Sujet Précédent Sujet Suivant

Virus alaple et backdor.rbot.bin

Fermé
katshadow - 14 juin 2008 à 11:04
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 - 1 juil. 2008 à 15:09
Bonjour,

je suis l'un des millards de PCnaute totalement inculte d'un point de vue technique, donc lors d'incidents ou bugs, je suis très rapidement dépassé.
voici les différents oucis que je rencontre actuellement avec mon PC:
Mon ordi rame assez souvent sans raison, et j'ai régulièrement le ver allaple et le backdor.rbot.bin qui refait surface sur mon ordi.
de plus un message "autorité system nt" apparaît de temps en temps et redémarre mon système au bout d'une minute.
et c'est pas fini....
je n'ai plus accès au site windows update (page blanche à la place) et il arrive que mon écran se fige pendant 1 minute avant que je puisse à nouveau réutiliser mon ordi, un peu comme si un scan ou une photo était prise de mon écran.
je scanne mon ordi chaque semaine avec a squared free, avg antivirus, spybot search and destroy et rien n'est détecté.

j'ai installé hijackthis et scané mon systeme mais n'y connaissant rien, je reste sans voix.

mon ordi est-il réellement infesté?
quelqu'un peut-il m'aider à décrypter ce rapport et résoudre les différents problèmes qu'il soulève (si problèmes il y a)?

par avance, merci de votre aide!

;o))

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:42, on 14/06/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\MoodLogic\Service\Updater.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\a-squared Anti-Dialer\a2adguard.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
D:\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\windows\System32\alg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\windows\System32\svchost.exe
C:\windows\System32\taskmgr.exe
C:\windows\System32\wdfmgr.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\windows\System32\wuauclt.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [MoodLogic Updater] C:\Program Files\MoodLogic\Service\Updater.exe
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Program Files\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RunDll32 C:\Program Files\C-Media\WIN_ME\CMICNFG.CPL,CMICtrlWnd] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Update] scvvhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9a06796254b64d5c86f7fdd17577a22b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9a06796254b64d5c86f7fdd17577a22b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
A voir également:

6 réponses

Réponse 1 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
14 juin 2008 à 11:09
bonjour et bienvenu

télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
---
0
katshadow
14 juin 2008 à 11:23
merci de ta réponse fiat500!

voici les résultats:


-----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600 ]
[ USER : pat ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 14/06/2008 | 11:12:39,68 ] [ PC : PATOCHE ]
[ MAJ : 13-06-2008 | 02:10 ]

