svlrx
Newbie
Inscrit le: 23 Sep 2009
Message(s): 1
|
 Posté le: 23 Sep 2009 18:26 Sujet du message: Infection CiD |
 |
|
Bonjour,
Mon ordi est infesté par ces fameusespublcits intempestives. L'aalysea donné ceci, dois-je poursuivre avec la suppression des fichiers ?
Merci
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Mobile AMD Sempron(tm) Processor 3600+ )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Utilisateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1195 [VPS 080619-0] 4.8.1195 (Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:32 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:68 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 23/09/2009|17:59 )
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[04/02/2008|14:39] C:\Users\UTILIS~1\AppData\Local\Acer Arcade Deluxe
[26/01/2008|16:58] C:\Users\UTILIS~1\AppData\Local\acer eNM
[05/02/2008|10:36] C:\Users\UTILIS~1\AppData\Local\Adobe
[26/01/2008|16:56] C:\Users\UTILIS~1\AppData\Local\Application Data
[22/09/2009|15:18] C:\Users\UTILIS~1\AppData\Local\d3d9caps.dat
[31/08/2009|16:52] C:\Users\UTILIS~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[12/02/2008|10:53] C:\Users\UTILIS~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2009|13:52] C:\Users\UTILIS~1\AppData\Local\Google
[26/01/2008|16:56] C:\Users\UTILIS~1\AppData\Local\Historique
[23/09/2009|17:51] C:\Users\UTILIS~1\AppData\Local\IconCache.db
[06/06/2008|09:56] C:\Users\UTILIS~1\AppData\Local\Microsoft
[15/06/2009|20:11] C:\Users\UTILIS~1\AppData\Local\Microsoft Games
[15/06/2009|11:27] C:\Users\UTILIS~1\AppData\Local\Microsoft Help
[04/02/2008|14:34] C:\Users\UTILIS~1\AppData\Local\Mozilla
[21/03/2008|15:12] C:\Users\UTILIS~1\AppData\Local\Oberon Games
[26/01/2008|16:57] C:\Users\UTILIS~1\AppData\Local\PlayMovie
[04/02/2008|14:39] C:\Users\UTILIS~1\AppData\Local\PowerCinema
[22/05/2009|13:13] C:\Users\UTILIS~1\AppData\Local\S2PC
[23/09/2009|17:57] C:\Users\UTILIS~1\AppData\Local\Temp
[26/01/2008|16:56] C:\Users\UTILIS~1\AppData\Local\Temporary Internet Files
[25/08/2009|20:30] C:\Users\UTILIS~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[23/09/2009 17:53][--ah-----] C:\Windows\tasks\SA.DAT
[23/09/2009 17:51][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[26/07/2007|04:43] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[21/04/2008|10:19] C:\ProgramData\64SoftwareSoftware.b91ia9
[31/03/2008|11:18] C:\ProgramData\64SoftwareSoftware.vaf071
[31/03/2008|11:18] C:\ProgramData\64SoftwareSoftware.zutdvq
[19/02/2008|16:46] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/01/2008|16:53] C:\ProgramData\Bureau
[01/12/2007|14:18] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[20/08/2009|21:56] C:\ProgramData\Downloaded Installations
[26/01/2008|16:53] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[22/02/2008|14:30] C:\ProgramData\Forge of Games
[12/06/2009|15:18] C:\ProgramData\GamesBar
[16/03/2009|19:34] C:\ProgramData\Google
[31/03/2008|11:18] C:\ProgramData\Iso Web Bags Else
[21/04/2008|17:09] C:\ProgramData\LUUnInstall.LiveUpdate
[31/03/2008|11:19] C:\ProgramData\MEET HIDE COOL.cs2hc2q
[26/01/2008|16:53] C:\ProgramData\Menu D‚marrer
[12/02/2008|10:36] C:\ProgramData\Microsoft
[14/09/2009|19:08] C:\ProgramData\Microsoft Help
[26/01/2008|16:53] C:\ProgramData\ModŠles
[28/02/2008|14:23] C:\ProgramData\MumboJumbo
[27/08/2009|09:58] C:\ProgramData\NVIDIA
[23/09/2009|17:54] C:\ProgramData\nvModes.001
[23/09/2009|17:54] C:\ProgramData\nvModes.dat
[20/02/2008|14:00] C:\ProgramData\Sandlot Games
[11/08/2008|11:08] C:\ProgramData\services
[11/08/2008|11:07] C:\ProgramData\SoftLand Ltd
[23/09/2009|17:51] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[05/08/2008|09:21] C:\ProgramData\Symantec
[21/03/2008|15:12] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[28/03/2008|14:32] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[01/12/2007|14:17] C:\Program Files\Acer Arcade Deluxe
[12/06/2009|15:15] C:\Program Files\Acer GameZone
[01/12/2007|14:34] C:\Program Files\Acer Inc
[26/07/2007|04:43] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[11/07/2008|15:56] C:\Program Files\Adobe
[21/04/2008|15:34] C:\Program Files\Alwil Software
[24/06/2008|14:25] C:\Program Files\Antipub
[01/12/2007|14:32] C:\Program Files\Apoint2K
[22/05/2009|13:19] C:\Program Files\Common Files
[26/07/2007|03:29] C:\Program Files\CONEXANT
[26/07/2007|04:13] C:\Program Files\CyberLink
[07/07/2008|14:47] C:\Program Files\DivX
[21/04/2008|15:27] C:\Program Files\EoRezo
[26/01/2008|16:53] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[12/06/2009|15:17] C:\Program Files\GamesBar
[11/06/2009|12:54] C:\Program Files\Google
[22/05/2009|12:51] C:\Program Files\Hewlett-Packard
[22/05/2009|13:18] C:\Program Files\InstallShield Installation Information
[17/08/2009|13:51] C:\Program Files\Internet Explorer
[12/03/2008|13:19] C:\Program Files\Java
[01/12/2007|14:16] C:\Program Files\Launch Manager
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[12/02/2008|10:37] C:\Program Files\Microsoft Office
[12/02/2008|10:40] C:\Program Files\Microsoft Visual Studio
[12/02/2008|10:29] C:\Program Files\Microsoft Visual Studio 8
[11/06/2009|06:57] C:\Program Files\Microsoft Works
[26/07/2007|04:40] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[21/08/2009|18:45] C:\Program Files\Mozilla Firefox
[12/02/2008|10:42] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[04/02/2008|19:04] C:\Program Files\MSXML 4.0
[26/07/2007|04:11] C:\Program Files\NewTech Infosystems
[08/07/2008|12:18] C:\Program Files\PDFCreator
[22/05/2009|13:19] C:\Program Files\Readiris10
[12/03/2008|12:38] C:\Program Files\Real
[01/12/2007|14:19] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[22/05/2009|13:10] C:\Program Files\Samsung
[22/05/2009|13:19] C:\Program Files\SmarThru 4
[23/09/2009|17:52] C:\Program Files\Spybot - Search & Destroy
[21/07/2008|11:21] C:\Program Files\SpywareBlaster
[21/04/2008|17:09] C:\Program Files\Symantec
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[20/08/2009|15:29] C:\Program Files\VideoLAN
[04/02/2008|19:19] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[14/04/2009|18:56] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[28/03/2008|14:42] C:\Program Files\Windows Live
[14/09/2009|19:09] C:\Program Files\Windows Mail
[20/08/2009|10:58] C:\Program Files\Windows Media Player
[26/01/2008|16:53] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[04/02/2008|19:19] C:\Program Files\Windows Sidebar
[26/01/2008|16:56] C:\Program Files\Yahoo!
[22/05/2009|12:51] C:\Program Files\Zenographics
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[19/02/2008|16:46] C:\Program Files\Common Files\Adobe
[26/07/2007|04:40] C:\Program Files\Common Files\DESIGNER
[26/07/2007|04:13] C:\Program Files\Common Files\InstallShield
[12/03/2008|13:13] C:\Program Files\Common Files\Java
[26/07/2007|04:11] C:\Program Files\Common Files\LightScribe
[14/04/2009|18:54] C:\Program Files\Common Files\microsoft shared
[26/07/2007|04:11] C:\Program Files\Common Files\muvee Technologies
[26/07/2007|04:11] C:\Program Files\Common Files\NewTech Infosystems
[07/07/2008|14:47] C:\Program Files\Common Files\PX Storage Engine
[12/03/2008|12:39] C:\Program Files\Common Files\Real
[21/04/2008|16:04] C:\Program Files\Common Files\Sandlot Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[22/05/2009|13:19] C:\Program Files\Common Files\SRC Shared
[21/04/2008|17:09] C:\Program Files\Common Files\Symantec Shared
[12/02/2008|10:27] C:\Program Files\Common Files\System
[28/03/2008|14:42] C:\Program Files\Common Files\WindowsLiveInstaller
[12/03/2008|12:39] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 71 Processes )
iexplore.exe ~ [PID:3872]
iexplore.exe ~ [PID:4976]
--------------------\\ Recherche avec S_Lop
C:\ProgramData\64SoftwareSoftware.b91ia9
C:\ProgramData\64SoftwareSoftware.vaf071
C:\ProgramData\64SoftwareSoftware.zutdvq
C:\ProgramData\MEET HIDE COOL.cs2hc2q
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\Iso Web Bags Else
C:\ProgramData\Iso Web Bags Else\Chic Tick.exe
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@advertstream[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@d2.advertserve[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@adserver5[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@www.adserver5[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@advertising[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@bigpoint[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@fr.deepolis.bigpoint[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@banner.cotedazurpalace[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@cotedazurpalace[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@www.cotedazurpalace[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@adopt.euroclick[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@sr2.livemediasrv[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@sr2.livemediasrv[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@pacificpoker[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@partygaming.122.2o7[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@partypoker[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@banner.32vegas[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@www.lop[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@2xmoinscher[1].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@www.2xmoinscher[2].txt
C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies\utilisateur@888[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Deaf Thunk"="\"C:\\ProgramData\\64SoftwareSoftware.b91ia9\""
"Bags Else Hole Lite"="\"C:\\ProgramData\\MEET HIDE COOL.cs2hc2q\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-23 18:00:28
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
--------------------\\ ROGUES ..
C:\PROGRA~2\SoftLand Ltd
[F:225][D:57]-> C:\Users\UTILIS~1\AppData\Local\Temp
[F:947][D:1]-> C:\Users\UTILIS~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:3042][D:12]-> C:\Users\UTILIS~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:32][D:2]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 23/09/2009|18:05 - Option : [1]
--------------------\\ Fin du rapport a 18:05:15
[ UAC => 1 ] |
|
FAQ
Charte
Rechercher
Membres
S'enregistrer
Profil
Vérifier ses messages privés
Connexion
