Toujours CID
Forum Sécurité - Virus : Toujours CID
Bonjour a vous,
Suite a une mauvaise manipulation de mes parents, j'ai rechoppais le Virus CID.
Merci de m'aider
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:49:09, on 29/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Eset\nod32kui.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\APPS\SMP\SmpSys.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi- [...] key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 88.191.65.144 l2authd.lineage2.com
O1 - Hosts: 88.191.65.144 l2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\Great Size.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [dead bike] C:\DOCUME~1\maryse\APPLIC~1\FLAPST~1\Junk Help Peak.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{450FF4A4-232F-40B2-95A2-442D9CBCAD37}: NameServer = 213.36.80.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
--
End of file - 10515 bytes
Ça fait juste la 3e fois que tu es infecté par le même virus...
Répondre à Angeldark
oui mais bon la semaine je ne suis pas la donc ce n'es que le week end que je peux le voir
Tu peux leur dire de faire attention nan ?
Télécharge Lop S&D.exe (Eric_71) sur ton Bureau.
- Lance l'installation du programme en exécutant le fichier téléchargé.
- Double-clique maintenant sur le raccourci de LopS&D.
- Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
- Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
- Poste le rapport généré (C:\lopR.txt*)
Répondre à Angeldark
Voila le rapport
--------------------\\ Lop S&D 4.2.4-8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maryse ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 antivirus system 2.70 2.70 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:290 Go (Free:238 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:7 Go (Free:7 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [1] ( 31/10/2008|11:37 )
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2004|19:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[26/01/2008|14:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/01/2008|15:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[26/01/2008|14:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[22/02/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/02/2008|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/02/2008|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/01/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/02/2008|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/02/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[26/01/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[02/09/2008|08:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
[26/01/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/01/2008|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/02/2008|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[26/01/2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[26/01/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/01/2008|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[26/01/2008|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[06/04/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/01/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[06/04/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[26/01/2008|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[26/01/2008|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[13/02/2008|15:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[08/02/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/01/2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/09/2004|19:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/01/2008|14:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[26/01/2008|15:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/01/2008|14:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[08/02/2008|20:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/01/2008|21:15] C:\DOCUME~1\maryse\APPLIC~1\AccurateRip