-------------[ Listing des dossiers dans Application Data ]------------

[27/08/2003|15:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/08/2003|15:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[14/03/2004|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/11/2006|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/11/2004|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG7
[27/08/2003|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[14/10/2006|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[12/09/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[29/06/2007|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[08/05/2008|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/08/2005|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[27/08/2003|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2003|22:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[22/12/2006|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[18/06/2004|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/12/2003|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[01/09/2005|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/05/2004|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/10/2003|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[23/07/2006|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/08/2006|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/07/2006|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[27/06/2007|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[27/08/2003|15:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[04/11/2004|22:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[01/06/2007|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[27/08/2003|15:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/06/2005|13:48] C:\DOCUME~1\pat\APPLIC~1\.BitTornado
[06/06/2005|13:21] C:\DOCUME~1\pat\APPLIC~1\.bittorrent
[04/09/2003|17:58] C:\DOCUME~1\pat\APPLIC~1\Adobe
[04/09/2003|17:58] C:\DOCUME~1\pat\APPLIC~1\AdobeUM
[20/10/2003|20:43] C:\DOCUME~1\pat\APPLIC~1\Ahead
[25/11/2006|10:13] C:\DOCUME~1\pat\APPLIC~1\Apple Computer
[04/11/2004|22:01] C:\DOCUME~1\pat\APPLIC~1\AVG7
[27/08/2003|15:06] C:\DOCUME~1\pat\APPLIC~1\desktop.ini
[25/11/2006|10:28] C:\DOCUME~1\pat\APPLIC~1\DivX
[14/03/2004|19:54] C:\DOCUME~1\pat\APPLIC~1\dm.ini
[15/10/2006|19:24] C:\DOCUME~1\pat\APPLIC~1\Droppix
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\ezplay.cat
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\ezplay.sys
[29/08/2005|22:58] C:\DOCUME~1\pat\APPLIC~1\Google
[04/09/2003|21:49] C:\DOCUME~1\pat\APPLIC~1\Help
[27/08/2003|15:25] C:\DOCUME~1\pat\APPLIC~1\Identities
[11/11/2004|16:41] C:\DOCUME~1\pat\APPLIC~1\Lavasoft
[18/03/2004|22:40] C:\DOCUME~1\pat\APPLIC~1\Leadertech
[27/12/2003|00:40] C:\DOCUME~1\pat\APPLIC~1\Macromedia
[08/05/2008|01:15] C:\DOCUME~1\pat\APPLIC~1\Malwarebytes
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.inf
[14/10/2006|00:13] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.ini
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.log
[25/11/2006|10:42] C:\DOCUME~1\pat\APPLIC~1\Media Player Classic
[27/08/2003|15:05] C:\DOCUME~1\pat\APPLIC~1\Microsoft
[27/08/2003|15:42] C:\DOCUME~1\pat\APPLIC~1\Microsoft Web Folders
[14/02/2005|11:49] C:\DOCUME~1\pat\APPLIC~1\Mozilla
[07/09/2003|22:57] C:\DOCUME~1\pat\APPLIC~1\MSN6
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.cat
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.inf
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.log
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.sys
[29/06/2006|00:50] C:\DOCUME~1\pat\APPLIC~1\Prevx
[06/10/2003|19:57] C:\DOCUME~1\pat\APPLIC~1\Real
[26/12/2003|11:41] C:\DOCUME~1\pat\APPLIC~1\Sony Corporation
[19/06/2005|12:59] C:\DOCUME~1\pat\APPLIC~1\Spybot - Search & Destroy
[03/10/2003|21:30] C:\DOCUME~1\pat\APPLIC~1\Sun
[05/01/2008|12:26] C:\DOCUME~1\pat\APPLIC~1\SWiSHvideo
[05/10/2003|01:44] C:\DOCUME~1\pat\APPLIC~1\Symantec
[14/02/2005|11:50] C:\DOCUME~1\pat\APPLIC~1\Talkback
[23/07/2006|22:24] C:\DOCUME~1\pat\APPLIC~1\Ulead Systems
[20/10/2007|10:15] C:\DOCUME~1\pat\APPLIC~1\Uniblue
[12/10/2007|14:09] C:\DOCUME~1\pat\APPLIC~1\VCOM
[27/01/2006|01:04] C:\DOCUME~1\pat\APPLIC~1\vlc
[14/10/2006|00:13] C:\DOCUME~1\pat\APPLIC~1\Vso
[28/06/2007|00:26] C:\DOCUME~1\pat\APPLIC~1\ZoomBrowser EX

[27/08/2003|15:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/08/2003|15:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\windows\tasks ]---------------

[14/06/2008 02:09][--ah-----] C:\windows\tasks\SA.DAT
[08/05/2008 10:18][--a------] C:\windows\tasks\AppleSoftwareUpdate.job
[14/06/2008 11:03][--a------] C:\windows\tasks\Check Updates for Windows Live Toolbar.job
[14/06/2008 11:08][--a------] C:\windows\tasks\Symantec NetDetect.job
[28/08/2001 14:00][-r-h-----] C:\windows\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[20/03/2005|00:03] C:\Program Files\3aLab
[06/09/2003|02:19] C:\Program Files\3dhq Drivers
[03/03/2004|12:24] C:\Program Files\9Telecom
[21/02/2005|11:20] C:\Program Files\a2
[12/09/2005|15:37] C:\Program Files\AbyssAudio Converter
[03/11/2004|23:14] C:\Program Files\Adobe
[12/01/2005|23:25] C:\Program Files\Alwil Software
[18/05/2007|22:31] C:\Program Files\Apple Software Update
[10/06/2005|09:26] C:\Program Files\ArcSoft
[14/11/2006|00:50] C:\Program Files\a-squared Anti-Dialer
[07/08/2006|17:07] C:\Program Files\a-squared Anti-Malware
[01/08/2006|16:46] C:\Program Files\a-squared Free
[06/09/2006|22:38] C:\Program Files\a-squared HiJackFree
[27/06/2007|23:47] C:\Program Files\Canon
[01/07/2006|21:06] C:\Program Files\CCleaner
[28/08/2003|14:08] C:\Program Files\C-Media
[28/08/2003|14:08] C:\Program Files\C-Media Audio
[04/09/2003|15:55] C:\Program Files\Common Files
[27/08/2003|15:13] C:\Program Files\ComPlus Applications
[16/10/2007|06:13] C:\Program Files\Dictionnaire
[26/12/2003|11:32] C:\Program Files\directx
[07/03/2005|11:32] C:\Program Files\DivX
[12/06/2023|17:08] C:\Program Files\ESET
[29/06/2006|22:57] C:\Program Files\ewido anti-spyware 4.0
[27/08/2003|15:06] C:\Program Files\Fichiers communs
[25/11/2006|09:50] C:\Program Files\FLVPlayer
[16/07/2007|21:01] C:\Program Files\Free Download Manager
[12/10/2007|18:02] C:\Program Files\FreeUndelete(2)
[18/11/2004|23:05] C:\Program Files\Friendly Technologies
[07/03/2005|11:39] C:\Program Files\Google
[04/11/2004|22:01] C:\Program Files\Grisoft
[05/04/2005|21:30] C:\Program Files\GSpot
[25/02/2007|11:54] C:\Program Files\hachette Multimedia
[13/09/2005|00:34] C:\Program Files\HardwareDetection
[28/08/2003|13:43] C:\Program Files\InstallShield Installation Information
[27/08/2003|15:14] C:\Program Files\Internet Explorer
[03/10/2003|21:30] C:\Program Files\Java
[10/03/2006|22:22] C:\Program Files\Kit ADSL
[25/11/2006|10:38] C:\Program Files\K-Lite Codec Pack
[04/09/2003|21:48] C:\Program Files\Lavasoft
[15/12/2006|20:44] C:\Program Files\LimeWire
[19/12/2006|19:29] C:\Program Files\Macrogaming
[08/05/2008|01:04] C:\Program Files\Malwarebytes' Anti-Malware
[27/08/2003|15:13] C:\Program Files\Messenger
[09/03/2005|23:44] C:\Program Files\Microsoft AntiSpyware
[27/08/2003|15:19] C:\Program Files\microsoft frontpage
[27/08/2003|15:42] C:\Program Files\Microsoft Office
[27/08/2003|15:45] C:\Program Files\Microsoft Visual Studio
[10/06/2005|10:19] C:\Program Files\MoodLogic
[21/03/2004|09:58] C:\Program Files\Morgan
[27/08/2003|15:16] C:\Program Files\Movie Maker
[14/02/2005|11:49] C:\Program Files\Mozilla Firefox
[27/08/2003|15:13] C:\Program Files\MSN
[31/07/2004|19:03] C:\Program Files\MSN Apps
[27/08/2003|15:13] C:\Program Files\MSN Gaming Zone
[01/09/2003|21:08] C:\Program Files\MSN Messenger
[06/10/2005|07:47] C:\Program Files\MSXML 4.0
[20/04/2008|23:32] C:\Program Files\MSXML 6.0
[27/08/2003|15:15] C:\Program Files\NetMeeting
[26/01/2006|23:20] C:\Program Files\neuf telecom
[27/08/2003|15:15] C:\Program Files\Outlook Express
[07/05/2008|10:06] C:\Program Files\Pando Networks
[07/05/2008|10:08] C:\Program Files\PandoBar
[08/03/2008|21:03] C:\Program Files\PhotoFiltre
[28/06/2006|23:10] C:\Program Files\Prevx1
[08/03/2004|16:11] C:\Program Files\QuickTime
[17/07/2005|11:51] C:\Program Files\Ratajik Software
[20/03/2005|21:21] C:\Program Files\ReflexiveArcade
[27/08/2003|15:13] C:\Program Files\Services en ligne
[30/01/2007|20:02] C:\Program Files\ShowCam Plus
[08/10/2003|00:02] C:\Program Files\Softwin
[21/02/2007|18:47] C:\Program Files\SpeedFan
[17/02/2008|01:10] C:\Program Files\Spybot - Search & Destroy
[01/06/2007|17:07] C:\Program Files\Sunbelt Software
[05/01/2008|11:47] C:\Program Files\SWiSHvideo2
[30/08/2004|23:24] C:\Program Files\Symantec
[14/06/2008|10:34] C:\Program Files\Trend Micro
[23/07/2006|22:16] C:\Program Files\Trust
[27/08/2003|15:25] C:\Program Files\Uninstall Information
[11/03/2006|18:27] C:\Program Files\USB Driver-Express
[12/10/2007|14:08] C:\Program Files\VCOM
[22/12/2006|14:08] C:\Program Files\VIA
[09/05/2006|19:26] C:\Program Files\VideoLAN
[05/10/2003|01:18] C:\Program Files\WinAce
[01/09/2003|17:18] C:\Program Files\Winamp3
[20/08/2006|00:18] C:\Program Files\Windows Live Toolbar
[27/08/2003|15:15] C:\Program Files\Windows Media Player
[27/08/2003|15:12] C:\Program Files\Windows NT
[27/08/2003|15:13] C:\Program Files\WindowsUpdate
[03/03/2004|11:59] C:\Program Files\WinPoET
[01/09/2003|17:05] C:\Program Files\WinZip
[27/08/2003|15:19] C:\Program Files\xerox
[24/01/2005|15:58] C:\Program Files\Yahoo!
[08/09/2003|13:33] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/04/2004|23:49] C:\Program Files\Fichiers communs\Adobe
[20/04/2008|23:35] C:\Program Files\Fichiers communs\Adobe AIR
[06/04/2004|20:10] C:\Program Files\Fichiers communs\Ahead
[27/06/2007|23:43] C:\Program Files\Fichiers communs\Canon
[27/08/2003|15:45] C:\Program Files\Fichiers communs\Designer
[18/11/2004|23:05] C:\Program Files\Fichiers communs\FTL Shared
[28/08/2003|13:43] C:\Program Files\Fichiers communs\InstallShield
[18/10/2006|23:51] C:\Program Files\Fichiers communs\Java
[27/08/2003|15:06] C:\Program Files\Fichiers communs\Microsoft Shared
[27/08/2003|15:14] C:\Program Files\Fichiers communs\MSSoap
[05/01/2004|19:38] C:\Program Files\Fichiers communs\NSV
[27/08/2003|15:06] C:\Program Files\Fichiers communs\ODBC
[06/10/2003|19:57] C:\Program Files\Fichiers communs\Real
[27/08/2003|15:15] C:\Program Files\Fichiers communs\Services
[01/09/2003|17:02] C:\Program Files\Fichiers communs\Softwin
[27/08/2003|15:06] C:\Program Files\Fichiers communs\SpeechEngines
[05/10/2003|01:44] C:\Program Files\Fichiers communs\Symantec Shared
[27/08/2003|15:14] C:\Program Files\Fichiers communs\System
[05/09/2003|23:58] C:\Program Files\Fichiers communs\Vbox
[31/01/2008|08:06] C:\Program Files\Fichiers communs\Wise Installation Wizard
[14/09/2004|20:47] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 38

iexplore.exe ~ [3076]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 11:19:02
Windows 5.1.2600 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\pat\Mes documents\Powerquest_Partition_Magic_v8.0_French_by_SuperGege\Crack.exe


[F:106][D:34]-> C:\DOCUME~1\pat\LOCALS~1\Temp
[F:51][D:0]-> C:\DOCUME~1\pat\Cookies
[F:1311][D:7]-> C:\DOCUME~1\pat\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------[ Fin du rapport a 11:19:55,47 ]----------------------
0
Réponse 2 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
14 juin 2008 à 11:26
pour virer ce qui est trouvé:

* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

puis telecharge hijackthis fais un scan et colle moi le log ici:

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

tuto:

https://forums.cnetfrance.fr
0
katshadow
14 juin 2008 à 12:02
salut!

au moment de poster les rapports LopR et Hijackthis j'ai encore obtenu un message de nod32 concernant allaple ver détécté et mis en quarantaine, et je me suis fait jeté par le message autorité NT qui a redémarré le système

voici le rapport LopR


-----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600 ]
[ USER : pat ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 14/06/2008 | 11:28:57,95 ] [ PC : PATOCHE ]
[ MAJ : 13-06-2008 | 02:10 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[27/08/2003|15:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[27/08/2003|15:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[14/03/2004|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/11/2006|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[04/11/2004|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG7
[27/08/2003|15:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[14/10/2006|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[12/09/2006|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[29/06/2007|14:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[08/05/2008|01:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/08/2005|23:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[27/08/2003|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2003|22:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[22/12/2006|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[18/06/2004|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[26/12/2003|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[01/09/2005|00:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/05/2004|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[05/10/2003|01:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[23/07/2006|22:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/08/2006|00:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/07/2006|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[27/06/2007|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser

[27/08/2003|15:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[04/11/2004|22:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[01/06/2007|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[27/08/2003|15:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[06/06/2005|13:48] C:\DOCUME~1\pat\APPLIC~1\.BitTornado
[06/06/2005|13:21] C:\DOCUME~1\pat\APPLIC~1\.bittorrent
[04/09/2003|17:58] C:\DOCUME~1\pat\APPLIC~1\Adobe
[04/09/2003|17:58] C:\DOCUME~1\pat\APPLIC~1\AdobeUM
[20/10/2003|20:43] C:\DOCUME~1\pat\APPLIC~1\Ahead
[25/11/2006|10:13] C:\DOCUME~1\pat\APPLIC~1\Apple Computer
[04/11/2004|22:01] C:\DOCUME~1\pat\APPLIC~1\AVG7
[27/08/2003|15:06] C:\DOCUME~1\pat\APPLIC~1\desktop.ini
[25/11/2006|10:28] C:\DOCUME~1\pat\APPLIC~1\DivX
[14/03/2004|19:54] C:\DOCUME~1\pat\APPLIC~1\dm.ini
[15/10/2006|19:24] C:\DOCUME~1\pat\APPLIC~1\Droppix
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\ezplay.cat
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\ezplay.sys
[29/08/2005|22:58] C:\DOCUME~1\pat\APPLIC~1\Google
[04/09/2003|21:49] C:\DOCUME~1\pat\APPLIC~1\Help
[27/08/2003|15:25] C:\DOCUME~1\pat\APPLIC~1\Identities
[11/11/2004|16:41] C:\DOCUME~1\pat\APPLIC~1\Lavasoft
[18/03/2004|22:40] C:\DOCUME~1\pat\APPLIC~1\Leadertech
[27/12/2003|00:40] C:\DOCUME~1\pat\APPLIC~1\Macromedia
[08/05/2008|01:15] C:\DOCUME~1\pat\APPLIC~1\Malwarebytes
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.inf
[14/10/2006|00:13] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.ini
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\MCDJJTNX.log
[25/11/2006|10:42] C:\DOCUME~1\pat\APPLIC~1\Media Player Classic
[27/08/2003|15:05] C:\DOCUME~1\pat\APPLIC~1\Microsoft
[27/08/2003|15:42] C:\DOCUME~1\pat\APPLIC~1\Microsoft Web Folders
[14/02/2005|11:49] C:\DOCUME~1\pat\APPLIC~1\Mozilla
[07/09/2003|22:57] C:\DOCUME~1\pat\APPLIC~1\MSN6
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.cat
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.inf
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.log
[14/10/2006|19:40] C:\DOCUME~1\pat\APPLIC~1\pcouffin.sys
[29/06/2006|00:50] C:\DOCUME~1\pat\APPLIC~1\Prevx
[06/10/2003|19:57] C:\DOCUME~1\pat\APPLIC~1\Real
[26/12/2003|11:41] C:\DOCUME~1\pat\APPLIC~1\Sony Corporation
[19/06/2005|12:59] C:\DOCUME~1\pat\APPLIC~1\Spybot - Search & Destroy
[03/10/2003|21:30] C:\DOCUME~1\pat\APPLIC~1\Sun
[05/01/2008|12:26] C:\DOCUME~1\pat\APPLIC~1\SWiSHvideo
[05/10/2003|01:44] C:\DOCUME~1\pat\APPLIC~1\Symantec
[14/02/2005|11:50] C:\DOCUME~1\pat\APPLIC~1\Talkback
[23/07/2006|22:24] C:\DOCUME~1\pat\APPLIC~1\Ulead Systems
[20/10/2007|10:15] C:\DOCUME~1\pat\APPLIC~1\Uniblue
[12/10/2007|14:09] C:\DOCUME~1\pat\APPLIC~1\VCOM
[27/01/2006|01:04] C:\DOCUME~1\pat\APPLIC~1\vlc
[14/10/2006|00:13] C:\DOCUME~1\pat\APPLIC~1\Vso
[28/06/2007|00:26] C:\DOCUME~1\pat\APPLIC~1\ZoomBrowser EX

[27/08/2003|15:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/08/2003|15:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\windows\tasks ]---------------

[14/06/2008 02:09][--ah-----] C:\windows\tasks\SA.DAT
[08/05/2008 10:18][--a------] C:\windows\tasks\AppleSoftwareUpdate.job
[14/06/2008 11:03][--a------] C:\windows\tasks\Check Updates for Windows Live Toolbar.job
[14/06/2008 11:28][--a------] C:\windows\tasks\Symantec NetDetect.job
[28/08/2001 14:00][-r-h-----] C:\windows\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[20/03/2005|00:03] C:\Program Files\3aLab
[06/09/2003|02:19] C:\Program Files\3dhq Drivers
[03/03/2004|12:24] C:\Program Files\9Telecom
[21/02/2005|11:20] C:\Program Files\a2
[12/09/2005|15:37] C:\Program Files\AbyssAudio Converter
[03/11/2004|23:14] C:\Program Files\Adobe
[12/01/2005|23:25] C:\Program Files\Alwil Software
[18/05/2007|22:31] C:\Program Files\Apple Software Update
[10/06/2005|09:26] C:\Program Files\ArcSoft
[14/11/2006|00:50] C:\Program Files\a-squared Anti-Dialer
[07/08/2006|17:07] C:\Program Files\a-squared Anti-Malware
[01/08/2006|16:46] C:\Program Files\a-squared Free
[06/09/2006|22:38] C:\Program Files\a-squared HiJackFree
[27/06/2007|23:47] C:\Program Files\Canon
[01/07/2006|21:06] C:\Program Files\CCleaner
[28/08/2003|14:08] C:\Program Files\C-Media
[28/08/2003|14:08] C:\Program Files\C-Media Audio
[04/09/2003|15:55] C:\Program Files\Common Files
[27/08/2003|15:13] C:\Program Files\ComPlus Applications
[16/10/2007|06:13] C:\Program Files\Dictionnaire
[26/12/2003|11:32] C:\Program Files\directx
[07/03/2005|11:32] C:\Program Files\DivX
[12/06/2023|17:08] C:\Program Files\ESET
[29/06/2006|22:57] C:\Program Files\ewido anti-spyware 4.0
[27/08/2003|15:06] C:\Program Files\Fichiers communs
[25/11/2006|09:50] C:\Program Files\FLVPlayer
[16/07/2007|21:01] C:\Program Files\Free Download Manager
[12/10/2007|18:02] C:\Program Files\FreeUndelete(2)
[18/11/2004|23:05] C:\Program Files\Friendly Technologies
[07/03/2005|11:39] C:\Program Files\Google
[04/11/2004|22:01] C:\Program Files\Grisoft
[05/04/2005|21:30] C:\Program Files\GSpot
[25/02/2007|11:54] C:\Program Files\hachette Multimedia
[13/09/2005|00:34] C:\Program Files\HardwareDetection
[28/08/2003|13:43] C:\Program Files\InstallShield Installation Information
[27/08/2003|15:14] C:\Program Files\Internet Explorer
[03/10/2003|21:30] C:\Program Files\Java
[10/03/2006|22:22] C:\Program Files\Kit ADSL
[25/11/2006|10:38] C:\Program Files\K-Lite Codec Pack
[04/09/2003|21:48] C:\Program Files\Lavasoft
[15/12/2006|20:44] C:\Program Files\LimeWire
[19/12/2006|19:29] C:\Program Files\Macrogaming
[08/05/2008|01:04] C:\Program Files\Malwarebytes' Anti-Malware
[27/08/2003|15:13] C:\Program Files\Messenger
[09/03/2005|23:44] C:\Program Files\Microsoft AntiSpyware
[27/08/2003|15:19] C:\Program Files\microsoft frontpage
[27/08/2003|15:42] C:\Program Files\Microsoft Office
[27/08/2003|15:45] C:\Program Files\Microsoft Visual Studio
[10/06/2005|10:19] C:\Program Files\MoodLogic
[21/03/2004|09:58] C:\Program Files\Morgan
[27/08/2003|15:16] C:\Program Files\Movie Maker
[14/02/2005|11:49] C:\Program Files\Mozilla Firefox
[27/08/2003|15:13] C:\Program Files\MSN
[31/07/2004|19:03] C:\Program Files\MSN Apps
[27/08/2003|15:13] C:\Program Files\MSN Gaming Zone
[01/09/2003|21:08] C:\Program Files\MSN Messenger
[06/10/2005|07:47] C:\Program Files\MSXML 4.0
[20/04/2008|23:32] C:\Program Files\MSXML 6.0
[27/08/2003|15:15] C:\Program Files\NetMeeting
[26/01/2006|23:20] C:\Program Files\neuf telecom
[27/08/2003|15:15] C:\Program Files\Outlook Express
[07/05/2008|10:06] C:\Program Files\Pando Networks
[07/05/2008|10:08] C:\Program Files\PandoBar
[08/03/2008|21:03] C:\Program Files\PhotoFiltre
[28/06/2006|23:10] C:\Program Files\Prevx1
[08/03/2004|16:11] C:\Program Files\QuickTime
[17/07/2005|11:51] C:\Program Files\Ratajik Software
[20/03/2005|21:21] C:\Program Files\ReflexiveArcade
[27/08/2003|15:13] C:\Program Files\Services en ligne
[30/01/2007|20:02] C:\Program Files\ShowCam Plus
[08/10/2003|00:02] C:\Program Files\Softwin
[21/02/2007|18:47] C:\Program Files\SpeedFan
[17/02/2008|01:10] C:\Program Files\Spybot - Search & Destroy
[01/06/2007|17:07] C:\Program Files\Sunbelt Software
[05/01/2008|11:47] C:\Program Files\SWiSHvideo2
[30/08/2004|23:24] C:\Program Files\Symantec
[14/06/2008|10:34] C:\Program Files\Trend Micro
[23/07/2006|22:16] C:\Program Files\Trust
[27/08/2003|15:25] C:\Program Files\Uninstall Information
[11/03/2006|18:27] C:\Program Files\USB Driver-Express
[12/10/2007|14:08] C:\Program Files\VCOM
[22/12/2006|14:08] C:\Program Files\VIA
[09/05/2006|19:26] C:\Program Files\VideoLAN
[05/10/2003|01:18] C:\Program Files\WinAce
[01/09/2003|17:18] C:\Program Files\Winamp3
[20/08/2006|00:18] C:\Program Files\Windows Live Toolbar
[27/08/2003|15:15] C:\Program Files\Windows Media Player
[27/08/2003|15:12] C:\Program Files\Windows NT
[27/08/2003|15:13] C:\Program Files\WindowsUpdate
[03/03/2004|11:59] C:\Program Files\WinPoET
[01/09/2003|17:05] C:\Program Files\WinZip
[27/08/2003|15:19] C:\Program Files\xerox
[24/01/2005|15:58] C:\Program Files\Yahoo!
[08/09/2003|13:33] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[01/04/2004|23:49] C:\Program Files\Fichiers communs\Adobe
[20/04/2008|23:35] C:\Program Files\Fichiers communs\Adobe AIR
[06/04/2004|20:10] C:\Program Files\Fichiers communs\Ahead
[27/06/2007|23:43] C:\Program Files\Fichiers communs\Canon
[27/08/2003|15:45] C:\Program Files\Fichiers communs\Designer
[18/11/2004|23:05] C:\Program Files\Fichiers communs\FTL Shared
[28/08/2003|13:43] C:\Program Files\Fichiers communs\InstallShield
[18/10/2006|23:51] C:\Program Files\Fichiers communs\Java
[27/08/2003|15:06] C:\Program Files\Fichiers communs\Microsoft Shared
[27/08/2003|15:14] C:\Program Files\Fichiers communs\MSSoap
[05/01/2004|19:38] C:\Program Files\Fichiers communs\NSV
[27/08/2003|15:06] C:\Program Files\Fichiers communs\ODBC
[06/10/2003|19:57] C:\Program Files\Fichiers communs\Real
[27/08/2003|15:15] C:\Program Files\Fichiers communs\Services
[01/09/2003|17:02] C:\Program Files\Fichiers communs\Softwin
[27/08/2003|15:06] C:\Program Files\Fichiers communs\SpeechEngines
[05/10/2003|01:44] C:\Program Files\Fichiers communs\Symantec Shared
[27/08/2003|15:14] C:\Program Files\Fichiers communs\System
[05/09/2003|23:58] C:\Program Files\Fichiers communs\Vbox
[31/01/2008|08:06] C:\Program Files\Fichiers communs\Wise Installation Wizard
[14/09/2004|20:47] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 35

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 11:35:45
Windows 5.1.2600 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

=> C:\Documents and Settings\pat\Mes documents\Powerquest_Partition_Magic_v8.0_French_by_SuperGege\Crack.exe


[F:106][D:34]-> C:\DOCUME~1\pat\LOCALS~1\Temp
[F:56][D:0]-> C:\DOCUME~1\pat\Cookies
[F:1577][D:7]-> C:\DOCUME~1\pat\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

--------------------[ Fin du rapport a 11:36:11,64 ]----------------------

et voici le rapport hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:13, on 14/06/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\MoodLogic\Service\Updater.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
D:\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
C:\windows\System32\alg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\windows\System32\svchost.exe
C:\windows\System32\taskmgr.exe
C:\windows\System32\wdfmgr.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\windows\System32\wuauclt.exe
c:\program files\a-squared free\a2service.exe
C:\windows\System32\cmd.exe
C:\windows\explorer.exe
C:\windows\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [MoodLogic Updater] C:\Program Files\MoodLogic\Service\Updater.exe
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Program Files\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RunDll32 C:\Program Files\C-Media\WIN_ME\CMICNFG.CPL,CMICtrlWnd] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Update] scvvhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9a06796254b64d5c86f7fdd17577a22b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9a06796254b64d5c86f7fdd17577a22b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 3 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
14 juin 2008 à 12:05
essais:

http://www.avgfrance.com/fr.52.ndi-67767
http://www.avgfrance.com/fr.52.ndi-67751
0
katshadow
14 juin 2008 à 15:54
salut fiat500 et encore merci pour tous ces tuyaux!

j'ai utilisé les utilitaires mon PC semble un peu plus vif. en revanche la page windows update est toujours blanche.

et j'ai refait un nouveau scan avec hijack this dont voici le résultat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:31, on 14/06/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\MoodLogic\Service\Updater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\a-squared Anti-Dialer\a2adguard.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
D:\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\a-squared Anti-Dialer\a2service.exe
c:\program files\a-squared free\a2service.exe
C:\windows\System32\alg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\windows\System32\svchost.exe
C:\windows\System32\wdfmgr.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\windows\System32\wuauclt.exe
C:\windows\System32\wuauclt.exe
C:\windows\System32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [MoodLogic Updater] C:\Program Files\MoodLogic\Service\Updater.exe
O4 - HKLM\..\Run: [IEXPLORE.EXE] C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [a-squared Anti-Dialer] "C:\Program Files\a-squared Anti-Dialer\a2adguard.exe"
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RunDll32 C:\Program Files\C-Media\WIN_ME\CMICNFG.CPL,CMICtrlWnd] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Update] scvvhost.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?9a06796254b64d5c86f7fdd17577a22b
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?9a06796254b64d5c86f7fdd17577a22b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: a-squared Anti-Dialer Service (a2AntiDialer) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Dialer\a2service.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
0
Réponse 4 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
15 juin 2008 à 09:40
deja mes a jour ton internet explorer:

https://www.01net.com/services/

puis telecharge malwarebytes mes le a jour puis lance un scan complet et supprime tous se qu'il trouve

aide:


https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
katshadow
26 juin 2008 à 01:14
salut fiat,

malgré tous mes efforts, je n'ai pas réussi à mettre à jour IE (pages blanche, PC de plus en plus lent).
finalement j'ai pris mon courage à deux mains et j'ai reformaté mon disc dur.

depuis tout refonctionne comme avant et j'ai pu installer les dernières mises à jour windows.

un grand merci pour ton aide précieuse!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
26 juin 2008 à 20:39
ok a+ et derien n'oublie pas de mettre resolue
0
katshadow
1 juil. 2008 à 01:51
excuse moi de poser des questions élémentaires, mais comment archiver ma requête en "incident résolu"? :)
0
Réponse 6 / 6
fiat500 Messages postés 2621 Date d'inscription vendredi 30 mai 2008 Statut Membre Dernière intervention 25 mars 2009 82
1 juil. 2008 à 15:09
Pour mettre en résolu facile
Au dessus de ton message initial dans un cadre jaune et orange, une case a cocher et valider
Ou encore en rédigeant un message au dessous de la zone de saisie une case a cocher aussi, avant de cliquer sur ajouter pour valider le message
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses