[Résolu] Blocage du bureau

Archios · le 8 mars 2009

Bon et bien il semblerait que tu aies vu juste

Je suis rendu à la phase 4 et le PC refonctionne correctement. Je fais les scans et j'édite.

Concernant les antivirus multiples (j'aurais jamais pensé que ça pouvait venir de là ), j'avais seulement NOD32 à la base, mais j'ai voulu voir avec Avast s'il n'avait pas laissé passer quelques trucs (ensuite, le blocage au redémarrage ), et Antivir, c'est quand j'ai voulu testé le HijackThis..

EDIT:

Le Lop:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 1.70GHz )

BIOS : Default System BIOS

USER : Kevin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:127 Go (Free:98 Go)

D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

E:\ (CD or DVD)

F:\ (USB) - FAT - Total:1943 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [1] ( 08/03/2009|18:10 )

--------------------\\ Listing des dossiers dans APPLIC~1

[06/03/2009|22:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[12/11/2008|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[06/03/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic

[06/03/2009|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[30/01/2009|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET

[05/03/2009|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool

[07/03/2009|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[05/04/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[07/09/2006|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[18/08/2006|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism

[31/08/2008|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[29/09/2007|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[18/08/2006|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[06/12/2006|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[18/08/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/02/2008|19:24] C:\DOCUME~1\Kevin\APPLIC~1\Adobe

[30/01/2009|16:13] C:\DOCUME~1\Kevin\APPLIC~1\ESET

[06/01/2009|20:43] C:\DOCUME~1\Kevin\APPLIC~1\FireShot

[17/01/2009|14:06] C:\DOCUME~1\Kevin\APPLIC~1\gtk-2.0

[31/10/2008|12:37] C:\DOCUME~1\Kevin\APPLIC~1\Help

[27/08/2006|10:48] C:\DOCUME~1\Kevin\APPLIC~1\Identities

[05/03/2009|22:27] C:\DOCUME~1\Kevin\APPLIC~1\LimeWire

[27/08/2006|10:49] C:\DOCUME~1\Kevin\APPLIC~1\Macromedia

[07/03/2009|12:29] C:\DOCUME~1\Kevin\APPLIC~1\Malwarebytes

[06/11/2008|22:25] C:\DOCUME~1\Kevin\APPLIC~1\Microsoft

[19/05/2008|20:50] C:\DOCUME~1\Kevin\APPLIC~1\Mozilla

[09/03/2007|20:13] C:\DOCUME~1\Kevin\APPLIC~1\Notepad++

[23/01/2008|20:00] C:\DOCUME~1\Kevin\APPLIC~1\Nullriver

[08/03/2009|17:50] C:\DOCUME~1\Kevin\APPLIC~1\OpenOffice.org2

[13/11/2007|21:12] C:\DOCUME~1\Kevin\APPLIC~1\Sun

[16/05/2007|20:04] C:\DOCUME~1\Kevin\APPLIC~1\Symantec

[06/12/2008|13:24] C:\DOCUME~1\Kevin\APPLIC~1\SystemRequirementsLab

[24/05/2008|18:44] C:\DOCUME~1\Kevin\APPLIC~1\U3

[19/04/2008|19:22] C:\DOCUME~1\Kevin\APPLIC~1\VGA BIRD HELP

[21/01/2009|16:35] C:\DOCUME~1\Kevin\APPLIC~1\vlc

[26/10/2008|21:21] C:\DOCUME~1\Kevin\APPLIC~1\WinRAR

[25/05/2008|20:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[16/05/2007|18:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[22/03/2008|14:38] C:\DOCUME~1\Marion\APPLIC~1\Adobe

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Identities

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Macromedia

[30/06/2007|17:39] C:\DOCUME~1\Marion\APPLIC~1\Microsoft

[28/05/2008|16:39] C:\DOCUME~1\Marion\APPLIC~1\Mozilla

[01/06/2007|19:23] C:\DOCUME~1\Marion\APPLIC~1\Notepad++

[26/07/2008|12:14] C:\DOCUME~1\Marion\APPLIC~1\OpenOffice.org2

[19/04/2008|20:50] C:\DOCUME~1\Marion\APPLIC~1\Sun

[05/04/2008|14:37] C:\DOCUME~1\Marion\APPLIC~1\U3

[18/08/2006|16:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2008|17:54] C:\DOCUME~1\Parents\APPLIC~1\Adobe

[06/03/2009|22:20] C:\DOCUME~1\Parents\APPLIC~1\ESET

[18/08/2006|16:25] C:\DOCUME~1\Parents\APPLIC~1\Identities

[18/08/2006|18:36] C:\DOCUME~1\Parents\APPLIC~1\Macromedia

[03/01/2007|18:16] C:\DOCUME~1\Parents\APPLIC~1\Microsoft

[03/06/2008|15:55] C:\DOCUME~1\Parents\APPLIC~1\Mozilla

[18/08/2006|17:02] C:\DOCUME~1\Parents\APPLIC~1\Symantec

[11/04/2008|08:49] C:\DOCUME~1\Parents\APPLIC~1\VGA BIRD HELP

[15/03/2008|17:41] C:\DOCUME~1\Thomas\APPLIC~1\Adobe

[18/08/2006|18:03] C:\DOCUME~1\Thomas\APPLIC~1\Identities

[29/08/2006|19:58] C:\DOCUME~1\Thomas\APPLIC~1\Macromedia

[28/04/2008|11:34] C:\DOCUME~1\Thomas\APPLIC~1\Microsoft

[15/03/2008|17:39] C:\DOCUME~1\Thomas\APPLIC~1\Mozilla

[28/05/2008|10:41] C:\DOCUME~1\Thomas\APPLIC~1\OpenOffice.org2

[02/04/2008|17:45] C:\DOCUME~1\Thomas\APPLIC~1\Sun

[26/03/2008|10:56] C:\DOCUME~1\Thomas\APPLIC~1\U3

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[05/03/2009 20:31][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-688789844-725345543-1004.job

[05/03/2009 21:44][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[08/03/2009 17:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/08/2006|16:40] C:\Program Files\Adaptec

[12/11/2008|23:35] C:\Program Files\Adobe

[05/03/2009|21:05] C:\Program Files\Alwil Software

[06/03/2009|19:25] C:\Program Files\Avira

[18/08/2006|16:16] C:\Program Files\ComPlus Applications

[18/08/2006|16:35] C:\Program Files\CyberLink

[30/01/2009|16:07] C:\Program Files\ESET

[02/01/2009|16:43] C:\Program Files\Fichiers communs

[01/09/2008|09:41] C:\Program Files\InstallShield Installation Information

[20/01/2008|19:38] C:\Program Files\InterActual

[14/02/2009|01:13] C:\Program Files\Internet Explorer

[18/08/2006|17:27] C:\Program Files\Inventel

[13/01/2009|18:58] C:\Program Files\Java

[14/02/2009|11:31] C:\Program Files\LimeWire

[07/03/2009|12:29] C:\Program Files\Malwarebytes' Anti-Malware

[27/04/2007|08:38] C:\Program Files\McFunSoft Video Solution

[11/09/2008|19:24] C:\Program Files\Messenger

[31/08/2008|15:50] C:\Program Files\Messenger Plus! Live

[09/06/2007|17:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[18/08/2006|16:20] C:\Program Files\microsoft frontpage

[19/04/2008|20:43] C:\Program Files\Microsoft Office

[10/07/2008|20:18] C:\Program Files\mIRC

[11/09/2008|19:18] C:\Program Files\Movie Maker

[08/03/2009|18:08] C:\Program Files\Mozilla Firefox

[19/04/2008|20:37] C:\Program Files\MSECache

[18/08/2006|16:16] C:\Program Files\MSN

[18/08/2006|16:15] C:\Program Files\MSN Gaming Zone

[11/09/2008|19:15] C:\Program Files\NetMeeting

[23/04/2007|21:21] C:\Program Files\Notepad++

[07/09/2006|14:02] C:\Program Files\OfficeUpdate11

[19/04/2008|20:55] C:\Program Files\OpenOffice.org 2.4

[11/09/2008|19:15] C:\Program Files\Outlook Express

[22/03/2008|14:47] C:\Program Files\PhotoFiltre

[26/04/2007|19:23] C:\Program Files\Rapide Cr‚ateur D'Ic“ne

[18/08/2006|16:18] C:\Program Files\Services en ligne

[06/12/2008|13:26] C:\Program Files\SystemRequirementsLab

[23/02/2009|15:27] C:\Program Files\Tetris

[07/03/2009|13:25] C:\Program Files\trend micro

[18/08/2006|16:25] C:\Program Files\Uninstall Information

[01/11/2008|18:59] C:\Program Files\Veoh Networks

[05/04/2008|15:08] C:\Program Files\VGA BIRD HELP

[21/01/2009|16:29] C:\Program Files\VideoLAN

[19/03/2008|21:25] C:\Program Files\Windows Live

[30/11/2007|03:02] C:\Program Files\Windows Live Favorites

[30/11/2007|03:02] C:\Program Files\Windows Live Toolbar

[25/05/2008|20:25] C:\Program Files\Windows Media Connect 2

[11/09/2008|19:15] C:\Program Files\Windows Media Player

[11/09/2008|19:15] C:\Program Files\Windows NT

[18/08/2006|19:18] C:\Program Files\WindowsUpdate

[26/10/2008|21:21] C:\Program Files\WinRAR

[18/08/2006|16:20] C:\Program Files\xerox

[02/11/2008|18:05] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/08/2006|16:41] C:\Program Files\Fichiers communs\Adaptec Shared

[12/06/2008|20:20] C:\Program Files\Fichiers communs\Adobe

[07/09/2006|13:34] C:\Program Files\Fichiers communs\DESIGNER

[03/11/2007|18:07] C:\Program Files\Fichiers communs\InstallShield

[13/11/2007|21:07] C:\Program Files\Fichiers communs\Java

[12/06/2008|16:37] C:\Program Files\Fichiers communs\Microsoft Shared

[18/08/2006|16:17] C:\Program Files\Fichiers communs\MSSoap

[18/08/2006|17:02] C:\Program Files\Fichiers communs\ODBC

[18/08/2006|16:17] C:\Program Files\Fichiers communs\Services

[18/08/2006|17:01] C:\Program Files\Fichiers communs\SpeechEngines

[31/08/2008|13:33] C:\Program Files\Fichiers communs\Symantec Shared

[11/09/2008|19:15] C:\Program Files\Fichiers communs\System

[02/01/2009|16:43] C:\Program Files\Fichiers communs\TechSmith Shared

[19/03/2008|21:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 28 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool

C:\DOCUME~1\Kevin\Cookies\kevin@advertising[1].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"else tool title ping"="C:\\Documents and Settings\\All Users\\Application Data\\Loud spam else tool\\Bore Axis.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-08 18:13:14

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2804][D:297]-> C:\DOCUME~1\Kevin\LOCALS~1\Temp

[F:63][D:0]-> C:\DOCUME~1\Kevin\Cookies

[F:358][D:25]-> C:\DOCUME~1\Kevin\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/03/2009|18:15 - Option : [1]

--------------------\\ Fin du rapport a 18:15:17

Le RSID:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin at 2009-03-08 18:27:52

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 100 GB (77%) free of 131 GB

Total RAM: 255 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:28:13, on 08/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Kevin\Bureau\RSIT.exe

C:\Program Files\trend micro\Kevin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [else tool title ping] C:\Documents and Settings\All Users\Application Data\Loud spam else tool\Bore Axis.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by122fd.bay122.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155925053982

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--

End of file - 6536 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-688789844-725345543-1004.job

C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-10-09 463872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"PMXInit"=C:\WINDOWS\system32\pmxinit.exe [2001-10-23 745539]

"AdaptecDirectCD"=C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe [2001-10-09 655360]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-13 136600]

"else tool title ping"=C:\Documents and Settings\All Users\Application Data\Loud spam else tool\Bore Axis.exe []

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"Google Update"=C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 133104]

"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-10-09 3502840]