[22/02/2008|16:04] C:\DOCUME~1\maryse\APPLIC~1\Adobe
[22/02/2008|15:55] C:\DOCUME~1\maryse\APPLIC~1\AdobeUM
[01/02/2008|22:26] C:\DOCUME~1\maryse\APPLIC~1\Apple Computer
[01/02/2008|22:28] C:\DOCUME~1\maryse\APPLIC~1\CyberLink
[02/02/2008|16:35] C:\DOCUME~1\maryse\APPLIC~1\dBpoweramp
[26/01/2008|21:18] C:\DOCUME~1\maryse\APPLIC~1\DivX
[29/10/2008|10:37] C:\DOCUME~1\maryse\APPLIC~1\Flap Store
[26/01/2008|20:02] C:\DOCUME~1\maryse\APPLIC~1\FotoWire
[10/02/2008|13:49] C:\DOCUME~1\maryse\APPLIC~1\Grisoft
[26/01/2008|17:11] C:\DOCUME~1\maryse\APPLIC~1\Hewlett-Packard
[23/09/2004|19:25] C:\DOCUME~1\maryse\APPLIC~1\Identities
[25/04/2008|20:21] C:\DOCUME~1\maryse\APPLIC~1\InstallShield
[06/04/2008|14:04] C:\DOCUME~1\maryse\APPLIC~1\Leadertech
[19/04/2008|12:20] C:\DOCUME~1\maryse\APPLIC~1\LimeWire
[26/01/2008|15:51] C:\DOCUME~1\maryse\APPLIC~1\Macromedia
[02/02/2008|12:26] C:\DOCUME~1\maryse\APPLIC~1\Microsoft
[26/01/2008|15:54] C:\DOCUME~1\maryse\APPLIC~1\Mozilla
[01/02/2008|18:23] C:\DOCUME~1\maryse\APPLIC~1\Norman
[26/01/2008|17:16] C:\DOCUME~1\maryse\APPLIC~1\OD2
[26/01/2008|16:45] C:\DOCUME~1\maryse\APPLIC~1\OFFICE One v6
[12/02/2008|18:46] C:\DOCUME~1\maryse\APPLIC~1\Samsung
[27/02/2008|12:26] C:\DOCUME~1\maryse\APPLIC~1\Skype
[27/02/2008|11:41] C:\DOCUME~1\maryse\APPLIC~1\skypePM
[04/07/2008|17:14] C:\DOCUME~1\maryse\APPLIC~1\Sonic
[06/04/2008|13:53] C:\DOCUME~1\maryse\APPLIC~1\Sony Ericsson
[26/01/2008|15:19] C:\DOCUME~1\maryse\APPLIC~1\Sun
[15/02/2008|20:46] C:\DOCUME~1\maryse\APPLIC~1\teamspeak2
[06/04/2008|13:53] C:\DOCUME~1\maryse\APPLIC~1\Teleca
[04/07/2008|21:15] C:\DOCUME~1\maryse\APPLIC~1\U3
[27/01/2008|14:47] C:\DOCUME~1\maryse\APPLIC~1\VadeRetro
[01/02/2008|22:28] C:\DOCUME~1\maryse\APPLIC~1\vlc
[26/01/2008|15:53] C:\DOCUME~1\maryse\APPLIC~1\WinRAR
[26/01/2008|14:49] C:\DOCUME~1\maryse\APPLIC~1\You've Got Pictures Screensaver
[23/09/2004|18:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[29/10/2008 14:00][--ah-----] C:\WINDOWS\tasks\AD7504159186B799.job
[01/05/2008 15:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[30/07/2008 16:41][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1201363822.job
[31/10/2008 11:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AD7504159186B799.job )=( c:\docume~1\maryse\applic~1\flapst~1\CashLinkProxy.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[27/09/2008|16:14] C:\Program Files\Adobe
[26/01/2008|16:12] C:\Program Files\Alice
[02/03/2008|11:40] C:\Program Files\Alice SSID
[26/01/2008|15:17] C:\Program Files\AOL 9.0
[26/01/2008|14:49] C:\Program Files\AOL Compagnon
[19/04/2008|14:44] C:\Program Files\Apple Software Update
[01/05/2008|17:41] C:\Program Files\BitComet
[01/02/2008|22:03] C:\Program Files\Bonjour
[26/01/2008|16:45] C:\Program Files\Ciel
[02/09/2008|08:22] C:\Program Files\Circle Developement
[26/02/2008|19:12] C:\Program Files\Common Files
[23/09/2004|19:03] C:\Program Files\ComPlus Applications
[26/01/2008|15:00] C:\Program Files\CyberLink
[06/04/2008|14:19] C:\Program Files\Disc2Phone
[26/01/2008|18:42] C:\Program Files\DivX
[25/04/2008|00:18] C:\Program Files\ESET
[06/04/2008|13:49] C:\Program Files\Fichiers communs
[02/09/2008|08:23] C:\Program Files\Flap Store
[26/01/2008|14:50] C:\Program Files\Goto Software
[10/02/2008|13:49] C:\Program Files\Grisoft
[26/01/2008|17:08] C:\Program Files\Hewlett-Packard
[26/01/2008|21:15] C:\Program Files\Illustrate
[25/04/2008|20:21] C:\Program Files\InstallShield Installation Information
[18/10/2008|17:30] C:\Program Files\Internet Explorer
[19/04/2008|11:40] C:\Program Files\iPod
