Sujet Précédent Sujet Suivant

Virus Win32 trojan-Gen

oldboydu33 -  
Xplode Messages postés 9212 Statut Contributeur sécurité -
Bonjour,

J'ai un virus qui se déclenche en boucle a chaque fois que j'allume l'ordi, le "mettre en quarantaine" ne sert a rien.

win32 tROJAN-gen

Pouvez vous m'aidez SVP ?
A voir également:

13 réponses

Réponse 1 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Salut, fais ceci pour commencer :

-+-+-+-> RSIT <-+-+-+-

[x] Télécharge Random's System Information Tool à cette adresse : http://images.malwareremoval.com/random/RSIT.exe

[x] Double clique sur " RSIT.exe ".

[x] Clique sur " Continue ".

[x] Si hijackthis n'est pas présent il sera automatiquement téléchargé et tu devras accepter la license.

[x] Une fois l'analyse finie, deux fichiers ( info.txt & log.txt ) s'ouvriront.

[x] Copie colle le contenu des deux rapports dans ton prochain message

[o] Si jamais tu as fermé les rapports sans faire attention, ils sont sous C:\rsit
0
oldboydu33
 
Fichier Log.txt :


Logfile of random's system information tool 1.06 (written by random/random)
Run by nicolas at 2009-10-11 12:10:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 2 GB (9%) free of 19 GB
Total RAM: 511 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:11:17, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\AcroTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webteh\BSplayer\bsplayer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
C:\Program Files\TuneUp Utilities 2006\RegistryCleaner.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\nicolas\LOCALS~1\Temp\cs99zj2x7.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\nicolas\LOCALS~1\Temp\ctc738j.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\nicolas\LOCALS~1\Temp\um9bxv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\nicolas\LOCALS~1\Temp\epn1hjk14m.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\nicolas\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nicolas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail?kw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [calc] rundll32.exe C:\WINDOWS\system32\calc.dll,_IWMPEvents@0
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKCU\..\Run: [Login Software 2009] C:\DOCUME~1\nicolas\LOCALS~1\Temp\epn1hjk14m.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [calc] rundll32.exe C:\DOCUME~1\nicolas\ntuser.dll,_IWMPEvents@0
O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 2 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> Lop S&D <-+-+-+-

[x] Télécharge Lop S&D (par Eric_71 & Angeldark) à cette adresse : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

[x] /!\ Désactive les protections résidentes : Antivirus, antispywares, controleurs d'intégrité, etc... pour que l'outil puisse s'exécuter correctement.

[x] Double clique sur " LopSD.exe " ( Vista : Clique droit -> Executer en tant qu'administrateur )

[x] Choisis l'option F pour français

[x] Ensuite, Choisis l'option 1 ( Recherche )

[x] Laisse l'outil travailler

[x] Copie/Colle le contenu du rapport qui s'ouvrira et poste le dans ton prochain message.
0
oldboydu33
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Mobile Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : PhoenixBIOS 4.0 Release 6.0
USER : nicolas ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091010-0] 4.8.1351 (Activated)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:13 Go (Free:5 Go)
E:\ (USB)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 11/10/2009|12:20 )

--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2004|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/02/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[13/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/12/2006|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/01/2009|00:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[25/05/2009|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/05/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/03/2009|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/02/2005|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[23/08/2004|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/11/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[29/06/2009|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[02/05/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04/07/2009|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/05/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/09/2004|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[03/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/01/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/03/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[23/08/2004|14:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[20/08/2004|19:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/08/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[23/08/2004|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/08/2004|14:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[20/08/2004|18:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/10/2007|16:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation
[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[20/08/2004|18:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/12/2006|20:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[12/04/2008|11:04] C:\DOCUME~1\nicolas\APPLIC~1\Adobe
[21/07/2009|02:03] C:\DOCUME~1\nicolas\APPLIC~1\AdobeUM
[09/03/2007|20:57] C:\DOCUME~1\nicolas\APPLIC~1\Ahead
[13/10/2006|17:44] C:\DOCUME~1\nicolas\APPLIC~1\Apple Computer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\Azureus
[12/02/2007|19:10] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer Pro
[12/07/2007|07:52] C:\DOCUME~1\nicolas\APPLIC~1\DivX
[03/11/2007|22:18] C:\DOCUME~1\nicolas\APPLIC~1\dvdcss
[19/03/2007|20:18] C:\DOCUME~1\nicolas\APPLIC~1\Google
[20/08/2004|19:03] C:\DOCUME~1\nicolas\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\nicolas\APPLIC~1\Identities
[18/02/2005|23:53] C:\DOCUME~1\nicolas\APPLIC~1\InterVideo
[17/03/2006|17:26] C:\DOCUME~1\nicolas\APPLIC~1\iShell
[13/01/2008|17:50] C:\DOCUME~1\nicolas\APPLIC~1\Lavasoft
[23/02/2005|00:24] C:\DOCUME~1\nicolas\APPLIC~1\Leadertech
[15/01/2007|19:56] C:\DOCUME~1\nicolas\APPLIC~1\Macromedia
[26/05/2009|16:03] C:\DOCUME~1\nicolas\APPLIC~1\Malwarebytes
[19/04/2008|10:08] C:\DOCUME~1\nicolas\APPLIC~1\Media Player Classic
[23/03/2009|14:33] C:\DOCUME~1\nicolas\APPLIC~1\Microsoft
[23/08/2009|16:12] C:\DOCUME~1\nicolas\APPLIC~1\Mozilla
[25/08/2006|19:11] C:\DOCUME~1\nicolas\APPLIC~1\MSNInstaller
[05/11/2006|20:05] C:\DOCUME~1\nicolas\APPLIC~1\Panasonic
[08/05/2008|17:32] C:\DOCUME~1\nicolas\APPLIC~1\Samsung
[23/02/2005|00:25] C:\DOCUME~1\nicolas\APPLIC~1\Sonic
[16/03/2008|11:44] C:\DOCUME~1\nicolas\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\nicolas\APPLIC~1\Sun
[15/02/2005|18:47] C:\DOCUME~1\nicolas\APPLIC~1\Symantec
[09/05/2008|14:31] C:\DOCUME~1\nicolas\APPLIC~1\T2ViewerJVM
[21/02/2005|13:27] C:\DOCUME~1\nicolas\APPLIC~1\Template
[16/05/2007|13:18] C:\DOCUME~1\nicolas\APPLIC~1\TuneUp Software
[07/02/2009|02:55] C:\DOCUME~1\nicolas\APPLIC~1\U3
[24/08/2009|17:55] C:\DOCUME~1\nicolas\APPLIC~1\vlc