C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Démarrage

OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Accessoires\Veoh\VeohClient.exe"="C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Accessoires\Veoh\VeohClient.exe:*:Disabled:Veoh Client"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

shell\AutoRun\command - D:\run.bat

shell\configure\command - D:\run.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72e00513-c9e5-11dc-aa47-000b6b6b50d6}]

shell\AutoRun\command - F:\.pspware\PSPWareLauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d79a2296-f830-11dc-aa7d-000b6b6b50d6}]

shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-03-08 18:10:49 ----A---- C:\lopR.txt

2009-03-08 18:10:22 ----D---- C:\Lop SD

2009-03-08 17:54:19 ----D---- C:\WINDOWS\LastGood

2009-03-08 17:52:00 ----SHD---- C:\Config.Msi

2009-03-07 13:25:32 ----D---- C:\Program Files\trend micro

2009-03-07 13:25:30 ----D---- C:\rsit

2009-03-07 12:29:06 ----D---- C:\Documents and Settings\Kevin\Application Data\Malwarebytes

2009-03-07 12:28:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2009-03-07 12:28:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-03-06 19:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2009-03-06 19:25:04 ----D---- C:\Program Files\Avira

2009-03-06 19:25:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-03-06 18:35:57 ----A---- C:\WINDOWS\ntbtlog.txt

2009-03-05 21:05:25 ----D---- C:\Program Files\Alwil Software

2009-02-28 02:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2009-02-23 15:26:39 ----D---- C:\Program Files\Tetris

2009-02-14 01:14:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-08 18:18:21 ----D---- C:\Program Files\Mozilla Firefox

2009-03-08 17:57:35 ----D---- C:\WINDOWS\system32

2009-03-08 17:57:27 ----D---- C:\WINDOWS\system32\drivers

2009-03-08 17:56:08 ----SHD---- C:\WINDOWS\Installer

2009-03-08 17:55:22 ----D---- C:\WINDOWS\Temp

2009-03-08 17:55:19 ----HD---- C:\WINDOWS\inf

2009-03-08 17:54:27 ----D---- C:\WINDOWS\system32\CatRoot2

2009-03-08 17:54:19 ----D---- C:\WINDOWS

2009-03-08 17:50:38 ----D---- C:\Documents and Settings\Kevin\Application Data\OpenOffice.org2

2009-03-08 17:50:03 ----A---- C:\Documents and Settings\All Users\Application Data\DirectCDUserName.txt

2009-03-07 13:25:32 ----RD---- C:\Program Files

2009-03-06 18:36:34 ----D---- C:\Documents and Settings

2009-03-06 18:12:09 ----A---- C:\WINDOWS\OEWABLog.txt

2009-03-05 23:38:22 ----D---- C:\WINDOWS\system32\config

2009-03-05 22:29:52 ----D---- C:\Documents and Settings\All Users\Application Data\Loud spam else tool

2009-03-05 22:28:26 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-03-05 22:27:46 ----D---- C:\Documents and Settings\Kevin\Application Data\LimeWire

2009-03-05 21:07:29 ----D---- C:\WINDOWS\Prefetch

2009-02-28 02:22:14 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-02-27 19:32:32 ----HD---- C:\WINDOWS\$hf_mig$

2009-02-20 19:46:52 ----D---- C:\WINDOWS\Help

2009-02-14 11:31:27 ----D---- C:\Program Files\LimeWire

2009-02-14 11:19:45 ----SD---- C:\WINDOWS\Tasks

2009-02-14 01:14:04 ----A---- C:\WINDOWS\imsins.BAK

2009-02-14 01:13:40 ----D---- C:\Program Files\Internet Explorer

2009-02-14 01:13:30 ----D---- C:\WINDOWS\ie7updates

2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-09-28 9336]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-09-28 9464]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2001-10-09 233600]

R1 pwd_2K;pwd_2K; C:\WINDOWS\system32\drivers\pwd_2K.sys [2001-10-09 79414]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2001-10-09 205440]

R3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]

R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2001-10-09 19158]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]

R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCANDIS5.SYS []

R3 powervr;powervr; C:\WINDOWS\System32\DRIVERS\powervr.sys [2001-10-23 561952]

R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\System32\DRIVERS\PRISMA02.sys [2004-03-30 374816]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R4 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys []

R4 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys []

R4 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys []

S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2001-10-09 18182]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCAMPR5.SYS []

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]

S2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

S2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-06-09 1462272]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []

S4 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-08-28 3584]

-----------------EOF-----------------

Modifié le 8 mars 2009 par Archios

Thanos · le 8 mars 2009

cool j'analyse tes rapports et te donne la suite de la procédure...

Thanos · le 8 mars 2009

ok! une chose par rapport à ma précédente procédure: tu as oublié d'utiliser le fichier fix.reg: je me trompe ?

Télécharge le fichier et exécute le comme indiqué.

Sélectionne entièrement l'encadré ci-dessous , puis clique droit et choisis Copier

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool
C:\DOCUME~1\Kevin\Cookies\kevin@advertising[1].txt
C:\DOCUME~1\Kevin\APPLIC~1\VGA BIRD HELP
C:\DOCUME~1\Parents\APPLIC~1\VGA BIRD HELP
C:\Program Files\VGA BIRD HELP

Relance Lop S&D

Choisis cette fois ci l'Option 4 ( LopScript )

Une page blanche va s'ouvrir , clique droit dessus et choisis Coller

Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

Note: tu a bien réussi à désinstaller Avast, mais NOD32 s'est mal désinstallé: est ce que tu as reçu un message d'erreur lors de la désinstallation ?

Concernant les antivirus multiples (j'aurais jamais pensé que ça pouvait venir de là icon_biggrin.gif ), j'avais seulement NOD32 à la base, mais j'ai voulu voir avec Avast s'il n'avait pas laissé passer quelques trucs (ensuite, le blocage au redémarrage doh.gif ), et Antivir, c'est quand j'ai voulu testé le HijackThis..

Oui, le problème c'est que tous ces programmes fonctionnent en tâche de fond et scannent le disque dur en même temps (en temps réel) et du coup ca cause de gros ralentissements voire des plantages! De plus ca réduit l'efficacité des programmes et le pc n'est plus vraiment protégé...

Télécharge et exécute le fichier Fix.reg puis lance le script avec LOP S&D comme indiqué ci-dessus.

Poste stp le rapport de LOP S&D

Archios · le 8 mars 2009

Le lop (option 1):

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 1.70GHz )

BIOS : Default System BIOS

USER : Kevin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:127 Go (Free:98 Go)

D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [1] ( 08/03/2009|20:40 )

--------------------\\ Listing des dossiers dans APPLIC~1

[06/03/2009|22:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[12/11/2008|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[06/03/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic

[06/03/2009|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[30/01/2009|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET

[07/03/2009|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[05/04/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[07/09/2006|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[18/08/2006|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism

[31/08/2008|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[29/09/2007|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[18/08/2006|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[06/12/2006|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[18/08/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/02/2008|19:24] C:\DOCUME~1\Kevin\APPLIC~1\Adobe

[30/01/2009|16:13] C:\DOCUME~1\Kevin\APPLIC~1\ESET

[06/01/2009|20:43] C:\DOCUME~1\Kevin\APPLIC~1\FireShot

[17/01/2009|14:06] C:\DOCUME~1\Kevin\APPLIC~1\gtk-2.0

[31/10/2008|12:37] C:\DOCUME~1\Kevin\APPLIC~1\Help

[27/08/2006|10:48] C:\DOCUME~1\Kevin\APPLIC~1\Identities

[05/03/2009|22:27] C:\DOCUME~1\Kevin\APPLIC~1\LimeWire

[27/08/2006|10:49] C:\DOCUME~1\Kevin\APPLIC~1\Macromedia

[07/03/2009|12:29] C:\DOCUME~1\Kevin\APPLIC~1\Malwarebytes

[06/11/2008|22:25] C:\DOCUME~1\Kevin\APPLIC~1\Microsoft

[19/05/2008|20:50] C:\DOCUME~1\Kevin\APPLIC~1\Mozilla

[09/03/2007|20:13] C:\DOCUME~1\Kevin\APPLIC~1\Notepad++

[23/01/2008|20:00] C:\DOCUME~1\Kevin\APPLIC~1\Nullriver

[08/03/2009|17:50] C:\DOCUME~1\Kevin\APPLIC~1\OpenOffice.org2

[13/11/2007|21:12] C:\DOCUME~1\Kevin\APPLIC~1\Sun

[16/05/2007|20:04] C:\DOCUME~1\Kevin\APPLIC~1\Symantec

[06/12/2008|13:24] C:\DOCUME~1\Kevin\APPLIC~1\SystemRequirementsLab

[24/05/2008|18:44] C:\DOCUME~1\Kevin\APPLIC~1\U3

[21/01/2009|16:35] C:\DOCUME~1\Kevin\APPLIC~1\vlc

[26/10/2008|21:21] C:\DOCUME~1\Kevin\APPLIC~1\WinRAR

[25/05/2008|20:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[16/05/2007|18:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[22/03/2008|14:38] C:\DOCUME~1\Marion\APPLIC~1\Adobe

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Identities

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Macromedia

[30/06/2007|17:39] C:\DOCUME~1\Marion\APPLIC~1\Microsoft

[28/05/2008|16:39] C:\DOCUME~1\Marion\APPLIC~1\Mozilla

[01/06/2007|19:23] C:\DOCUME~1\Marion\APPLIC~1\Notepad++

[26/07/2008|12:14] C:\DOCUME~1\Marion\APPLIC~1\OpenOffice.org2

[19/04/2008|20:50] C:\DOCUME~1\Marion\APPLIC~1\Sun

[05/04/2008|14:37] C:\DOCUME~1\Marion\APPLIC~1\U3

[18/08/2006|16:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2008|17:54] C:\DOCUME~1\Parents\APPLIC~1\Adobe

[06/03/2009|22:20] C:\DOCUME~1\Parents\APPLIC~1\ESET

[18/08/2006|16:25] C:\DOCUME~1\Parents\APPLIC~1\Identities

[18/08/2006|18:36] C:\DOCUME~1\Parents\APPLIC~1\Macromedia

[03/01/2007|18:16] C:\DOCUME~1\Parents\APPLIC~1\Microsoft

[03/06/2008|15:55] C:\DOCUME~1\Parents\APPLIC~1\Mozilla

[18/08/2006|17:02] C:\DOCUME~1\Parents\APPLIC~1\Symantec

[15/03/2008|17:41] C:\DOCUME~1\Thomas\APPLIC~1\Adobe

[18/08/2006|18:03] C:\DOCUME~1\Thomas\APPLIC~1\Identities

[29/08/2006|19:58] C:\DOCUME~1\Thomas\APPLIC~1\Macromedia

[28/04/2008|11:34] C:\DOCUME~1\Thomas\APPLIC~1\Microsoft

[15/03/2008|17:39] C:\DOCUME~1\Thomas\APPLIC~1\Mozilla

[28/05/2008|10:41] C:\DOCUME~1\Thomas\APPLIC~1\OpenOffice.org2

[02/04/2008|17:45] C:\DOCUME~1\Thomas\APPLIC~1\Sun

[26/03/2008|10:56] C:\DOCUME~1\Thomas\APPLIC~1\U3

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/03/2009 20:07][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-688789844-725345543-1004.job

[08/03/2009 19:44][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[08/03/2009 17:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/08/2006|16:40] C:\Program Files\Adaptec

[12/11/2008|23:35] C:\Program Files\Adobe

[05/03/2009|21:05] C:\Program Files\Alwil Software

[06/03/2009|19:25] C:\Program Files\Avira

[18/08/2006|16:16] C:\Program Files\ComPlus Applications

[18/08/2006|16:35] C:\Program Files\CyberLink

[30/01/2009|16:07] C:\Program Files\ESET

[02/01/2009|16:43] C:\Program Files\Fichiers communs

[01/09/2008|09:41] C:\Program Files\InstallShield Installation Information

[20/01/2008|19:38] C:\Program Files\InterActual

[14/02/2009|01:13] C:\Program Files\Internet Explorer

[18/08/2006|17:27] C:\Program Files\Inventel

[13/01/2009|18:58] C:\Program Files\Java

[14/02/2009|11:31] C:\Program Files\LimeWire

[07/03/2009|12:29] C:\Program Files\Malwarebytes' Anti-Malware

[27/04/2007|08:38] C:\Program Files\McFunSoft Video Solution

[11/09/2008|19:24] C:\Program Files\Messenger

[31/08/2008|15:50] C:\Program Files\Messenger Plus! Live

[09/06/2007|17:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[18/08/2006|16:20] C:\Program Files\microsoft frontpage