[26/01/2008|16:47] C:\Program Files\ISSENDIS
[19/04/2008|11:40] C:\Program Files\iTunes
[29/10/2008|09:11] C:\Program Files\Java
[26/01/2008|14:49] C:\Program Files\Learn2.com
[04/05/2008|15:54] C:\Program Files\Lineage II
[26/01/2008|20:02] C:\Program Files\Logitech
[27/09/2008|16:01] C:\Program Files\Messenger
[02/09/2008|08:22] C:\Program Files\Messenger Plus! Live
[27/01/2008|00:15] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[23/09/2004|19:15] C:\Program Files\microsoft frontpage
[29/10/2008|10:31] C:\Program Files\Movie Maker
[31/10/2008|11:30] C:\Program Files\Mozilla Firefox
[15/03/2008|14:12] C:\Program Files\MSBuild
[23/09/2004|18:59] C:\Program Files\MSN
[23/09/2004|18:59] C:\Program Files\MSN Gaming Zone
[27/01/2008|14:57] C:\Program Files\MSXML 4.0
[15/03/2008|14:13] C:\Program Files\MSXML 6.0
[27/09/2008|15:53] C:\Program Files\NetMeeting
[26/01/2008|14:50] C:\Program Files\Norman
[26/01/2008|16:47] C:\Program Files\OFFICE One6.5
[23/09/2004|19:03] C:\Program Files\Online Services
[29/10/2008|10:31] C:\Program Files\Outlook Express
[19/04/2008|11:39] C:\Program Files\QuickTime
[26/01/2008|14:49] C:\Program Files\Real
[26/01/2008|14:37] C:\Program Files\Realtek
[15/03/2008|14:09] C:\Program Files\Reference Assemblies
[23/09/2004|19:08] C:\Program Files\Services en ligne
[26/01/2008|14:59] C:\Program Files\SmartSound Software
[26/01/2008|14:51] C:\Program Files\Sonic
[06/04/2008|13:49] C:\Program Files\Sony Ericsson
[29/10/2008|11:01] C:\Program Files\Steam
[15/02/2008|20:46] C:\Program Files\Teamspeak2_RC2
[29/10/2008|10:35] C:\Program Files\Trend Micro
[26/01/2008|14:58] C:\Program Files\Ulead Systems
[23/09/2004|19:25] C:\Program Files\Uninstall Information
[26/01/2008|16:18] C:\Program Files\VideoLAN
[13/02/2008|15:59] C:\Program Files\Viewpoint
[26/01/2008|16:31] C:\Program Files\Windows Live
[26/01/2008|14:58] C:\Program Files\Windows Media Components
[08/02/2008|20:04] C:\Program Files\Windows Media Connect 2
[08/02/2008|20:07] C:\Program Files\Windows Media Player
[27/09/2008|15:53] C:\Program Files\Windows NT
[23/09/2004|19:01] C:\Program Files\Windows Plus
[23/09/2004|19:09] C:\Program Files\WindowsUpdate
[26/01/2008|15:53] C:\Program Files\WinRAR
[02/03/2008|12:20] C:\Program Files\Wireless 802.11g Monitor
[23/09/2004|19:15] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/02/2008|16:02] C:\Program Files\Fichiers communs\Adobe
[26/01/2008|14:49] C:\Program Files\Fichiers communs\AOL
[26/01/2008|14:49] C:\Program Files\Fichiers communs\aolshare
[01/02/2008|22:02] C:\Program Files\Fichiers communs\Apple
[26/01/2008|16:46] C:\Program Files\Fichiers communs\Borland Shared
[26/01/2008|16:45] C:\Program Files\Fichiers communs\Ciel
[26/01/2008|20:02] C:\Program Files\Fichiers communs\FotoWire
[26/01/2008|17:06] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/01/2008|15:00] C:\Program Files\Fichiers communs\InstallShield
[26/01/2008|14:45] C:\Program Files\Fichiers communs\Java
[26/01/2008|20:00] C:\Program Files\Fichiers communs\Logitech
[26/01/2008|16:21] C:\Program Files\Fichiers communs\Microsoft Shared
[23/09/2004|19:07] C:\Program Files\Fichiers communs\MSSoap
[26/01/2008|14:49] C:\Program Files\Fichiers communs\Nullsoft
[23/09/2004|18:53] C:\Program Files\Fichiers communs\ODBC
[26/01/2008|14:49] C:\Program Files\Fichiers communs\Real
[23/09/2004|19:07] C:\Program Files\Fichiers communs\Services
[26/01/2008|19:45] C:\Program Files\Fichiers communs\Skype
[26/01/2008|14:51] C:\Program Files\Fichiers communs\Sonic Shared
[06/04/2008|13:49] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[23/09/2004|18:53] C:\Program Files\Fichiers communs\SpeechEngines
[26/01/2008|14:51] C:\Program Files\Fichiers communs\SureThing Shared
[26/01/2008|18:16] C:\Program Files\Fichiers communs\Symantec Shared
[27/09/2008|15:53] C:\Program Files\Fichiers communs\System
[06/04/2008|13:49] C:\Program Files\Fichiers communs\Teleca Shared
[26/01/2008|14:51] C:\Program Files\Fichiers communs\TiVo Shared
[26/01/2008|14:59] C:\Program Files\Fichiers communs\Ulead Systems
[26/01/2008|16:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 61 Processes )
IEXPLORE.EXE ~ [PID:2440]
IEXPLORE.EXE ~ [PID:2648]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\maryse\LOCALS~1\Temp\bis75.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\maryse\APPLIC~1\Flap Store
C:\DOCUME~1\maryse\APPLIC~1\Flap Store\Cash Link Proxy.exe
C:\DOCUME~1\maryse\APPLIC~1\Flap Store\Junk Help Peak.exe
C:\DOCUME~1\maryse\APPLIC~1\Flap Store\rmzyllbj.exe
C:\DOCUME~1\maryse\APPLIC~1\Flap Store\TrayAxisMessPlay.exe
C:\Program Files\Flap Store
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\Great Size.exe
C:\DOCUME~1\maryse\APPLIC~1\flapst~1
C:\DOCUME~1\maryse\APPLIC~1\flapst~1\Cash Link Proxy.exe
C:\DOCUME~1\maryse\APPLIC~1\flapst~1\Junk Help Peak.exe
C:\DOCUME~1\maryse\APPLIC~1\flapst~1\rmzyllbj.exe
C:\DOCUME~1\maryse\APPLIC~1\flapst~1\TrayAxisMessPlay.exe
C:\Program Files\flapst~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\maryse\Cookies\maryse@www.adserver5[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@advertising[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@adin.bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@bigpoint[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@banner.casinoking[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@casinoking[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@banner.cotedazurpalace[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@cotedazurpalace[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@www.cotedazurpalace[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@adopt.euroclick[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@pacificpoker[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@partypoker[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@32vegas[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@banner.32vegas[2].txt
C:\DOCUME~1\maryse\Cookies\maryse@2xmoinscher[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@www.2xmoinscher[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@888[1].txt
C:\WINDOWS\Tasks\AD7504159186B799.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dead bike"="C:\\DOCUME~1\\maryse\\APPLIC~1\\FLAPST~1\\Junk Help Peak.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users\\Application Data\\Memo save stupid creative\\Great Size.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-31 11:38:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack.rar
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack.rar
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\http--www.emule-paradise.com-.url
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\nentfrst.exe
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack\NOD32.FiX.v2.2-nsane.exe
[F:127][D:10]-> C:\DOCUME~1\maryse\LOCALS~1\Temp
[F:253][D:0]-> C:\DOCUME~1\maryse\Cookies
[F:4979][D:10]-> C:\DOCUME~1\maryse\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 29/10/2008|10:40 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 31/10/2008|11:40 - Option : [1]
--------------------\\ Fin du rapport a 11:40:09
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
Répondre à Angeldark
Re bonjour, voici le rapport
--------------------\\ Lop S&D 4.2.4-8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : maryse ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 antivirus system 2.70 2.70 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:290 Go (Free:239 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:7 Go (Free:7 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [2] ( 02/11/2008|16:55 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\maryse\APPLIC~1\Flap Store\Cash Link Proxy.exe
Supprime! - C:\DOCUME~1\maryse\APPLIC~1\Flap Store\Junk Help Peak.exe
Supprime! - C:\DOCUME~1\maryse\APPLIC~1\Flap Store\rmzyllbj.exe
Supprime! - C:\DOCUME~1\maryse\APPLIC~1\Flap Store\TrayAxisMessPlay.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\Great Size.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\maryse\Cookies\maryse@pacificpoker[1].txt
Supprime! - C:\WINDOWS\Tasks\AD7504159186B799.job
Supprime! - C:\DOCUME~1\maryse\APPLIC~1\Flap Store
Supprime! - C:\Program Files\Flap Store
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/09/2004|19:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[26/01/2008|14:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/01/2008|15:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[26/01/2008|14:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver
[22/02/2008|15:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[01/02/2008|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/02/2008|22:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/01/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[01/02/2008|22:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[10/02/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[26/01/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[26/01/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/01/2008|11:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/02/2008|10:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[26/01/2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[26/01/2008|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/01/2008|19:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[26/01/2008|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[06/04/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[26/01/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[06/04/2008|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[26/01/2008|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[26/01/2008|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[08/02/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/01/2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[23/09/2004|19:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[26/01/2008|14:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[26/01/2008|15:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[26/01/2008|14:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[08/02/2008|20:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[26/01/2008|21:15] C:\DOCUME~1\maryse\APPLIC~1\AccurateRip
[22/02/2008|16:04] C:\DOCUME~1\maryse\APPLIC~1\Adobe
[22/02/2008|15:55] C:\DOCUME~1\maryse\APPLIC~1\AdobeUM
[01/02/2008|22:26] C:\DOCUME~1\maryse\APPLIC~1\Apple Computer
[01/02/2008|22:28] C:\DOCUME~1\maryse\APPLIC~1\CyberLink
[02/02/2008|16:35] C:\DOCUME~1\maryse\APPLIC~1\dBpoweramp
[26/01/2008|21:18] C:\DOCUME~1\maryse\APPLIC~1\DivX
[26/01/2008|20:02] C:\DOCUME~1\maryse\APPLIC~1\FotoWire
[10/02/2008|13:49] C:\DOCUME~1\maryse\APPLIC~1\Grisoft
[26/01/2008|17:11] C:\DOCUME~1\maryse\APPLIC~1\Hewlett-Packard
[23/09/2004|19:25] C:\DOCUME~1\maryse\APPLIC~1\Identities
[25/04/2008|20:21] C:\DOCUME~1\maryse\APPLIC~1\InstallShield
[06/04/2008|14:04] C:\DOCUME~1\maryse\APPLIC~1\Leadertech
[19/04/2008|12:20] C:\DOCUME~1\maryse\APPLIC~1\LimeWire
[26/01/2008|15:51] C:\DOCUME~1\maryse\APPLIC~1\Macromedia
[02/02/2008|12:26] C:\DOCUME~1\maryse\APPLIC~1\Microsoft
[26/01/2008|15:54] C:\DOCUME~1\maryse\APPLIC~1\Mozilla
[01/02/2008|18:23] C:\DOCUME~1\maryse\APPLIC~1\Norman
[26/01/2008|17:16] C:\DOCUME~1\maryse\APPLIC~1\OD2
[26/01/2008|16:45] C:\DOCUME~1\maryse\APPLIC~1\OFFICE One v6
[12/02/2008|18:46] C:\DOCUME~1\maryse\APPLIC~1\Samsung
[27/02/2008|12:26] C:\DOCUME~1\maryse\APPLIC~1\Skype
[27/02/2008|11:41] C:\DOCUME~1\maryse\APPLIC~1\skypePM
[04/07/2008|17:14] C:\DOCUME~1\maryse\APPLIC~1\Sonic
[06/04/2008|13:53] C:\DOCUME~1\maryse\APPLIC~1\Sony Ericsson
[26/01/2008|15:19] C:\DOCUME~1\maryse\APPLIC~1\Sun
[15/02/2008|20:46] C:\DOCUME~1\maryse\APPLIC~1\teamspeak2
[06/04/2008|13:53] C:\DOCUME~1\maryse\APPLIC~1\Teleca
[04/07/2008|21:15] C:\DOCUME~1\maryse\APPLIC~1\U3
[27/01/2008|14:47] C:\DOCUME~1\maryse\APPLIC~1\VadeRetro
[01/02/2008|22:28] C:\DOCUME~1\maryse\APPLIC~1\vlc
[26/01/2008|15:53] C:\DOCUME~1\maryse\APPLIC~1\WinRAR
[26/01/2008|14:49] C:\DOCUME~1\maryse\APPLIC~1\You've Got Pictures Screensaver
[23/09/2004|18:50] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/05/2008 15:15][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[30/07/2008 16:41][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 2170 series#1201363822.job
[02/11/2008 16:52][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[27/09/2008|16:14] C:\Program Files\Adobe
[26/01/2008|16:12] C:\Program Files\Alice
[02/03/2008|11:40] C:\Program Files\Alice SSID
[26/01/2008|15:17] C:\Program Files\AOL 9.0
[26/01/2008|14:49] C:\Program Files\AOL Compagnon
[19/04/2008|14:44] C:\Program Files\Apple Software Update
[01/05/2008|17:41] C:\Program Files\BitComet
[01/02/2008|22:03] C:\Program Files\Bonjour
[31/10/2008|12:12] C:\Program Files\CCleaner
[26/01/2008|16:45] C:\Program Files\Ciel
[26/02/2008|19:12] C:\Program Files\Common Files
[23/09/2004|19:03] C:\Program Files\ComPlus Applications
[26/01/2008|15:00] C:\Program Files\CyberLink
[06/04/2008|14:19] C:\Program Files\Disc2Phone
[26/01/2008|18:42] C:\Program Files\DivX
[25/04/2008|00:18] C:\Program Files\ESET
[06/04/2008|13:49] C:\Program Files\Fichiers communs
[26/01/2008|14:50] C:\Program Files\Goto Software
[10/02/2008|13:49] C:\Program Files\Grisoft
[26/01/2008|17:08] C:\Program Files\Hewlett-Packard
[26/01/2008|21:15] C:\Program Files\Illustrate
[25/04/2008|20:21] C:\Program Files\InstallShield Installation Information
[18/10/2008|17:30] C:\Program Files\Internet Explorer
[19/04/2008|11:40] C:\Program Files\iPod
[26/01/2008|16:47] C:\Program Files\ISSENDIS
[19/04/2008|11:40] C:\Program Files\iTunes
[29/10/2008|09:11] C:\Program Files\Java
[26/01/2008|14:49] C:\Program Files\Learn2.com
[31/10/2008|11:40] C:\Program Files\Lineage II
[26/01/2008|20:02] C:\Program Files\Logitech
[27/09/2008|16:01] C:\Program Files\Messenger
[02/09/2008|08:22] C:\Program Files\Messenger Plus! Live
[27/01/2008|00:15] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[23/09/2004|19:15] C:\Program Files\microsoft frontpage
[29/10/2008|10:31] C:\Program Files\Movie Maker
[02/11/2008|16:53] C:\Program Files\Mozilla Firefox
[15/03/2008|14:12] C:\Program Files\MSBuild
[23/09/2004|18:59] C:\Program Files\MSN
[23/09/2004|18:59] C:\Program Files\MSN Gaming Zone
[27/01/2008|14:57] C:\Program Files\MSXML 4.0
[15/03/2008|14:13] C:\Program Files\MSXML 6.0
[27/09/2008|15:53] C:\Program Files\NetMeeting
[26/01/2008|14:50] C:\Program Files\Norman
[26/01/2008|16:47] C:\Program Files\OFFICE One6.5
[23/09/2004|19:03] C:\Program Files\Online Services
[29/10/2008|10:31] C:\Program Files\Outlook Express
[19/04/2008|11:39] C:\Program Files\QuickTime
[26/01/2008|14:49] C:\Program Files\Real
[26/01/2008|14:37] C:\Program Files\Realtek
[15/03/2008|14:09] C:\Program Files\Reference Assemblies
[23/09/2004|19:08] C:\Program Files\Services en ligne
[26/01/2008|14:59] C:\Program Files\SmartSound Software
[26/01/2008|14:51] C:\Program Files\Sonic
[06/04/2008|13:49] C:\Program Files\Sony Ericsson
[29/10/2008|11:01] C:\Program Files\Steam
[15/02/2008|20:46] C:\Program Files\Teamspeak2_RC2
[29/10/2008|10:35] C:\Program Files\Trend Micro
[26/01/2008|14:58] C:\Program Files\Ulead Systems
[23/09/2004|19:25] C:\Program Files\Uninstall Information
[26/01/2008|16:18] C:\Program Files\VideoLAN
[26/01/2008|16:31] C:\Program Files\Windows Live
[26/01/2008|14:58] C:\Program Files\Windows Media Components
[08/02/2008|20:04] C:\Program Files\Windows Media Connect 2
[08/02/2008|20:07] C:\Program Files\Windows Media Player
[27/09/2008|15:53] C:\Program Files\Windows NT
[23/09/2004|19:01] C:\Program Files\Windows Plus
[23/09/2004|19:09] C:\Program Files\WindowsUpdate
[26/01/2008|15:53] C:\Program Files\WinRAR
[02/03/2008|12:20] C:\Program Files\Wireless 802.11g Monitor
[23/09/2004|19:15] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/02/2008|16:02] C:\Program Files\Fichiers communs\Adobe
[26/01/2008|14:49] C:\Program Files\Fichiers communs\AOL
[26/01/2008|14:49] C:\Program Files\Fichiers communs\aolshare
[01/02/2008|22:02] C:\Program Files\Fichiers communs\Apple
[26/01/2008|16:46] C:\Program Files\Fichiers communs\Borland Shared
[26/01/2008|16:45] C:\Program Files\Fichiers communs\Ciel
[26/01/2008|20:02] C:\Program Files\Fichiers communs\FotoWire
[26/01/2008|17:06] C:\Program Files\Fichiers communs\Hewlett-Packard
[26/01/2008|15:00] C:\Program Files\Fichiers communs\InstallShield
[26/01/2008|14:45] C:\Program Files\Fichiers communs\Java
[26/01/2008|20:00] C:\Program Files\Fichiers communs\Logitech
[26/01/2008|16:21] C:\Program Files\Fichiers communs\Microsoft Shared
[23/09/2004|19:07] C:\Program Files\Fichiers communs\MSSoap
[26/01/2008|14:49] C:\Program Files\Fichiers communs\Nullsoft
[23/09/2004|18:53] C:\Program Files\Fichiers communs\ODBC
[26/01/2008|14:49] C:\Program Files\Fichiers communs\Real
[23/09/2004|19:07] C:\Program Files\Fichiers communs\Services
[26/01/2008|19:45] C:\Program Files\Fichiers communs\Skype
[26/01/2008|14:51] C:\Program Files\Fichiers communs\Sonic Shared
[06/04/2008|13:49] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[23/09/2004|18:53] C:\Program Files\Fichiers communs\SpeechEngines
[26/01/2008|14:51] C:\Program Files\Fichiers communs\SureThing Shared
[26/01/2008|18:16] C:\Program Files\Fichiers communs\Symantec Shared
[27/09/2008|15:53] C:\Program Files\Fichiers communs\System
[06/04/2008|13:49] C:\Program Files\Fichiers communs\Teleca Shared
[26/01/2008|14:51] C:\Program Files\Fichiers communs\TiVo Shared
[26/01/2008|14:59] C:\Program Files\Fichiers communs\Ulead Systems
[26/01/2008|16:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 62 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\maryse\Cookies\maryse@bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@fr.thepimps.bigpoint[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@adopt.euroclick[1].txt
C:\DOCUME~1\maryse\Cookies\maryse@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-02 16:55:50
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\maryse\Local Settings\Temporary Internet Files\Content.IE5\BI00HRCI\keyGen[1].htm
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack.rar
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack.rar
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\http--www.emule-paradise.com-.url
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\nentfrst.exe
C:\DOCUME~1\maryse\Mes documents\PRO\NOD32.Antivirus.v2.70.39.FR.Incl-Crack\Crack\NOD32.FiX.v2.2-nsane.exe
[F:34][D:7]-> C:\DOCUME~1\maryse\LOCALS~1\Temp
[F:36][D:0]-> C:\DOCUME~1\maryse\Cookies
[F:472][D:4]-> C:\DOCUME~1\maryse\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 29/10/2008|10:40 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 31/10/2008|11:40 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 02/11/2008|16:56 - Option : [2]
--------------------\\ Fin du rapport a 16:56:35
Re,
Supprime tous tes cracks.
Répondre à Angeldark
Il y a 900 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