[15/02/2005|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At24.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At23.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At22.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At21.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At20.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At19.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At18.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At17.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At16.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At15.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At14.job
[11/10/2009 12:00][--a------] C:\WINDOWS\tasks\At13.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At11.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At12.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At10.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At9.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At8.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At7.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At6.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At4.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At5.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At3.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At2.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At1.job
[11/10/2009 11:52][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{79D0C439-58AE-4CFE-851F-4AB84BAA37ED}.job
[08/10/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/10/2009 20:41][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/09/2009 13:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[11/10/2009|11:50] C:\Program Files\Adobe
[22/02/2007|16:51] C:\Program Files\Ahead
[27/04/2007|18:18] C:\Program Files\Alwil Software
[11/10/2009|11:50] C:\Program Files\Apoint
[13/10/2006|17:29] C:\Program Files\Apple Software Update
[20/08/2004|18:34] C:\Program Files\ATI Technologies
[19/04/2008|09:57] C:\Program Files\Azureus
[11/10/2009|01:22] C:\Program Files\BitComet
[04/10/2009|16:12] C:\Program Files\CometBird
[20/08/2004|18:23] C:\Program Files\ComPlus Applications
[20/08/2004|20:19] C:\Program Files\CONEXANT
[27/04/2007|18:38] C:\Program Files\DAEMON Tools
[19/02/2008|21:35] C:\Program Files\DivX
[27/11/2005|21:31] C:\Program Files\DVD Shrink
[27/11/2005|21:41] C:\Program Files\EA GAMES
[23/02/2005|19:22] C:\Program Files\EPSON
[28/06/2009|22:00] C:\Program Files\Fichiers communs
[17/07/2009|17:10] C:\Program Files\Firefly Studios
[03/03/2007|16:16] C:\Program Files\Fujifilm
[17/07/2009|20:38] C:\Program Files\GameSpy Arcade
[07/11/2007|16:39] C:\Program Files\GanttProject
[25/03/2009|22:59] C:\Program Files\Google
[17/07/2009|17:10] C:\Program Files\InstallShield Installation Information
[29/07/2009|02:16] C:\Program Files\Internet Explorer
[24/06/2009|23:02] C:\Program Files\InterVideo
[04/10/2009|16:41] C:\Program Files\Java
[25/05/2009|01:41] C:\Program Files\K-Lite Codec Pack
[21/02/2007|15:03] C:\Program Files\Kodak
[04/04/2006|17:36] C:\Program Files\Labtec
[20/08/2004|18:50] C:\Program Files\LanExpress
[26/05/2009|00:36] C:\Program Files\Lavalys
[26/05/2009|16:03] C:\Program Files\Malwarebytes' Anti-Malware
[12/09/2008|18:12] C:\Program Files\Messenger
[23/03/2009|13:52] C:\Program Files\Microsoft
[10/05/2007|23:40] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/08/2004|18:26] C:\Program Files\microsoft frontpage
[10/09/2009|13:46] C:\Program Files\Microsoft Silverlight
[23/03/2009|13:48] C:\Program Files\Microsoft SQL Server Compact Edition
[23/03/2009|13:50] C:\Program Files\Microsoft Sync Framework
[18/06/2009|21:22] C:\Program Files\Microsoft Works
[01/09/2004|18:33] C:\Program Files\MoodLogic
[12/09/2008|18:07] C:\Program Files\Movie Maker
[09/10/2009|20:26] C:\Program Files\Mozilla Firefox
[26/06/2009|21:24] C:\Program Files\MSBuild
[25/08/2006|19:11] C:\Program Files\MSN
[20/08/2004|18:22] C:\Program Files\MSN Gaming Zone
[10/05/2008|06:41] C:\Program Files\MSXML 4.0
[12/09/2008|18:01] C:\Program Files\NetMeeting
[20/08/2004|18:22] C:\Program Files\Online Services
[05/12/2008|22:40] C:\Program Files\OrangeHSS
[13/08/2009|14:09] C:\Program Files\Outlook Express
[05/11/2006|20:03] C:\Program Files\Panasonic
[04/06/2009|14:29] C:\Program Files\Panda Security
[30/04/2009|16:00] C:\Program Files\QuickTime
[15/02/2005|15:38] C:\Program Files\Raccourcis de programmes
[26/06/2009|21:23] C:\Program Files\Reference Assemblies
[04/07/2009|14:26] C:\Program Files\Registry Mechanic
[23/06/2009|23:40] C:\Program Files\Samsung
[24/11/2008|13:11] C:\Program Files\Securitoo
[20/08/2004|18:24] C:\Program Files\Services en ligne
[09/01/2008|02:17] C:\Program Files\SLD Codec Pack
[01/09/2004|18:31] C:\Program Files\Sonic
[11/11/2008|14:44] C:\Program Files\Sony
[23/08/2004|14:02] C:\Program Files\Sony Corporation
[11/10/2009|11:50] C:\Program Files\Spybot - Search & Destroy
[28/06/2009|19:54] C:\Program Files\Trend Micro
[18/06/2009|21:22] C:\Program Files\TuneUp Utilities 2006
[22/02/2007|17:16] C:\Program Files\Ulead Systems
[20/08/2004|18:30] C:\Program Files\Uninstall Information
[23/08/2004|14:33] C:\Program Files\Utimaco
[25/06/2009|00:07] C:\Program Files\Veoh Networks
[25/12/2005|18:51] C:\Program Files\VideoLAN
[08/11/2007|09:45] C:\Program Files\Virtual Earth 3D
[17/12/2007|13:06] C:\Program Files\Wanadoo
[17/12/2007|13:07] C:\Program Files\Wanadoo Messager
[04/04/2006|19:10] C:\Program Files\Webteh
[23/03/2009|13:51] C:\Program Files\Windows Live
[30/11/2007|09:22] C:\Program Files\Windows Live Favorites
[20/12/2008|17:40] C:\Program Files\Windows Live Safety Center
[23/03/2009|13:44] C:\Program Files\Windows Live SkyDrive
[23/03/2009|13:50] C:\Program Files\Windows Live Toolbar
[26/05/2007|02:18] C:\Program Files\Windows Media Connect 2
[12/09/2008|18:01] C:\Program Files\Windows Media Player
[12/09/2008|18:01] C:\Program Files\Windows NT
[20/08/2004|18:24] C:\Program Files\WindowsUpdate
[16/05/2007|13:34] C:\Program Files\WinRAR
[20/08/2004|18:26] C:\Program Files\xerox
[18/02/2008|18:09] C:\Program Files\Xplosiv
[23/08/2004|14:47] C:\Program Files\Yahoo! Messenger Installer

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2004|18:38] C:\Program Files\Fichiers communs\Adobe
[22/02/2007|16:39] C:\Program Files\Fichiers communs\Ahead
[21/02/2005|14:27] C:\Program Files\Fichiers communs\EPSON
[24/11/2008|13:05] C:\Program Files\Fichiers communs\France Telecom
[11/11/2008|14:40] C:\Program Files\Fichiers communs\InstallShield
[23/08/2004|14:01] C:\Program Files\Fichiers communs\Java
[21/02/2007|15:04] C:\Program Files\Fichiers communs\KODAK
[28/06/2009|22:02] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2004|18:24] C:\Program Files\Fichiers communs\MSSoap
[20/08/2004|20:17] C:\Program Files\Fichiers communs\ODBC
[20/08/2004|18:24] C:\Program Files\Fichiers communs\Services
[11/11/2008|14:41] C:\Program Files\Fichiers communs\Sony Shared
[20/08/2004|20:17] C:\Program Files\Fichiers communs\SpeechEngines
[19/02/2008|13:42] C:\Program Files\Fichiers communs\Symantec Shared
[12/09/2008|18:01] C:\Program Files\Fichiers communs\System
[23/03/2009|13:37] C:\Program Files\Fichiers communs\Windows Live
[02/03/2008|17:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 73 Processes )