[19/04/2008|20:43] C:\Program Files\Microsoft Office

[10/07/2008|20:18] C:\Program Files\mIRC

[11/09/2008|19:18] C:\Program Files\Movie Maker

[08/03/2009|18:18] C:\Program Files\Mozilla Firefox

[19/04/2008|20:37] C:\Program Files\MSECache

[18/08/2006|16:16] C:\Program Files\MSN

[18/08/2006|16:15] C:\Program Files\MSN Gaming Zone

[11/09/2008|19:15] C:\Program Files\NetMeeting

[23/04/2007|21:21] C:\Program Files\Notepad++

[07/09/2006|14:02] C:\Program Files\OfficeUpdate11

[19/04/2008|20:55] C:\Program Files\OpenOffice.org 2.4

[11/09/2008|19:15] C:\Program Files\Outlook Express

[22/03/2008|14:47] C:\Program Files\PhotoFiltre

[26/04/2007|19:23] C:\Program Files\Rapide Cr‚ateur D'Ic“ne

[18/08/2006|16:18] C:\Program Files\Services en ligne

[06/12/2008|13:26] C:\Program Files\SystemRequirementsLab

[23/02/2009|15:27] C:\Program Files\Tetris

[08/03/2009|18:28] C:\Program Files\trend micro

[18/08/2006|16:25] C:\Program Files\Uninstall Information

[01/11/2008|18:59] C:\Program Files\Veoh Networks

[21/01/2009|16:29] C:\Program Files\VideoLAN

[19/03/2008|21:25] C:\Program Files\Windows Live

[30/11/2007|03:02] C:\Program Files\Windows Live Favorites

[30/11/2007|03:02] C:\Program Files\Windows Live Toolbar

[25/05/2008|20:25] C:\Program Files\Windows Media Connect 2

[11/09/2008|19:15] C:\Program Files\Windows Media Player

[11/09/2008|19:15] C:\Program Files\Windows NT

[18/08/2006|19:18] C:\Program Files\WindowsUpdate

[26/10/2008|21:21] C:\Program Files\WinRAR

[18/08/2006|16:20] C:\Program Files\xerox

[02/11/2008|18:05] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/08/2006|16:41] C:\Program Files\Fichiers communs\Adaptec Shared

[12/06/2008|20:20] C:\Program Files\Fichiers communs\Adobe

[07/09/2006|13:34] C:\Program Files\Fichiers communs\DESIGNER

[03/11/2007|18:07] C:\Program Files\Fichiers communs\InstallShield

[13/11/2007|21:07] C:\Program Files\Fichiers communs\Java

[12/06/2008|16:37] C:\Program Files\Fichiers communs\Microsoft Shared

[18/08/2006|16:17] C:\Program Files\Fichiers communs\MSSoap

[18/08/2006|17:02] C:\Program Files\Fichiers communs\ODBC

[18/08/2006|16:17] C:\Program Files\Fichiers communs\Services

[18/08/2006|17:01] C:\Program Files\Fichiers communs\SpeechEngines

[31/08/2008|13:33] C:\Program Files\Fichiers communs\Symantec Shared

[11/09/2008|19:15] C:\Program Files\Fichiers communs\System

[02/01/2009|16:43] C:\Program Files\Fichiers communs\TechSmith Shared

[19/03/2008|21:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 30 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-08 20:42:43

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2804][D:297]-> C:\DOCUME~1\Kevin\LOCALS~1\Temp

[F:62][D:0]-> C:\DOCUME~1\Kevin\Cookies

[F:359][D:25]-> C:\DOCUME~1\Kevin\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/03/2009|18:15 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 08/03/2009|20:01 - Option : [4]

3 - "C:\Lop SD\LopR_3.txt" - 08/03/2009|20:44 - Option : [1]

--------------------\\ Fin du rapport a 20:44:40

C'est bon?

Le LopScript:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 1.70GHz )

BIOS : Default System BIOS

USER : Kevin ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Not Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:127 Go (Free:98 Go)

D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [4] ( 08/03/2009|19:57 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool

C:\DOCUME~1\Kevin\Cookies\kevin@advertising[1].txt

C:\DOCUME~1\Kevin\APPLIC~1\VGA BIRD HELP

C:\DOCUME~1\Parents\APPLIC~1\VGA BIRD HELP

C:\Program Files\VGA BIRD HELP

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\Kevin\Cookies\kevin@advertising[1].txt

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Loud spam else tool

Supprime! - C:\DOCUME~1\Kevin\APPLIC~1\VGA BIRD HELP

Supprime! - C:\DOCUME~1\Parents\APPLIC~1\VGA BIRD HELP

Supprime! - C:\Program Files\VGA BIRD HELP

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[06/03/2009|22:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[12/11/2008|23:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe

[06/03/2009|22:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic

[06/03/2009|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira

[30/01/2009|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET

[07/03/2009|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes

[05/04/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!

[07/09/2006|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft

[18/08/2006|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prism

[31/08/2008|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec

[29/09/2007|16:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP

[18/08/2006|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[06/12/2006|20:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar

[19/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[18/08/2006|16:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/02/2008|19:24] C:\DOCUME~1\Kevin\APPLIC~1\Adobe

[30/01/2009|16:13] C:\DOCUME~1\Kevin\APPLIC~1\ESET

[06/01/2009|20:43] C:\DOCUME~1\Kevin\APPLIC~1\FireShot

[17/01/2009|14:06] C:\DOCUME~1\Kevin\APPLIC~1\gtk-2.0

[31/10/2008|12:37] C:\DOCUME~1\Kevin\APPLIC~1\Help

[27/08/2006|10:48] C:\DOCUME~1\Kevin\APPLIC~1\Identities

[05/03/2009|22:27] C:\DOCUME~1\Kevin\APPLIC~1\LimeWire

[27/08/2006|10:49] C:\DOCUME~1\Kevin\APPLIC~1\Macromedia

[07/03/2009|12:29] C:\DOCUME~1\Kevin\APPLIC~1\Malwarebytes

[06/11/2008|22:25] C:\DOCUME~1\Kevin\APPLIC~1\Microsoft

[19/05/2008|20:50] C:\DOCUME~1\Kevin\APPLIC~1\Mozilla

[09/03/2007|20:13] C:\DOCUME~1\Kevin\APPLIC~1\Notepad++

[23/01/2008|20:00] C:\DOCUME~1\Kevin\APPLIC~1\Nullriver

[08/03/2009|17:50] C:\DOCUME~1\Kevin\APPLIC~1\OpenOffice.org2

[13/11/2007|21:12] C:\DOCUME~1\Kevin\APPLIC~1\Sun

[16/05/2007|20:04] C:\DOCUME~1\Kevin\APPLIC~1\Symantec

[06/12/2008|13:24] C:\DOCUME~1\Kevin\APPLIC~1\SystemRequirementsLab

[24/05/2008|18:44] C:\DOCUME~1\Kevin\APPLIC~1\U3

[21/01/2009|16:35] C:\DOCUME~1\Kevin\APPLIC~1\vlc

[26/10/2008|21:21] C:\DOCUME~1\Kevin\APPLIC~1\WinRAR

[25/05/2008|20:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[16/05/2007|18:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[22/03/2008|14:38] C:\DOCUME~1\Marion\APPLIC~1\Adobe

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Identities

[27/08/2006|09:28] C:\DOCUME~1\Marion\APPLIC~1\Macromedia

[30/06/2007|17:39] C:\DOCUME~1\Marion\APPLIC~1\Microsoft

[28/05/2008|16:39] C:\DOCUME~1\Marion\APPLIC~1\Mozilla

[01/06/2007|19:23] C:\DOCUME~1\Marion\APPLIC~1\Notepad++

[26/07/2008|12:14] C:\DOCUME~1\Marion\APPLIC~1\OpenOffice.org2

[19/04/2008|20:50] C:\DOCUME~1\Marion\APPLIC~1\Sun

[05/04/2008|14:37] C:\DOCUME~1\Marion\APPLIC~1\U3

[18/08/2006|16:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[19/02/2008|17:54] C:\DOCUME~1\Parents\APPLIC~1\Adobe

[06/03/2009|22:20] C:\DOCUME~1\Parents\APPLIC~1\ESET

[18/08/2006|16:25] C:\DOCUME~1\Parents\APPLIC~1\Identities

[18/08/2006|18:36] C:\DOCUME~1\Parents\APPLIC~1\Macromedia

[03/01/2007|18:16] C:\DOCUME~1\Parents\APPLIC~1\Microsoft

[03/06/2008|15:55] C:\DOCUME~1\Parents\APPLIC~1\Mozilla

[18/08/2006|17:02] C:\DOCUME~1\Parents\APPLIC~1\Symantec

[15/03/2008|17:41] C:\DOCUME~1\Thomas\APPLIC~1\Adobe

[18/08/2006|18:03] C:\DOCUME~1\Thomas\APPLIC~1\Identities

[29/08/2006|19:58] C:\DOCUME~1\Thomas\APPLIC~1\Macromedia

[28/04/2008|11:34] C:\DOCUME~1\Thomas\APPLIC~1\Microsoft

[15/03/2008|17:39] C:\DOCUME~1\Thomas\APPLIC~1\Mozilla

[28/05/2008|10:41] C:\DOCUME~1\Thomas\APPLIC~1\OpenOffice.org2

[02/04/2008|17:45] C:\DOCUME~1\Thomas\APPLIC~1\Sun

[26/03/2008|10:56] C:\DOCUME~1\Thomas\APPLIC~1\U3

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/03/2009 18:51][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-688789844-725345543-1004.job

[08/03/2009 19:44][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job

[08/03/2009 17:49][--ah-----] C:\WINDOWS\tasks\SA.DAT

[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[18/08/2006|16:40] C:\Program Files\Adaptec

[12/11/2008|23:35] C:\Program Files\Adobe

[05/03/2009|21:05] C:\Program Files\Alwil Software

[06/03/2009|19:25] C:\Program Files\Avira

[18/08/2006|16:16] C:\Program Files\ComPlus Applications

[18/08/2006|16:35] C:\Program Files\CyberLink

[30/01/2009|16:07] C:\Program Files\ESET

[02/01/2009|16:43] C:\Program Files\Fichiers communs

[01/09/2008|09:41] C:\Program Files\InstallShield Installation Information

[20/01/2008|19:38] C:\Program Files\InterActual

[14/02/2009|01:13] C:\Program Files\Internet Explorer

[18/08/2006|17:27] C:\Program Files\Inventel

[13/01/2009|18:58] C:\Program Files\Java

[14/02/2009|11:31] C:\Program Files\LimeWire

[07/03/2009|12:29] C:\Program Files\Malwarebytes' Anti-Malware

[27/04/2007|08:38] C:\Program Files\McFunSoft Video Solution

[11/09/2008|19:24] C:\Program Files\Messenger

[31/08/2008|15:50] C:\Program Files\Messenger Plus! Live

[09/06/2007|17:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2

[18/08/2006|16:20] C:\Program Files\microsoft frontpage

[19/04/2008|20:43] C:\Program Files\Microsoft Office

[10/07/2008|20:18] C:\Program Files\mIRC

[11/09/2008|19:18] C:\Program Files\Movie Maker

[08/03/2009|18:18] C:\Program Files\Mozilla Firefox

[19/04/2008|20:37] C:\Program Files\MSECache

[18/08/2006|16:16] C:\Program Files\MSN

[18/08/2006|16:15] C:\Program Files\MSN Gaming Zone

[11/09/2008|19:15] C:\Program Files\NetMeeting

[23/04/2007|21:21] C:\Program Files\Notepad++

[07/09/2006|14:02] C:\Program Files\OfficeUpdate11

[19/04/2008|20:55] C:\Program Files\OpenOffice.org 2.4

[11/09/2008|19:15] C:\Program Files\Outlook Express

[22/03/2008|14:47] C:\Program Files\PhotoFiltre

[26/04/2007|19:23] C:\Program Files\Rapide Cr‚ateur D'Ic“ne

[18/08/2006|16:18] C:\Program Files\Services en ligne

[06/12/2008|13:26] C:\Program Files\SystemRequirementsLab

[23/02/2009|15:27] C:\Program Files\Tetris

[08/03/2009|18:28] C:\Program Files\trend micro

[18/08/2006|16:25] C:\Program Files\Uninstall Information

[01/11/2008|18:59] C:\Program Files\Veoh Networks

[21/01/2009|16:29] C:\Program Files\VideoLAN

[19/03/2008|21:25] C:\Program Files\Windows Live

[30/11/2007|03:02] C:\Program Files\Windows Live Favorites

[30/11/2007|03:02] C:\Program Files\Windows Live Toolbar

[25/05/2008|20:25] C:\Program Files\Windows Media Connect 2

[11/09/2008|19:15] C:\Program Files\Windows Media Player

[11/09/2008|19:15] C:\Program Files\Windows NT

[18/08/2006|19:18] C:\Program Files\WindowsUpdate

[26/10/2008|21:21] C:\Program Files\WinRAR

[18/08/2006|16:20] C:\Program Files\xerox

[02/11/2008|18:05] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[18/08/2006|16:41] C:\Program Files\Fichiers communs\Adaptec Shared

[12/06/2008|20:20] C:\Program Files\Fichiers communs\Adobe

[07/09/2006|13:34] C:\Program Files\Fichiers communs\DESIGNER

[03/11/2007|18:07] C:\Program Files\Fichiers communs\InstallShield

[13/11/2007|21:07] C:\Program Files\Fichiers communs\Java

[12/06/2008|16:37] C:\Program Files\Fichiers communs\Microsoft Shared

[18/08/2006|16:17] C:\Program Files\Fichiers communs\MSSoap

[18/08/2006|17:02] C:\Program Files\Fichiers communs\ODBC

[18/08/2006|16:17] C:\Program Files\Fichiers communs\Services

[18/08/2006|17:01] C:\Program Files\Fichiers communs\SpeechEngines

[31/08/2008|13:33] C:\Program Files\Fichiers communs\Symantec Shared

[11/09/2008|19:15] C:\Program Files\Fichiers communs\System

[02/01/2009|16:43] C:\Program Files\Fichiers communs\TechSmith Shared

[19/03/2008|21:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 28 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-08 20:00:15

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2804][D:297]-> C:\DOCUME~1\Kevin\LOCALS~1\Temp

[F:62][D:0]-> C:\DOCUME~1\Kevin\Cookies

[F:359][D:25]-> C:\DOCUME~1\Kevin\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/03/2009|18:15 - Option : [1]

2 - "C:\Lop SD\LopR_2.txt" - 08/03/2009|20:01 - Option : [4]

--------------------\\ Fin du rapport a 20:01:35

Je regarde pour NOD32...

Modifié le 8 mars 2009 par Archios

Thanos · le 8 mars 2009

ok, LOP S&D a fait le boulot et tu es débarrassé de l'adware CID

Pour info, L'infection CID (éliminée grace à LOP S&D), on la crée nous même sans le savoir lors de l'installation de Messenger Plus! Live & Sponsor. (et de certains programmes du type BitTorrent)

Lorsque tu installes ce programme, il ne faut surtout pas accepter les sponsors > il faut cocher le bouton radio "Je refuse d'apporter mon soutien...." >>

Je regarde pour NOD32...

Est ce que tu as mis un mot de passe pour restreindre l'accès au paramètres de NOD32 ? Est ce qu'il t'a été demandé lors de la désinstallation (l'as tu oublié) ?

Si la désinstallation normale (via le Panneau de Configuration) ne fonctionne pas, on fera autrement.

Poste stp un nouveau rapport RSIT: ne poste que le rapport log.txt.

Modifié le 8 mars 2009 par Thanos

Archios · le 9 mars 2009

Voila, je pense que c'est bon pour le Nod32... ^^

Logfile of random's system information tool 1.05 (written by random/random)
Run by Kevin at 2009-03-09 15:57:11

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 100 GB (77%) free of 131 GB

Total RAM: 255 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:57:18, on 09/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Inventel\Gateway\wlancfg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.exe

C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\Kevin\Bureau\RSIT.exe

C:\Program Files\trend micro\Kevin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by122fd.bay122.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1155925053982

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--

End of file - 6465 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-688789844-725345543-1004.job

C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-10-09 463872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"PMXInit"=C:\WINDOWS\system32\pmxinit.exe [2001-10-23 745539]

"AdaptecDirectCD"=C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe [2001-10-09 655360]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-13 136600]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"Google Update"=C:\Documents and Settings\Kevin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 133104]

"VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-10-09 3502840]

C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Démarrage

OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Accessoires\Veoh\VeohClient.exe"="C:\Documents and Settings\Kevin\Menu Démarrer\Programmes\Accessoires\Veoh\VeohClient.exe:*:Disabled:Veoh Client"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72e00513-c9e5-11dc-aa47-000b6b6b50d6}]

shell\AutoRun\command - F:\.pspware\PSPWareLauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0446a95-2ed3-11db-a144-806d6172696f}]

shell\AutoRun\command - D:\run.bat

shell\configure\command - D:\run.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d79a2296-f830-11dc-aa7d-000b6b6b50d6}]

shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-03-08 18:10:49 ----A---- C:\lopR.txt

2009-03-08 18:10:22 ----D---- C:\Lop SD

2009-03-07 13:25:32 ----D---- C:\Program Files\trend micro

2009-03-07 13:25:30 ----D---- C:\rsit

2009-03-07 12:29:06 ----D---- C:\Documents and Settings\Kevin\Application Data\Malwarebytes

2009-03-07 12:28:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2009-03-07 12:28:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-03-06 19:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic

2009-03-06 19:25:04 ----D---- C:\Program Files\Avira

2009-03-06 19:25:04 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-03-06 18:35:57 ----A---- C:\WINDOWS\ntbtlog.txt

2009-03-05 21:05:25 ----D---- C:\Program Files\Alwil Software

2009-02-28 02:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2009-02-23 15:26:39 ----D---- C:\Program Files\Tetris

2009-02-14 01:14:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

======List of files/folders modified in the last 1 months======

2009-03-09 15:51:29 ----D---- C:\WINDOWS\Prefetch

2009-03-09 15:35:44 ----D---- C:\Program Files\Mozilla Firefox

2009-03-09 15:34:05 ----RD---- C:\Program Files

2009-03-09 15:27:36 ----D---- C:\Documents and Settings\Kevin\Application Data\OpenOffice.org2

2009-03-09 15:26:54 ----A---- C:\Documents and Settings\All Users\Application Data\DirectCDUserName.txt

2009-03-09 15:26:36 ----D---- C:\WINDOWS\Temp

2009-03-09 15:26:35 ----D---- C:\WINDOWS

2009-03-09 00:40:19 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-03-09 00:40:03 ----SHD---- C:\WINDOWS\Installer

2009-03-09 00:40:00 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-03-08 20:50:21 ----D---- C:\WINDOWS\system32\CatRoot2

2009-03-08 17:57:35 ----D---- C:\WINDOWS\system32

2009-03-08 17:57:27 ----D---- C:\WINDOWS\system32\drivers

2009-03-08 17:55:19 ----HD---- C:\WINDOWS\inf

2009-03-06 18:36:34 ----D---- C:\Documents and Settings

2009-03-06 18:12:09 ----A---- C:\WINDOWS\OEWABLog.txt

2009-03-05 23:38:22 ----D---- C:\WINDOWS\system32\config

2009-03-05 22:27:46 ----D---- C:\Documents and Settings\Kevin\Application Data\LimeWire

2009-02-28 02:22:14 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-02-27 19:32:32 ----HD---- C:\WINDOWS\$hf_mig$

2009-02-20 19:46:52 ----D---- C:\WINDOWS\Help

2009-02-14 11:31:27 ----D---- C:\Program Files\LimeWire

2009-02-14 11:19:45 ----SD---- C:\WINDOWS\Tasks

2009-02-14 01:14:04 ----A---- C:\WINDOWS\imsins.BAK

2009-02-14 01:13:40 ----D---- C:\Program Files\Internet Explorer

2009-02-14 01:13:30 ----D---- C:\WINDOWS\ie7updates

2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-09-28 9336]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-09-28 9464]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2001-10-09 233600]

R1 pwd_2K;pwd_2K; C:\WINDOWS\system32\drivers\pwd_2K.sys [2001-10-09 79414]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2001-10-09 205440]

R3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]

R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [2001-08-23 908000]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2001-10-09 19158]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288]

R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCANDIS5.SYS []

R3 powervr;powervr; C:\WINDOWS\System32\DRIVERS\powervr.sys [2001-10-23 561952]

R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\System32\DRIVERS\PRISMA02.sys [2004-03-30 374816]

R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2001-10-09 18182]

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\System32\PCAMPR5.SYS []

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]

R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-06-09 1462272]

S2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-08-28 3584]

-----------------EOF-----------------

Thanos · le 9 mars 2009

re!

Voila, je pense que c'est bon pour le Nod32... ^^

Oui la plupart des drivers ont disparu ceci dit, il reste un service à supprimer >>

Ouvre le Menu Démarrer > Executer et tu tapes :cmd

Dans la boite de dialogue qui s'ouvre, tu copie/colles :

sc delete NOD32FiXTemDono => tape sur la touche [Entrée] Un message t'avertis du succès de l'opération

Quitte l'Invite de Commandes.

****

Il y a un problème avec Antivir! Je t'explique:

Si tu utilises la combinaison de touches CTRL+ALT+SUPP pour lancer le Gestionnaire des tâches

tu dois voir les processus suivants dans la liste qui s'affiche sous le menu Processus =>

avguard.exe

sched.exe

avgnt.exe

Le problème c'est que ce n'est pas le cas au moment où tu postes ton rapport. Ce qui veux dire qu'Antivir ne protège pas ton pc. (seul celui ci fonctionne >> avgnt.exe)

On va donc procéder comme ceci >>

Va dans le menu Démarrer/Executer et tape : services.msc

Cherche les services suivants: Avira Antivir Personnal...Free Antivirus Guard et Planificateur Avira AntiVir Personal - Free Antivirus. Il doivent tous deux être en mode Démarré et Automatique.

Si ce n'est pas le cas, double-clique sur chacun d'entre eux et configure les ainsi =>

-dans le champs"Status du service" sélectionne "Démarré"

-dans le champs"Type de démarrage" sélectionne"Automatique" puis "Appliquer" puis"ok"

De même, cherche le service suivant: Journal des événements, double-clique dessus et configure le comme ceci =>

Dans le champs "Type de démarrage" , sélectionne "Automatique" puis "Appliquer" puis"ok"

Quitte les services.

Redémarre le pc et dis moi si ca a fonctionné. Assure toi que les trois processus soient bien présents dans le Gestionnaire des tâches (avguard.exe, sched.exe et avgnt.exe)

Modifié le 9 mars 2009 par Thanos

Archios · le 10 mars 2009

Re,

Effectivement, j'avais remarqué que le planificateur ne se lançait pas au démarrage. Par contre, quand j'essaye de le faire manuellement, j'ai un message d'erreur :/

Et j'ai ça pour les deux services manquants...

Thanos · le 10 mars 2009

salut

Oui au vu du rapport RSIT, on constate bien que les deux services en question sont stoppés. Tu as tenté de les redémarrer manuellement et ca affiche cette erreur, ok.

Par contre, tu ne m'a pas dit si tu as tenté ceci >>

Cherche le service suivant: Journal des événements, double-clique dessus et configure le comme ceci =>

Dans le champs "Type de démarrage" , sélectionne "Automatique" puis "Appliquer" puis"ok"

Quitte les services.

Redémarre le pc et constate si les deux services sont de nouveau Démarrés

Modifié le 10 mars 2009 par Thanos

Archios · le 11 mars 2009

Oui, j'ai oublié de préciser que ça faisait ça pour le journal aussi

Bref, j'ai réessayé, et il y a toujours ce problème: les services s'ouvrent et se referment immédiatement après (j'ai bien fait toutes les manipulations)...

Connexion

Pas encore inscrit ?

[Résolu] Blocage du bureau

Messages recommandés

Archios

Thanos

Thanos

Archios

Thanos

Archios

Thanos

Archios

Thanos

Archios

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer