05/2008|12:16] C:\Users\CHLO~1\AppData\Roaming\Microsoft\eHome
[21/04/2008|21:51] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Speech
[31/03/2008|15:21] C:\Users\CHLO~1\AppData\Roaming\Microsoft\CLR Security Config
[17/03/2008|19:26] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Windows
[16/03/2008|15:47] C:\Users\CHLO~1\AppData\Roaming\Microsoft\HTML Help
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\SystemCertificates
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Protect
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Credentials
[16/03/2008|14:31] C:\Users\CHLO~1\AppData\Roaming\PlayFirst\dinerdash
[09/05/2008|11:58] C:\Users\CHLO~1\AppData\Roaming\Roxio\Sidewinder
[17/03/2008|00:00] C:\Users\CHLO~1\AppData\Roaming\ScanSoft\OmniPageSE4.0
[05/06/2008|09:35] C:\Users\CHLO~1\AppData\Roaming\Symantec\Layouts
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Symantec\NPMDataStore
[16/03/2008|01:13] C:\Users\CHLO~1\AppData\Roaming\WildTangent\My HP Game Console
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[22/06/2008 21:49][--a------] C:\Windows\tasks\Norton Security Scan.job
[24/06/2008 12:48][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{6A901C60-C805-4C42-921D-78216DC9E7DC}.job
[25/06/2008 13:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{F0DA93B3-C0D3-4001-BBC4-72A5F3C5B4EE}.job
[23/06/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - mike.job
[02/06/2008 15:46][--a------] C:\Windows\tasks\HPCeeScheduleFormike.job
[25/06/2008 13:38][--ah-----] C:\Windows\tasks\SA.DAT
[25/06/2008 13:36][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[16/06/2008|15:37] C:\ProgramData\acidthatmail
[16/06/2008|15:37] C:\ProgramData\Admin Inter 1 Mags
[25/06/2008|11:53] C:\ProgramData\Adobe
[15/03/2008|23:51] C:\ProgramData\Application Data
[05/12/2007|04:50] C:\ProgramData\ATI
[15/03/2008|23:51] C:\ProgramData\Bureau
[16/03/2008|01:42] C:\ProgramData\CanonBJ
[18/06/2008|19:22] C:\ProgramData\CanonIJPLM
[16/03/2008|03:10] C:\ProgramData\CyberLink
[16/06/2008|15:36] C:\ProgramData\DEFY BASH BASH.4ovyoi
[16/06/2008|15:36] C:\ProgramData\DEFY BASH BASH.9tfi3
[16/06/2008|15:28] C:\ProgramData\DEFY BASH BASH.va5nb
[15/03/2008|23:51] C:\ProgramData\Documents
[16/06/2008|15:37] C:\ProgramData\enc regs title.incxoh6
[15/03/2008|23:51] C:\ProgramData\Favoris
[02/06/2008|16:39] C:\ProgramData\F-Secure
[02/06/2008|16:37] C:\ProgramData\fssg
[04/06/2008|11:06] C:\ProgramData\Google
[16/03/2008|00:01] C:\ProgramData\Hewlett-Packard
[05/12/2007|04:51] C:\ProgramData\HP
[05/12/2007|04:51] C:\ProgramData\hpzinstall.log
[16/03/2008|01:47] C:\ProgramData\InstallShield
[24/06/2008|16:27] C:\ProgramData\Lavasoft
[15/03/2008|23:51] C:\ProgramData\Menu D‚marrer
[18/06/2008|12:21] C:\ProgramData\Messenger Plus!
[02/06/2008|16:03] C:\ProgramData\Microsoft
[15/03/2008|23:51] C:\ProgramData\ModŠles
[05/12/2007|04:58] C:\ProgramData\muvee Technologies
[05/12/2007|05:03] C:\ProgramData\PC-Doctor
[24/05/2008|17:36] C:\ProgramData\QuickTime
[16/03/2008|01:46] C:\ProgramData\ScanSoft
[02/06/2008|16:09] C:\ProgramData\Symantec
[06/06/2008|16:02] C:\ProgramData\WildTangent
[04/06/2008|11:01] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[27/05/1996|01:00] C:\Program Files\ACCTREC.TZ3
[27/05/1996|01:00] C:\Program Files\ADDBOOK1.PRV
[27/05/1996|01:00] C:\Program Files\ADDBOOK2.PRV
[25/06/2008|11:50] C:\Program Files\Adobe
[27/05/1996|01:00] C:\Program Files\ANSI.TRD
[15/03/2008|23:55] C:\Program Files\AOL
[05/12/2007|04:45] C:\Program Files\ATI
[05/12/2007|04:46] C:\Program Files\ATI Technologies
[27/05/1996|01:00] C:\Program Files\AWARD.TZ3
[27/05/1996|01:00] C:\Program Files\BIBLIO.TZ3
[27/05/1996|01:00] C:\Program Files\BID.TZ3
[27/05/1996|01:00] C:\Program Files\BROCHURE.TZ3
[27/05/1996|01:00] C:\Program Files\BUSINV.TZ3
[16/03/2008|01:50] C:\Program Files\Canon
[16/03/2008|01:39] C:\Program Files\CanonBJ
[16/06/2008|15:35] C:\Program Files\Circle Developement
[17/03/2008|19:06] C:\Program Files\ClipArt
[25/06/2008|11:50] C:\Program Files\Common Files
[27/05/1996|01:00] C:\Program Files\COMPLINC.DLL
[17/03/2008|19:06] C:\Program Files\Convert
[24/03/2008|19:54] C:\Program Files\Core Design
[05/12/2007|04:57] C:\Program Files\CyberLink
[05/12/2007|04:30] C:\Program Files\desktop.ini
[16/03/2008|23:55] C:\Program Files\directx
[06/06/2008|14:54] C:\Program Files\DivX
[05/12/2007|12:39] C:\Program Files\EasyBits
[04/06/2008|12:09] C:\Program Files\eMule
[27/05/1996|01:00] C:\Program Files\FAX.TZ3
[15/03/2008|23:51] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/05/1996|01:00] C:\Program Files\FLYER.TZ3
[27/05/1996|01:00] C:\Program Files\FNDWORKS.FND
[04/06/2008|11:06] C:\Program Files\Google
[27/05/1996|01:00] C:\Program Files\GRADEBK.TZ3
[05/12/2007|05:05] C:\Program Files\Hewlett-Packard
[27/05/1996|01:00] C:\Program Files\HOMEINV.TZ3
[05/12/2007|04:59] C:\Program Files\HP
[05/12/2007|05:08] C:\Program Files\HP Games
[17/03/2008|23:43] C:\Program Files\InstallShield Installation Information
[12/06/2008|03:10] C:\Program Files\Internet Explorer
[27/05/1996|01:00] C:\Program Files\INVOICE.TZ3
[05/12/2007|04:59] C:\Program Files\Java
[27/05/1996|01:00] C:\Program Files\KERMIT.FTD
[27/05/1996|01:00] C:\Program Files\LAUNCH.DAT
[24/06/2008|16:26] C:\Program Files\Lavasoft
[27/05/1996|01:00] C:\Program Files\LISEZMOI.FTS
[27/05/1996|01:00] C:\Program Files\LISEZMOI.GID
[27/05/1996|01:00] C:\Program Files\LISEZMOI.HLP
[17/03/2008|20:08] C:\Program Files\Maxis
[27/05/1996|01:00] C:\Program Files\MEMO.TZ3
[16/06/2008|15:35] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[05/12/2007|05:01] C:\Program Files\Microsoft Office
[05/12/2007|05:00] C:\Program Files\Microsoft Works
[27/05/1996|01:00] C:\Program Files\MLETTER.PRV
[27/05/1996|01:00] C:\Program Files\MORTGAGE.TZ3
[05/12/2007|12:51] C:\Program Files\Movie Maker
[27/05/1996|01:00] C:\Program Files\MRESUME.PRV
[02/11/2006|14:37] C:\Program Files\MSBuild
[27/05/1996|01:00] C:\Program Files\MSHYFR32.DLL
[02/11/2006|14:37] C:\Program Files\MSN
[27/05/1996|01:00] C:\Program Files\MSTATMNT.PRV
[27/05/1996|01:00] C:\Program Files\MSWIZL3.TWZ
[27/05/1996|01:00] C:\Program Files\MSWKSINT.EXE
[27/05/1996|01:00] C:\Program Files\MSWORKS.EXE
[27/05/1996|01:00] C:\Program Files\MSWORKS.M14
[27/05/1996|01:00] C:\Program Files\MSWORKS.QKT
[27/05/1996|01:00] C:\Program Files\MSWORKS.TWZ
[27/05/1996|01:00] C:\Program Files\MSWORKS4.REG
[03/06/2008|17:44] C:\Program Files\MSXML 4.0
[05/12/2007|04:58] C:\Program Files\muvee Technologies
[27/05/1996|01:00] C:\Program Files\MVBK14N.DLL
[27/05/1996|01:00] C:\Program Files\MVCL14N.DLL
[27/05/1996|01:00] C:\Program Files\MVFS14N.DLL
[27/05/1996|01:00] C:\Program Files\MVIX14N.DLL
[27/05/1996|01:00] C:\Program Files\MVMC14N.DLL
[27/05/1996|01:00] C:\Program Files\MVMG14N.DLL
[27/05/1996|01:00] C:\Program Files\MVSR14N.DLL
[27/05/1996|01:00] C:\Program Files\MVTL14N.DLL
[27/05/1996|01:00] C:\Program Files\MVUT14N.DLL
[02/06/2008|15:54] C:\Program Files\Neuf
[27/05/1996|01:00] C:\Program Files\NEWSLTTR.TZ3
[07/06/2008|11:21] C:\Program Files\Norton Internet Security
[25/06/2008|11:57] C:\Program Files\Norton Security Scan
[27/05/1996|01:00] C:\Program Files\ORDERFRM.TZ3
[02/06/2008|20:21] C:\Program Files\Pack Securite
[05/12/2007|05:17] C:\Program Files\PC-Doctor 5 for Windows
[27/05/1996|01:00] C:\Program Files\PHONE.TZ3
[27/05/1996|01:00] C:\Program Files\PRICELST.TZ3
[27/05/1996|01:00] C:\Program Files\PROPFORM.TZ3
[27/05/1996|01:00] C:\Program Files\PSS.CNT
[27/05/1996|01:00] C:\Program Files\PSS.FTS
[27/05/1996|01:00] C:\Program Files\PSS.GID
[27/05/1996|01:00] C:\Program Files\PSS.HLP
[24/05/2008|17:36] C:\Program Files\QuickTime
[27/05/1996|01:00] C:\Program Files\QUOTE.TZ3
[05/12/2007|04:48] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/06/2008|19:33] C:\Program Files\Registry Mechanic
[27/05/1996|01:00] C:\Program Files\REPORT.TZ3
[17/03/2008|23:42] C:\Program Files\Rockstar Games
[16/03/2008|01:46] C:\Program Files\ScanSoft
[27/05/1996|01:00] C:\Program Files\SCHEDULE.TZ3
[27/05/1996|01:00] C:\Program Files\SCRATCH.PRV
[05/12/2007|05:09] C:\Program Files\Services en ligne
[17/03/2008|19:06] C:\Program Files\setup45
[14/06/2008|09:58] C:\Program Files\SLD Codec Pack
[27/05/1996|01:00] C:\Program Files\SSALL.BIN
[27/05/1996|01:00] C:\Program Files\STCLB.TZ3
[07/06/2008|11:14] C:\Program Files\Symantec
[17/03/2008|19:06] C:\Program Files\Template
[27/05/1996|01:00] C:\Program Files\TESTS.TZ3
[27/05/1996|01:00] C:\Program Files\TIMESHEE.TZ3
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[25/06/2008|13:06] C:\Program Files\ViVi Cursor 2.0
[27/05/1996|01:00] C:\Program Files\VT100.TRD
[27/05/1996|01:00] C:\Program Files\VT220.TRD
[27/05/1996|01:00] C:\Program Files\VT52.TRD
[05/12/2007|13:14] C:\Program Files\Windows Calendar
[05/12/2007|12:51] C:\Program Files\Windows Collaboration
[05/12/2007|12:58] C:\Program Files\Windows Defender
[05/12/2007|12:51] C:\Program Files\Windows Journal
[04/06/2008|11:07] C:\Program Files\Windows Live
[12/06/2008|03:10] C:\Program Files\Windows Mail
[05/12/2007|13:22] C:\Program Files\Windows Media Player
[15/03/2008|23:51] C:\Program Files\Windows NT
[05/12/2007|12:51] C:\Program Files\Windows Photo Gallery
[03/06/2008|18:05] C:\Program Files\Windows Sidebar
[27/05/1996|01:00] C:\Program Files\WKS4CHID.HLP
[27/05/1996|01:00] C:\Program Files\WKSLANG.DLL
[27/05/1996|01:00] C:\Program Files\WKSMSNFM.MCC
[27/05/1996|01:00] C:\Program Files\WKSOLE32.DLL
[27/05/1996|01:00] C:\Program Files\WPALL.BIN
[27/05/1996|01:00] C:\Program Files\WZ3DLL.DLL
[27/05/1996|01:00] C:\Program Files\WZ3DLL16.DLL
[27/05/1996|01:00] C:\Program Files\XMODEM.FTD
[08/06/2008|19:47] C:\Program Files\Xvid
[27/05/1996|01:00] C:\Program Files\YMODEM.FTD
[27/05/1996|01:00] C:\Program Files\ZMODEM.FTD
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[25/06/2008|11:54] C:\Program Files\Common Files\Adobe
[16/03/2008|01:45] C:\Program Files\Common Files\CANON
[05/12/2007|04:51] C:\Program Files\Common Files\HP
[16/03/2008|01:46] C:\Program Files\Common Files\InstallShield
[05/12/2007|04:59] C:\Program Files\Common Files\Java
[05/12/2007|04:57] C:\Program Files\Common Files\LightScribe
[05/12/2007|04:57] C:\Program Files\Common Files\LS Getting Started
[04/06/2008|11:09] C:\Program Files\Common Files\microsoft shared
[05/12/2007|04:58] C:\Program Files\Common Files\muvee Technologies
[06/06/2008|14:53] C:\Program Files\Common Files\PX Storage Engine
[16/03/2008|01:46] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/06/2008|15:01] C:\Program Files\Common Files\Symantec Shared
[05/12/2007|13:03] C:\Program Files\Common Files\System
[04/06/2008|11:07] C:\Program Files\Common Files\WindowsLiveInstaller
[24/06/2008|16:24] C:\Program Files\Common Files\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 81
iexplore.exe ~ [1476]
iexplore.exe ~ [2708]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\DEFY BASH BASH.4ovyoi
C:\ProgramData\DEFY BASH BASH.9tfi3
C:\ProgramData\DEFY BASH BASH.va5nb
C:\ProgramData\enc regs title.incxoh6
C:\ProgramData\enc regs title.incxoh6
C:\Users\CHLO~1\AppData\Local\Temp\bis745D.exe
C:\Users\CHLO~1\AppData\Local\Temp\bisA4B0.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Admin Inter 1 Mags
C:\ProgramData\Admin Inter 1 Mags\16 SOAP.exe
C:\Program Files\Circle Developement
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sign Idol"="\"C:\\ProgramData\\DEFY BASH BASH.4ovyoi\""
"1 mags 16 more"="\"C:\\ProgramData\\enc regs title.incxoh6\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-25 13:40:33
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
[F:1532][D:174]-> C:\Users\CHLO~1\AppData\Local\Temp
[F:931][D:1]-> C:\Users\CHLO~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3874][D:7]-> C:\Users\CHLO~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:60][D:10]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 13:41:38,95 ]----------------------
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Répondre à Angeldark
Ca marche pas, ca fais deux fois que j'essaie, mais quand je tape "2", une fenêtre apparait avec un point d'exvlamation dans un triangle jaune et il y a écrit REBOOT et le nom de cette fenêtre est "vous allez être déconnecté".
Ensuite je clique sur OK (y a pas d'autres options) et quand je reclique sur le raccourci dans le bureau pour réessayer une fenêtre avec une croix blanche dans un rond rouge apparait et me dit que l'application ne s'est réinitialisée correctement... Pour retourner dans l'application je dois redémarrer l'ordi et tout recommmencer (la recherche) et lorsque j'arrive pour faire l'option 2 ca me refait pareil...!!
Tu as essayé de redémarrer manuellement ?
Répondre à Angeldark
Ben... oui enfin je vais dans démarrer puis redémarrer... C'est ca non?
Oui. Refais un scan LopSD option 1 pour voir.
Répondre à Angeldark
Ca y est:
-----------------------[ Lop S&D 4.2.1-8 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : Chlo‚ ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 25/06/2008 | 14:22:52,89 ] [ PC : PC-DE-MIKE ]
[ MAJ : 24-06-2008 | 11:00 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Roaming ]------------
[02/06/2008|15:46] C:\Users\CHLO~1\AppData\Roaming\Adobe\Flash Player
[31/03/2008|15:15] C:\Users\CHLO~1\AppData\Roaming\Adobe\Linguistics
[31/03/2008|15:14] C:\Users\CHLO~1\AppData\Roaming\Adobe\Acrobat
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\ATI\ACE
[18/06/2008|19:22] C:\Users\CHLO~1\AppData\Roaming\Canon\MP Navigator EX V10
[18/06/2008|19:20] C:\Users\CHLO~1\AppData\Roaming\Canon\MP210 series
[17/03/2008|21:37] C:\Users\CHLO~1\AppData\Roaming\CyberLink\PowerStarter
[06/06/2008|23:19] C:\Users\CHLO~1\AppData\Roaming\DivX\DivX Player
[06/06/2008|15:05] C:\Users\CHLO~1\AppData\Roaming\DivX\DivX Codec
[05/06/2008|14:26] C:\Users\CHLO~1\AppData\Roaming\F-Secure\Spam Control
[23/06/2008|18:59] C:\Users\CHLO~1\AppData\Roaming\Google\Local Search History
[04/06/2008|11:32] C:\Users\CHLO~1\AppData\Roaming\Google\GoogleEarth
[16/03/2008|12:36] C:\Users\CHLO~1\AppData\Roaming\Hewlett-Packard\HPAdvisor
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Identities\{BDEEBEE2-23BE-467B-9D93-4999AC84D54D}
[05/04/2008|11:28] C:\Users\CHLO~1\AppData\Roaming\Macromedia\Flash Player
[16/03/2008|14:31] C:\Users\CHLO~1\AppData\Roaming\Macromedia\Director MX 2004
[14/06/2008|11:49] C:\Users\CHLO~1\AppData\Roaming\Microsoft\MSN Messenger
[07/06/2008|18:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Crypto
[04/06/2008|17:10] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Internet Explorer
[04/06/2008|11:08] C:\Users\CHLO~1\AppData\Roaming\Microsoft\IdentityCRL
[16/05/2008|21:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[10/05/2008|16:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Works
[10/05/2008|16:22] C:\Users\CHLO~1\AppData\Roaming\Microsoft\UProof
[09/05/2008|12:16] C:\Users\CHLO~1\AppData\Roaming\Microsoft\eHome
[21/04/2008|21:51] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Speech
[31/03/2008|15:21] C:\Users\CHLO~1\AppData\Roaming\Microsoft\CLR Security Config
[17/03/2008|19:26] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Windows
[16/03/2008|15:47] C:\Users\CHLO~1\AppData\Roaming\Microsoft\HTML Help
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\SystemCertificates
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Protect
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Microsoft\Credentials
[16/03/2008|14:31] C:\Users\CHLO~1\AppData\Roaming\PlayFirst\dinerdash
[09/05/2008|11:58] C:\Users\CHLO~1\AppData\Roaming\Roxio\Sidewinder
[17/03/2008|00:00] C:\Users\CHLO~1\AppData\Roaming\ScanSoft\OmniPageSE4.0
[05/06/2008|09:35] C:\Users\CHLO~1\AppData\Roaming\Symantec\Layouts
[16/03/2008|00:34] C:\Users\CHLO~1\AppData\Roaming\Symantec\NPMDataStore
[16/03/2008|01:13] C:\Users\CHLO~1\AppData\Roaming\WildTangent\My HP Game Console
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[22/06/2008 21:49][--a------] C:\Windows\tasks\Norton Security Scan.job
[25/06/2008 14:01][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{6A901C60-C805-4C42-921D-78216DC9E7DC}.job
[25/06/2008 14:20][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{F0DA93B3-C0D3-4001-BBC4-72A5F3C5B4EE}.job
[23/06/2008 20:00][--a------] C:\Windows\tasks\Norton Internet Security - Effectuer une analyse complŠte du systŠme - mike.job
[02/06/2008 15:46][--a------] C:\Windows\tasks\HPCeeScheduleFormike.job
[25/06/2008 14:06][--ah-----] C:\Windows\tasks\SA.DAT
[25/06/2008 14:04][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[16/06/2008|15:37] C:\ProgramData\acidthatmail
[16/06/2008|15:37] C:\ProgramData\Admin Inter 1 Mags
[25/06/2008|11:53] C:\ProgramData\Adobe
[15/03/2008|23:51] C:\ProgramData\Application Data
[05/12/2007|04:50] C:\ProgramData\ATI
[15/03/2008|23:51] C:\ProgramData\Bureau
[16/03/2008|01:42] C:\ProgramData\CanonBJ
[18/06/2008|19:22] C:\ProgramData\CanonIJPLM
[16/03/2008|03:10] C:\ProgramData\CyberLink
[16/06/2008|15:36] C:\ProgramData\DEFY BASH BASH.4ovyoi
[16/06/2008|15:36] C:\ProgramData\DEFY BASH BASH.9tfi3
[16/06/2008|15:28] C:\ProgramData\DEFY BASH BASH.va5nb
[15/03/2008|23:51] C:\ProgramData\Documents
[16/06/2008|15:37] C:\ProgramData\enc regs title.incxoh6
[15/03/2008|23:51] C:\ProgramData\Favoris
[02/06/2008|16:39] C:\ProgramData\F-Secure
[02/06/2008|16:37] C:\ProgramData\fssg
[04/06/2008|11:06] C:\ProgramData\Google
[16/03/2008|00:01] C:\ProgramData\Hewlett-Packard
[05/12/2007|04:51] C:\ProgramData\HP
[05/12/2007|04:51] C:\ProgramData\hpzinstall.log
[16/03/2008|01:47] C:\ProgramData\InstallShield
[24/06/2008|16:27] C:\ProgramData\Lavasoft
[15/03/2008|23:51] C:\ProgramData\Menu D‚marrer
[18/06/2008|12:21] C:\ProgramData\Messenger Plus!
[02/06/2008|16:03] C:\ProgramData\Microsoft
[15/03/2008|23:51] C:\ProgramData\ModŠles
[05/12/2007|04:58] C:\ProgramData\muvee Technologies
[05/12/2007|05:03] C:\ProgramData\PC-Doctor
[24/05/2008|17:36] C:\ProgramData\QuickTime
[16/03/2008|01:46] C:\ProgramData\ScanSoft
[02/06/2008|16:09] C:\ProgramData\Symantec
[06/06/2008|16:02] C:\ProgramData\WildTangent
[04/06/2008|11:01] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[27/05/1996|01:00] C:\Program Files\ACCTREC.TZ3
[27/05/1996|01:00] C:\Program Files\ADDBOOK1.PRV
[27/05/1996|01:00] C:\Program Files\ADDBOOK2.PRV
[25/06/2008|11:50] C:\Program Files\Adobe
[27/05/1996|01:00] C:\Program Files\ANSI.TRD
[15/03/2008|23:55] C:\Program Files\AOL
[05/12/2007|04:45] C:\Program Files\ATI
[05/12/2007|04:46] C:\Program Files\ATI Technologies
[27/05/1996|01:00] C:\Program Files\AWARD.TZ3
[27/05/1996|01:00] C:\Program Files\BIBLIO.TZ3
[27/05/1996|01:00] C:\Program Files\BID.TZ3
[27/05/1996|01:00] C:\Program Files\BROCHURE.TZ3
[27/05/1996|01:00] C:\Program Files\BUSINV.TZ3
[16/03/2008|01:50] C:\Program Files\Canon
[16/03/2008|01:39] C:\Program Files\CanonBJ
[16/06/2008|15:35] C:\Program Files\Circle Developement
[17/03/2008|19:06] C:\Program Files\ClipArt
[25/06/2008|11:50] C:\Program Files\Common Files
[27/05/1996|01:00] C:\Program Files\COMPLINC.DLL
[17/03/2008|19:06] C:\Program Files\Convert
[24/03/2008|19:54] C:\Program Files\Core Design
[05/12/2007|04:57] C:\Program Files\CyberLink
[05/12/2007|04:30] C:\Program Files\desktop.ini
[16/03/2008|23:55] C:\Program Files\directx
[06/06/2008|14:54] C:\Program Files\DivX
[05/12/2007|12:39] C:\Program Files\EasyBits
[04/06/2008|12:09] C:\Program Files\eMule
[27/05/1996|01:00] C:\Program Files\FAX.TZ3
[15/03/2008|23:51] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/05/1996|01:00] C:\Program Files\FLYER.TZ3
[27/05/1996|01:00] C:\Program Files\FNDWORKS.FND
[04/06/2008|11:06] C:\Program Files\Google
[27/05/1996|01:00] C:\Program Files\GRADEBK.TZ3
[05/12/2007|05:05] C:\Program Files\Hewlett-Packard
[27/05/1996|01:00] C:\Program Files\HOMEINV.TZ3
[05/12/2007|04:59] C:\Program Files\HP
[05/12/2007|05:08] C:\Program Files\HP Games
[17/03/2008|23:43] C:\Program Files\InstallShield Installation Information
[12/06/2008|03:10] C:\Program Files\Internet Explorer
[27/05/1996|01:00] C:\Program Files\INVOICE.TZ3
[05/12/2007|04:59] C:\Program Files\Java
[27/05/1996|01:00] C:\Program Files\KERMIT.FTD
[27/05/1996|01:00] C:\Program Files\LAUNCH.DAT
[24/06/2008|16:26] C:\Program Files\Lavasoft
[27/05/1996|01:00] C:\Program Files\LISEZMOI.FTS
[27/05/1996|01:00] C:\Program Files\LISEZMOI.GID
[27/05/1996|01:00] C:\Program Files\LISEZMOI.HLP
[17/03/2008|20:08] C:\Program Files\Maxis
[27/05/1996|01:00] C:\Program Files\MEMO.TZ3
[16/06/2008|15:35] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[05/12/2007|05:01] C:\Program Files\Microsoft Office
[05/12/2007|05:00] C:\Program Files\Microsoft Works
[27/05/1996|01:00] C:\Program Files\MLETTER.PRV
[27/05/1996|01:00] C:\Program Files\MORTGAGE.TZ3
[05/12/2007|12:51] C:\Program Files\Movie Maker
[27/05/1996|01:00] C:\Program Files\MRESUME.PRV
[02/11/2006|14:37] C:\Program Files\MSBuild
[27/05/1996|01:00] C:\Program Files\MSHYFR32.DLL
[02/11/2006|14:37] C:\Program Files\MSN
[27/05/1996|01:00] C:\Program Files\MSTATMNT.PRV
[27/05/1996|01:00] C:\Program Files\MSWIZL3.TWZ
[27/05/1996|01:00] C:\Program Files\MSWKSINT.EXE
[27/05/1996|01:00] C:\Program Files\MSWORKS.EXE
[27/05/1996|01:00] C:\Program Files\MSWORKS.M14
[27/05/1996|01:00] C:\Program Files\MSWORKS.QKT
[27/05/1996|01:00] C:\Program Files\MSWORKS.TWZ
[27/05/1996|01:00] C:\Program Files\MSWORKS4.REG
[03/06/2008|17:44] C:\Program Files\MSXML 4.0
[05/12/2007|04:58] C:\Program Files\muvee Technologies
[27/05/1996|01:00] C:\Program Files\MVBK14N.DLL
[27/05/1996|01:00] C:\Program Files\MVCL14N.DLL
[27/05/1996|01:00] C:\Program Files\MVFS14N.DLL
[27/05/1996|01:00] C:\Program Files\MVIX14N.DLL
[27/05/1996|01:00] C:\Program Files\MVMC14N.DLL
[27/05/1996|01:00] C:\Program Files\MVMG14N.DLL
[27/05/1996|01:00] C:\Program Files\MVSR14N.DLL
[27/05/1996|01:00] C:\Program Files\MVTL14N.DLL
[27/05/1996|01:00] C:\Program Files\MVUT14N.DLL
[02/06/2008|15:54] C:\Program Files\Neuf
[27/05/1996|01:00] C:\Program Files\NEWSLTTR.TZ3
[07/06/2008|11:21] C:\Program Files\Norton Internet Security
[25/06/2008|13:48] C:\Program Files\Norton Security Scan
[27/05/1996|01:00] C:\Program Files\ORDERFRM.TZ3
[02/06/2008|20:21] C:\Program Files\Pack Securite
[05/12/2007|05:17] C:\Program Files\PC-Doctor 5 for Windows
[27/05/1996|01:00] C:\Program Files\PHONE.TZ3
[27/05/1996|01:00] C:\Program Files\PRICELST.TZ3
[27/05/1996|01:00] C:\Program Files\PROPFORM.TZ3
[27/05/1996|01:00] C:\Program Files\PSS.CNT
[27/05/1996|01:00] C:\Program Files\PSS.FTS
[27/05/1996|01:00] C:\Program Files\PSS.GID
[27/05/1996|01:00] C:\Program Files\PSS.HLP
[24/05/2008|17:36] C:\Program Files\QuickTime
[27/05/1996|01:00] C:\Program Files\QUOTE.TZ3
[05/12/2007|04:48] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/06/2008|19:33] C:\Program Files\Registry Mechanic
[27/05/1996|01:00] C:\Program Files\REPORT.TZ3
[17/03/2008|23:42] C:\Program Files\Rockstar Games
[16/03/2008|01:46] C:\Program Files\ScanSoft
[27/05/1996|01:00] C:\Program Files\SCHEDULE.TZ3
[27/05/1996|01:00] C:\Program Files\SCRATCH.PRV
[05/12/2007|05:09] C:\Program Files\Services en ligne
[17/03/2008|19:06] C:\Program Files\setup45
[14/06/2008|09:58] C:\Program Files\SLD Codec Pack
[27/05/1996|01:00] C:\Program Files\SSALL.BIN
[27/05/1996|01:00] C:\Program Files\STCLB.TZ3
[07/06/2008|11:14] C:\Program Files\Symantec
[17/03/2008|19:06] C:\Program Files\Template
[27/05/1996|01:00] C:\Program Files\TESTS.TZ3
[27/05/1996|01:00] C:\Program Files\TIMESHEE.TZ3
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[25/06/2008|13:06] C:\Program Files\ViVi Cursor 2.0
[27/05/1996|01:00] C:\Program Files\VT100.TRD
[27/05/1996|01:00] C:\Program Files\VT220.TRD
[27/05/1996|01:00] C:\Program Files\VT52.TRD
[05/12/2007|13:14] C:\Program Files\Windows Calendar
[05/12/2007|12:51] C:\Program Files\Windows Collaboration
[05/12/2007|12:58] C:\Program Files\Windows Defender
[05/12/2007|12:51] C:\Program Files\Windows Journal
[04/06/2008|11:07] C:\Program Files\Windows Live
[12/06/2008|03:10] C:\Program Files\Windows Mail
[05/12/2007|13:22] C:\Program Files\Windows Media Player
[15/03/2008|23:51] C:\Program Files\Windows NT
[05/12/2007|12:51] C:\Program Files\Windows Photo Gallery
[03/06/2008|18:05] C:\Program Files\Windows Sidebar
[27/05/1996|01:00] C:\Program Files\WKS4CHID.HLP
[27/05/1996|01:00] C:\Program Files\WKSLANG.DLL
[27/05/1996|01:00] C:\Program Files\WKSMSNFM.MCC
[27/05/1996|01:00] C:\Program Files\WKSOLE32.DLL
[27/05/1996|01:00] C:\Program Files\WPALL.BIN
[27/05/1996|01:00] C:\Program Files\WZ3DLL.DLL
[27/05/1996|01:00] C:\Program Files\WZ3DLL16.DLL
[27/05/1996|01:00] C:\Program Files\XMODEM.FTD
[08/06/2008|19:47] C:\Program Files\Xvid
[27/05/1996|01:00] C:\Program Files\YMODEM.FTD
[27/05/1996|01:00] C:\Program Files\ZMODEM.FTD
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[25/06/2008|11:54] C:\Program Files\Common Files\Adobe
[16/03/2008|01:45] C:\Program Files\Common Files\CANON
[05/12/2007|04:51] C:\Program Files\Common Files\HP
[16/03/2008|01:46] C:\Program Files\Common Files\InstallShield
[05/12/2007|04:59] C:\Program Files\Common Files\Java
[05/12/2007|04:57] C:\Program Files\Common Files\LightScribe
[05/12/2007|04:57] C:\Program Files\Common Files\LS Getting Started
[04/06/2008|11:09] C:\Program Files\Common Files\microsoft shared
[05/12/2007|04:58] C:\Program Files\Common Files\muvee Technologies
[06/06/2008|14:53] C:\Program Files\Common Files\PX Storage Engine
[16/03/2008|01:46] C:\Program Files\Common Files\ScanSoft Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[21/06/2008|15:01] C:\Program Files\Common Files\Symantec Shared
[05/12/2007|13:03] C:\Program Files\Common Files\System
[04/06/2008|11:07] C:\Program Files\Common Files\WindowsLiveInstaller
[24/06/2008|16:24] C:\Program Files\Common Files\Wise Installation Wizard
---------------------------[ Process ]--------------------------
... 89
iexplore.exe ~ [4272]
iexplore.exe ~ [3972]
iexplore.exe ~ [4904]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\DEFY BASH BASH.4ovyoi
C:\ProgramData\DEFY BASH BASH.9tfi3
C:\ProgramData\DEFY BASH BASH.va5nb
C:\ProgramData\enc regs title.incxoh6
C:\ProgramData\enc regs title.incxoh6
C:\Users\CHLO~1\AppData\Local\Temp\bis745D.exe
C:\Users\CHLO~1\AppData\Local\Temp\bisA4B0.exe
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Admin Inter 1 Mags
C:\ProgramData\Admin Inter 1 Mags\16 SOAP.exe
C:\Program Files\Circle Developement
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sign Idol"="\"C:\\ProgramData\\DEFY BASH BASH.4ovyoi\""
"1 mags 16 more"="\"C:\\ProgramData\\enc regs title.incxoh6\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-25 14:24:20
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
[F:1535][D:174]-> C:\Users\CHLO~1\AppData\Local\Temp
[F:951][D:1]-> C:\Users\CHLO~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:4586][D:7]-> C:\Users\CHLO~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:52][D:10]-> C:\$Recycle.Bin
[ UAC => 1 ]
--------------------[ Fin du rapport a 14:24:52,83 ]----------------------
Retente l'option 2 pour voir (toujours avec cli droit / admin)
Répondre à Angeldark
Alors jai réessayé et lorsque jai validé "2" une fenêtre s'est ouverte avec comme titre "vous allez être déconnecté" et le message était "Window s'arrête!" et a ce moment la l'ordi a redémarré tout seul. Après avoir redémarré, dans le bureau la fenêtre Lop S&D s'est affichée mais toute vide (le fond bleu) avec le curseur de lettre qui clignottait mais je sais pa quoi écrire ou si je doi fermé...
La fenêtre est toujours là ?
Message édité par Angeldark le 25-06-2008 à 17:47:43
Répondre à Angeldark
Il y a 1007 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
