:crD 4.2.4-4 XP/Vista


"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 21/09/2008|18:57 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[04/08/2008|12:36] C:\Users\COACH\AppData\Local\Adobe
[25/09/2007|17:47] C:\Users\COACH\AppData\Local\Ahead
[16/07/2008|17:36] C:\Users\COACH\AppData\Local\akmio.exe
[12/08/2007|14:28] C:\Users\COACH\AppData\Local\Apple
[20/04/2007|14:50] C:\Users\COACH\AppData\Local\Apple Computer
[06/03/2007|18:36] C:\Users\COACH\AppData\Local\Application Data
[16/09/2008|22:22] C:\Users\COACH\AppData\Local\Apps
[16/09/2008|23:24] C:\Users\COACH\AppData\Local\cajipfu.bat
[17/09/2008|00:33] C:\Users\COACH\AppData\Local\ccega.dat
[20/06/2008|21:49] C:\Users\COACH\AppData\Local\ccega_nav.dat
[21/06/2008|20:24] C:\Users\COACH\AppData\Local\ccega_navps.dat
[11/09/2008|17:04] C:\Users\COACH\AppData\Local\ccega_navup.dat
[01/09/2008|14:39] C:\Users\COACH\AppData\Local\d3d9caps.dat
[20/01/2008|12:40] C:\Users\COACH\AppData\Local\DassaultSystemes
[16/09/2008|23:31] C:\Users\COACH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[27/05/2008|11:41] C:\Users\COACH\AppData\Local\GDIPFONTCACHEV1.DAT
[26/07/2007|22:52] C:\Users\COACH\AppData\Local\Google
[06/03/2007|18:36] C:\Users\COACH\AppData\Local\History
[21/09/2008|15:52] C:\Users\COACH\AppData\Local\IconCache.db
[02/07/2008|22:50] C:\Users\COACH\AppData\Local\Microsoft
[15/09/2007|22:24] C:\Users\COACH\AppData\Local\Microsoft Games
[04/09/2008|18:03] C:\Users\COACH\AppData\Local\Microsoft Help
[16/08/2007|13:10] C:\Users\COACH\AppData\Local\Mozilla
[19/08/2007|23:31] C:\Users\COACH\AppData\Local\Oblivion
[21/09/2008|18:56] C:\Users\COACH\AppData\Local\Temp
[06/03/2007|18:36] C:\Users\COACH\AppData\Local\Temporary Internet Files
[06/06/2007|21:44] C:\Users\COACH\AppData\Local\VirtualStore
[17/07/2007|13:50] C:\Users\COACH\AppData\Local\WinAVI

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[21/09/2008 15:55][--a------] C:\Windows\tasks\SpeedOptimizer Startup.job
[21/09/2008 18:55][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{7CA7E74D-9C93-4277-9B4D-28405834BAB7}.job
[21/09/2008 15:55][--ah-----] C:\Windows\tasks\SA.DAT
[21/09/2008 15:53][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[02/07/2008|22:05] C:\ProgramData\Adobe
[24/09/2007|21:49] C:\ProgramData\Ahead
[14/09/2008|16:07] C:\ProgramData\amokisoiso.f2zwfei
[14/09/2008|16:07] C:\ProgramData\amokisoiso.v0o8qun
[26/08/2007|17:37] C:\ProgramData\Apple Computer
[02/11/2006|15:00] C:\ProgramData\Application Data
[14/08/2008|11:09] C:\ProgramData\avg8
[25/05/2007|18:33] C:\ProgramData\Azureus
[02/11/2007|17:16] C:\ProgramData\BOONTY
[14/09/2008|16:07] C:\ProgramData\Cast ping base frag
[09/08/2007|14:10] C:\ProgramData\Corel
[20/01/2008|12:38] C:\ProgramData\DassaultSystemes
[02/11/2006|15:00] C:\ProgramData\Desktop
[02/11/2006|15:00] C:\ProgramData\Documents
[19/07/2007|15:37] C:\ProgramData\DVD Shrink
[06/07/2008|14:45] C:\ProgramData\eMule
[02/11/2006|15:00] C:\ProgramData\Favorites
[14/09/2008|16:07] C:\ProgramData\File Real Ref.gn8za
[01/09/2007|21:21] C:\ProgramData\Google
[18/08/2008|12:06] C:\ProgramData\iolo
[01/05/2008|13:32] C:\ProgramData\Lavasoft
[18/08/2008|22:29] C:\ProgramData\MGS
[18/08/2008|22:13] C:\ProgramData\Microgaming
[02/07/2008|22:36] C:\ProgramData\Microsoft
[11/09/2008|03:04] C:\ProgramData\Microsoft Help
[16/12/2007|18:10] C:\ProgramData\MonContenuassistant
[16/08/2007|13:10] C:\ProgramData\Mozilla
[14/09/2008|16:08] C:\ProgramData\Mpeg Default
[23/06/2008|17:54] C:\ProgramData\Nero
[12/08/2007|13:56] C:\ProgramData\QuickTime
[20/01/2008|13:03] C:\ProgramData\Skyline
[02/11/2006|15:00] C:\ProgramData\Start Menu
[17/09/2008|00:09] C:\ProgramData\SUPERAntiSpyware.com
[29/01/2008|21:37] C:\ProgramData\TEMP
[02/11/2006|15:00] C:\ProgramData\Templates

--------------------\\ Listing des dossiers dans C:\Program Files

[14/01/2008|19:39] C:\Program Files\3wPlayer
[21/03/2007|15:16] C:\Program Files\Activision Value
[02/07/2008|22:04] C:\Program Files\Adobe
[08/03/2007|18:55] C:\Program Files\Alwil Software
[23/09/2007|19:39] C:\Program Files\AskPBar
[14/08/2008|11:09] C:\Program Files\AVG
[20/07/2007|16:21] C:\Program Files\AVI DivX MPEG to DVD Converter & Burner
[28/01/2008|19:40] C:\Program Files\AVIcodec
[25/06/2007|17:09] C:\Program Files\BitLocker
[02/12/2007|16:01] C:\Program Files\BoontyGames
[16/12/2007|18:47] C:\Program Files\CCleaner
[22/06/2008|19:56] C:\Program Files\Common Files
[28/10/2007|15:52] C:\Program Files\Corel
[14/08/2007|13:58] C:\Program Files\directx
[28/05/2008|08:39] C:\Program Files\DivX
[31/03/2007|17:48] C:\Program Files\easetech
[06/07/2008|15:04] C:\Program Files\eMule
[23/08/2008|17:20] C:\Program Files\FotoTime
[21/03/2007|14:48] C:\Program Files\GMX Media
[29/04/2008|17:25] C:\Program Files\Google
[29/07/2008|11:40] C:\Program Files\InstallShield Installation Information
[14/09/2008|17:23] C:\Program Files\Internet Explorer
[26/07/2008|17:45] C:\Program Files\Java
[20/04/2007|14:45] C:\Program Files\K-Lite Codec Pack
[01/05/2008|13:30] C:\Program Files\Lavasoft
[20/06/2008|20:35] C:\Program Files\LG Electronics
[20/02/2008|07:41] C:\Program Files\LimeWire
[16/09/2008|23:55] C:\Program Files\Lopxp
[16/09/2008|18:07] C:\Program Files\Magic Workstation
[24/02/2008|15:43] C:\Program Files\Microsoft Games
[24/02/2008|14:52] C:\Program Files\Microsoft Office
[24/02/2008|14:52] C:\Program Files\Microsoft Visual Studio
[24/02/2008|14:35] C:\Program Files\Microsoft Visual Studio 8
[24/02/2008|14:54] C:\Program Files\Microsoft Works
[24/02/2008|14:46] C:\Program Files\Microsoft.NET
[16/08/2008|13:55] C:\Program Files\MonContenuassistant
[09/07/2008|15:15] C:\Program Files\Monopoly
[14/09/2008|17:23] C:\Program Files\Movie Maker
[24/02/2008|14:53] C:\Program Files\MSBuild
[24/02/2008|15:57] C:\Program Files\MSECache
[21/09/2008|13:34] C:\Program Files\MSN Messenger
[16/03/2007|10:53] C:\Program Files\MSXML 4.0
[02/11/2006|14:35] C:\Program Files\Reference Assemblies
[26/07/2007|13:55] C:\Program Files\RM-X Player V5.0
[14/08/2008|10:33] C:\Program Files\SimulaSport
[21/04/2007|10:48] C:\Program Files\SLD Codec Pack
[26/07/2008|17:46] C:\Program Files\Sun
[17/09/2008|00:07] C:\Program Files\SUPERAntiSpyware
[02/11/2006|15:00] C:\Program Files\Uninstall Information
[06/07/2008|15:10] C:\Program Files\uTorrent
[02/07/2007|19:28] C:\Program Files\VideoLAN
[24/09/2007|21:36] C:\Program Files\VSO
[14/09/2008|17:23] C:\Program Files\Windows Calendar
[14/09/2008|17:23] C:\Program Files\Windows Collaboration
[14/09/2008|17:23] C:\Program Files\Windows Defender
[14/09/2008|17:23] C:\Program Files\Windows Journal
[16/12/2007|18:20] C:\Program Files\Windows Live Toolbar
[14/09/2008|17:23] C:\Program Files\Windows Mail
[14/09/2008|17:23] C:\Program Files\Windows Media Player
[02/11/2006|14:35] C:\Program Files\Windows NT
[14/09/2008|17:23] C:\Program Files\Windows Photo Gallery
[14/09/2008|17:23] C:\Program Files\Windows Sidebar
[21/04/2007|11:44] C:\Program Files\WinRAR
[29/07/2008|11:40] C:\Program Files\Wizards of the Coast
[20/01/2008|13:03] C:\Program Files\Yahoo!
[14/08/2007|13:49] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[07/08/2007|15:12] C:\Program Files\Common Files\BOONTY Shared
[19/07/2007|14:51] C:\Program Files\Common Files\Borland Shared
[24/02/2008|14:52] C:\Program Files\Common Files\DESIGNER
[14/08/2007|13:55] C:\Program Files\Common Files\InstallShield
[08/03/2007|19:32] C:\Program Files\Common Files\Java
[14/08/2008|11:09] C:\Program Files\Common Files\microsoft shared
[16/12/2007|18:09] C:\Program Files\Common Files\MonContenuassistant
[23/06/2008|17:54] C:\Program Files\Common Files\Nero
[02/11/2007|11:47] C:\Program Files\Common Files\PX Storage Engine
[02/11/2007|17:16] C:\Program Files\Common Files\Scanner
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[10/01/2008|13:09] C:\Program Files\Common Files\Sony Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[19/08/2008|12:19] C:\Program Files\Common Files\SysDepannage
[14/09/2008|17:23] C:\Program Files\Common Files\System
[17/09/2008|00:06] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 56 Processes )

iexplore.exe ~ [PID:3176]
iexplore.exe ~ [PID:3192]
iexplore.exe ~ [PID:4844]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\File Real Ref.gn8za
C:\ProgramData\amokisoiso.f2zwfei
C:\ProgramData\amokisoiso.v0o8qun
C:\Users\COACH\AppData\Local\Temp\bis75A4.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Cast ping base frag
C:\ProgramData\Cast ping base frag\Heck less.exe
C:\Program Files\3wPlayer
C:\Users\COACH\AppData\Roaming\MICROS~1\Windows\Cookies\coach@advertising[2].txt
C:\Users\COACH\AppData\Roaming\MICROS~1\Windows\Cookies\coach@adopt.euroclick[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="\"C:\\ProgramData\\File Real Ref.gn8za\""
"Forview"="\"C:\\ProgramData\\amokisoiso.v0o8qun\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 18:57:48
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

C:\Windows\System32\nvs2.inf

C:\Users\COACH\AppData\Local\ccega.dat
C:\Users\COACH\AppData\Local\ccega_nav.dat
C:\Users\COACH\AppData\Local\ccega_navps.dat
C:\Users\COACH\AppData\Local\ccega_navup.dat
==> EGDACCESS <==



[F:112][D:16]-> C:\Users\COACH\AppData\Local\Temp
[F:332][D:1]-> C:\Users\COACH\AppData\Roaming\MICROS~1\Windows\Cookies
[F:505][D:4]-> C:\Users\COACH\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:6196][D:552]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 21/09/2008|19:01 - Option : [1]

--------------------\\ Fin du rapport a 19:01:42
[ UAC => 1 ]

y: depuis plusieurs jours des "CiD"envahissent mon ordi ceci est le resultat du scan aidez moi svp

spyware...reformate!!!

moi j'ai rien pu faire lorsque j'ai chopper un CID scan,antispyware...etc!

du coup formatage...fait le c'est mieux et tu pourra repartir sur une base saine!!

a toi de voir!

CID ??

et faudrai arêter d'aller sur des sites pour adultes(je parle en connaissance de cause...(c'est pas moi c'est mon frère qui y est aller,et qui a choper se p***** de CID))

voila ++

XD

CID c'est un des nombreux virus ou spyware,ou autre qui s'instale sur ton ordi et qui ouvre des page internet sans ton autorisation!!!

des pages aléatoire:

d'une simple pub pour voiture,réduction pour le E-commerce...etc
le pire c'est quand elle ouvre des pages pour d'inviter a visiter leur sites pornos...(dangereux quand tu joue a Counter Strike,et que tu revien sur l'écran du bureau et que ta mère passe juste a se moment la!!!

pu**** de virus!!!

Hardcore tu veux dire !

oui hardcore

(je vois qu'il y a des connaiseur...XD)

ha sa XD j'en est eu une belle d'experiance je montrer a ma mere comment ce servir d'un logiciel et la une grosse pub avec une meuf qui etablie un rapport buco genital XD ma mere me demande ce que c'est !!! putin de virus de M....!!

mdr

Ce sujet a été déplacé de la catégorie Hardware vers la catégorie Sécurité - Virus par Dafen@IDN

bonsoir CAPPELO

Clic !


1

Relance Lop S&D

• Choisis cette fois ci l'Option 2 ( Suppression )

• Ne ferme pas la fenêtre lors de la suppression !

• Poste le rapport généré ( C:\lopR.txt )

2

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2