IEXPLORE.EXE ~ [PID:11208]
IEXPLORE.EXE ~ [PID:10728]
iexplore.exe ~ [PID:10956]
iexplore.exe ~ [PID:11808]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsbEF4.tmp
C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak
C:\DOCUME~1\nicolas\LOCALS~1\Temp\nstEFF.tmp

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-11 12:23:01
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\svchost.exe:exe.exe 31744 bytes executable
scan completed successfully
hidden processes: 0
hidden files: 7

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job



[F:109][D:25]-> C:\DOCUME~1\nicolas\LOCALS~1\Temp
[F:199][D:0]-> C:\DOCUME~1\nicolas\Cookies
[F:1313][D:4]-> C:\DOCUME~1\nicolas\MESDOC~1\DOCSDI~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 11/10/2009|12:25 - Option : [1]

--------------------\\ Fin du rapport a 12:25:37
0
Réponse 3 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-> Lop S&D ( Suppression ) <-+-+-+-

[x] Relance Lop S&D mais choisis cette fois l'option n°2

[x] Laisse le scan s'opérer, puis copie/colle le rapport qui s'ouvrira dans ton prochain message.
0
oldboydu33
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Mobile Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : PhoenixBIOS 4.0 Release 6.0
USER : nicolas ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091010-0] 4.8.1351 (Activated)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:13 Go (Free:5 Go)
E:\ (USB)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 11/10/2009|12:42 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsbEF4.tmp
Echec ! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak
Supprime! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nstEFF.tmp
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE

Echec ! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2004|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/02/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[13/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/12/2006|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/01/2009|00:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[25/05/2009|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/05/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/03/2009|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/02/2005|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[23/08/2004|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/11/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[29/06/2009|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[02/05/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04/07/2009|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/05/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/09/2004|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[03/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/01/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/03/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[23/08/2004|14:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[20/08/2004|19:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/08/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[23/08/2004|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/08/2004|14:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[20/08/2004|18:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/10/2007|16:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation
[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[20/08/2004|18:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/12/2006|20:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[12/04/2008|11:04] C:\DOCUME~1\nicolas\APPLIC~1\Adobe
[21/07/2009|02:03] C:\DOCUME~1\nicolas\APPLIC~1\AdobeUM
[09/03/2007|20:57] C:\DOCUME~1\nicolas\APPLIC~1\Ahead
[13/10/2006|17:44] C:\DOCUME~1\nicolas\APPLIC~1\Apple Computer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\Azureus
[12/02/2007|19:10] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer Pro
[12/07/2007|07:52] C:\DOCUME~1\nicolas\APPLIC~1\DivX
[03/11/2007|22:18] C:\DOCUME~1\nicolas\APPLIC~1\dvdcss
[19/03/2007|20:18] C:\DOCUME~1\nicolas\APPLIC~1\Google
[20/08/2004|19:03] C:\DOCUME~1\nicolas\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\nicolas\APPLIC~1\Identities
[18/02/2005|23:53] C:\DOCUME~1\nicolas\APPLIC~1\InterVideo
[17/03/2006|17:26] C:\DOCUME~1\nicolas\APPLIC~1\iShell
[13/01/2008|17:50] C:\DOCUME~1\nicolas\APPLIC~1\Lavasoft
[23/02/2005|00:24] C:\DOCUME~1\nicolas\APPLIC~1\Leadertech
[15/01/2007|19:56] C:\DOCUME~1\nicolas\APPLIC~1\Macromedia
[26/05/2009|16:03] C:\DOCUME~1\nicolas\APPLIC~1\Malwarebytes
[19/04/2008|10:08] C:\DOCUME~1\nicolas\APPLIC~1\Media Player Classic
[23/03/2009|14:33] C:\DOCUME~1\nicolas\APPLIC~1\Microsoft
[23/08/2009|16:12] C:\DOCUME~1\nicolas\APPLIC~1\Mozilla
[25/08/2006|19:11] C:\DOCUME~1\nicolas\APPLIC~1\MSNInstaller
[05/11/2006|20:05] C:\DOCUME~1\nicolas\APPLIC~1\Panasonic
[08/05/2008|17:32] C:\DOCUME~1\nicolas\APPLIC~1\Samsung
[23/02/2005|00:25] C:\DOCUME~1\nicolas\APPLIC~1\Sonic
[16/03/2008|11:44] C:\DOCUME~1\nicolas\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\nicolas\APPLIC~1\Sun
[15/02/2005|18:47] C:\DOCUME~1\nicolas\APPLIC~1\Symantec
[09/05/2008|14:31] C:\DOCUME~1\nicolas\APPLIC~1\T2ViewerJVM
[21/02/2005|13:27] C:\DOCUME~1\nicolas\APPLIC~1\Template
[16/05/2007|13:18] C:\DOCUME~1\nicolas\APPLIC~1\TuneUp Software
[07/02/2009|02:55] C:\DOCUME~1\nicolas\APPLIC~1\U3
[24/08/2009|17:55] C:\DOCUME~1\nicolas\APPLIC~1\vlc

