Publicitées

thedeejay le 06 février 2009 à 22h44

Bonjour!
Quelqu'un de ma famille a aparament téléchargé quelquechose sur mon ordi, car depuis deux jours je suis infesté de popups, meme sur mon propre site, et les 3/4 des pulicitées (notament ici) sont pour du Viagra...

les popups sont toujours vides et viennent des sites doubleclick.net, directaclick.com etc., et les pubs de vtiagra de adv.net

j'ai pouratnt mis mon Anti-virus à jour, rien, et cela devient tres génant, car cela coupe parfois la navigaton vers un site...

Merci beaucoup!

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 07 février 2009 à 01h12

Bonjour ;

Télécharge HijackThis v2.0.2 de trend secure
lien et tuto ici
suis les indications et poste le rapport dans ton prochain message.

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 07 février 2009 à 10h04

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:49, on 07/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.simulbox.fr/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Yoono BHO - {CC24584F-A50F-4138-B1B7-F0255274DB9A} - C:\PROGRA~1\YOONOS~1\ybho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yoono toolbar - {D86FA331-DF95-46C8-8978-4C00D084C9A1} - C:\PROGRA~1\YOONOS~1\tb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; NaviWoo2.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; .NET CLR 1.1.4322; Tablet PC 2.0; .NET CLR 3.5.21022; Orange 8.0)" -"http://poppy.macromedia.com/multiuser/"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll
O9 - Extra 'Tools' menuitem: Display Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.ca(...)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.(...)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exe

--
End of file - 15762 bytes

Voila... Merci de tno aide!

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 07 février 2009 à 12h46

smitfraudfix

Télécharge smitfraudfix de S!Ri
lien et tuto ici
suis les indications et poste le rapport dans ton prochain message.

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 07 février 2009 à 13h04

SmitFraudFix v2.392

Rapport fait à 12:58:49,36, 07/02/2009
Executé à partir de C:\Users\Ivan\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
Le type du système de fichiers est
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Tablet.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Tablet.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Ivan

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Ivan\AppData\Local\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Ivan\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Ivan\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\Google\googletoolbar1.dll PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~3\\GOEC62~1.DLL"
"LoadAppInit_DLLs"=dword:00000001

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: D-Link DWA-140 RangeBooster N USB Adapter
DNS Server Search Order: 85.255.112.39
DNS Server Search Order: 85.255.112.40

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Voila..
aussi deux petites choses:
Tu devrait présciser dans ton tuto d'executer en admin sous vista, et aussi le header de ton forum, il est avec 3DFA, non?^^

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 07 février 2009 à 16h24

[list]

Redémarre l'ordinateur en mode sans échec (au démarrage de l'ordinateur, tapoter F8 ) tuto mode sans echec

Double clique sur SmitfraudFix.exe

Sélectionner 2 et pressez Entrée dans le menu pour supprimer les fichiers responsables de l'infection.

A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.

Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répondre O (oui) et pressez Entrée pour remplacer le fichier corrompu.

Un redémarrage sera peut être nécessaire pour terminer la procedure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt [/list]
Poste le rapport dans ton prochain message.

ps si ton rapport est trés grand merci de le mettre comme indiqué dans ce lien
http://bibou0007.com/aide-a-la-desinfection-f8/rapport-de-grande-taille-t765.(...)

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 08 février 2009 à 10h32

voir son profil

envoyer un message privé

SmitFraudFix v2.392

Rapport fait à 0:35:20,67, 08/02/2009
Executé à partir de C:\Users\Ivan\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
Le type du système de fichiers est
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
::1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\Program Files\Google\googletoolbar1.dll supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Voila! c'est bon, on ne me dit plus que ma schtroumpf est trop petite xD

Merci beaucoup, en cas d'autre probleme je te le signalerai...

A tres bientot!
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

thedeejay le 08 février 2009 à 12h40

voir son profil

envoyer un message privé

ah, si j'ai encore quelques popups
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 08 février 2009 à 20h48

voir son profil

envoyer un message privé

oui ce n est pas fini!

relance smitfraudfix option 5 et poste le rapport stp

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 08 février 2009 à 22h35

voir son profil

envoyer un message privé

SmitFraudFix v2.392

Rapport fait à 22:29:47,07, 08/02/2009
Executé à partir de C:\Users\Ivan\Desktop\SmitfraudFix
OS: Microsoft Windows [version 6.0.6001] - Windows_NT
Le type du système de fichiers est
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» DNS Avant Fix

Votre ordinateur est certainement victime d'un détournement de DNS: 85.255.x.x détecté !

Description: D-Link DWA-140 RangeBooster N USB Adapter
DNS Server Search Order: 85.255.112.39
DNS Server Search Order: 85.255.112.40

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: DhcpNameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DCE253CF-87E7-48BA-807A-6AAE365E99AE}: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: NameServer=85.255.112.39,85.255.112.40

»»»»»»»»»»»»»»»»»»»»»»»» DNS Après Fix

Description: D-Link DWA-140 RangeBooster N USB Adapter
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

HKLM\SYSTEM\CCS\Services\Tcpip\..\{CE95847C-6F4F-4F6F-AF53-96352C6F1BE7}: DhcpNameServer=212.27.40.241 212.27.40.240

voila! et aussi quand je suis sur google quand je clique sue les liens 1/2 ca m'envoie vers la page d'accueil..
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

thedeejay le 08 février 2009 à 22h35

voir son profil

envoyer un message privé

et j'ai re des pubs pour le viagra...
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 09 février 2009 à 12h01

voir son profil

envoyer un message privé

telecharge Malwarebytes Anti-Malware
lien et tuto
suis les indications et poste le rapport dans ton prochain message.

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 14 février 2009 à 19h05

voir son profil

envoyer un message privé

salut!

le prog plante au bout d'une heure en mode sans echec et ne trouve rien....
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 14 février 2009 à 19h58

voir son profil

envoyer un message privé

ok comment va le pc remet moi un hijackthis stp
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 21 février 2009 à 23h39

voir son profil

envoyer un message privé

c'est bon j'ai enfin réussi à faire le test précédent (je n'avais pas vu ton message)

j'ai toujours des pubs la...

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1654
Windows 6.0.6001 Service Pack 1

21/02/2009 18:07:32
mbam-log-2009-02-21 (18-07-32).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 696981
Temps écoulé: 2 hour(s), 22 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Quarantined and deleted successfully.

je fais un Hijackthis?
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

thedeejay le 21 février 2009 à 23h46

voir son profil

envoyer un message privé

Voila:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:41:50, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\WTablet\TabUserW.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://simulbox.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Yoono BHO - {CC24584F-A50F-4138-B1B7-F0255274DB9A} - C:\PROGRA~1\YOONOS~1\ybho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yoono toolbar - {D86FA331-DF95-46C8-8978-4C00D084C9A1} - C:\PROGRA~1\YOONOS~1\tb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; NaviWoo2.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; .NET CLR 1.1.4322; Tablet PC 2.0; .NET CLR 3.5.21022; Orange 8.0)" -"http://www.oncle-ernest.com/jeux/missiles.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll
O9 - Extra 'Tools' menuitem: Display Yoono - {3E286614-05AE-4736-B01D-D71BD9A42B16} - C:\PROGRA~1\YOONOS~1\tb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.ca(...)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.(...)
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.(...)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\CollabNet Subversion Server\httpd\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Subversion Server (svnserve) - http://subversion.tigris.org/ - C:\Program Files\CollabNet Subversion Server\svnserve.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exe

--
End of file - 15275 bytes

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 22 février 2009 à 00h36

voir son profil

envoyer un message privé

Bonjour,
Si tu es sous vista desactive l UAC ‘’ pour xp passé a la suite ‘’ tuto desactivation de l UAC
Télécharge Lop S&D.exe sur ton Bureau. tuto lop S&D
http://eric.71.mespages.googlepages.com/LopSD.exe
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 22 février 2009 à 17h53

voir son profil

envoyer un message privé

voila:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Ivan ( Not Administrator ! )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.7.0.570 (Not Activated)
C:\ (Local Disk) - NTFS - Total:457 Go (Free:188 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:1397 Go (Free:1258 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 22/02/2009|17:40 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[07/07/2008|14:40] C:\Users\Ivan\AppData\Local\{19701D31-2AF8-40D1-AC1E-A3FEA2B83873}
[30/12/2008|12:07] C:\Users\Ivan\AppData\Local\84756-11986-27475-00TC1-94865
[10/02/2009|19:57] C:\Users\Ivan\AppData\Local\Adobe
[11/07/2008|09:54] C:\Users\Ivan\AppData\Local\Apple
[30/08/2008|22:01] C:\Users\Ivan\AppData\Local\Apple Computer
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Application Data
[22/02/2009|12:10] C:\Users\Ivan\AppData\Local\ApplicationHistory
[05/07/2008|11:08] C:\Users\Ivan\AppData\Local\Apps
[05/07/2008|11:06] C:\Users\Ivan\AppData\Local\assembly
[11/11/2008|14:08] C:\Users\Ivan\AppData\Local\Autodesk
[18/01/2009|22:06] C:\Users\Ivan\AppData\Local\Box Shot 3D
[21/02/2009|11:33] C:\Users\Ivan\AppData\Local\d3d9caps.dat
[21/02/2009|10:33] C:\Users\Ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[27/07/2008|21:44] C:\Users\Ivan\AppData\Local\debuggee.mdmp
[10/08/2008|14:45] C:\Users\Ivan\AppData\Local\Deployment
[27/07/2008|00:10] C:\Users\Ivan\AppData\Local\Downloaded Installations
[29/01/2009|20:06] C:\Users\Ivan\AppData\Local\FontCreator
[04/07/2008|19:35] C:\Users\Ivan\AppData\Local\fusioncache.dat
[10/02/2009|19:56] C:\Users\Ivan\AppData\Local\GDIPFONTCACHEV1.DAT
[22/07/2008|22:07] C:\Users\Ivan\AppData\Local\Google
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Historique
[22/02/2009|01:12] C:\Users\Ivan\AppData\Local\IconCache.db
[26/10/2008|09:29] C:\Users\Ivan\AppData\Local\Installer1160
[13/08/2008|10:43] C:\Users\Ivan\AppData\Local\Installer5468
[30/12/2008|12:41] C:\Users\Ivan\AppData\Local\iTunesPrefs
[31/01/2009|15:12] C:\Users\Ivan\AppData\Local\Microsoft
[05/07/2008|14:59] C:\Users\Ivan\AppData\Local\Microsoft Games
[17/08/2008|10:25] C:\Users\Ivan\AppData\Local\Microsoft Help
[05/07/2008|09:10] C:\Users\Ivan\AppData\Local\Mozilla
[04/07/2008|19:36] C:\Users\Ivan\AppData\Local\Packard Bell
[07/07/2008|14:48] C:\Users\Ivan\AppData\Local\Pando
[29/01/2009|20:13] C:\Users\Ivan\AppData\Local\Scanahand
[10/08/2008|14:27] C:\Users\Ivan\AppData\Local\Simulbox
[30/12/2008|12:07] C:\Users\Ivan\AppData\Local\tcbackup
[30/12/2008|12:42] C:\Users\Ivan\AppData\Local\tcmediatemp.m4a
[30/12/2008|12:41] C:\Users\Ivan\AppData\Local\tcmediatemp.mp3
[22/02/2009|17:40] C:\Users\Ivan\AppData\Local\Temp
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Temporary Internet Files
[15/11/2008|12:48] C:\Users\Ivan\AppData\Local\Thunderbird
[19/07/2008|15:16] C:\Users\Ivan\AppData\Local\TomTom
[22/02/2009|12:02] C:\Users\Ivan\AppData\Local\TSVNCache
[04/07/2008|19:35] C:\Users\Ivan\AppData\Local\VirtualStore
[16/11/2008|19:03] C:\Users\Ivan\AppData\Local\Xara
[16/12/2008|23:10] C:\Users\Ivan\AppData\Local\yoono

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[22/02/2009 12:55][--a------] C:\Windows\tasks\Google Software Updater.job
[22/02/2009 17:40][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{97F2EE3F-C065-4E64-8DD1-F98D48E86141}.job
[22/02/2009 17:30][--a------] C:\Windows\tasks\Extension de garantie.job
[22/02/2009 17:30][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[22/02/2009 12:07][--ah-----] C:\Windows\tasks\SA.DAT
[22/02/2009 01:12][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/01/2009|10:34] C:\ProgramData\__FileUploader.log
[02/06/2007|12:06] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/12/2008|17:09] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/01/2009|16:00] C:\ProgramData\{F61B5A0B-822D-4173-BFD0-A948FC431FEB}
[25/07/2008|14:31] C:\ProgramData\41BA21B4D5.sys
[24/07/2008|12:08] C:\ProgramData\6CDB71AE3B.sys
[11/02/2009|14:10] C:\ProgramData\Adobe
[20/09/2008|10:57] C:\ProgramData\ALM
[04/07/2008|21:18] C:\ProgramData\AppData
[11/07/2008|09:52] C:\ProgramData\Apple
[11/07/2008|09:58] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[25/12/2008|21:24] C:\ProgramData\Autodesk
[12/08/2008|11:01] C:\ProgramData\BIAS
[04/07/2008|19:25] C:\ProgramData\Bureau
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[12/07/2008|13:32] C:\ProgramData\EmailNotifier
[04/07/2008|19:25] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[01/01/2007|03:02] C:\ProgramData\FLEXnet
[02/06/2007|11:57] C:\ProgramData\Google
[21/02/2009|18:13] C:\ProgramData\Google Updater
[02/06/2007|11:56] C:\ProgramData\InstallShield
[25/07/2008|14:31] C:\ProgramData\KGyGaAvL.sys
[06/02/2009|15:34] C:\ProgramData\LUUnInstall.LiveUpdate
[16/07/2008|10:27] C:\ProgramData\Malwarebytes
[22/08/2008|19:27] C:\ProgramData\McAfee
[04/07/2008|19:25] C:\ProgramData\Menu D‚marrer
[19/08/2008|13:21] C:\ProgramData\Messenger Plus!
[11/07/2008|08:25] C:\ProgramData\Microsoft
[27/07/2008|00:34] C:\ProgramData\Microsoft Corporation
[21/01/2009|16:22] C:\ProgramData\Microsoft Help
[04/07/2008|19:25] C:\ProgramData\ModŠles
[10/01/2009|09:46] C:\ProgramData\ntuser.pol
[21/12/2008|11:12] C:\ProgramData\NVIDIA
[16/07/2008|18:52] C:\ProgramData\pI3_lic_file
[15/07/2008|17:25] C:\ProgramData\pI3demoLicense
[31/12/2006|23:34] C:\ProgramData\Pinnacle
[31/12/2006|23:34] C:\ProgramData\Pinnacle Studio
[05/03/2008|19:41] C:\ProgramData\Protexis
[08/10/2008|15:37] C:\ProgramData\Reallusion
[26/07/2008|11:19] C:\ProgramData\Roxio
[24/01/2009|18:36] C:\ProgramData\Seagate
[02/06/2007|12:06] C:\ProgramData\Skype
[02/06/2007|11:55] C:\ProgramData\Sonic
[02/11/2006|14:02] C:\ProgramData\Start Menu
[06/02/2009|15:33] C:\ProgramData\Symantec
[05/02/2009|19:26] C:\ProgramData\sysqcl1129139270.dat
[23/09/2008|19:08] C:\ProgramData\Tarma Installer
[05/07/2008|12:44] C:\ProgramData\Telerik
[05/07/2008|14:24] C:\ProgramData\Telerik Corporation
[22/01/2009|23:26] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[19/07/2008|15:16] C:\ProgramData\TomTom
[31/01/2009|19:08] C:\ProgramData\TrackMania
[05/07/2008|09:13] C:\ProgramData\WinZip
[06/07/2008|09:13] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[19/07/2008|15:21] C:\Program Files\.NET Terrarium 2.0
[22/02/2009|00:17] C:\Program Files\3D Flash Animator 4.9.8.7
[05/03/2008|19:18] C:\Program Files\3DSFMM2
[22/08/2008|19:12] C:\Program Files\7-Zip
[22/01/2009|16:51] C:\Program Files\Act-3D
[02/06/2007|12:06] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|19:57] C:\Program Files\Activelock VB6 3.5.5
[27/07/2008|19:56] C:\Program Files\Activelock Wizard
[12/02/2009|17:55] C:\Program Files\Adobe
[05/01/2009|19:46] C:\Program Files\AGEIA Technologies
[23/09/2008|19:08] C:\Program Files\AllWebMenus5
[20/02/2009|13:04] C:\Program Files\AmitySource
[30/08/2008|16:26] C:\Program Files\ANI
[06/08/2008|15:15] C:\Program Files\Apple Software Update
[25/12/2008|21:12] C:\Program Files\Autodesk
[07/07/2008|12:46] C:\Program Files\AutoPlay Media Studio 7.0 Trial
[15/11/2008|22:03] C:\Program Files\AviSynth 2.5
[12/08/2008|10:52] C:\Program Files\BIAS
[25/10/2008|09:50] C:\Program Files\blaxxun Contact
[03/11/2008|17:46] C:\Program Files\Bodom-Child - RaBBi
[29/09/2008|18:10] C:\Program Files\Bonjour
[18/01/2009|22:06] C:\Program Files\BoxShot3D
[12/07/2008|13:32] C:\Program Files\CA VMN Anti-Spyware
[05/03/2008|19:52] C:\Program Files\Cavaj Java Decompiler
[08/02/2009|20:13] C:\Program Files\CollabNet Subversion Server
[14/02/2009|12:34] C:\Program Files\Common Files
[15/08/2008|19:47] C:\Program Files\Debugging Tools for Windows
[26/07/2008|11:12] C:\Program Files\decomp
[26/11/2008|19:21] C:\Program Files\Deluxe Menus Trial
[15/08/2008|11:51] C:\Program Files\Developer Express .NET v8.2
[17/08/2008|11:32] C:\Program Files\Divelements Limited
[29/09/2008|20:57] C:\Program Files\DivX
[30/08/2008|16:25] C:\Program Files\D-Link
[22/11/2008|12:39] C:\Program Files\eGaming
[14/12/2008|17:45] C:\Program Files\e-on software
[15/11/2008|21:59] C:\Program Files\eRightSoft
[22/11/2008|12:38] C:\Program Files\Explorations
[04/11/2008|19:48] C:\Program Files\fabFORCE
[22/11/2008|12:49] C:\Program Files\FFilmation Scene Editor
[04/07/2008|19:25] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[03/12/2008|16:56] C:\Program Files\FireFly Studios
[14/08/2008|20:48] C:\Program Files\FLV Player
[05/03/2008|21:48] C:\Program Files\Free Music Zilla
[03/12/2008|18:10] C:\Program Files\GameSpy Arcade
[08/02/2009|00:35] C:\Program Files\Google
[02/06/2007|11:48] C:\Program Files\HDReg
[29/01/2009|20:10] C:\Program Files\High-Logic
[03/11/2008|11:25] C:\Program Files\HotHotSoftware
[18/01/2009|23:11] C:\Program Files\Insofta Cover Commander
[14/07/2008|10:32] C:\Program Files\Install Creator Pro
[24/01/2009|18:37] C:\Program Files\InstallShield Installation Information
[16/01/2009|23:48] C:\Program Files\Internet Explorer
[04/12/2008|17:09] C:\Program Files\iPod
[04/12/2008|17:09] C:\Program Files\iTunes
[06/12/2008|10:32] C:\Program Files\Java
[03/10/2008|16:47] C:\Program Files\LimeWire
[04/10/2008|14:12] C:\Program Files\lpv
[03/01/2009|17:06] C:\Program Files\MakeHuman 0.9.1 RC1
[06/02/2009|15:10] C:\Program Files\Malwarebytes' Anti-Malware
[22/08/2008|19:27] C:\Program Files\McAfee
[09/02/2009|16:47] C:\Program Files\Messenger Plus! Live
[25/10/2008|11:20] C:\Program Files\MicroMouse Productions
[15/08/2008|19:48] C:\Program Files\Microsoft FxCop 1.35
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[15/08/2008|19:45] C:\Program Files\Microsoft Office
[05/07/2008|09:58] C:\Program Files\Microsoft SDKs
[23/10/2008|16:49] C:\Program Files\Microsoft Silverlight
[05/07/2008|10:22] C:\Program Files\Microsoft SQL Server Compact Edition
[05/07/2008|10:22] C:\Program Files\Microsoft Synchronization Services
[27/07/2008|09:40] C:\Program Files\Microsoft Visual Basic 2005 Power Packs
[12/08/2008|12:56] C:\Program Files\Microsoft Visual Studio 8
[05/07/2008|10:22] C:\Program Files\Microsoft Visual Studio 9.0
[02/06/2007|12:04] C:\Program Files\Microsoft Works
[31/01/2009|15:14] C:\Program Files\Microsoft Xbox 360 Accessories
[02/06/2007|12:04] C:\Program Files\Microsoft.NET
[30/01/2009|22:07] C:\Program Files\mIRC
[08/08/2008|18:03] C:\Program Files\Movie Maker
[27/12/2008|17:54] C:\Program Files\Mozilla Firefox
[31/12/2008|16:08] C:\Program Files\Mozilla Thunderbird
[02/11/2006|13:37] C:\Program Files\MSBuild
[05/07/2008|10:38] C:\Program Files\MSXML 4.0
[03/10/2008|17:41] C:\Program Files\MySQL
[12/12/2008|18:10] C:\Program Files\NetSend
[06/02/2009|15:34] C:\Program Files\Norton 360
[22/11/2008|15:59] C:\Program Files\OpenAL
[24/08/2008|17:57] C:\Program Files\Orange
[02/06/2007|12:06] C:\Program Files\Packard Bell
[16/07/2008|09:57] C:\Program Files\particleIllusion 3.0 demo
[14/07/2008|11:09] C:\Program Files\Patch Maker
[07/10/2008|17:59] C:\Program Files\PDF Image Extraction Wizard 3.0
[19/02/2009|13:04] C:\Program Files\PhotoFiltre Studio
[22/12/2008|14:41] C:\Program Files\Photosynth
[27/01/2009|20:28] C:\Program Files\Picasa2
[12/08/2008|10:49] C:\Program Files\Pinnacle
[05/02/2009|19:23] C:\Program Files\plasq
[12/12/2008|18:20] C:\Program Files\POV-Ray for Windows v3.6
[12/08/2008|10:50] C:\Program Files\proDAD
[17/08/2008|10:39] C:\Program Files\Quantum Software Solutions
[04/12/2008|17:06] C:\Program Files\QuickTime
[12/10/2008|08:21] C:\Program Files\Reallusion
[05/10/2008|18:10] C:\Program Files\Realm Crafter Demo
[02/06/2007|11:44] C:\Program Files\Realtek
[07/01/2009|14:14] C:\Program Files\REAPER
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[18/09/2008|18:55] C:\Program Files\RGEN Media
[02/06/2007|11:55] C:\Program Files\Roxio
[13/07/2008|15:12] C:\Program Files\RPG Maker VX
[19/11/2008|17:31] C:\Program Files\Safari
[11/07/2008|07:24] C:\Program Files\SAGEM
[07/02/2009|00:42] C:\Program Files\ScanSpyware
[27/07/2008|12:47] C:\Program Files\Scirra
[24/01/2009|18:36] C:\Program Files\Seagate
[19/07/2008|16:03] C:\Program Files\SEC
[11/07/2008|07:22] C:\Program Files\Securitoo
[02/06/2007|12:06] C:\Program Files\Skype
[08/10/2008|18:27] C:\Program Files\Smart Projects
[23/11/2008|12:07] C:\Program Files\Smoky City Design
[04/10/2008|07:59] C:\Program Files\SourceTec
[06/02/2009|15:34] C:\Program Files\Symantec
[04/07/2008|21:17] C:\Program Files\Tablet
[17/02/2009|12:39] C:\Program Files\tamasoftware
[27/07/2008|00:18] C:\Program Files\telerik
[25/07/2008|18:29] C:\Program Files\The Game Creators
[06/12/2008|14:33] C:\Program Files\ThiWeb Live 2
[14/09/2008|11:03] C:\Program Files\THQ
[31/01/2009|16:12] C:\Program Files\TmNationsForever
[19/07/2008|15:09] C:\Program Files\TomTom DesktopSuite
[19/07/2008|15:12] C:\Program Files\TomTom HOME 2
[14/02/2009|12:34] C:\Program Files\TortoiseSVN
[07/02/2009|09:58] C:\Program Files\Trend Micro
[05/01/2009|19:57] C:\Program Files\Tunafish
[15/11/2008|00:10] C:\Program Files\Ulead Particle.Plugin
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[15/01/2009|16:00] C:\Program Files\Utherverse Digital Inc
[07/10/2008|18:06] C:\Program Files\VeryPDF PDF2Image v2.1
[14/12/2008|17:08] C:\Program Files\VirtualDJ
[12/07/2008|13:31] C:\Program Files\Visicom Media
[01/12/2008|22:30] C:\Program Files\vj
[30/12/2008|12:05] C:\Program Files\Wide Angle Software
[30/12/2008|12:21] C:\Program Files\Winamp
[08/08/2008|18:03] C:\Program Files\Windows Calendar
[08/08/2008|18:03] C:\Program Files\Windows Collaboration
[08/08/2008|18:03] C:\Program Files\Windows Defender
[08/08/2008|18:03] C:\Program Files\Windows Journal
[31/10/2008|13:42] C:\Program Files\Windows Live
[14/01/2009|22:49] C:\Program Files\Windows Mail
[08/08/2008|18:03] C:\Program Files\Windows Media Player
[04/07/2008|19:25] C:\Program Files\Windows NT
[08/08/2008|18:03] C:\Program Files\Windows Photo Gallery
[08/08/2008|18:03] C:\Program Files\Windows Sidebar
[16/08/2008|11:45] C:\Program Files\winpwn
[07/07/2008|17:01] C:\Program Files\WinRAR
[05/07/2008|09:12] C:\Program Files\WinZip
[07/01/2009|19:19] C:\Program Files\Worldweaver
[16/11/2008|18:57] C:\Program Files\Xara
[16/12/2008|20:15] C:\Program Files\Yoono Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/02/2009|19:55] C:\Program Files\Common Files\Adobe
[22/11/2008|12:49] C:\Program Files\Common Files\Adobe AIR
[04/12/2008|17:09] C:\Program Files\Common Files\Apple
[25/12/2008|21:17] C:\Program Files\Common Files\Autodesk Shared
[22/08/2008|19:27] C:\Program Files\Common Files\Cisco Systems
[02/06/2007|12:04] C:\Program Files\Common Files\DESIGNER
[13/07/2008|15:14] C:\Program Files\Common Files\Enterbrain
[04/11/2008|19:48] C:\Program Files\Common Files\fabFORCE
[07/07/2008|17:10] C:\Program Files\Common Files\InstallShield
[26/07/2008|10:27] C:\Program Files\Common Files\Java
[07/07/2008|13:54] C:\Program Files\Common Files\Macrovision Shared
[22/08/2008|19:25] C:\Program Files\Common Files\McAfee
[04/02/2009|18:21] C:\Program Files\Common Files\microsoft shared
[12/08/2008|10:52] C:\Program Files\Common Files\MSSoap
[11/08/2008|19:19] C:\Program Files\Common Files\PC SOFT
[16/07/2008|19:37] C:\Program Files\Common Files\PX Storage Engine
[08/10/2008|19:11] C:\Program Files\Common Files\Reallusion
[02/06/2007|11:55] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/06/2007|12:06] C:\Program Files\Common Files\Skype
[02/06/2007|11:55] C:\Program Files\Common Files\Sonic Shared
[04/10/2008|07:59] C:\Program Files\Common Files\SourceTec
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/06/2007|11:55] C:\Program Files\Common Files\SureThing Shared
[07/02/2009|09:41] C:\Program Files\Common Files\Symantec Shared
[08/08/2008|18:03] C:\Program Files\Common Files\System
[27/07/2008|00:18] C:\Program Files\Common Files\Telerik
[14/02/2009|12:34] C:\Program Files\Common Files\TortoiseOverlays
[05/07/2008|10:08] C:\Program Files\Common Files\WindowsLiveInstaller
[05/02/2009|19:23] C:\Program Files\Common Files\Wise Installation Wizard
[16/11/2008|18:59] C:\Program Files\Common Files\Xara

--------------------\\ Process

( 100 Processes )

iexplore.exe ~ [PID:7176]
iexplore.exe ~ [PID:8004]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Users\Ivan\AppData\Local\Temp\nse6940.tmp
C:\Users\Ivan\AppData\Local\Temp\nsl23CE.tmp
C:\Users\Ivan\AppData\Local\Temp\nssBD96.tmp
C:\Users\Ivan\AppData\Local\Temp\nsxF660.tmp
C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@advertising[1].txt
C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@cotedazurpalace[1].txt
C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@adopt.euroclick[1].txt
C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@partypoker[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-22 17:40:59
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwEnumerateKey, ZwQueryKey, ZwOpenKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile, ZwQueryDirectoryFile, ZwQuerySystemInformation
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Ivan\AppData\Local\Temp\7zO128B.tmp\keygen.exe
C:\Users\Ivan\AppData\Local\Temp\Temp1_WOWEAVER.DXSTUD.PRO.3.0.12_.zip\Crack.reg
C:\Users\Ivan\AppData\Local\Temp\Temp2_WOWEAVER.DXSTUD.PRO.3.0.12_.zip\Crack.reg
C:\Users\Ivan\AppData\Local\Temp\Temp3_WOWEAVER.DXSTUD.PRO.3.0.12_.zip\Crack.reg
C:\Users\Ivan\AppData\Local\Temp\Temp4_WOWEAVER.DXSTUD.PRO.3.0.12_.zip\Crack.reg
C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Cookies\Low\ivan@crackdb[1].txt
C:\Users\Ivan\Documents\3D\Bitmaps 2\crackly_dirt.0.tif
C:\Users\Ivan\Documents\3D\Bitmaps 2\cracks_tile.0.tif
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Cracks.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Narrow crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Round crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Simple crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Wide crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Basic\Cracks.fnc
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Basic\Sparse cracks.fnc
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Bumps\Complex cracks.fnc
C:\Users\Ivan\Documents\hugo\Alex\Albums\New jazz deluxe\202-crackpot-tippy_tippy_toe.mp3
C:\Users\Ivan\Documents\hugo\Alex\House\CRACKHAUS 40oz Funk.mp3

[F:55930][D:8998]-> C:\Users\Ivan\AppData\Local\Temp
[F:4826][D:1]-> C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies
[F:704][D:21]-> C:\Users\Ivan\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:16946][D:255]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 22/02/2009|17:49 - Option : [1]

--------------------\\ Fin du rapport a 17:49:00
[ UAC => 1 ]

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 22 février 2009 à 22h40

voir son profil

envoyer un message privé

Relance Lop S&D
Choisis cette fois ci l'Option 2 (Suppression)
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 23 février 2009 à 00h13

voir son profil

envoyer un message privé

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Ivan ( Not Administrator ! )
BOOT : Normal boot
Antivirus : McAfee VirusScan Enterprise 8.7.0.570 (Not Activated)
C:\ (Local Disk) - NTFS - Total:457 Go (Free:187 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:1397 Go (Free:1258 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 23/02/2009| 0:02 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Users\Ivan\AppData\Local\Temp\nse6940.tmp
Supprime! - C:\Users\Ivan\AppData\Local\Temp\nsl23CE.tmp
Supprime! - C:\Users\Ivan\AppData\Local\Temp\nssBD96.tmp
Supprime! - C:\Users\Ivan\AppData\Local\Temp\nsxF660.tmp
Supprime! - C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@advertising[1].txt
Supprime! - C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@cotedazurpalace[1].txt
Supprime! - C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@adopt.euroclick[1].txt
Supprime! - C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies\ivan@partypoker[2].txt
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[07/07/2008|14:40] C:\Users\Ivan\AppData\Local\{19701D31-2AF8-40D1-AC1E-A3FEA2B83873}
[30/12/2008|12:07] C:\Users\Ivan\AppData\Local\84756-11986-27475-00TC1-94865
[10/02/2009|19:57] C:\Users\Ivan\AppData\Local\Adobe
[11/07/2008|09:54] C:\Users\Ivan\AppData\Local\Apple
[30/08/2008|22:01] C:\Users\Ivan\AppData\Local\Apple Computer
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Application Data
[22/02/2009|18:35] C:\Users\Ivan\AppData\Local\ApplicationHistory
[05/07/2008|11:08] C:\Users\Ivan\AppData\Local\Apps
[05/07/2008|11:06] C:\Users\Ivan\AppData\Local\assembly
[11/11/2008|14:08] C:\Users\Ivan\AppData\Local\Autodesk
[18/01/2009|22:06] C:\Users\Ivan\AppData\Local\Box Shot 3D
[21/02/2009|11:33] C:\Users\Ivan\AppData\Local\d3d9caps.dat
[21/02/2009|10:33] C:\Users\Ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[27/07/2008|21:44] C:\Users\Ivan\AppData\Local\debuggee.mdmp
[10/08/2008|14:45] C:\Users\Ivan\AppData\Local\Deployment
[27/07/2008|00:10] C:\Users\Ivan\AppData\Local\Downloaded Installations
[29/01/2009|20:06] C:\Users\Ivan\AppData\Local\FontCreator
[04/07/2008|19:35] C:\Users\Ivan\AppData\Local\fusioncache.dat
[10/02/2009|19:56] C:\Users\Ivan\AppData\Local\GDIPFONTCACHEV1.DAT
[22/07/2008|22:07] C:\Users\Ivan\AppData\Local\Google
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Historique
[22/02/2009|01:12] C:\Users\Ivan\AppData\Local\IconCache.db
[26/10/2008|09:29] C:\Users\Ivan\AppData\Local\Installer1160
[13/08/2008|10:43] C:\Users\Ivan\AppData\Local\Installer5468
[30/12/2008|12:41] C:\Users\Ivan\AppData\Local\iTunesPrefs
[31/01/2009|15:12] C:\Users\Ivan\AppData\Local\Microsoft
[05/07/2008|14:59] C:\Users\Ivan\AppData\Local\Microsoft Games
[17/08/2008|10:25] C:\Users\Ivan\AppData\Local\Microsoft Help
[05/07/2008|09:10] C:\Users\Ivan\AppData\Local\Mozilla
[04/07/2008|19:36] C:\Users\Ivan\AppData\Local\Packard Bell
[07/07/2008|14:48] C:\Users\Ivan\AppData\Local\Pando
[29/01/2009|20:13] C:\Users\Ivan\AppData\Local\Scanahand
[10/08/2008|14:27] C:\Users\Ivan\AppData\Local\Simulbox
[30/12/2008|12:07] C:\Users\Ivan\AppData\Local\tcbackup
[30/12/2008|12:42] C:\Users\Ivan\AppData\Local\tcmediatemp.m4a
[30/12/2008|12:41] C:\Users\Ivan\AppData\Local\tcmediatemp.mp3
[23/02/2009|00:03] C:\Users\Ivan\AppData\Local\Temp
[04/07/2008|19:29] C:\Users\Ivan\AppData\Local\Temporary Internet Files
[06/12/2008|14:39] C:\Users\Ivan\AppData\Local\ThiWeb_Creative
[15/11/2008|12:48] C:\Users\Ivan\AppData\Local\Thunderbird
[19/07/2008|15:16] C:\Users\Ivan\AppData\Local\TomTom
[22/02/2009|12:02] C:\Users\Ivan\AppData\Local\TSVNCache
[04/07/2008|19:35] C:\Users\Ivan\AppData\Local\VirtualStore
[16/11/2008|19:03] C:\Users\Ivan\AppData\Local\Xara
[16/12/2008|23:10] C:\Users\Ivan\AppData\Local\yoono

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[22/02/2009 19:14][--a------] C:\Windows\tasks\Google Software Updater.job
[23/02/2009 00:00][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{97F2EE3F-C065-4E64-8DD1-F98D48E86141}.job
[23/02/2009 00:00][--a------] C:\Windows\tasks\Extension de garantie.job
[23/02/2009 00:00][--a------] C:\Windows\tasks\Recovery DVD Creator.job
[22/02/2009 18:04][--ah-----] C:\Windows\tasks\SA.DAT
[22/02/2009 01:12][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[11/01/2009|10:34] C:\ProgramData\__FileUploader.log
[02/06/2007|12:06] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[04/12/2008|17:09] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[15/01/2009|16:00] C:\ProgramData\{F61B5A0B-822D-4173-BFD0-A948FC431FEB}
[25/07/2008|14:31] C:\ProgramData\41BA21B4D5.sys
[24/07/2008|12:08] C:\ProgramData\6CDB71AE3B.sys
[11/02/2009|14:10] C:\ProgramData\Adobe
[20/09/2008|10:57] C:\ProgramData\ALM
[04/07/2008|21:18] C:\ProgramData\AppData
[11/07/2008|09:52] C:\ProgramData\Apple
[11/07/2008|09:58] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[25/12/2008|21:24] C:\ProgramData\Autodesk
[12/08/2008|11:01] C:\ProgramData\BIAS
[04/07/2008|19:25] C:\ProgramData\Bureau
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[12/07/2008|13:32] C:\ProgramData\EmailNotifier
[04/07/2008|19:25] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[01/01/2007|03:02] C:\ProgramData\FLEXnet
[02/06/2007|11:57] C:\ProgramData\Google
[22/02/2009|19:14] C:\ProgramData\Google Updater
[02/06/2007|11:56] C:\ProgramData\InstallShield
[25/07/2008|14:31] C:\ProgramData\KGyGaAvL.sys
[06/02/2009|15:34] C:\ProgramData\LUUnInstall.LiveUpdate
[16/07/2008|10:27] C:\ProgramData\Malwarebytes
[22/08/2008|19:27] C:\ProgramData\McAfee
[04/07/2008|19:25] C:\ProgramData\Menu D‚marrer
[19/08/2008|13:21] C:\ProgramData\Messenger Plus!
[11/07/2008|08:25] C:\ProgramData\Microsoft
[27/07/2008|00:34] C:\ProgramData\Microsoft Corporation
[21/01/2009|16:22] C:\ProgramData\Microsoft Help
[04/07/2008|19:25] C:\ProgramData\ModŠles
[10/01/2009|09:46] C:\ProgramData\ntuser.pol
[21/12/2008|11:12] C:\ProgramData\NVIDIA
[16/07/2008|18:52] C:\ProgramData\pI3_lic_file
[15/07/2008|17:25] C:\ProgramData\pI3demoLicense
[31/12/2006|23:34] C:\ProgramData\Pinnacle
[31/12/2006|23:34] C:\ProgramData\Pinnacle Studio
[05/03/2008|19:41] C:\ProgramData\Protexis
[08/10/2008|15:37] C:\ProgramData\Reallusion
[26/07/2008|11:19] C:\ProgramData\Roxio
[24/01/2009|18:36] C:\ProgramData\Seagate
[02/06/2007|12:06] C:\ProgramData\Skype
[02/06/2007|11:55] C:\ProgramData\Sonic
[02/11/2006|14:02] C:\ProgramData\Start Menu
[06/02/2009|15:33] C:\ProgramData\Symantec
[05/02/2009|19:26] C:\ProgramData\sysqcl1129139270.dat
[23/09/2008|19:08] C:\ProgramData\Tarma Installer
[05/07/2008|12:44] C:\ProgramData\Telerik
[05/07/2008|14:24] C:\ProgramData\Telerik Corporation
[22/01/2009|23:26] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[19/07/2008|15:16] C:\ProgramData\TomTom
[31/01/2009|19:08] C:\ProgramData\TrackMania
[05/07/2008|09:13] C:\ProgramData\WinZip
[06/07/2008|09:13] C:\ProgramData\WLInstaller
[22/02/2009|19:05] C:\ProgramData\íëÇŽ3113>.sys

--------------------\\ Listing des dossiers dans C:\Program Files

[19/07/2008|15:21] C:\Program Files\.NET Terrarium 2.0
[22/02/2009|00:17] C:\Program Files\3D Flash Animator 4.9.8.7
[05/03/2008|19:18] C:\Program Files\3DSFMM2
[22/08/2008|19:12] C:\Program Files\7-Zip
[22/01/2009|16:51] C:\Program Files\Act-3D
[02/06/2007|12:06] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[27/07/2008|19:57] C:\Program Files\Activelock VB6 3.5.5
[27/07/2008|19:56] C:\Program Files\Activelock Wizard
[12/02/2009|17:55] C:\Program Files\Adobe
[05/01/2009|19:46] C:\Program Files\AGEIA Technologies
[23/09/2008|19:08] C:\Program Files\AllWebMenus5
[20/02/2009|13:04] C:\Program Files\AmitySource
[30/08/2008|16:26] C:\Program Files\ANI
[06/08/2008|15:15] C:\Program Files\Apple Software Update
[25/12/2008|21:12] C:\Program Files\Autodesk
[07/07/2008|12:46] C:\Program Files\AutoPlay Media Studio 7.0 Trial
[15/11/2008|22:03] C:\Program Files\AviSynth 2.5
[12/08/2008|10:52] C:\Program Files\BIAS
[25/10/2008|09:50] C:\Program Files\blaxxun Contact
[03/11/2008|17:46] C:\Program Files\Bodom-Child - RaBBi
[29/09/2008|18:10] C:\Program Files\Bonjour
[18/01/2009|22:06] C:\Program Files\BoxShot3D
[12/07/2008|13:32] C:\Program Files\CA VMN Anti-Spyware
[05/03/2008|19:52] C:\Program Files\Cavaj Java Decompiler
[22/02/2009|19:04] C:\Program Files\CoffeeCup Software
[08/02/2009|20:13] C:\Program Files\CollabNet Subversion Server
[14/02/2009|12:34] C:\Program Files\Common Files
[15/08/2008|19:47] C:\Program Files\Debugging Tools for Windows
[26/07/2008|11:12] C:\Program Files\decomp
[26/11/2008|19:21] C:\Program Files\Deluxe Menus Trial
[15/08/2008|11:51] C:\Program Files\Developer Express .NET v8.2
[17/08/2008|11:32] C:\Program Files\Divelements Limited
[29/09/2008|20:57] C:\Program Files\DivX
[30/08/2008|16:25] C:\Program Files\D-Link
[22/11/2008|12:39] C:\Program Files\eGaming
[14/12/2008|17:45] C:\Program Files\e-on software
[15/11/2008|21:59] C:\Program Files\eRightSoft
[22/11/2008|12:38] C:\Program Files\Explorations
[04/11/2008|19:48] C:\Program Files\fabFORCE
[22/11/2008|12:49] C:\Program Files\FFilmation Scene Editor
[04/07/2008|19:25] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[03/12/2008|16:56] C:\Program Files\FireFly Studios
[14/08/2008|20:48] C:\Program Files\FLV Player
[05/03/2008|21:48] C:\Program Files\Free Music Zilla
[03/12/2008|18:10] C:\Program Files\GameSpy Arcade
[08/02/2009|00:35] C:\Program Files\Google
[02/06/2007|11:48] C:\Program Files\HDReg
[29/01/2009|20:10] C:\Program Files\High-Logic
[03/11/2008|11:25] C:\Program Files\HotHotSoftware
[18/01/2009|23:11] C:\Program Files\Insofta Cover Commander
[14/07/2008|10:32] C:\Program Files\Install Creator Pro
[24/01/2009|18:37] C:\Program Files\InstallShield Installation Information
[16/01/2009|23:48] C:\Program Files\Internet Explorer
[04/12/2008|17:09] C:\Program Files\iPod
[04/12/2008|17:09] C:\Program Files\iTunes
[06/12/2008|10:32] C:\Program Files\Java
[03/10/2008|16:47] C:\Program Files\LimeWire
[04/10/2008|14:12] C:\Program Files\lpv
[03/01/2009|17:06] C:\Program Files\MakeHuman 0.9.1 RC1
[06/02/2009|15:10] C:\Program Files\Malwarebytes' Anti-Malware
[22/08/2008|19:27] C:\Program Files\McAfee
[09/02/2009|16:47] C:\Program Files\Messenger Plus! Live
[25/10/2008|11:20] C:\Program Files\MicroMouse Productions
[15/08/2008|19:48] C:\Program Files\Microsoft FxCop 1.35
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[15/08/2008|19:45] C:\Program Files\Microsoft Office
[05/07/2008|09:58] C:\Program Files\Microsoft SDKs
[23/10/2008|16:49] C:\Program Files\Microsoft Silverlight
[05/07/2008|10:22] C:\Program Files\Microsoft SQL Server Compact Edition
[05/07/2008|10:22] C:\Program Files\Microsoft Synchronization Services
[27/07/2008|09:40] C:\Program Files\Microsoft Visual Basic 2005 Power Packs
[12/08/2008|12:56] C:\Program Files\Microsoft Visual Studio 8
[05/07/2008|10:22] C:\Program Files\Microsoft Visual Studio 9.0
[02/06/2007|12:04] C:\Program Files\Microsoft Works
[31/01/2009|15:14] C:\Program Files\Microsoft Xbox 360 Accessories
[02/06/2007|12:04] C:\Program Files\Microsoft.NET
[30/01/2009|22:07] C:\Program Files\mIRC
[08/08/2008|18:03] C:\Program Files\Movie Maker
[27/12/2008|17:54] C:\Program Files\Mozilla Firefox
[31/12/2008|16:08] C:\Program Files\Mozilla Thunderbird
[02/11/2006|13:37] C:\Program Files\MSBuild
[05/07/2008|10:38] C:\Program Files\MSXML 4.0
[03/10/2008|17:41] C:\Program Files\MySQL
[12/12/2008|18:10] C:\Program Files\NetSend
[06/02/2009|15:34] C:\Program Files\Norton 360
[22/11/2008|15:59] C:\Program Files\OpenAL
[24/08/2008|17:57] C:\Program Files\Orange
[02/06/2007|12:06] C:\Program Files\Packard Bell
[16/07/2008|09:57] C:\Program Files\particleIllusion 3.0 demo
[14/07/2008|11:09] C:\Program Files\Patch Maker
[07/10/2008|17:59] C:\Program Files\PDF Image Extraction Wizard 3.0
[19/02/2009|13:04] C:\Program Files\PhotoFiltre Studio
[22/12/2008|14:41] C:\Program Files\Photosynth
[27/01/2009|20:28] C:\Program Files\Picasa2
[12/08/2008|10:49] C:\Program Files\Pinnacle
[05/02/2009|19:23] C:\Program Files\plasq
[12/12/2008|18:20] C:\Program Files\POV-Ray for Windows v3.6
[12/08/2008|10:50] C:\Program Files\proDAD
[17/08/2008|10:39] C:\Program Files\Quantum Software Solutions
[04/12/2008|17:06] C:\Program Files\QuickTime
[12/10/2008|08:21] C:\Program Files\Reallusion
[05/10/2008|18:10] C:\Program Files\Realm Crafter Demo
[02/06/2007|11:44] C:\Program Files\Realtek
[07/01/2009|14:14] C:\Program Files\REAPER
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[18/09/2008|18:55] C:\Program Files\RGEN Media
[02/06/2007|11:55] C:\Program Files\Roxio
[13/07/2008|15:12] C:\Program Files\RPG Maker VX
[19/11/2008|17:31] C:\Program Files\Safari
[11/07/2008|07:24] C:\Program Files\SAGEM
[07/02/2009|00:42] C:\Program Files\ScanSpyware
[27/07/2008|12:47] C:\Program Files\Scirra
[24/01/2009|18:36] C:\Program Files\Seagate
[19/07/2008|16:03] C:\Program Files\SEC
[11/07/2008|07:22] C:\Program Files\Securitoo
[02/06/2007|12:06] C:\Program Files\Skype
[08/10/2008|18:27] C:\Program Files\Smart Projects
[23/11/2008|12:07] C:\Program Files\Smoky City Design
[04/10/2008|07:59] C:\Program Files\SourceTec
[06/02/2009|15:34] C:\Program Files\Symantec
[04/07/2008|21:17] C:\Program Files\Tablet
[17/02/2009|12:39] C:\Program Files\tamasoftware
[27/07/2008|00:18] C:\Program Files\telerik
[25/07/2008|18:29] C:\Program Files\The Game Creators
[06/12/2008|14:33] C:\Program Files\ThiWeb Live 2
[14/09/2008|11:03] C:\Program Files\THQ
[31/01/2009|16:12] C:\Program Files\TmNationsForever
[19/07/2008|15:09] C:\Program Files\TomTom DesktopSuite
[19/07/2008|15:12] C:\Program Files\TomTom HOME 2
[14/02/2009|12:34] C:\Program Files\TortoiseSVN
[07/02/2009|09:58] C:\Program Files\Trend Micro
[05/01/2009|19:57] C:\Program Files\Tunafish
[15/11/2008|00:10] C:\Program Files\Ulead Particle.Plugin
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[15/01/2009|16:00] C:\Program Files\Utherverse Digital Inc
[07/10/2008|18:06] C:\Program Files\VeryPDF PDF2Image v2.1
[14/12/2008|17:08] C:\Program Files\VirtualDJ
[12/07/2008|13:31] C:\Program Files\Visicom Media
[01/12/2008|22:30] C:\Program Files\vj
[30/12/2008|12:05] C:\Program Files\Wide Angle Software
[30/12/2008|12:21] C:\Program Files\Winamp
[08/08/2008|18:03] C:\Program Files\Windows Calendar
[08/08/2008|18:03] C:\Program Files\Windows Collaboration
[08/08/2008|18:03] C:\Program Files\Windows Defender
[08/08/2008|18:03] C:\Program Files\Windows Journal
[31/10/2008|13:42] C:\Program Files\Windows Live
[14/01/2009|22:49] C:\Program Files\Windows Mail
[08/08/2008|18:03] C:\Program Files\Windows Media Player
[04/07/2008|19:25] C:\Program Files\Windows NT
[08/08/2008|18:03] C:\Program Files\Windows Photo Gallery
[08/08/2008|18:03] C:\Program Files\Windows Sidebar
[16/08/2008|11:45] C:\Program Files\winpwn
[07/07/2008|17:01] C:\Program Files\WinRAR
[05/07/2008|09:12] C:\Program Files\WinZip
[07/01/2009|19:19] C:\Program Files\Worldweaver
[16/11/2008|18:57] C:\Program Files\Xara
[16/12/2008|20:15] C:\Program Files\Yoono Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[10/02/2009|19:55] C:\Program Files\Common Files\Adobe
[22/11/2008|12:49] C:\Program Files\Common Files\Adobe AIR
[04/12/2008|17:09] C:\Program Files\Common Files\Apple
[25/12/2008|21:17] C:\Program Files\Common Files\Autodesk Shared
[22/08/2008|19:27] C:\Program Files\Common Files\Cisco Systems
[02/06/2007|12:04] C:\Program Files\Common Files\DESIGNER
[13/07/2008|15:14] C:\Program Files\Common Files\Enterbrain
[04/11/2008|19:48] C:\Program Files\Common Files\fabFORCE
[07/07/2008|17:10] C:\Program Files\Common Files\InstallShield
[26/07/2008|10:27] C:\Program Files\Common Files\Java
[07/07/2008|13:54] C:\Program Files\Common Files\Macrovision Shared
[22/08/2008|19:25] C:\Program Files\Common Files\McAfee
[04/02/2009|18:21] C:\Program Files\Common Files\microsoft shared
[12/08/2008|10:52] C:\Program Files\Common Files\MSSoap
[11/08/2008|19:19] C:\Program Files\Common Files\PC SOFT
[16/07/2008|19:37] C:\Program Files\Common Files\PX Storage Engine
[08/10/2008|19:11] C:\Program Files\Common Files\Reallusion
[02/06/2007|11:55] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/06/2007|12:06] C:\Program Files\Common Files\Skype
[02/06/2007|11:55] C:\Program Files\Common Files\Sonic Shared
[04/10/2008|07:59] C:\Program Files\Common Files\SourceTec
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/06/2007|11:55] C:\Program Files\Common Files\SureThing Shared
[07/02/2009|09:41] C:\Program Files\Common Files\Symantec Shared
[08/08/2008|18:03] C:\Program Files\Common Files\System
[27/07/2008|00:18] C:\Program Files\Common Files\Telerik
[14/02/2009|12:34] C:\Program Files\Common Files\TortoiseOverlays
[05/07/2008|10:08] C:\Program Files\Common Files\WindowsLiveInstaller
[05/02/2009|19:23] C:\Program Files\Common Files\Wise Installation Wizard
[16/11/2008|18:59] C:\Program Files\Common Files\Xara

--------------------\\ Process

( 99 Processes )

iexplore.exe ~ [PID:9268]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-23 00:04:03
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\Windows\System32\
please note that you need administrator rights to perform deep scan

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Ivan\Documents\3D\Bitmaps 2\crackly_dirt.0.tif
C:\Users\Ivan\Documents\3D\Bitmaps 2\cracks_tile.0.tif
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Cracks.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Narrow crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Round crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Simple crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Filters\Other Filters\Wide crack.flt
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Basic\Cracks.fnc
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Basic\Sparse cracks.fnc
C:\Users\Ivan\Documents\e-on software\Vue 6 xStream\Functions\Bumps\Complex cracks.fnc
C:\Users\Ivan\Documents\hugo\Alex\Albums\New jazz deluxe\202-crackpot-tippy_tippy_toe.mp3
C:\Users\Ivan\Documents\hugo\Alex\House\CRACKHAUS 40oz Funk.mp3

[F:55927][D:8993]-> C:\Users\Ivan\AppData\Local\Temp
[F:4832][D:1]-> C:\Users\Ivan\AppData\Roaming\MICROS~1\Windows\Cookies
[F:728][D:21]-> C:\Users\Ivan\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:16956][D:256]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 22/02/2009|17:49 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 23/02/2009| 0:10 - Option : [2]

--------------------\\ Fin du rapport a 0:10:04
[ UAC => 1 ]

-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 23 février 2009 à 16h24

voir son profil

envoyer un message privé

as tu tj des pub?
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 23 février 2009 à 18h26

voir son profil

envoyer un message privé

oui
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 23 février 2009 à 19h41

voir son profil

envoyer un message privé

cela viens peu être de Yoonos toolbar y en a quelqu'un qui on eu des soucis avec!
essaye de la desinstaler pour voir !
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 23 février 2009 à 22h20

voir son profil

envoyer un message privé

c'est con j'ai fais un stage chez eux
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

thedeejay le 23 février 2009 à 22h22

voir son profil

envoyer un message privé

je confirme ce n'est pas ca (j'etait testeur, je n'avais jammais eu de problèmes et la rien n'a changé...)
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 24 février 2009 à 09h15

voir son profil

envoyer un message privé

remet moi un hijackthis pour voir je suis passé surment a coté de quelque chose!
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 25 février 2009 à 00h14

voir son profil

envoyer un message privé

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:13:20, on 25/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\WTablet\TabUserW.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://simulbox.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; NaviWoo2.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; .NET CLR 1.1.4322; Tablet PC 2.0; .NET CLR 3.5.21022; Orange 8.0)" -"http://www.oncle-ernest.com/jeux/missiles.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.ca(...)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.(...)
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.(...)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\CollabNet Subversion Server\httpd\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Subversion Server (svnserve) - http://subversion.tigris.org/ - C:\Program Files\CollabNet Subversion Server\svnserve.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exe

--
End of file - 15111 bytes

voila! aussi Gopetlive dans la liste n'est pas à moi...
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 25 février 2009 à 21h01

voir son profil

envoyer un message privé

Bonjour,

Note: Cette procédure a été créée spécifiquement pour cet utilisateur ! Si vous n'êtes pas cet utilisateur en question, ne suivez pas ces instructions au risque d'endommager votre PC !!!

tu fermes tout les programmes ouverts y compris le navigateur. sauf ton anti-virus et pare-feux

Lance HijackThis

Clic sur "Do a system scan only"

Tu coches les lignes suivantes :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(.. .)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.ca(.. .)
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab

Fix checked
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

thedeejay le 28 février 2009 à 23h36

voir son profil

envoyer un message privé

ok je le fais maintenant (j'ai pas été prévenu de ta réponse, je suis venu car maintenant je recoit toutes les 2 min une pub pour des videos Gays...)
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

thedeejay le 28 février 2009 à 23h46

voir son profil

envoyer un message privé

voila!

j'ai toujours des pubs pour le Viagra... mais les gays ont disparus...
-------
maintenant le mot de la fin:
jZHEGFKJQFSDKVGQSVBJQSDHKDQSHG?JD
bon... ok sa veu rien dire. mais le fond reste le meme!!!

répondre

bibou0007 le 01 mars 2009 à 14h19

voir son profil

envoyer un message privé

telecharge Malwarebytes Anti-Malware
lien et tuto
suis les indications et poste le rapport dans ton prochain message.

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!

répondre

AIDE DU FORUM

Règles  |

Modes d'emploi  |

Présentez vous !

FORUMS THÉMATIQUES

Tutoriels  |

Windows et autres OS  |

Matériels (achat, configuration, pannes)  |

Logiciels  |

Accès Internet et réseaux  |

Sécurité (problèmes et logiciels pour y remédier)  |

Sites Internet  |

Photo et vidéo numériques  |

Jeux vidéo  |

Programmation

FORUMS GÉNÉRAUX

Réagissez aux articles de l'OI  |

Sommaires des précédents numéros de l'OI  |

Discussions diverses  |

Insolite

Forum de L'Ordinateur Individuel / Sécurité (problèmes et logiciels pour y remédier) / Virus et spywares/ Publicitées

mon espace

se connecter / s'inscrire

mot de passe oublié

publicité

Messages des modérateurs

avertissement virus msn
ATTENTION : faille de sécurité dans internet explorer
Vista 32 bits: 2 suites de gratuiciels.

A lire aussi
AIDE DU FORUM

FORUMS THÉMATIQUES
Publicitées

FORUMS GÉNÉRAUX

Application iPhone 01netpro

L’actualité Pro 24h/24, sur votre iPhone avec SAP.

abonnez vous gratuitement !
Actus
Voir le dernier numéro

Entreprise
Voir le dernier numéro



>> nos autres newsletters

recevez les actus en temps réel !
tous nos flux RSS tous nos podcasts

Qu'est ce qu'un flux RSS Comment accéder aux flux

01 INFORMATIQUE

L'hebdo de référence des décideurs informatiques.

découvrir   s'abonner   télécharger

MICRO HEBDO

L'hebdo qui vous simplifie la micro
et Internet.

découvrir   s'abonner   télécharger

L'ORDINATEUR INDIVIDUEL

Le mensuel informatique qui vous informe et vous conseille.

découvrir   s'abonner   télécharger

Nous contacter | Charte de confiance | Voir notice légale

01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM

Tous droits réservés © 1999 - 2009 Internext - 01net.

		Application iPhone 01netpro L’actualité Pro 24h/24, sur votre iPhone avec SAP.