Pb page bureau bloqué

cyrielle -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour, voila tout d'abord voici un log de mon pc:
Y at'il quelque chose de pas bien la dedans , car ma page bureau est complétement bloqué aprés 5minutes d'inutilisation!Donc impossible de faire quoi que ce soyes !A part débrancher sur le secteur !Aie !!
J'ai eue 6 virus généric malware désinfecté par panda anti virus!
Bref que dois je faire?
Merci merci de votre aide précieuse car je suis complétement désarmée la!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:49, on 07/10/2008
Platform: Windows XP SP2
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\system32\PSIService.exe
c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\CONTRO~1\bin\optgui.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {D4294371-D084-CB53-69B2-096D52D5B7B1} - C:\DOCUME~1\COMPAQ~1\APPLIC~1\MATHFR~1\spamwin.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\496ZC12J\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [send glue shim cast] C:\Documents and Settings\All Users\Application Data\Web Meta Send Glue\Meet stupid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [ACROMOUSE] C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Road Window] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DRIVEF~1\LOG COAL.exe
O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: WiFi Station
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http:
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} -
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

--
End of file - 12444 bytes
Configuration: Windows XP
Firefox 3.0.3

39 réponses

  • 1
  • 2
  1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Bonjour,

    tu es infecté (pas sûr que ça suffise mais il faut traiter).

    Télécharge Lop S&D ici :

    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

    Double-clique dessus pour lancer l'installation

    Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

    Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

    Patiente jusqu'à la fin du scan

    Poste le rapport généré ( C:lopR.txt )
    1
  2. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
     
    Re,

    Relance Lop S&D

    Choisis cette fois ci l'Option 2 ( Suppression )

    Ne ferme pas la fenêtre lors de la suppression !

    Poste le rapport généré ( C:\lopR.txt )

    ( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

    Nouvelle tâche, tape explorer.exe et valide )

    Télécharge ici :

    http://images.malwareremoval.com/random/RSIT.exe

    random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

    Double-clique sur RSIT.exe afin de lancer RSIT.

    Clique Continue à l'écran Disclaimer.

    Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    1
  3. cyrielle
     
    voici le rapport! Stp

    --------------------\\ Lop S&D 4.2.4-5 XP/Vista

    "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
    Option : [1] ( 07/10/2008|16:16 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [21/02/2008|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [29/07/2005|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [10/04/2006|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [14/05/2006|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [27/03/2006|08:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [05/06/2005|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [06/11/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [16/05/2007|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ENJOY Plus!
    [05/10/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [12/07/2007|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [10/11/2005|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [01/01/2005|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [29/08/2005|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [05/10/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [09/11/2007|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/01/2006|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [01/01/2005|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [05/06/2005|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/05/2008|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
    [19/07/2005|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [19/06/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/04/2006|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Web Meta Send Glue
    [29/01/2006|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/03/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [07/07/2008|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [19/07/2007|19:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ACD Systems
    [07/02/2008|19:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
    [29/05/2005|04:31] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    [22/08/2005|06:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead
    [19/06/2008|19:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AKVIS LLC
    [10/04/2006|19:55] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AOL
    [15/05/2006|14:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
    [04/12/2007|17:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Corel
    [18/05/2005|10:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
    [18/06/2006|21:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DeskSoft
    [12/04/2006|20:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Drive flap
    [22/12/2005|18:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
    [12/05/2005|17:19] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    [14/05/2005|07:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Hewlett-Packard
    [02/10/2005|07:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
    [25/07/2005|01:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo
    [06/04/2006|13:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ispnews
    [03/06/2006|21:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    [24/05/2005|11:03] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
    [05/10/2008|21:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Malwarebytes
    [12/04/2006|20:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\math frag proc
    [07/04/2008|20:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
    [12/12/2006|19:31] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Morpheus Software
    [04/10/2005|22:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Motive
    [09/09/2008|20:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
    [16/05/2005|21:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\MSNInstaller
    [29/06/2005|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\OLYMPUS
    [19/05/2006|14:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
    [01/01/2005|20:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView
    [03/06/2006|21:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
    [01/01/2005|20:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
    [12/05/2005|14:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
    [12/04/2006|19:50] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Thunderbird
    [19/07/2007|19:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Wannadoo
    [20/02/2008|18:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Live Writer
    [14/05/2007|19:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\wxMozze

    [01/01/2005|20:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2005|20:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2005|20:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2005|20:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2005|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [12/04/2006|21:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Drive flap
    [12/04/2006|21:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\math frag proc
    [18/04/2006|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [12/04/2006|21:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Drive flap
    [28/12/2005|01:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\math frag proc
    [27/03/2006|08:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [07/10/2008 16:00][--ah-----] C:\WINDOWS\tasks\A63BA11291B05976.job
    [07/10/2008 16:00][--ah-----] C:\WINDOWS\tasks\AAA52E409196A2F8.job
    [07/10/2008 16:00][--ah-----] C:\WINDOWS\tasks\A1C6936691890ABE.job
    [07/10/2008 16:00][--ah-----] C:\WINDOWS\tasks\AD42CCB691854026.job
    [15/08/2005 10:15][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1116048714.job
    [07/10/2008 15:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    ( A1C6936691890ABE.job )=( c:\windows\system32\config\system~1\applic~1\drivef~1\ballmessbows.exe )
    ( A63BA11291B05976.job )=( c:\docume~1\compaq~1\applic~1\drivef~1\ballmessbows.exe )
    ( AAA52E409196A2F8.job )=( c:\docume~1\locals~1\applic~1\drivef~1\ballmessbows.exe )
    ( AD42CCB691854026.job )=( c:\docume~1\locals~1\applic~1\drivef~1\ballmessbows.exe )

    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "DisplayName"="Messenger Plus! 3 & Sponsor"
    "SponsorInstalled"=dword:00000000

    --------------------\\ Listing des dossiers dans C:\Program Files

    [12/04/2006|19:56] C:\Program Files\ACD Systems
    [01/07/2008|15:55] C:\Program Files\Adobe
    [29/07/2005|10:43] C:\Program Files\Ahead
    [19/06/2008|19:49] C:\Program Files\AKVIS
    [20/08/2005|01:28] C:\Program Files\Alwil Software
    [01/10/2005|23:09] C:\Program Files\AxBx
    [09/09/2005|09:53] C:\Program Files\BoontyGames
    [06/07/2008|23:39] C:\Program Files\CCleaner
    [17/03/2006|23:30] C:\Program Files\Classysoft
    [25/03/2006|05:17] C:\Program Files\Common Files
    [24/11/2004|03:37] C:\Program Files\ComPlus Applications
    [01/02/2008|17:06] C:\Program Files\Controle Parental
    [17/05/2005|22:17] C:\Program Files\Creative
    [24/03/2006|12:02] C:\Program Files\Drive flap
    [12/04/2006|19:06] C:\Program Files\Easy Internet signup
    [12/08/2008|20:04] C:\Program Files\eMule
    [16/05/2007|21:49] C:\Program Files\ENJOY Plus!
    [14/05/2007|19:58] C:\Program Files\Evermore
    [05/03/2008|00:48] C:\Program Files\Fichiers communs
    [06/10/2008|18:39] C:\Program Files\Fighters
    [18/12/2006|19:35] C:\Program Files\Google
    [10/11/2005|22:54] C:\Program Files\Grisoft
    [25/05/2005|11:56] C:\Program Files\help
    [12/04/2006|19:34] C:\Program Files\Help and Support Additions
    [20/01/2008|20:15] C:\Program Files\Hercules
    [14/05/2005|07:31] C:\Program Files\Hewlett-Packard
    [25/08/2008|17:51] C:\Program Files\IMS Ltd
    [06/07/2008|23:54] C:\Program Files\InstallShield Installation Information
    [15/08/2008|00:01] C:\Program Files\Internet Explorer
    [30/04/2007|21:38] C:\Program Files\InterVideo
    [27/06/2007|16:27] C:\Program Files\IrfanView
    [24/08/2008|13:02] C:\Program Files\Java
    [12/12/2006|17:15] C:\Program Files\KC Softwares
    [19/05/2005|19:38] C:\Program Files\Lavasoft
    [03/09/2005|15:26] C:\Program Files\Livecom
    [27/10/2005|01:19] C:\Program Files\Lyrod
    [01/01/2005|20:48] C:\Program Files\Macrovision Corp
    [05/10/2008|21:11] C:\Program Files\Malwarebytes' Anti-Malware
    [15/08/2008|00:02] C:\Program Files\Messenger
    [09/04/2008|16:24] C:\Program Files\Messenger Plus! Live
    [23/09/2006|10:43] C:\Program Files\MessengerPlus! 3
    [09/05/2007|23:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/11/2004|05:27] C:\Program Files\microsoft frontpage
    [03/12/2007|12:21] C:\Program Files\Microsoft SQL Server Compact Edition
    [26/06/2007|09:08] C:\Program Files\Mihov Image Resizer
    [25/08/2005|09:24] C:\Program Files\Montparnasse multimedia
    [25/11/2004|05:27] C:\Program Files\Movie Maker
    [07/10/2008|15:19] C:\Program Files\Mozilla Firefox
    [02/06/2008|16:38] C:\Program Files\Mozilla Thunderbird
    [12/05/2005|06:11] C:\Program Files\MSN
    [17/05/2005|22:48] C:\Program Files\MSN Apps
    [25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
    [07/11/2007|20:49] C:\Program Files\MSXML 4.0
    [11/09/2007|22:58] C:\Program Files\NetMeeting
    [29/04/2007|22:03] C:\Program Files\Noiseware Community Edition
    [09/11/2007|10:43] C:\Program Files\Nsasoft
    [29/06/2005|11:24] C:\Program Files\OLYMPUS
    [25/11/2004|05:27] C:\Program Files\Online Services
    [16/01/2008|23:30] C:\Program Files\Orange
    [13/06/2007|22:42] C:\Program Files\Outlook Express
    [11/09/2008|18:45] C:\Program Files\Paint.NET
    [06/07/2008|23:16] C:\Program Files\Panda Security
    [01/05/2008|23:07] C:\Program Files\Panda Software
    [23/06/2006|14:10] C:\Program Files\Photobie
    [13/12/2006|15:33] C:\Program Files\PhotoFiltre
    [22/05/2008|21:08] C:\Program Files\Picasa2
    [29/06/2005|11:23] C:\Program Files\PIXELA
    [10/04/2007|22:25] C:\Program Files\program
    [30/04/2007|20:36] C:\Program Files\QuickTime
    [12/05/2005|23:06] C:\Program Files\Real
    [12/04/2006|19:24] C:\Program Files\RegCleaner
    [12/04/2006|19:15] C:\Program Files\RegSeeker
    [12/04/2006|19:09] C:\Program Files\RegSupreme Pro
    [16/01/2008|23:14] C:\Program Files\SAGEM
    [16/01/2008|23:13] C:\Program Files\Securitoo
    [17/03/2006|14:33] C:\Program Files\Serif
    [01/01/2005|20:30] C:\Program Files\Services en ligne
    [25/05/2005|11:55] C:\Program Files\share
    [01/01/2005|20:18] C:\Program Files\Sonic
    [12/12/2006|21:11] C:\Program Files\Sonic RecordNow!
    [19/05/2006|09:09] C:\Program Files\Sunbelt Software
    [08/04/2006|11:21] C:\Program Files\Symantec
    [05/09/2008|19:57] C:\Program Files\Tech
    [06/10/2008|18:33] C:\Program Files\Trend Micro
    [06/07/2008|23:55] C:\Program Files\Ubisoft
    [24/11/2004|03:37] C:\Program Files\Uninstall Information
    [25/05/2005|11:56] C:\Program Files\user
    [28/10/2006|18:37] C:\Program Files\Vimicro
    [11/02/2007|22:15] C:\Program Files\VI-SOFT
    [10/04/2006|19:23] C:\Program Files\Wanadoo
    [28/02/2008|00:04] C:\Program Files\Windows Live
    [08/12/2006|19:07] C:\Program Files\Windows Media Connect 2
    [25/04/2007|20:41] C:\Program Files\Windows Media Player
    [01/01/2005|10:06] C:\Program Files\Windows NT
    [24/11/2004|03:37] C:\Program Files\WindowsUpdate
    [22/10/2005|03:10] C:\Program Files\WinRamTurboLanguage
    [30/04/2007|20:37] C:\Program Files\WinRAR
    [25/11/2004|05:28] C:\Program Files\xerox
    [06/07/2008|23:39] C:\Program Files\Yahoo!
    [25/07/2005|00:06] C:\Program Files\Zero Assumption Digital Image Recovery
    [12/12/2006|21:19] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [25/06/2007|14:30] C:\Program Files\Fichiers communs\ACD Systems
    [21/02/2008|12:02] C:\Program Files\Fichiers communs\Adobe
    [29/07/2005|10:39] C:\Program Files\Fichiers communs\Ahead
    [10/04/2006|19:55] C:\Program Files\Fichiers communs\AOL
    [05/06/2005|21:52] C:\Program Files\Fichiers communs\BOONTY Shared
    [16/01/2008|23:27] C:\Program Files\Fichiers communs\France Telecom
    [14/05/2005|07:02] C:\Program Files\Fichiers communs\Hewlett-Packard
    [01/01/2005|20:48] C:\Program Files\Fichiers communs\InstallShield
    [01/01/2005|20:05] C:\Program Files\Fichiers communs\Java
    [29/08/2005|13:58] C:\Program Files\Fichiers communs\Macrovision Shared
    [03/12/2007|12:11] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
    [12/05/2005|23:06] C:\Program Files\Fichiers communs\Nullsoft
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
    [01/05/2008|23:11] C:\Program Files\Fichiers communs\Panda Software
    [19/05/2006|14:41] C:\Program Files\Fichiers communs\Real
    [01/01/2005|10:06] C:\Program Files\Fichiers communs\Services
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
    [01/01/2005|20:18] C:\Program Files\Fichiers communs\SureThing Shared
    [08/04/2006|11:17] C:\Program Files\Fichiers communs\Symantec Shared
    [13/06/2007|22:42] C:\Program Files\Fichiers communs\System
    [17/03/2006|22:47] C:\Program Files\Fichiers communs\Vbox
    [03/12/2007|12:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 62 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\COMPAQ~1\APPLIC~1\drivef~1
    C:\DOCUME~1\LOCALS~1\APPLIC~1\drivef~1
    C:\DOCUME~1\NETWOR~1\APPLIC~1\drivef~1
    C:\Program Files\drivef~1
    C:\WINDOWS\Tasks\A1C6936691890ABE.job
    C:\WINDOWS\Tasks\A63BA11291B05976.job
    C:\WINDOWS\Tasks\AAA52E409196A2F8.job
    C:\WINDOWS\Tasks\AD42CCB691854026.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Road Window"="C:\\DOCUME~1\\COMPAQ~1\\APPLIC~1\\DRIVEF~1\\LOG COAL.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-07 16:19:19
    Windows 5.1.2600 Service Pack 2 NTFS
    detected NTDLL code modification:
    ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:138][D:3]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
    [F:3][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
    [F:1][D:0]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 07/10/2008|16:22 - Option : [1]

    --------------------\\ Fin du rapport a 16:22:03
    0
  4. cyrielle
     
    premier rapport avec lopr:

    --------------------\\ Lop S&D 4.2.4-5 XP/Vista

    "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
    Option : [2] ( 07/10/2008|17:32 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\WINDOWS\Tasks\A1C6936691890ABE.job
    Supprime! - C:\WINDOWS\Tasks\A63BA11291B05976.job
    Supprime! - C:\WINDOWS\Tasks\AAA52E409196A2F8.job
    Supprime! - C:\WINDOWS\Tasks\AD42CCB691854026.job
    Supprime! - C:\DOCUME~1\COMPAQ~1\APPLIC~1\drivef~1
    Supprime! - C:\DOCUME~1\LOCALS~1\APPLIC~1\drivef~1
    Supprime! - C:\DOCUME~1\NETWOR~1\APPLIC~1\drivef~1
    Supprime! - C:\Program Files\drivef~1

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [21/02/2008|12:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [29/07/2005|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [10/04/2006|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [14/05/2006|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [27/03/2006|08:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [05/06/2005|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [06/11/2007|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
    [16/05/2007|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ENJOY Plus!
    [05/10/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
    [12/07/2007|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [10/11/2005|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [01/01/2005|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [29/08/2005|13:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [05/10/2008|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [09/11/2007|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [21/01/2006|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [01/01/2005|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [05/06/2005|21:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [01/05/2008|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\sentinel
    [19/07/2005|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [19/06/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [12/04/2006|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Web Meta Send Glue
    [29/01/2006|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [11/03/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [07/07/2008|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [19/07/2007|19:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ACD Systems
    [07/02/2008|19:13] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Adobe
    [29/05/2005|04:31] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AdobeUM
    [22/08/2005|06:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Ahead
    [19/06/2008|19:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AKVIS LLC
    [10/04/2006|19:55] C:\DOCUME~1\COMPAQ~1\APPLIC~1\AOL
    [15/05/2006|14:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Apple Computer
    [04/12/2007|17:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Corel
    [18/05/2005|10:02] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Creative
    [18/06/2006|21:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\DeskSoft
    [22/12/2005|18:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Google
    [12/05/2005|17:19] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Help
    [14/05/2005|07:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Hewlett-Packard
    [02/10/2005|07:04] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Identities
    [25/07/2005|01:16] C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterVideo
    [06/04/2006|13:18] C:\DOCUME~1\COMPAQ~1\APPLIC~1\ispnews
    [03/06/2006|21:42] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Leadertech
    [24/05/2005|11:03] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Macromedia
    [05/10/2008|21:11] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Malwarebytes
    [12/04/2006|20:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\math frag proc
    [07/04/2008|20:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Microsoft
    [12/12/2006|19:31] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Morpheus Software
    [04/10/2005|22:51] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Motive
    [09/09/2008|20:24] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Mozilla
    [16/05/2005|21:58] C:\DOCUME~1\COMPAQ~1\APPLIC~1\MSNInstaller
    [29/06/2005|11:29] C:\DOCUME~1\COMPAQ~1\APPLIC~1\OLYMPUS
    [19/05/2006|14:41] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Real
    [01/01/2005|20:32] C:\DOCUME~1\COMPAQ~1\APPLIC~1\SampleView
    [03/06/2006|21:43] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sonic
    [01/01/2005|20:05] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Sun
    [12/05/2005|14:44] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Symantec
    [12/04/2006|19:50] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Thunderbird
    [19/07/2007|19:25] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Wannadoo
    [20/02/2008|18:54] C:\DOCUME~1\COMPAQ~1\APPLIC~1\Windows Live Writer
    [14/05/2007|19:59] C:\DOCUME~1\COMPAQ~1\APPLIC~1\wxMozze

    [01/01/2005|20:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2005|20:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2005|20:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2005|20:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2005|20:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

    [12/04/2006|21:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\math frag proc
    [18/04/2006|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [28/12/2005|01:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\math frag proc
    [27/03/2006|08:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [15/08/2005 10:15][--a------] C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1116048714.job
    [07/10/2008 15:16][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 20:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ MsgPlus SPONSOR INSTALLED !

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
    "SponsorInstalled"=dword:00000000

    --------------------\\ Listing des dossiers dans C:\Program Files

    [12/04/2006|19:56] C:\Program Files\ACD Systems
    [01/07/2008|15:55] C:\Program Files\Adobe
    [29/07/2005|10:43] C:\Program Files\Ahead
    [19/06/2008|19:49] C:\Program Files\AKVIS
    [20/08/2005|01:28] C:\Program Files\Alwil Software
    [01/10/2005|23:09] C:\Program Files\AxBx
    [09/09/2005|09:53] C:\Program Files\BoontyGames
    [06/07/2008|23:39] C:\Program Files\CCleaner
    [17/03/2006|23:30] C:\Program Files\Classysoft
    [25/03/2006|05:17] C:\Program Files\Common Files
    [24/11/2004|03:37] C:\Program Files\ComPlus Applications
    [01/02/2008|17:06] C:\Program Files\Controle Parental
    [17/05/2005|22:17] C:\Program Files\Creative
    [12/04/2006|19:06] C:\Program Files\Easy Internet signup
    [12/08/2008|20:04] C:\Program Files\eMule
    [16/05/2007|21:49] C:\Program Files\ENJOY Plus!
    [14/05/2007|19:58] C:\Program Files\Evermore
    [05/03/2008|00:48] C:\Program Files\Fichiers communs
    [06/10/2008|18:39] C:\Program Files\Fighters
    [18/12/2006|19:35] C:\Program Files\Google
    [10/11/2005|22:54] C:\Program Files\Grisoft
    [25/05/2005|11:56] C:\Program Files\help
    [12/04/2006|19:34] C:\Program Files\Help and Support Additions
    [20/01/2008|20:15] C:\Program Files\Hercules
    [14/05/2005|07:31] C:\Program Files\Hewlett-Packard
    [25/08/2008|17:51] C:\Program Files\IMS Ltd
    [06/07/2008|23:54] C:\Program Files\InstallShield Installation Information
    [15/08/2008|00:01] C:\Program Files\Internet Explorer
    [30/04/2007|21:38] C:\Program Files\InterVideo
    [27/06/2007|16:27] C:\Program Files\IrfanView
    [24/08/2008|13:02] C:\Program Files\Java
    [12/12/2006|17:15] C:\Program Files\KC Softwares
    [19/05/2005|19:38] C:\Program Files\Lavasoft
    [03/09/2005|15:26] C:\Program Files\Livecom
    [27/10/2005|01:19] C:\Program Files\Lyrod
    [01/01/2005|20:48] C:\Program Files\Macrovision Corp
    [05/10/2008|21:11] C:\Program Files\Malwarebytes' Anti-Malware
    [15/08/2008|00:02] C:\Program Files\Messenger
    [09/04/2008|16:24] C:\Program Files\Messenger Plus! Live
    [23/09/2006|10:43] C:\Program Files\MessengerPlus! 3
    [09/05/2007|23:25] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [25/11/2004|05:27] C:\Program Files\microsoft frontpage
    [03/12/2007|12:21] C:\Program Files\Microsoft SQL Server Compact Edition
    [26/06/2007|09:08] C:\Program Files\Mihov Image Resizer
    [25/08/2005|09:24] C:\Program Files\Montparnasse multimedia
    [25/11/2004|05:27] C:\Program Files\Movie Maker
    [07/10/2008|16:19] C:\Program Files\Mozilla Firefox
    [02/06/2008|16:38] C:\Program Files\Mozilla Thunderbird
    [12/05/2005|06:11] C:\Program Files\MSN
    [17/05/2005|22:48] C:\Program Files\MSN Apps
    [25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
    [07/11/2007|20:49] C:\Program Files\MSXML 4.0
    [11/09/2007|22:58] C:\Program Files\NetMeeting
    [29/04/2007|22:03] C:\Program Files\Noiseware Community Edition
    [09/11/2007|10:43] C:\Program Files\Nsasoft
    [29/06/2005|11:24] C:\Program Files\OLYMPUS
    [25/11/2004|05:27] C:\Program Files\Online Services
    [16/01/2008|23:30] C:\Program Files\Orange
    [13/06/2007|22:42] C:\Program Files\Outlook Express
    [11/09/2008|18:45] C:\Program Files\Paint.NET
    [06/07/2008|23:16] C:\Program Files\Panda Security
    [01/05/2008|23:07] C:\Program Files\Panda Software
    [23/06/2006|14:10] C:\Program Files\Photobie
    [13/12/2006|15:33] C:\Program Files\PhotoFiltre
    [22/05/2008|21:08] C:\Program Files\Picasa2
    [29/06/2005|11:23] C:\Program Files\PIXELA
    [10/04/2007|22:25] C:\Program Files\program
    [30/04/2007|20:36] C:\Program Files\QuickTime
    [12/05/2005|23:06] C:\Program Files\Real
    [12/04/2006|19:24] C:\Program Files\RegCleaner
    [12/04/2006|19:15] C:\Program Files\RegSeeker
    [12/04/2006|19:09] C:\Program Files\RegSupreme Pro
    [16/01/2008|23:14] C:\Program Files\SAGEM
    [16/01/2008|23:13] C:\Program Files\Securitoo
    [17/03/2006|14:33] C:\Program Files\Serif
    [01/01/2005|20:30] C:\Program Files\Services en ligne
    [25/05/2005|11:55] C:\Program Files\share
    [01/01/2005|20:18] C:\Program Files\Sonic
    [12/12/2006|21:11] C:\Program Files\Sonic RecordNow!
    [19/05/2006|09:09] C:\Program Files\Sunbelt Software
    [08/04/2006|11:21] C:\Program Files\Symantec
    [05/09/2008|19:57] C:\Program Files\Tech
    [06/10/2008|18:33] C:\Program Files\Trend Micro
    [06/07/2008|23:55] C:\Program Files\Ubisoft
    [24/11/2004|03:37] C:\Program Files\Uninstall Information
    [25/05/2005|11:56] C:\Program Files\user
    [28/10/2006|18:37] C:\Program Files\Vimicro
    [11/02/2007|22:15] C:\Program Files\VI-SOFT
    [10/04/2006|19:23] C:\Program Files\Wanadoo
    [28/02/2008|00:04] C:\Program Files\Windows Live
    [08/12/2006|19:07] C:\Program Files\Windows Media Connect 2
    [25/04/2007|20:41] C:\Program Files\Windows Media Player
    [01/01/2005|10:06] C:\Program Files\Windows NT
    [24/11/2004|03:37] C:\Program Files\WindowsUpdate
    [22/10/2005|03:10] C:\Program Files\WinRamTurboLanguage
    [30/04/2007|20:37] C:\Program Files\WinRAR
    [25/11/2004|05:28] C:\Program Files\xerox
    [06/07/2008|23:39] C:\Program Files\Yahoo!
    [25/07/2005|00:06] C:\Program Files\Zero Assumption Digital Image Recovery
    [12/12/2006|21:19] C:\Program Files\Zero G Registry

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [25/06/2007|14:30] C:\Program Files\Fichiers communs\ACD Systems
    [21/02/2008|12:02] C:\Program Files\Fichiers communs\Adobe
    [29/07/2005|10:39] C:\Program Files\Fichiers communs\Ahead
    [10/04/2006|19:55] C:\Program Files\Fichiers communs\AOL
    [05/06/2005|21:52] C:\Program Files\Fichiers communs\BOONTY Shared
    [16/01/2008|23:27] C:\Program Files\Fichiers communs\France Telecom
    [14/05/2005|07:02] C:\Program Files\Fichiers communs\Hewlett-Packard
    [01/01/2005|20:48] C:\Program Files\Fichiers communs\InstallShield
    [01/01/2005|20:05] C:\Program Files\Fichiers communs\Java
    [29/08/2005|13:58] C:\Program Files\Fichiers communs\Macrovision Shared
    [03/12/2007|12:11] C:\Program Files\Fichiers communs\Microsoft Shared
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
    [12/05/2005|23:06] C:\Program Files\Fichiers communs\Nullsoft
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
    [01/05/2008|23:11] C:\Program Files\Fichiers communs\Panda Software
    [19/05/2006|14:41] C:\Program Files\Fichiers communs\Real
    [01/01/2005|10:06] C:\Program Files\Fichiers communs\Services
    [25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
    [01/01/2005|20:18] C:\Program Files\Fichiers communs\SureThing Shared
    [08/04/2006|11:17] C:\Program Files\Fichiers communs\Symantec Shared

    [13/06/2007|22:42] C:\Program Files\Fichiers communs\System
    [17/03/2006|22:47] C:\Program Files\Fichiers communs\Vbox
    [03/12/2007|12:10] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 65 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-07 17:34:10
    Windows 5.1.2600 Service Pack 2 NTFS
    detected NTDLL code modification:
    ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Recherche d'autres infections

    Aucune autre infection trouvée !

    [F:142][D:3]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
    [F:18][D:0]-> C:\DOCUME~1\COMPAQ~1\Cookies
    [F:103][D:4]-> C:\DOCUME~1\COMPAQ~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 07/10/2008|16:22 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 07/10/2008|17:36 - Option : [2]

    --------------------\\ Fin du rapport a 17:36:53
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. cyrielle
     
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Compaq_Propriétaire at 2008-10-07 17:49:37
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 138 GB (75%) free of 184 GB
    Total RAM: 1023 MB (12% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:49:40, on 07/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explore
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Controle Parental\bin\optproxy.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
    C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
    C:\WINDOWS\system32\PSIService.exe
    c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\VM303_STI.EXE
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
    C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Orange\Launcher\Launcher.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\RSIT(2).exe
    C:\Program Files\Trend Micro\HijackThis\Compaq_Propriétaire.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\psimreal.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {D4294371-D084-CB53-69B2-096D52D5B7B1} - C:\DOCUME~1\COMPAQ~1\APPLIC~1\MATHFR~1\spamwin.exe (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\496ZC12J\WFI_FRA[1].exe"
    O4 - HKLM\..\Run: [send glue shim cast] C:\Documents and Settings\All Users\Application Data\Web Meta Send Glue\Meet stupid.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [ACROMOUSE] C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: WiFi Station
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.orange.fr/portail
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-8da5b693aa60ef72.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
    O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
    0
  7. cyrielle
     
    RAPPORT TEXTE/ LOG rSIT

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Compaq_Propriétaire at 2008-10-07 17:49:37
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 138 GB (75%) free of 184 GB
    Total RAM: 1023 MB (12% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:49:40, on 07/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Controle Parental\bin\optproxy.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
    C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
    C:\WINDOWS\system32\PSIService.exe
    c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\VM303_STI.EXE
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
    C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Orange\Launcher\Launcher.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\RSIT(2).exe
    C:\Program Files\Trend Micro\HijackThis\Compaq_Propriétaire.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\psimreal.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=presario&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {D4294371-D084-CB53-69B2-096D52D5B7B1} - C:\DOCUME~1\COMPAQ~1\APPLIC~1\MATHFR~1\spamwin.exe (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\496ZC12J\WFI_FRA[1].exe"
    O4 - HKLM\..\Run: [send glue shim cast] C:\Documents and Settings\All Users\Application Data\Web Meta Send Glue\Meet stupid.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [ACROMOUSE] C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BoontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Road Window] c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe (User 'Default user')
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: WiFi Station
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: https://www.orange.fr/portail
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-8da5b693aa60ef72.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/controls/msnchat45.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe
    O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
    O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
    O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
    O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
    O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
    0
  8. cyrielle
     
    voila, merci

    SmitFraudFix v2.356

    Rapport fait à 19:46:21,37, 07/10/2008
    Executé à partir de C:\Documents and Settings\Compaq_Propri‚taire\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Process

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Controle Parental\bin\optproxy.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
    C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe
    C:\WINDOWS\system32\PSIService.exe
    c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\VM303_STI.EXE
    C:\Program Files\Orange\Systray\SystrayApp.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\CONTRO~1\bin\optgui.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
    C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Orange\Launcher\Launcher.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\avciman.exe
    C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\psimreal.exe
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\SmitfraudFix\Policies.exe
    C:\WINDOWS\system32\cmd.exe

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Compaq_Propri‚taire

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Compaq_Propri‚taire\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\COMPAQ~1\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"

    »»»»»»»»»»»»»»»»»»»»»»»» o4Patch
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    AntiXPVSTFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» RK

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    Description: SiS 900-Based PCI Fast Ethernet Adapter - Miniport d'ordonnancement de paquets
    DNS Server Search Order: 192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{96B2F56A-E3AC-4D8F-9F90-0C714AB82E59}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{96B2F56A-E3AC-4D8F-9F90-0C714AB82E59}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\..\{96B2F56A-E3AC-4D8F-9F90-0C714AB82E59}: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
    HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  9. Cyrielle
     
    voici ce rapport:merci *
    ps;j'ai du recommencer a lancer combofix car le compte rendu ne venait pas! Puis aprés il est venu de suite!

    ComboFix 08-10-07.03 - Compaq_Propriétaire 2008-10-08 0:10:14.2 - NTFSx86
    Microsoft Windows XP Édition familiale [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\Compaq_Propriétaire\Cookies\hpothb07.dat
    C:\Documents and Settings\Compaq_Propriétaire\Cookies\hpothb07.tif
    C:\WINDOWS\system32\MSINET.oca
    C:\WINDOWS\system32\stera.log
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_BOONTY_GAMES
    -------\Legacy_FOPN
    -------\Legacy_SVCPROC
    -------\Legacy_VSPF
    -------\Legacy_VSPF_HK
    -------\Service_Boonty Games

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-07 au 2008-10-07 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-07 19:46 . 2008-10-07 19:46 3,940 --a------ C:\WINDOWS\system32\tmp.reg
    2008-10-07 17:34 . 2008-10-07 17:53 <REP> d-------- C:\rsit
    2008-10-07 16:14 . 2008-10-07 17:36 <REP> d-------- C:\Lop SD
    2008-10-06 18:51 . 2008-10-06 18:51 <REP> d-------- C:\VundoFix Backups
    2008-10-06 18:33 . 2008-10-06 18:33 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-05 21:11 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-05 21:11 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-05 21:06 . 2008-10-06 18:39 <REP> d-------- C:\Program Files\Fighters
    2008-10-05 21:06 . 2008-10-05 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Fighters
    2008-09-25 12:56 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-07 21:05 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
    2008-10-07 21:05 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
    2008-10-07 13:19 13,880 ----a-w C:\WINDOWS\system32\drivers\COMFiltr.sys
    2008-10-05 19:12 277,980 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
    2008-10-05 19:12 277,980 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
    2008-10-01 13:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe
    2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe
    2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
    2008-09-11 16:45 --------- d-----w C:\Program Files\Paint.NET
    2008-09-08 21:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
    2008-09-05 17:57 --------- d-----w C:\Program Files\Tech
    2008-08-25 15:51 --------- d-----w C:\Program Files\IMS Ltd
    2008-08-24 11:02 --------- d-----w C:\Program Files\Java
    2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
    2008-08-12 18:04 --------- d-----w C:\Program Files\eMule
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
    2007-11-06 18:01 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
    2005-07-18 19:02 193 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\hpothb07.dat
    2005-07-18 19:02 174 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\hpothb07.dat
    2005-07-18 19:02 174 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\hpothb07.dat
    2005-07-18 19:02 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat
    2005-05-25 09:56 632 ----a-w C:\Program Files\OpenOffice.org 1.1.4.lnk
    2005-05-25 09:56 620 ----a-w C:\Program Files\OpenOffice.org Setup.lnk
    2005-05-25 08:03 169 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
    2005-05-25 08:03 167 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat
    2005-05-25 08:03 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat
    2004-10-20 13:10 7,781 ----a-w C:\Program Files\license.txt
    2004-10-20 13:10 15,317 ----a-w C:\Program Files\readme.txt
    2007-04-25 21:37 614,400 ----a-w C:\Program Files\mozilla firefox\plugins\MannequinPlayer2.dll
    2005-05-16 06:27 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
    2007-12-04 14:58 248 --sh--r C:\WINDOWS\system32\86F7A459B2.sys
    2006-03-17 14:17 104 --sh--r C:\WINDOWS\system32\B259A4F786.sys
    2007-12-04 15:27 6,686 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 61440]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
    "Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2003-06-26 184320]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-10 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-14 282624]
    "BigDog303"="C:\WINDOWS\VM303_STI.EXE" [2005-06-23 61440]
    "SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
    "ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]
    "OPTENET_GUI"="C:\PROGRA~1\CONTRO~1\bin\optgui.exe" [2006-12-20 404536]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "ACROMOUSE"="C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe" [2005-04-29 554496]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 C:\WINDOWS\ALCXMNTR.EXE]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 C:\WINDOWS\AGRSMMSG.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-04-10 962661]
    hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 147456]
    hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 28672]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2008-01-20 654336]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\WiFi Station
    D‚sinstaller WiFi Station.lnk - C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe [2008-01-20 455600]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe [2008-01-20 654336]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.MJPG"= pvmjpg21.dll
    "VIDC.ACDV"= ACDV.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\WINDOWS\\system32\\mcoinstall.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=

    R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 28544]
    R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-09-28 71608]
    R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 51256]
    R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-11-14 21816]
    R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 191672]
    R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-10-25 08:50 132664]
    R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 38968]
    R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 37304]
    R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 30648]
    R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 24760]
    R2 OPTENET_FILTER;Orange Contrôle Parental;C:\Program Files\Controle Parental\bin\optproxy.exe [2006-12-21 624376]
    R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 178872]
    R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys [ ]
    R3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-11-19 143160]
    R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [ ]
    R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys [ ]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    .
    Contenu du dossier 'Tâches planifiées'

    2005-08-15 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1116048714.job
    - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 14:52]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    BHO-{D4294371-D084-CB53-69B2-096D52D5B7B1} - C:\DOCUME~1\COMPAQ~1\APPLIC~1\MATHFR~1\spamwin.exe
    HKCU-Run-BoontyBox - C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
    HKLM-Run-NI.UWFX5V_0001_0802 - C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\496ZC12J\WFI_FRA[1].exe
    HKLM-Run-send glue shim cast - C:\Documents and Settings\All Users\Application Data\Web Meta Send Glue\Meet stupid.exe
    HKU-Default-Run-Road Window - c:\documents and settings\compaq_propriétaire\application data\drive flap\log coal.exe
    HKU-Default-Run-msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe

    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\301w9f6n.Utilisateur par défaut\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npredoute.dll
    FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-08 00:13:53
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-08 0:16:31
    ComboFix-quarantined-files.txt 2008-10-07 22:16:08

    Avant-CF: 144,820,756,480 octets libres
    Après-CF: 144,806,916,096 octets libres

    202 --- E O F --- 2008-09-12 17:53:13
    0
  10. Cyrielle
     
    Tout d'abord Bonjour et merci pour les précieuses aides !
    Bon j'ai un petit souci technique venant de moi!
    J'ai bien enregistré le fichier script , il est sur le bureau!

    Aprés il faut donc le glisser déposer sur fichier combofixexe, c'est a dire le fichier ou il y a le rapport combofix!

    Oui ou je me trompe !?
    Bien que doit t'il se passer alors,
    Merci
    Je ne saisi pas trop la !Je dois mettre le dossier script sur le fichier combo, en le glissant dessus
    Mais y a rien ki se passe !
    Normalement je devrai avoir un seul fichier donc !?
    pARDON, pour le dérangement mais la je bloque pour des petites choses et ca m'énerve sincérement !
    Je fais pas exprés mais ....eN Fait je suis malade en ce moment , et trés fatiguées, mais je me plains pas je voudrai juste réussir a terminer ce travail
    Bref on est des humains , je relativise et j'attends une réponse donc

    Merci encore beaucoup**bonne journée**

    Ps: donc j'ai un fichier script sur le bureau et fichier combofix !
    Puis l'icone combofix sur le bureau aussi
    0
  11. Cyrielle
     
    Mince ,je necomprends pas , tjrs rien!*
    Je prends bien le script pour le faire glisser sur l'icone rouge, mais ca ouvre seulement combofix, et il s'éxecute pas du tout seul!
    le script est ok! pas d'erreur , l'icone est bien la mais ca lance rien!
    0
  12. cyrielle
     
    Dois je décocher ;tjrs demander avant d'ouvrir ce fichier( sur fichier combofix, avertissement de sécurité)
    ? cAR chez moi c'est coché!
    Ca a un lien du pourquoi ca lance pas seu l'exécution de combofixl?
    0
  13. cyrielle
     
    Voici 1er rapport

    [ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]

    -->- Recherche:

    C:\VundoFix.txt: trouvé !
    C:\Combofix.txt: trouvé !
    C:\fixnavi.txt: trouvé !
    C:\cleannavi.txt: trouvé !
    C:\lopR.txt: trouvé !
    C:\Lop SD: trouvé !
    C:\Vundofix backups: trouvé !
    C:\Qoobox: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\LopSD.exe: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\vundoFix.exe: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\HJTInstall.exe: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\SmitFraudFix.exe: trouvé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\SmitFraudfix: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\LopSD.exe: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\vundoFix.exe: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\HJTInstall.exe: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\SmitFraudFix.exe: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\VundoFix.txt: supprimé !
    C:\Combofix.txt: supprimé !
    C:\fixnavi.txt: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\lopR.txt: supprimé !
    C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
    C:\Lop SD: supprimé !
    C:\Vundofix backups: supprimé !
    C:\Qoobox: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\Compaq_Propriétaire\Bureau\SmitFraudfix: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    0
  14. cyrielle
     
    oui ok , et bien la ca piétine pourtant je fais de mon mieux!
    Ca lance tjrs pas combofix!
    J'ai bien regardé le tutoriel !
    0
  15. Cyrielle
     
    Bonjour Vincent, voici rapport:

    ComboFix 08-10-07.06 - Compaq_Propriétaire 2008-10-09 10:49:25.3 - NTFSx86
    Microsoft Windows XP Édition familiale [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-09 au 2008-10-09 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-07 19:46 . 2008-10-07 19:46 3,940 --a------ C:\WINDOWS\system32\tmp.reg
    2008-10-07 17:34 . 2008-10-07 17:53 <REP> d-------- C:\rsit
    2008-10-06 18:33 . 2008-10-08 16:23 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
    2008-10-05 21:11 . 2008-10-05 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-05 21:11 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-05 21:11 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-05 21:06 . 2008-10-06 18:39 <REP> d-------- C:\Program Files\Fighters
    2008-10-05 21:06 . 2008-10-05 21:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Fighters
    2008-09-25 12:56 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-09 08:47 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
    2008-10-09 08:47 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
    2008-10-09 08:20 13,880 ----a-w C:\WINDOWS\system32\drivers\COMFiltr.sys
    2008-10-05 19:12 277,980 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
    2008-10-05 19:12 277,980 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
    2008-10-01 13:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe
    2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe
    2008-09-19 10:26 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
    2008-09-11 16:45 --------- d-----w C:\Program Files\Paint.NET
    2008-09-08 21:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
    2008-09-05 17:57 --------- d-----w C:\Program Files\Tech
    2008-08-25 15:51 --------- d-----w C:\Program Files\IMS Ltd
    2008-08-24 11:02 --------- d-----w C:\Program Files\Java
    2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
    2008-08-12 18:04 --------- d-----w C:\Program Files\eMule
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2007-11-06 18:01 480,848 ----a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
    2005-07-18 19:02 193 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\Application Data\hpothb07.dat
    2005-07-18 19:02 174 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\hpothb07.dat
    2005-07-18 19:02 174 ---ha-w C:\Documents and Settings\Compaq_Propriétaire\hpothb07.dat
    2005-07-18 19:02 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat
    2005-05-25 09:56 632 ----a-w C:\Program Files\OpenOffice.org 1.1.4.lnk
    2005-05-25 09:56 620 ----a-w C:\Program Files\OpenOffice.org Setup.lnk
    2005-05-25 08:03 169 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
    2005-05-25 08:03 167 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat
    2005-05-25 08:03 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat
    2004-10-20 13:10 7,781 ----a-w C:\Program Files\license.txt
    2004-10-20 13:10 15,317 ----a-w C:\Program Files\readme.txt
    2007-04-25 21:37 614,400 ----a-w C:\Program Files\mozilla firefox\plugins\MannequinPlayer2.dll
    2005-05-16 06:27 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
    2007-12-04 14:58 248 --sh--r C:\WINDOWS\system32\86F7A459B2.sys
    2006-03-17 14:17 104 --sh--r C:\WINDOWS\system32\B259A4F786.sys
    2007-12-04 15:27 6,686 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 61440]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 233472]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
    "Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2003-06-26 184320]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-10 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-05-14 282624]
    "BigDog303"="C:\WINDOWS\VM303_STI.EXE" [2005-06-23 61440]
    "SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
    "ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]
    "OPTENET_GUI"="C:\PROGRA~1\CONTRO~1\bin\optgui.exe" [2006-12-20 404536]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "ACROMOUSE"="C:\Program Files\Tech\Office Program Selector\2.0\ACROMAPP.exe" [2005-04-29 554496]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 C:\WINDOWS\ALCXMNTR.EXE]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 C:\WINDOWS\AGRSMMSG.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-04-10 962661]
    hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 147456]
    hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 28672]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe [2008-01-20 654336]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\WiFi Station
    D‚sinstaller WiFi Station.lnk - C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe [2008-01-20 455600]
    WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WiFiStation.exe [2008-01-20 654336]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.MJPG"= pvmjpg21.dll
    "VIDC.ACDV"= ACDV.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\WINDOWS\\system32\\mcoinstall.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=

    R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 28544]
    R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-09-28 71608]
    R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 51256]
    R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-11-14 21816]
    R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 191672]
    R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-10-25 08:50 132664]
    R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 38968]
    R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 37304]
    R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 30648]
    R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 24760]
    R2 OPTENET_FILTER;Orange Contrôle Parental;C:\Program Files\Controle Parental\bin\optproxy.exe [2006-12-21 624376]
    R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 178872]
    R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys [ ]
    R3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-11-19 143160]
    R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [ ]
    R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys [ ]
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

    *Newly Created Service* - COMFILTR
    .
    Contenu du dossier 'Tâches planifiées'

    2005-08-15 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1116048714.job
    - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 14:52]
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\301w9f6n.Utilisateur par défaut\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npredoute.dll
    FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-09 10:53:03
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-09 10:55:59
    ComboFix-quarantined-files.txt 2008-10-09 08:55:24

    Avant-CF: 144 812 605 440 octets libres
    Après-CF: 144,801,767,424 octets libres

    174 --- E O F --- 2008-09-12 17:53:13
    0
  16. Cyrielle
     
    voici rapport :

    ========== FILES ==========
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Web Meta Send Glue moved successfully.
    C:\DOCUME~1\COMPAQ~1\APPLIC~1\math frag proc moved successfully.
    C:\DOCUME~1\LOCALS~1\APPLIC~1\math frag proc moved successfully.
    C:\DOCUME~1\NETWOR~1\APPLIC~1\math frag proc moved successfully.

    OTMoveIt3 by OldTimer - Version 1.0.4.2 log created on 10092008_181828
    0
  17. Cyrielle
     


    Non il ne bloque plus sur le bureau aprés 5 minutes de non utilisation!Donc cela se peut bien que tout va etre ok de ce coté ci!
    Je vais remettre mon écran de veille maintenant !C'est beaucoup plus judicieux!
    Si un pb se déclare je te le ferai savoir!
    En tout cas merci beaucoup du grand service apporté par tes soins!
    Bonne continuation et trés belle fin de soirée*******
    0
  18. Cyrielle
     
    Non !Bien sur

    Voila c'est fait !!Mais il y a pas de dossier !Bizarre!!!!!
    Je cherche partout...
    0
  19. Cyrielle
     
    Oui OUI je sais le rapportC:\TCleaner.txt
    Bah Il est vraiment pas la ce dossier !!!!
    La derniere fois , il y était pourtant !!Et la aucune trace de lui!
    Voila*
    0
  • 1
  • 2