[15/02/2005|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At24.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At23.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At22.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At21.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At20.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At19.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At18.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At17.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At16.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At15.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At14.job
[11/10/2009 12:00][--a------] C:\WINDOWS\tasks\At13.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At11.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At12.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At10.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At9.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At8.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At7.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At6.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At4.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At5.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At3.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At2.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At1.job
[11/10/2009 11:52][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{79D0C439-58AE-4CFE-851F-4AB84BAA37ED}.job
[08/10/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/10/2009 20:41][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/09/2009 13:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[11/10/2009|11:50] C:\Program Files\Adobe
[22/02/2007|16:51] C:\Program Files\Ahead
[27/04/2007|18:18] C:\Program Files\Alwil Software
[11/10/2009|11:50] C:\Program Files\Apoint
[13/10/2006|17:29] C:\Program Files\Apple Software Update
[20/08/2004|18:34] C:\Program Files\ATI Technologies
[19/04/2008|09:57] C:\Program Files\Azureus
[11/10/2009|01:22] C:\Program Files\BitComet
[04/10/2009|16:12] C:\Program Files\CometBird
[20/08/2004|18:23] C:\Program Files\ComPlus Applications
[20/08/2004|20:19] C:\Program Files\CONEXANT
[27/04/2007|18:38] C:\Program Files\DAEMON Tools
[19/02/2008|21:35] C:\Program Files\DivX
[27/11/2005|21:31] C:\Program Files\DVD Shrink
[27/11/2005|21:41] C:\Program Files\EA GAMES
[23/02/2005|19:22] C:\Program Files\EPSON
[28/06/2009|22:00] C:\Program Files\Fichiers communs
[17/07/2009|17:10] C:\Program Files\Firefly Studios
[03/03/2007|16:16] C:\Program Files\Fujifilm
[17/07/2009|20:38] C:\Program Files\GameSpy Arcade
[07/11/2007|16:39] C:\Program Files\GanttProject
[25/03/2009|22:59] C:\Program Files\Google
[17/07/2009|17:10] C:\Program Files\InstallShield Installation Information
[29/07/2009|02:16] C:\Program Files\Internet Explorer
[24/06/2009|23:02] C:\Program Files\InterVideo
[04/10/2009|16:41] C:\Program Files\Java
[25/05/2009|01:41] C:\Program Files\K-Lite Codec Pack
[21/02/2007|15:03] C:\Program Files\Kodak
[04/04/2006|17:36] C:\Program Files\Labtec
[20/08/2004|18:50] C:\Program Files\LanExpress
[26/05/2009|00:36] C:\Program Files\Lavalys
[26/05/2009|16:03] C:\Program Files\Malwarebytes' Anti-Malware
[12/09/2008|18:12] C:\Program Files\Messenger
[23/03/2009|13:52] C:\Program Files\Microsoft
[10/05/2007|23:40] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/08/2004|18:26] C:\Program Files\microsoft frontpage
[10/09/2009|13:46] C:\Program Files\Microsoft Silverlight
[23/03/2009|13:48] C:\Program Files\Microsoft SQL Server Compact Edition
[23/03/2009|13:50] C:\Program Files\Microsoft Sync Framework
[18/06/2009|21:22] C:\Program Files\Microsoft Works
[01/09/2004|18:33] C:\Program Files\MoodLogic
[12/09/2008|18:07] C:\Program Files\Movie Maker
[09/10/2009|20:26] C:\Program Files\Mozilla Firefox
[26/06/2009|21:24] C:\Program Files\MSBuild
[25/08/2006|19:11] C:\Program Files\MSN
[20/08/2004|18:22] C:\Program Files\MSN Gaming Zone
[10/05/2008|06:41] C:\Program Files\MSXML 4.0
[12/09/2008|18:01] C:\Program Files\NetMeeting
[20/08/2004|18:22] C:\Program Files\Online Services
[05/12/2008|22:40] C:\Program Files\OrangeHSS
[13/08/2009|14:09] C:\Program Files\Outlook Express
[05/11/2006|20:03] C:\Program Files\Panasonic
[04/06/2009|14:29] C:\Program Files\Panda Security
[30/04/2009|16:00] C:\Program Files\QuickTime
[15/02/2005|15:38] C:\Program Files\Raccourcis de programmes
[26/06/2009|21:23] C:\Program Files\Reference Assemblies
[04/07/2009|14:26] C:\Program Files\Registry Mechanic
[23/06/2009|23:40] C:\Program Files\Samsung
[24/11/2008|13:11] C:\Program Files\Securitoo
[20/08/2004|18:24] C:\Program Files\Services en ligne
[09/01/2008|02:17] C:\Program Files\SLD Codec Pack
[01/09/2004|18:31] C:\Program Files\Sonic
[11/11/2008|14:44] C:\Program Files\Sony
[23/08/2004|14:02] C:\Program Files\Sony Corporation
[11/10/2009|11:50] C:\Program Files\Spybot - Search & Destroy
[28/06/2009|19:54] C:\Program Files\Trend Micro
[18/06/2009|21:22] C:\Program Files\TuneUp Utilities 2006
[22/02/2007|17:16] C:\Program Files\Ulead Systems
[20/08/2004|18:30] C:\Program Files\Uninstall Information
[23/08/2004|14:33] C:\Program Files\Utimaco
[25/06/2009|00:07] C:\Program Files\Veoh Networks
[25/12/2005|18:51] C:\Program Files\VideoLAN
[08/11/2007|09:45] C:\Program Files\Virtual Earth 3D
[17/12/2007|13:06] C:\Program Files\Wanadoo
[17/12/2007|13:07] C:\Program Files\Wanadoo Messager
[04/04/2006|19:10] C:\Program Files\Webteh
[23/03/2009|13:51] C:\Program Files\Windows Live
[30/11/2007|09:22] C:\Program Files\Windows Live Favorites
[20/12/2008|17:40] C:\Program Files\Windows Live Safety Center
[23/03/2009|13:44] C:\Program Files\Windows Live SkyDrive
[23/03/2009|13:50] C:\Program Files\Windows Live Toolbar
[26/05/2007|02:18] C:\Program Files\Windows Media Connect 2
[12/09/2008|18:01] C:\Program Files\Windows Media Player
[12/09/2008|18:01] C:\Program Files\Windows NT
[20/08/2004|18:24] C:\Program Files\WindowsUpdate
[16/05/2007|13:34] C:\Program Files\WinRAR
[20/08/2004|18:26] C:\Program Files\xerox
[18/02/2008|18:09] C:\Program Files\Xplosiv
[23/08/2004|14:47] C:\Program Files\Yahoo! Messenger Installer

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2004|18:38] C:\Program Files\Fichiers communs\Adobe
[22/02/2007|16:39] C:\Program Files\Fichiers communs\Ahead
[21/02/2005|14:27] C:\Program Files\Fichiers communs\EPSON
[24/11/2008|13:05] C:\Program Files\Fichiers communs\France Telecom
[11/11/2008|14:40] C:\Program Files\Fichiers communs\InstallShield
[23/08/2004|14:01] C:\Program Files\Fichiers communs\Java
[21/02/2007|15:04] C:\Program Files\Fichiers communs\KODAK
[28/06/2009|22:02] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2004|18:24] C:\Program Files\Fichiers communs\MSSoap
[20/08/2004|20:17] C:\Program Files\Fichiers communs\ODBC
[20/08/2004|18:24] C:\Program Files\Fichiers communs\Services
[11/11/2008|14:41] C:\Program Files\Fichiers communs\Sony Shared
[20/08/2004|20:17] C:\Program Files\Fichiers communs\SpeechEngines
[19/02/2008|13:42] C:\Program Files\Fichiers communs\Symantec Shared
[12/09/2008|18:01] C:\Program Files\Fichiers communs\System
[23/03/2009|13:37] C:\Program Files\Fichiers communs\Windows Live
[02/03/2008|17:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-11 12:44:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\svchost.exe:exe.exe 31744 bytes executable
scan completed successfully
hidden processes: 0
hidden files: 7

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job



[F:88][D:23]-> C:\DOCUME~1\nicolas\LOCALS~1\Temp
[F:204][D:0]-> C:\DOCUME~1\nicolas\Cookies
[F:1389][D:4]-> C:\DOCUME~1\nicolas\MESDOC~1\DOCSDI~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 11/10/2009|12:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 11/10/2009|12:46 - Option : [2]

--------------------\\ Fin du rapport a 12:46:40
0
oldboydu33
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Mobile Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : PhoenixBIOS 4.0 Release 6.0
USER : nicolas ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1351 [VPS 091010-0] 4.8.1351 (Activated)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:13 Go (Free:5 Go)
E:\ (USB)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 11/10/2009|12:42 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsbEF4.tmp
Echec ! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak
Supprime! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nstEFF.tmp
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE

Echec ! - C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[01/09/2004|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/02/2007|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[13/10/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/12/2006|23:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/01/2009|00:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/01/2008|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[25/05/2009|23:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/05/2009|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/03/2009|13:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/02/2005|03:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[23/08/2004|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/11/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[29/06/2009|00:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[02/05/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04/07/2009|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/05/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/09/2004|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VAIO Media Platform
[03/01/2007|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/01/2007|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[02/03/2008|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[23/08/2004|14:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[20/08/2004|19:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[20/08/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[23/08/2004|14:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/08/2004|14:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[20/08/2004|18:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/10/2007|16:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sony Corporation
[28/03/2007|17:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[20/08/2004|18:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/12/2006|20:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[12/04/2008|11:04] C:\DOCUME~1\nicolas\APPLIC~1\Adobe
[21/07/2009|02:03] C:\DOCUME~1\nicolas\APPLIC~1\AdobeUM
[09/03/2007|20:57] C:\DOCUME~1\nicolas\APPLIC~1\Ahead
[13/10/2006|17:44] C:\DOCUME~1\nicolas\APPLIC~1\Apple Computer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\Azureus
[12/02/2007|19:10] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer
[18/06/2009|21:22] C:\DOCUME~1\nicolas\APPLIC~1\BSplayer Pro
[12/07/2007|07:52] C:\DOCUME~1\nicolas\APPLIC~1\DivX
[03/11/2007|22:18] C:\DOCUME~1\nicolas\APPLIC~1\dvdcss
[19/03/2007|20:18] C:\DOCUME~1\nicolas\APPLIC~1\Google
[20/08/2004|19:03] C:\DOCUME~1\nicolas\APPLIC~1\Help
[20/08/2004|18:26] C:\DOCUME~1\nicolas\APPLIC~1\Identities
[18/02/2005|23:53] C:\DOCUME~1\nicolas\APPLIC~1\InterVideo
[17/03/2006|17:26] C:\DOCUME~1\nicolas\APPLIC~1\iShell
[13/01/2008|17:50] C:\DOCUME~1\nicolas\APPLIC~1\Lavasoft
[23/02/2005|00:24] C:\DOCUME~1\nicolas\APPLIC~1\Leadertech
[15/01/2007|19:56] C:\DOCUME~1\nicolas\APPLIC~1\Macromedia
[26/05/2009|16:03] C:\DOCUME~1\nicolas\APPLIC~1\Malwarebytes
[19/04/2008|10:08] C:\DOCUME~1\nicolas\APPLIC~1\Media Player Classic
[23/03/2009|14:33] C:\DOCUME~1\nicolas\APPLIC~1\Microsoft
[23/08/2009|16:12] C:\DOCUME~1\nicolas\APPLIC~1\Mozilla
[25/08/2006|19:11] C:\DOCUME~1\nicolas\APPLIC~1\MSNInstaller
[05/11/2006|20:05] C:\DOCUME~1\nicolas\APPLIC~1\Panasonic
[08/05/2008|17:32] C:\DOCUME~1\nicolas\APPLIC~1\Samsung
[23/02/2005|00:25] C:\DOCUME~1\nicolas\APPLIC~1\Sonic
[16/03/2008|11:44] C:\DOCUME~1\nicolas\APPLIC~1\Sony Corporation
[23/08/2004|14:01] C:\DOCUME~1\nicolas\APPLIC~1\Sun
[15/02/2005|18:47] C:\DOCUME~1\nicolas\APPLIC~1\Symantec
[09/05/2008|14:31] C:\DOCUME~1\nicolas\APPLIC~1\T2ViewerJVM
[21/02/2005|13:27] C:\DOCUME~1\nicolas\APPLIC~1\Template
[16/05/2007|13:18] C:\DOCUME~1\nicolas\APPLIC~1\TuneUp Software
[07/02/2009|02:55] C:\DOCUME~1\nicolas\APPLIC~1\U3
[24/08/2009|17:55] C:\DOCUME~1\nicolas\APPLIC~1\vlc

[15/02/2005|18:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At24.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At23.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At22.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At21.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At20.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At19.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At18.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At17.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At16.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At15.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At14.job
[11/10/2009 12:00][--a------] C:\WINDOWS\tasks\At13.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At11.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At12.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At10.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At9.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At8.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At7.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At6.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At4.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At5.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At3.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At2.job
[11/10/2009 11:50][--a------] C:\WINDOWS\tasks\At1.job
[11/10/2009 11:52][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{79D0C439-58AE-4CFE-851F-4AB84BAA37ED}.job
[08/10/2009 17:15][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[07/10/2009 20:41][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/09/2009 13:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[11/10/2009|11:50] C:\Program Files\Adobe
[22/02/2007|16:51] C:\Program Files\Ahead
[27/04/2007|18:18] C:\Program Files\Alwil Software
[11/10/2009|11:50] C:\Program Files\Apoint
[13/10/2006|17:29] C:\Program Files\Apple Software Update
[20/08/2004|18:34] C:\Program Files\ATI Technologies
[19/04/2008|09:57] C:\Program Files\Azureus
[11/10/2009|01:22] C:\Program Files\BitComet
[04/10/2009|16:12] C:\Program Files\CometBird
[20/08/2004|18:23] C:\Program Files\ComPlus Applications
[20/08/2004|20:19] C:\Program Files\CONEXANT
[27/04/2007|18:38] C:\Program Files\DAEMON Tools
[19/02/2008|21:35] C:\Program Files\DivX
[27/11/2005|21:31] C:\Program Files\DVD Shrink
[27/11/2005|21:41] C:\Program Files\EA GAMES
[23/02/2005|19:22] C:\Program Files\EPSON
[28/06/2009|22:00] C:\Program Files\Fichiers communs
[17/07/2009|17:10] C:\Program Files\Firefly Studios
[03/03/2007|16:16] C:\Program Files\Fujifilm
[17/07/2009|20:38] C:\Program Files\GameSpy Arcade
[07/11/2007|16:39] C:\Program Files\GanttProject
[25/03/2009|22:59] C:\Program Files\Google
[17/07/2009|17:10] C:\Program Files\InstallShield Installation Information
[29/07/2009|02:16] C:\Program Files\Internet Explorer
[24/06/2009|23:02] C:\Program Files\InterVideo
[04/10/2009|16:41] C:\Program Files\Java
[25/05/2009|01:41] C:\Program Files\K-Lite Codec Pack
[21/02/2007|15:03] C:\Program Files\Kodak
[04/04/2006|17:36] C:\Program Files\Labtec
[20/08/2004|18:50] C:\Program Files\LanExpress
[26/05/2009|00:36] C:\Program Files\Lavalys
[26/05/2009|16:03] C:\Program Files\Malwarebytes' Anti-Malware
[12/09/2008|18:12] C:\Program Files\Messenger
[23/03/2009|13:52] C:\Program Files\Microsoft
[10/05/2007|23:40] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[20/08/2004|18:26] C:\Program Files\microsoft frontpage
[10/09/2009|13:46] C:\Program Files\Microsoft Silverlight
[23/03/2009|13:48] C:\Program Files\Microsoft SQL Server Compact Edition
[23/03/2009|13:50] C:\Program Files\Microsoft Sync Framework
[18/06/2009|21:22] C:\Program Files\Microsoft Works
[01/09/2004|18:33] C:\Program Files\MoodLogic
[12/09/2008|18:07] C:\Program Files\Movie Maker
[09/10/2009|20:26] C:\Program Files\Mozilla Firefox
[26/06/2009|21:24] C:\Program Files\MSBuild
[25/08/2006|19:11] C:\Program Files\MSN
[20/08/2004|18:22] C:\Program Files\MSN Gaming Zone
[10/05/2008|06:41] C:\Program Files\MSXML 4.0
[12/09/2008|18:01] C:\Program Files\NetMeeting
[20/08/2004|18:22] C:\Program Files\Online Services
[05/12/2008|22:40] C:\Program Files\OrangeHSS
[13/08/2009|14:09] C:\Program Files\Outlook Express
[05/11/2006|20:03] C:\Program Files\Panasonic
[04/06/2009|14:29] C:\Program Files\Panda Security
[30/04/2009|16:00] C:\Program Files\QuickTime
[15/02/2005|15:38] C:\Program Files\Raccourcis de programmes
[26/06/2009|21:23] C:\Program Files\Reference Assemblies
[04/07/2009|14:26] C:\Program Files\Registry Mechanic
[23/06/2009|23:40] C:\Program Files\Samsung
[24/11/2008|13:11] C:\Program Files\Securitoo
[20/08/2004|18:24] C:\Program Files\Services en ligne
[09/01/2008|02:17] C:\Program Files\SLD Codec Pack
[01/09/2004|18:31] C:\Program Files\Sonic
[11/11/2008|14:44] C:\Program Files\Sony
[23/08/2004|14:02] C:\Program Files\Sony Corporation
[11/10/2009|11:50] C:\Program Files\Spybot - Search & Destroy
[28/06/2009|19:54] C:\Program Files\Trend Micro
[18/06/2009|21:22] C:\Program Files\TuneUp Utilities 2006
[22/02/2007|17:16] C:\Program Files\Ulead Systems
[20/08/2004|18:30] C:\Program Files\Uninstall Information
[23/08/2004|14:33] C:\Program Files\Utimaco
[25/06/2009|00:07] C:\Program Files\Veoh Networks
[25/12/2005|18:51] C:\Program Files\VideoLAN
[08/11/2007|09:45] C:\Program Files\Virtual Earth 3D
[17/12/2007|13:06] C:\Program Files\Wanadoo
[17/12/2007|13:07] C:\Program Files\Wanadoo Messager
[04/04/2006|19:10] C:\Program Files\Webteh
[23/03/2009|13:51] C:\Program Files\Windows Live
[30/11/2007|09:22] C:\Program Files\Windows Live Favorites
[20/12/2008|17:40] C:\Program Files\Windows Live Safety Center
[23/03/2009|13:44] C:\Program Files\Windows Live SkyDrive
[23/03/2009|13:50] C:\Program Files\Windows Live Toolbar
[26/05/2007|02:18] C:\Program Files\Windows Media Connect 2
[12/09/2008|18:01] C:\Program Files\Windows Media Player
[12/09/2008|18:01] C:\Program Files\Windows NT
[20/08/2004|18:24] C:\Program Files\WindowsUpdate
[16/05/2007|13:34] C:\Program Files\WinRAR
[20/08/2004|18:26] C:\Program Files\xerox
[18/02/2008|18:09] C:\Program Files\Xplosiv
[23/08/2004|14:47] C:\Program Files\Yahoo! Messenger Installer

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[01/09/2004|18:38] C:\Program Files\Fichiers communs\Adobe
[22/02/2007|16:39] C:\Program Files\Fichiers communs\Ahead
[21/02/2005|14:27] C:\Program Files\Fichiers communs\EPSON
[24/11/2008|13:05] C:\Program Files\Fichiers communs\France Telecom
[11/11/2008|14:40] C:\Program Files\Fichiers communs\InstallShield
[23/08/2004|14:01] C:\Program Files\Fichiers communs\Java
[21/02/2007|15:04] C:\Program Files\Fichiers communs\KODAK
[28/06/2009|22:02] C:\Program Files\Fichiers communs\Microsoft Shared
[20/08/2004|18:24] C:\Program Files\Fichiers communs\MSSoap
[20/08/2004|20:17] C:\Program Files\Fichiers communs\ODBC
[20/08/2004|18:24] C:\Program Files\Fichiers communs\Services
[11/11/2008|14:41] C:\Program Files\Fichiers communs\Sony Shared
[20/08/2004|20:17] C:\Program Files\Fichiers communs\SpeechEngines
[19/02/2008|13:42] C:\Program Files\Fichiers communs\Symantec Shared
[12/09/2008|18:01] C:\Program Files\Fichiers communs\System
[23/03/2009|13:37] C:\Program Files\Fichiers communs\Windows Live
[02/03/2008|17:23] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 68 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\nicolas\LOCALS~1\Temp\nsrbgxod.bak

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-11 12:44:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\svchost.exe:exe.exe 31744 bytes executable
scan completed successfully
hidden processes: 0
hidden files: 7

--------------------\\ Recherche d'autres infections

C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job



[F:88][D:23]-> C:\DOCUME~1\nicolas\LOCALS~1\Temp
[F:204][D:0]-> C:\DOCUME~1\nicolas\Cookies
[F:1389][D:4]-> C:\DOCUME~1\nicolas\MESDOC~1\DOCSDI~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 11/10/2009|12:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 11/10/2009|12:46 - Option : [2]

--------------------\\ Fin du rapport a 12:46:40
0
Réponse 4 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
-+-+-+-+-> ComboFix <-+-+-+-

[x] Télécharge ComboFIX ( de sUBs ) à cette adresse : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\

[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\

[x] Double clique sur " Combofix.exe "

[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le

[x] Combofix va maintenant déconnecter ton PC d'internet

[x] Pendant le scan, ne touche à rien ( souris, clavier )

[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.

[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
0
oldboydu33
 
ComboFix 09-10-10.02 - nicolas 11/10/2009 13:20.1.1 - NTFSx86
Lancé depuis: c:\documents and settings\nicolas\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091010-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
[i] ADS - svchost.exe: deleted 31744 bytes in 1 streams. /i

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\nicolas\LOCALS~1\Temp\rundll32.dll
c:\documents and settings\nicolas\ico .exe
c:\documents and settings\nicolas\Local Settings\Temp\rundll32.dll
c:\documents and settings\nicolas\ntuser.dll
C:\rbekc.exe
c:\recycler\S-1-5-21-0063597993-9114923245-979239152-2580
c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811
c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1858
c:\recycler\S-1-5-21-2340060195-2771733410-1261369822-1003
c:\recycler\S-1-5-21-2658100750-0686786811-999396382-9973
c:\recycler\S-1-5-21-301636164-3675821053-3645190221-1003
c:\recycler\S-1-5-21-3537002123-1365804409-3226269770-1003
c:\recycler\S-1-5-21-4699156359-2638993141-349773907-9360
c:\recycler\S-1-5-21-5142416345-7947426463-063426731-1498
c:\recycler\S-1-5-21-5407504636-6461263495-900490976-7177
c:\recycler\S-1-5-21-5800221165-2883893951-130192166-3195
c:\recycler\S-1-5-21-7310206074-7977143517-750866090-3587
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Fonts\acrsec.fon
c:\windows\system32\calc.dll
c:\windows\system32\ctfmon .exe
c:\windows\system32\r2zi5dxl0.dll
c:\windows\system32\tmp.reg

Une copie infectée de c:\windows\system32\drivers\dtscsi.sys a été trouvée et désinfectée
Kitty ate it :)
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICF
-------\Service_ICF


((((((((((((((((((((((((((((( Fichiers créés du 2009-09-11 au 2009-10-11 ))))))))))))))))))))))))))))))))))))
.

2009-10-11 11:18 . 2009-10-11 11:18 30720 ----a-w- C:\qvnvkmid.exe
2009-10-11 10:19 . 2009-10-11 10:46 -------- d-----w- C:\Lop SD
2009-10-11 09:50 . 2009-10-11 11:19 30720 ----a-w- c:\documents and settings\nicolas\ico.exe
2009-10-10 06:57 . 2009-10-11 11:18 109056 ----a-w- C:\xcnq.exe
2009-10-10 06:55 . 2009-10-10 06:55 109056 ----a-w- C:\rapvo.exe
2009-10-04 14:04 . 2009-10-04 14:04 -------- d-----w- c:\documents and settings\nicolas\Local Settings\Application Data\CometNetwork
2009-10-04 14:03 . 2009-10-04 14:12 -------- d-----w- c:\program files\CometBird

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-11 11:19 . 2004-08-20 18:19 -------- d-----w- c:\program files\Apoint
2009-10-11 11:19 . 2009-06-28 21:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-11 11:18 . 2004-08-20 09:11 14336 ----a-w- c:\windows\system32\svchost.exe
2009-10-10 23:22 . 2007-10-23 12:24 -------- d-----w- c:\program files\BitComet
2009-10-04 14:41 . 2004-08-23 12:01 -------- d-----w- c:\program files\Java
2009-09-10 11:46 . 2009-03-23 11:53 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-24 15:55 . 2009-06-03 12:18 -------- d-----w- c:\documents and settings\nicolas\Application Data\vlc
2009-08-17 16:10 . 2007-04-27 16:18 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2007-04-27 16:18 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2007-04-27 16:18 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2008-04-02 16:08 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2008-04-02 16:08 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2007-04-27 16:18 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2007-04-27 16:18 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2007-04-27 16:18 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2007-04-27 16:18 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-06 17:24 . 2004-08-20 16:24 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2004-08-20 16:24 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2005-05-26 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2005-02-16 13:39 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2004-08-20 16:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-20 09:10 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2004-08-20 16:24 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2007-01-04 18:46 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2007-01-04 18:46 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 17:23 . 2004-08-20 16:24 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:00 . 2004-08-20 09:10 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-25 03:23 . 2009-01-20 23:47 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 19:03 . 2004-08-20 09:10 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 20:03 . 2009-05-21 20:26 1368 ----a-w- c:\windows\mozver.dat
2009-07-13 21:43 . 2004-08-20 09:11 286208 ----a-w- c:\windows\system32\wmpdxm.dll
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . D9F19E78F98834CB411D6AD3C68D181A . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys
[7] 2004-08-05 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-09-24 2768696]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-10-11 30720]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"VAIO Update 4"="c:\program files\Sony\VAIO Update 4\VAIOUpdt.exe" [2008-08-24 870240]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2009-10-11 30720]
"ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2009-10-11 30720]
"HKSERV.EXE"="c:\program files\Sony\HotKey Utility\HKserv.exe" [2009-10-11 30720]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2009-10-11 30720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2008-11-11 696320]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2008-11-11 696320]

c:\documents and settings\nicolas\Menu D‚marrer\Programmes\D‚marrage\
scandisk.dll [2009-10-11 25088]
scandisk.lnk - c:\windows\system32\rundll32.exe [2004-8-20 33792]
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2008-11-11 696320]

c:\documents and settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
VAIO Launcher.lnk - c:\program files\Sony\VAIO Launcher\Launcher.exe [2008-11-11 696320]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ATIPTA"=c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"PDService.exe"=c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7911:TCP"= 7911:TCP:BitComet 7911 TCP
"7911:UDP"= 7911:UDP:BitComet 7911 UDP

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [04/06/2009 14:29 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [02/04/2008 18:08 114768]
R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [06/07/2004 14:07 45627]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [02/04/2008 18:08 20560]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [23/03/2009 13:51 55152]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contenu du dossier 'Tâches planifiées'

2009-10-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]

2009-10-11 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-01 04:27]

2009-10-11 c:\windows\Tasks\User_Feed_Synchronization-{79D0C439-58AE-4CFE-851F-4AB84BAA37ED}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://orange.fr/
IE: Tout télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Télécharger avec BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Télécharger toutes les vidéos avec BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
Trusted Zone: mappy.com
Trusted Zone: orange.fr
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
Trusted Zone: voila.fr\rw.search.ke
Trusted Zone: weborama.fr\orange
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\nicolas\Application Data\Mozilla\Firefox\Profiles\6acvsvj5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-11 13:33
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1016)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Sony\VAIO Power Management\spmgr .exe
c:\program files\Sony\HotKey Utility\hkserv .exe
c:\program files\Apoint\apoint .exe
c:\program files\Apoint\ApntEx.exe
c:\program files\OrangeHSS\Launcher\Launcher.exe
c:\program files\Sony\HotKey Utility\HKWnd.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
c:\program files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
c:\program files\OrangeHSS\Systray\SystrayApp.exe
c:\program files\OrangeHSS\Deskboard\Deskboard.exe
c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe
c:\program files\OrangeHSS\Connectivity\corecom\CoreCom.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\OrangeHSS\Connectivity\corecom\OraConfigRecover.exe
c:\program files\Internet Explorer\iexplore.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
.
**************************************************************************
.
Heure de fin: 2009-10-11 13:48 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-11 11:47

Avant-CF: 3 512 078 336 octets libres
Après-CF: 3 677 200 384 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

264 --- E O F --- 2009-09-10 00:22



EN GROS IL SE PASSE QUOI ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Refais un log RSIT, il reste des saletées.
0
oldboydu33
 
Bon déjà ca rame 50 fois moins merci.
Le problème venait d ou ? C est quoi un rootkit ? Qu'est ce qui se passait ?



Logfile of random's system information tool 1.06 (written by random/random)
Run by nicolas at 2009-10-11 13:57:23
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 4 GB (19%) free of 19 GB
Total RAM: 511 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:46, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr .exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\HotKey Utility\HKserv .exe
C:\Program Files\Apoint\Apoint .exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\nicolas\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nicolas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: scandisk.dll
O4 - Startup: scandisk.lnk = ?
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 6 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Rootkit -> https://fr.wikipedia.org/wiki/Rootkit
Le problème, eh ben je peux pas te dire " d'où " il venait, mais je vois que tu es un adepte des torrents ( bitorrent ) , donc à mon avis ça vient de là. Faut faire attention avec le p2p ;)

Suite :

-+-+-+-> Malwarebyte's Anti-Malware <-+-+-+-

[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le.

[x] Met le à jour.

[x] Lance un scan complet !

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
0
Réponse 7 / 13
oldboydu33
 
Bon j'ai fais le scan complet il m'a trouvé une 20taine de merde que j'ai supprimé.
Par contre il ma demandé de redémarrer, je n'ai pas conservé le bilan.

En tt cas merci pour tout, apparemment il n'y a plus de problèmes.
0
Réponse 8 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Le rapport se trouve dans la partie " rapports/logs " de malwarebyte's, poste le.

Refais aussi un RSIT
0
oldboydu33
 
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2941
Windows 5.1.2600 Service Pack 3

11/10/2009 15:32:55
mbam-log-2009-10-11 (15-32-55).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 172398
Temps écoulé: 1 hour(s), 19 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spybotsd teatimer (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sonypowercfg (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\orahsssessionmanager (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkserv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\apoint (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Spybot - Search & Destroy\teatimer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Sony\VAIO Power Management\spmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Sony\HotKey Utility\hkserv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Apoint\apoint.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\qvnvkmid.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\rapvo.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\xcnq.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\Documents and Settings\nicolas\ico .exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\nicolas\ico.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\nicolas\Menu Démarrer\Programmes\Démarrage\scandisk.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray .exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\OrangeHSS\SessionManager\sessionmanager.exe200 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\nicolas\ico .exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\nicolas\ntuser.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\DOCUME~1\nicolas\LOCALS~1\Temp\rundll32.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\calc.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\nicolas\Menu Démarrer\Programmes\Démarrage\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.
0
Réponse 9 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Ok, j'attend ton nouveau rapport RSIT
0
Réponse 10 / 13
oldboydu33
 
RAPPORT RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by nicolas at 2009-10-11 15:53:42
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 4 GB (19%) free of 19 GB
Total RAM: 511 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:59, on 11/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Sony\VAIO Launcher\Launcher.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\nicolas\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nicolas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - .DEFAULT User Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe (User 'Default user')
O4 - Startup: VAIO Launcher.lnk = C:\Program Files\Sony\VAIO Launcher\Launcher.exe
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0
Réponse 11 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Bien, on a presque terminé.

Désinstalle ces programmes via ajout/suppression de programmes :

windows live toolbar


-+-+-+-> Avast! VS Antivir <-+-+-+-

[x] Je vois que tu possèdes Avast! , ce n'est pas un très bon antivirus car ses concepteurs manquent de réactivité face aux nouveaux virus et prennent plus de temps pour actualiser la base virale d'avast!.

----> http://forum.malekal.com/ftopic3528.php

[x] Antivir est un antivirus très performant, léger, en français et gratuit, il a l'avantage d'être régulièrement mis à jour.

[x] Pour commencer, désinstalle avast à l'aide de cet outil :

[x] Tu peux télécharger AntiVir à cette adresse : http://dl.commentcamarche.net/...

[x] Un tutoriel pour t'aider à le configurer est disponible ici : http://www.libellules.ch/tuto_antivir.php

-+-+-+-> Tools Cleaner <-+-+-+-

[o] Afin de supprimer tout les logiciels qui ont été utilisés pour ta désinfection,

[o] Télécharge ToolsCleaner sur ton bureau à cette adresse : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/

[o] Double-clique sur « Toolscleaner.exe »

[o] Clique sur "restauration" pour créer un point de restauration.

[o] Puis clique sur « recherche »

[o] Quand la recherche sera terminée, clique sur "suppression".

[o] A la fin (il y aura des indications dans le cadre en-dessous), clique sur "quitter" et poste le rapport qui se trouve dans C:\Tcleaner.txt
0
oldboydu33
 
merci XPLODE, mais avast me convient très bien pour le moment, et je tiens a le conserver (malgré ces quelques défauts).

Sympa de t'être occupé de mon cas.

Peace.
0
Réponse 12 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Pas de soucis, fais ceci pour terminer :

-+-+-+-> Défragmenter son Disque Dur <-+-+-+-

[x] Au fur et à mesure que tu installes des programmes sur ton PC, les fragments de fichier
s'éparpillent sur ton disque dur et les accès a ceux ci sont beaucoup plus lent.

[x] C'est pour celà que je te conseille de défragmenter régulièrement ton disque dur.

[x] Un tutoriel est disponible à cette adresse : https://www.commentcamarche.net/informatique/windows/179-defragmenter-un-disque-dur/

-+-+-+-> Accelèrer le démarrage <-+-+-+-

[o] Ouvrez le menu démarrer,
[o] Cliquez sur exécuter,
[o] Tapez msconfig (ce programme permet, comme son nom l'indique, de configurer Microsoft Windows)
[o] Confirmez en pressant Entrée
[o] Dans le fenêtre qui s'ouvre, rendez-vous sur l'onglet démarrage. C'est la liste des programmes qui sont actifs au démarrage.
[o] Décochez toutes les cases sauf votre antivirus et votre pare-feu.

---- Désactiver la restauration système ----

XP : [x] Cliquer sur démarrer -> Puis clique droit sur " Poste de Travail "
[x] Clique sur " Propriété "
[x] Va dans l'onglet " Restauration du Système ", puis coche " Désactiver la restauration système "
[x] Clique sur " Ok " , redémarre ton PC, rend toi encore une fois dans " Restauration du système "
[x] Décoche " Désactiver la restauration système " puis clique sur " Ok "

Vista : https://www.commentcamarche.net/faq/13214-vista-desactiver-reactiver-la-restauration-systeme-de-vista

---- Créer un point de restauration propre ----

https://www.vulgarisation-informatique.com/creer-point-restauration.php
0
oldboydu33
 
OK,

J'avais jamais fait de défrag, je viens de faire celle de C: ( ca a mis 3plombes), je ferai l'autre demain.

Accélérer le démarrage : j'ai fait les modifs, j'ai décoché ttes les cases car mon anti-virus et mon pare feu ne sont pas présents dans la listes de démarrages. (????)


Restauration système OK
0
Réponse 13 / 13
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Ok, après la défrag si tu n'en a jamais fais, tu devrais réellement voir une différence de rapidité.

Si tu n'as plus de soucis, je demande à mettre ton post en résolu
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
C'est quoi "Win32:Trojan-gen {Other}"
Uzumaki -
Utilisateur anonyme -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses