Sujet Précédent Sujet Suivant

PC de plus en plus lent sans raison apparente

psychopath66 -  
 psychopath66 -
Bonjour, voila mon pc n'est pas vraiment très récent donc pas performant au possible, mais depuis 2mois il rencontre plusieurs problèmes:
-Lors du démarrage, le ventilateur s'accélère un grand coup, plus le pc s'éteint pour se relancer tout de suite après, puis se rééteint....et ainsi de suite.
-Les applications deviennent floues au moment de les fermer. (ralentissement évident)
-2 applications simultannées suffisent à le stoper pendant 10min. ( Mon pc gérait parfaitement ça il ya 2mois )
-Mon clavier et ma souris se blockent en même temps, impossible de faire quoi que ce soit. Ils se réactivent 1heure plus tard sans avoir fait quelquechose pour.

Je voulais avoir votre avis, si c'est un virus ou un trojan, ou si je dois chnger de matériel.
Je m'y connait pas vraiment en pc.

HP pavillon 1207.fr
AMD sempron 1790MHz 3000+
Ati Radeon Xpress 200
958Mo DDR de mémoire physique

Merci
A voir également:

36 réponses

Précédent
  • 1
  • 2
Réponse 21 / 36
Utilisateur anonyme
 
bonjour , oui il faut tout recommencer;-)
0
psychopath66
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:17, on 04/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.gamesload.fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 68.178.151.28 delb.opt.fimserve.com # 728x90
O1 - Hosts: 68.178.151.28 desk.opt.fimserve.com # 160x600
O1 - Hosts: 68.178.151.28 demr.opt.fimserve.com # 300x250
O1 - Hosts: 72.167.163.234 www.google-analytics.com
O1 - Hosts: 72.167.163.234 ads1.msn.com
O1 - Hosts: 68.178.151.28 dehp.myspace.com
O1 - Hosts: 68.178.151.28 demr.myspace.com
O1 - Hosts: 68.178.151.28 desk.myspace.com
O1 - Hosts: 68.178.151.28 delb.myspace.com
O1 - Hosts: 68.178.151.28 delb2.myspace.com
O1 - Hosts: 68.178.151.28 debr.myspace.com
O1 - Hosts: 68.178.151.28 view.atdmt.com
O1 - Hosts: 68.178.151.28 rad.msn.com
O1 - Hosts: 68.178.151.28 themis.geocities.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 22 / 36
Utilisateur anonyme
 
# Télécharger la dernière version de Lop S&D sur le Bureau,

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

# Double-cliquer sur Lop S&D.exe pour lancer l'installation,

# Puis double-cliquer sur le raccourci Lop S&D présent sur le Bureau,

Attention Désactivez les protections résidentes : Antivirus, antispywares, controleurs d'intégrité, etc... pour que l'outil puisse s'exécuter correctement.

# Séléctionner la langue souhaitée , puis choisir l'Option 1 (Recherche)

# Le scan prend moins d'une minute,

# A l'issue du scan, le bloc notes va s'ouvrir avec le résultat de la recherche,

# Enregistrer le rapport LopR.txt sur le Bureau ou dans "Mes Documents" pour le retrouver facilement, sinon il sauvegardé automatiquement à la racine de la partition système : C:\LopR.txt
0
Réponse 23 / 36
psychopath66
 
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081103-0] 4.8.1229 (Not Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:23 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 04/11/2008|17:42 )

--------------------\\ Listing des dossiers dans APPLIC~1

[03/09/2008|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/06/2007|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[29/11/2006|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/01/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[08/04/2007|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/01/2008|08:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Exetender
[13/09/2006|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/01/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[31/05/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[02/01/2005|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/09/2007|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[28/10/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[21/05/2006|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[03/03/2006|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/06/2007|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/10/2006|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[03/12/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[05/01/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[09/05/2006|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/06/2006|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[02/01/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[30/04/2006|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[26/05/2006|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/10/2006|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/03/2006|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[02/01/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[25/11/2004|04:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2005|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[03/01/2005|00:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[31/08/2008|16:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[04/09/2008|17:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[30/11/2006|21:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[04/11/2008|17:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Azureus
[08/04/2007|10:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[24/07/2007|13:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DivX
[29/03/2008|12:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
[13/09/2006|16:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[04/11/2008|17:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hamachi
[02/03/2006|21:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[31/01/2007|15:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[25/01/2006|19:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[25/11/2004|04:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[15/01/2006|22:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[04/02/2008|02:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Kptic
[02/03/2006|21:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[22/03/2006|13:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[28/10/2008|21:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[26/10/2006|16:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[26/10/2008|21:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[03/03/2007|15:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MoyeaFLV2Video
[07/07/2008|04:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[09/10/2006|15:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[06/06/2008|01:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[14/10/2007|15:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Notepad++
[19/10/2008|19:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
[03/09/2008|17:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Opera
[05/01/2007|20:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[07/08/2008|22:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[02/01/2005|23:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[09/04/2006|22:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[04/11/2008|16:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[02/03/2006|21:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[30/04/2006|20:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony Corporation
[23/03/2006|22:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[16/01/2006|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[02/04/2007|17:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[28/01/2007|01:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[05/12/2007|16:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Winamp

[29/11/2006|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/10/2006|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/07/2006|00:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[04/11/2008 17:42][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[26/10/2008 23:07][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[04/11/2008 15:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 19:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/06/2007|18:08] C:\Program Files\Adobe
[08/04/2007|10:37] C:\Program Files\Ahead
[21/10/2006|23:49] C:\Program Files\Alwil Software
[02/01/2005|23:26] C:\Program Files\ATI Technologies
[13/01/2007|19:46] C:\Program Files\Audacity
[31/10/2008|00:37] C:\Program Files\AVIConverter
[02/07/2008|16:33] C:\Program Files\Azureus
[16/01/2006|20:50] C:\Program Files\Cegetel
[26/10/2006|16:08] C:\Program Files\Combined Community Codec Pack
[24/11/2004|02:37] C:\Program Files\ComPlus Applications
[13/02/2006|15:51] C:\Program Files\Creative
[08/04/2007|10:16] C:\Program Files\CyberLink
[08/04/2007|22:17] C:\Program Files\CyberLink DVD Solution
[16/12/2007|04:47] C:\Program Files\DAEMON Tools
[06/04/2007|19:51] C:\Program Files\DaemonTools_WhenUSave_Installer
[04/11/2008|00:16] C:\Program Files\Diablo II
[07/07/2008|04:12] C:\Program Files\DIFX
[31/07/2008|00:34] C:\Program Files\DivX
[03/07/2006|15:42] C:\Program Files\Easy Internet signup
[16/01/2008|16:14] C:\Program Files\EPSON
[04/11/2008|02:09] C:\Program Files\Fichiers communs
[07/07/2008|04:13] C:\Program Files\GameSpy Arcade
[15/03/2007|23:49] C:\Program Files\Google
[13/01/2007|17:10] C:\Program Files\Guitar Pro 5
[04/11/2008|01:59] C:\Program Files\GuitarFX 3
[04/11/2008|15:35] C:\Program Files\Hamachi
[02/01/2005|23:45] C:\Program Files\Hewlett-Packard
[02/01/2005|23:33] C:\Program Files\HP
[04/11/2008|15:57] C:\Program Files\InstallShield Installation Information
[04/11/2008|02:01] C:\Program Files\Internet Explorer
[02/01/2005|23:46] C:\Program Files\InterVideo
[29/11/2006|21:47] C:\Program Files\iPod
[29/11/2006|21:47] C:\Program Files\iTunes
[02/01/2005|23:19] C:\Program Files\Java
[09/10/2006|19:04] C:\Program Files\KYE
[04/04/2007|21:19] C:\Program Files\Lavalys
[04/11/2008|01:59] C:\Program Files\Malwarebytes' Anti-Malware
[04/11/2008|02:03] C:\Program Files\Messenger
[07/07/2008|04:14] C:\Program Files\Messenger Plus! Live
[30/08/2006|11:46] C:\Program Files\MessengerPlus! 3
[25/11/2004|04:27] C:\Program Files\microsoft frontpage
[07/07/2008|04:14] C:\Program Files\Microsoft Games
[13/03/2008|23:21] C:\Program Files\Microsoft Office
[03/07/2006|15:42] C:\Program Files\Microsoft Works
[04/11/2008|02:04] C:\Program Files\Movie Maker
[04/11/2008|17:09] C:\Program Files\Mozilla Firefox
[13/03/2008|23:20] C:\Program Files\MSECache
[21/10/2006|22:11] C:\Program Files\MSN
[16/01/2006|21:44] C:\Program Files\MSN Apps
[24/01/2007|15:39] C:\Program Files\MSN Gaming Zone
[04/11/2008|02:02] C:\Program Files\MSN Messenger
[15/11/2006|23:11] C:\Program Files\MSXML 4.0
[02/01/2005|23:52] C:\Program Files\muvee Technologies
[14/01/2008|23:25] C:\Program Files\Neonumeric
[04/11/2008|02:04] C:\Program Files\NetMeeting
[07/07/2008|04:12] C:\Program Files\Nokia
[14/10/2007|15:10] C:\Program Files\Notepad++
[25/11/2004|04:27] C:\Program Files\Online Services
[01/07/2007|22:45] C:\Program Files\OpenOffice.org 2.2
[26/02/2008|13:57] C:\Program Files\Outils de Guitare-Online
[04/11/2008|02:04] C:\Program Files\Outlook Express
[07/07/2008|04:12] C:\Program Files\PC Connectivity Solution
[03/07/2006|15:42] C:\Program Files\PC-Doctor 5 for Windows
[19/02/2008|23:06] C:\Program Files\Player Metaboli
[21/04/2006|18:35] C:\Program Files\Psygnosis
[29/11/2006|21:46] C:\Program Files\QuickTime
[31/01/2006|18:33] C:\Program Files\Real
[03/01/2005|00:02] C:\Program Files\Services en ligne
[11/06/2006|12:04] C:\Program Files\Skype
[02/01/2005|23:44] C:\Program Files\Sonic
[30/04/2006|20:41] C:\Program Files\Sony
[08/06/2007|00:37] C:\Program Files\SpeedSim
[04/11/2008|02:08] C:\Program Files\Spybot - Search & Destroy
[03/07/2006|15:38] C:\Program Files\Stardock
[01/11/2008|08:56] C:\Program Files\StuffPlug3
[21/10/2006|23:48] C:\Program Files\Symantec
[23/01/2008|11:56] C:\Program Files\TryMedia
[04/11/2008|00:50] C:\Program Files\Ubisoft
[04/11/2008|01:59] C:\Program Files\Ultrawave Guitar Multi Fx
[07/05/2007|22:12] C:\Program Files\Uninstall Information
[19/02/2008|20:58] C:\Program Files\Veoh Networks
[28/01/2007|01:15] C:\Program Files\VideoLAN
[02/12/2007|15:43] C:\Program Files\Winamp
[12/05/2008|11:04] C:\Program Files\Winamp Remote
[11/05/2006|20:26] C:\Program Files\Windows Journal Viewer
[04/06/2007|16:30] C:\Program Files\Windows Live
[29/11/2006|17:38] C:\Program Files\Windows Media Connect 2
[04/11/2008|02:04] C:\Program Files\Windows Media Player
[04/11/2008|02:04] C:\Program Files\Windows NT
[24/11/2004|02:37] C:\Program Files\WindowsUpdate
[26/10/2006|21:58] C:\Program Files\WinRAR
[29/08/2006|20:29] C:\Program Files\Wizards of the Coast
[07/07/2008|04:13] C:\Program Files\Wolfenstein - Enemy Territory
[25/11/2004|04:28] C:\Program Files\xerox
[30/09/2007|22:32] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[03/09/2008|12:47] C:\Program Files\Fichiers communs\Adobe
[07/06/2007|17:37] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/04/2007|10:37] C:\Program Files\Fichiers communs\Ahead
[28/04/2007|09:24] C:\Program Files\Fichiers communs\Blizzard Entertainment
[06/11/2006|21:17] C:\Program Files\Fichiers communs\DirectX
[02/01/2005|23:39] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2005|23:36] C:\Program Files\Fichiers communs\HP
[02/01/2005|23:52] C:\Program Files\Fichiers communs\InstallShield
[02/01/2005|23:19] C:\Program Files\Fichiers communs\Java
[13/03/2008|23:21] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|04:26] C:\Program Files\Fichiers communs\MSSoap
[02/01/2005|23:52] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|04:26] C:\Program Files\Fichiers communs\ODBC
[04/11/2008|02:09] C:\Program Files\Fichiers communs\Real
[01/02/2005|08:58] C:\Program Files\Fichiers communs\Services
[02/01/2005|23:43] C:\Program Files\Fichiers communs\Sonic Shared
[30/04/2006|20:39] C:\Program Files\Fichiers communs\Sony Shared
[25/11/2004|04:26] C:\Program Files\Fichiers communs\SpeechEngines
[08/07/2006|11:28] C:\Program Files\Fichiers communs\Stardock
[02/01/2005|23:43] C:\Program Files\Fichiers communs\SureThing Shared
[22/10/2006|10:41] C:\Program Files\Fichiers communs\Symantec Shared
[04/11/2008|02:04] C:\Program Files\Fichiers communs\System
[02/01/2005|23:44] C:\Program Files\Fichiers communs\TiVo Shared
[04/11/2008|02:09] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_3357.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_abfa.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_c5c7.tmp
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_e9b8.tmp
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adserver.advertstream[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertstream[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@bigpoint[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-04 17:45:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 422

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:5001][D:229]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:307][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:2570][D:7]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/11/2008|17:50 - Option : [1]

--------------------\\ Fin du rapport a 17:50:00
voila voila
0
Réponse 24 / 36
Utilisateur anonyme
 
ok relance lop sd et selectionne cette fois ci l'option 2 l'outil va travailler

laisse faire et suis les directives
copie et colle le rapport qui seras genere dans ta prochaine reponse
0
psychopath66
 
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : HP_Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081103-0] 4.8.1229 (Not Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:22 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 04/11/2008|18:02 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_3357.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_abfa.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_c5c7.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\msgpl_e9b8.tmp
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertstream[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@bigpoint[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@adopt.euroclick[2].txt
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[03/09/2008|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[07/06/2007|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[29/11/2006|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/01/2008|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[08/04/2007|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[14/01/2008|08:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Exetender
[13/09/2006|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/01/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[31/05/2008|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[02/01/2005|23:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[30/09/2007|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[28/10/2008|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[21/05/2006|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[03/03/2006|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/06/2007|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[09/10/2006|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[03/12/2007|00:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[05/01/2007|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[09/05/2006|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[02/01/2005|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/06/2006|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[02/01/2005|23:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[30/04/2006|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[26/05/2006|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/10/2006|10:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/03/2006|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[02/01/2005|23:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
[25/11/2004|04:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/01/2005|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2005|23:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[03/01/2005|00:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec



[31/08/2008|16:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
[04/09/2008|17:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
[30/11/2006|21:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
[04/11/2008|18:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Azureus
[08/04/2007|10:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\CyberLink
[24/07/2007|13:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DivX
[29/03/2008|12:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
[13/09/2006|16:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
[04/11/2008|17:09] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Hamachi
[02/03/2006|21:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
[31/01/2007|15:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
[25/01/2006|19:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
[25/11/2004|04:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
[15/01/2006|22:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
[04/02/2008|02:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Kptic
[02/03/2006|21:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
[22/03/2006|13:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
[28/10/2008|21:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
[26/10/2006|16:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
[26/10/2008|21:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
[03/03/2007|15:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MoyeaFLV2Video
[07/07/2008|04:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
[09/10/2006|15:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
[06/06/2008|01:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nokia
[14/10/2007|15:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Notepad++
[19/10/2008|19:20] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
[03/09/2008|17:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Opera
[05/01/2007|20:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PC Suite
[07/08/2008|22:21] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
[02/01/2005|23:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
[09/04/2006|22:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
[04/11/2008|16:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
[02/03/2006|21:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
[30/04/2006|20:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony Corporation
[23/03/2006|22:52] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
[16/01/2006|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
[02/04/2007|17:49] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Template
[28/01/2007|01:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
[05/12/2007|16:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Winamp

[29/11/2006|17:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[08/10/2006|20:02] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[17/07/2006|00:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec


--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[04/11/2008 18:02][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[26/10/2008 23:07][--a------] C:\WINDOWS\tasks\HPCeeSchedule.job
[04/11/2008 15:53][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 19:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[07/06/2007|18:08] C:\Program Files\Adobe
[08/04/2007|10:37] C:\Program Files\Ahead
[21/10/2006|23:49] C:\Program Files\Alwil Software
[02/01/2005|23:26] C:\Program Files\ATI Technologies
[13/01/2007|19:46] C:\Program Files\Audacity
[31/10/2008|00:37] C:\Program Files\AVIConverter
[04/11/2008|17:48] C:\Program Files\Azureus
[16/01/2006|20:50] C:\Program Files\Cegetel
[26/10/2006|16:08] C:\Program Files\Combined Community Codec Pack
[24/11/2004|02:37] C:\Program Files\ComPlus Applications
[13/02/2006|15:51] C:\Program Files\Creative
[08/04/2007|10:16] C:\Program Files\CyberLink
[08/04/2007|22:17] C:\Program Files\CyberLink DVD Solution
[16/12/2007|04:47] C:\Program Files\DAEMON Tools
[06/04/2007|19:51] C:\Program Files\DaemonTools_WhenUSave_Installer
[04/11/2008|00:16] C:\Program Files\Diablo II
[07/07/2008|04:12] C:\Program Files\DIFX
[31/07/2008|00:34] C:\Program Files\DivX
[03/07/2006|15:42] C:\Program Files\Easy Internet signup
[16/01/2008|16:14] C:\Program Files\EPSON
[04/11/2008|02:09] C:\Program Files\Fichiers communs
[07/07/2008|04:13] C:\Program Files\GameSpy Arcade
[15/03/2007|23:49] C:\Program Files\Google
[13/01/2007|17:10] C:\Program Files\Guitar Pro 5
[04/11/2008|01:59] C:\Program Files\GuitarFX 3
[04/11/2008|15:35] C:\Program Files\Hamachi
[02/01/2005|23:45] C:\Program Files\Hewlett-Packard
[02/01/2005|23:33] C:\Program Files\HP
[04/11/2008|15:57] C:\Program Files\InstallShield Installation Information
[04/11/2008|02:01] C:\Program Files\Internet Explorer
[02/01/2005|23:46] C:\Program Files\InterVideo
[29/11/2006|21:47] C:\Program Files\iPod
[29/11/2006|21:47] C:\Program Files\iTunes
[02/01/2005|23:19] C:\Program Files\Java
[09/10/2006|19:04] C:\Program Files\KYE
[04/04/2007|21:19] C:\Program Files\Lavalys
[04/11/2008|01:59] C:\Program Files\Malwarebytes' Anti-Malware
[04/11/2008|02:03] C:\Program Files\Messenger
[07/07/2008|04:14] C:\Program Files\Messenger Plus! Live
[30/08/2006|11:46] C:\Program Files\MessengerPlus! 3
[25/11/2004|04:27] C:\Program Files\microsoft frontpage
[07/07/2008|04:14] C:\Program Files\Microsoft Games
[13/03/2008|23:21] C:\Program Files\Microsoft Office
[03/07/2006|15:42] C:\Program Files\Microsoft Works
[04/11/2008|02:04] C:\Program Files\Movie Maker
[04/11/2008|17:09] C:\Program Files\Mozilla Firefox
[13/03/2008|23:20] C:\Program Files\MSECache
[21/10/2006|22:11] C:\Program Files\MSN
[16/01/2006|21:44] C:\Program Files\MSN Apps
[24/01/2007|15:39] C:\Program Files\MSN Gaming Zone
[04/11/2008|02:02] C:\Program Files\MSN Messenger
[15/11/2006|23:11] C:\Program Files\MSXML 4.0
[02/01/2005|23:52] C:\Program Files\muvee Technologies
[14/01/2008|23:25] C:\Program Files\Neonumeric
[04/11/2008|02:04] C:\Program Files\NetMeeting
[07/07/2008|04:12] C:\Program Files\Nokia
[14/10/2007|15:10] C:\Program Files\Notepad++
[25/11/2004|04:27] C:\Program Files\Online Services
[01/07/2007|22:45] C:\Program Files\OpenOffice.org 2.2
[26/02/2008|13:57] C:\Program Files\Outils de Guitare-Online
[04/11/2008|02:04] C:\Program Files\Outlook Express
[07/07/2008|04:12] C:\Program Files\PC Connectivity Solution
[03/07/2006|15:42] C:\Program Files\PC-Doctor 5 for Windows
[19/02/2008|23:06] C:\Program Files\Player Metaboli
[21/04/2006|18:35] C:\Program Files\Psygnosis
[29/11/2006|21:46] C:\Program Files\QuickTime
[31/01/2006|18:33] C:\Program Files\Real
[03/01/2005|00:02] C:\Program Files\Services en ligne
[11/06/2006|12:04] C:\Program Files\Skype
[02/01/2005|23:44] C:\Program Files\Sonic
[30/04/2006|20:41] C:\Program Files\Sony
[08/06/2007|00:37] C:\Program Files\SpeedSim
[04/11/2008|02:08] C:\Program Files\Spybot - Search & Destroy
[03/07/2006|15:38] C:\Program Files\Stardock
[01/11/2008|08:56] C:\Program Files\StuffPlug3
[21/10/2006|23:48] C:\Program Files\Symantec
[23/01/2008|11:56] C:\Program Files\TryMedia
[04/11/2008|00:50] C:\Program Files\Ubisoft
[04/11/2008|01:59] C:\Program Files\Ultrawave Guitar Multi Fx
[07/05/2007|22:12] C:\Program Files\Uninstall Information
[19/02/2008|20:58] C:\Program Files\Veoh Networks
[28/01/2007|01:15] C:\Program Files\VideoLAN
[02/12/2007|15:43] C:\Program Files\Winamp
[12/05/2008|11:04] C:\Program Files\Winamp Remote
[11/05/2006|20:26] C:\Program Files\Windows Journal Viewer
[04/06/2007|16:30] C:\Program Files\Windows Live
[29/11/2006|17:38] C:\Program Files\Windows Media Connect 2
[04/11/2008|02:04] C:\Program Files\Windows Media Player
[04/11/2008|02:04] C:\Program Files\Windows NT
[24/11/2004|02:37] C:\Program Files\WindowsUpdate
[26/10/2006|21:58] C:\Program Files\WinRAR
[29/08/2006|20:29] C:\Program Files\Wizards of the Coast
[07/07/2008|04:13] C:\Program Files\Wolfenstein - Enemy Territory
[25/11/2004|04:28] C:\Program Files\xerox
[30/09/2007|22:32] C:\Program Files\Zone Labs

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[03/09/2008|12:47] C:\Program Files\Fichiers communs\Adobe
[07/06/2007|17:37] C:\Program Files\Fichiers communs\Adobe Systems Shared
[08/04/2007|10:37] C:\Program Files\Fichiers communs\Ahead
[28/04/2007|09:24] C:\Program Files\Fichiers communs\Blizzard Entertainment
[06/11/2006|21:17] C:\Program Files\Fichiers communs\DirectX
[02/01/2005|23:39] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2005|23:36] C:\Program Files\Fichiers communs\HP
[02/01/2005|23:52] C:\Program Files\Fichiers communs\InstallShield
[02/01/2005|23:19] C:\Program Files\Fichiers communs\Java
[13/03/2008|23:21] C:\Program Files\Fichiers communs\Microsoft Shared
[25/11/2004|04:26] C:\Program Files\Fichiers communs\MSSoap
[02/01/2005|23:52] C:\Program Files\Fichiers communs\muvee Technologies
[25/11/2004|04:26] C:\Program Files\Fichiers communs\ODBC
[04/11/2008|02:09] C:\Program Files\Fichiers communs\Real
[01/02/2005|08:58] C:\Program Files\Fichiers communs\Services
[02/01/2005|23:43] C:\Program Files\Fichiers communs\Sonic Shared
[30/04/2006|20:39] C:\Program Files\Fichiers communs\Sony Shared
[25/11/2004|04:26] C:\Program Files\Fichiers communs\SpeechEngines
[08/07/2006|11:28] C:\Program Files\Fichiers communs\Stardock
[02/01/2005|23:43] C:\Program Files\Fichiers communs\SureThing Shared
[22/10/2006|10:41] C:\Program Files\Fichiers communs\Symantec Shared
[04/11/2008|02:04] C:\Program Files\Fichiers communs\System
[02/01/2005|23:44] C:\Program Files\Fichiers communs\TiVo Shared
[04/11/2008|02:09] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-04 18:06:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 422

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:5002][D:228]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
[F:300][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
[F:2601][D:7]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/11/2008|17:50 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 04/11/2008|18:08 - Option : [2]

--------------------\\ Fin du rapport a 18:08:47
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 36
Utilisateur anonyme
 
parfait ,poste stp un nouveau rapport hijackthis stp
0
psychopath66
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:40, on 04/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.gamesload.fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 26 / 36
Utilisateur anonyme
 
bonjour fait ceci

* Fais un scan antivirus en ligne ICI :

https://www.bitdefender.fr/

et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur "BitDefender SCAN ONLINE"
* Dans la nouvelle fenêtre, clique sur "I agree"
* La fenêtre change encore, clique sur "Click here to scan"
* Les signatures se chargent, etc.

Tuto (merci Morgane)

http://pageperso.aol.fr/loraline60/bitdefender_scan.htm

le rapport de scan se trouve ici

C:\windows\bdoscan8\scanres.txt ou scanres.html
0
psychopath66
 
Euh j'ai un message d'érreur: Bitdeffender n'a pas pu mettre à jour els définitions de virus
et ensuite impossible de faire un scan :/
0
Réponse 27 / 36
Utilisateur anonyme
 
bon on va essayer chez eset

https://www.eset.com/
0
psychopath66
 
Euh lui il mesort: browser incompatible
Et avec IE , IE arrive pas a le voir
0
Réponse 28 / 36
Utilisateur anonyme
 
bonjour

telecharge le desinstalateur d'avast

http://www.commentcamarche.net/telecharger/telechargement 34055246 utilitaire de desinstallation de avast

telecharge antivir

anti virus : antivir

https://www.malekal.com/avira-free-security-antivirus-gratuit/

http://mickael.barroux.free.fr/securite/antivir.php <- tutoriel + complet

ensuite hors connection internet execute l'outil de desinstalation de avast

apres redemarrage instal l'antivirus antivir free qui est bien plus performant

une fois antivir instalé et configuré effectu un scan complet de ton pc , copie et colle le rapport de scan dans ta prochaine reponse
0
Réponse 29 / 36
psychopath66
 
Bonjour, excuse moi pour mes conexions plus qu'aléatoires....

Avira AntiVir Personal
Report file date: jeudi 13 novembre 2008 20:52

Scanning for 1032172 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: HP_Propriétaire
Computer name: ENER

Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 22:29:14
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 00:58:28
ANTIVIR2.VDF : 7.1.0.57 2048 Bytes 09/11/2008 00:58:29
ANTIVIR3.VDF : 7.1.0.76 161280 Bytes 12/11/2008 23:32:10
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 06/11/2008 22:29:35
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 23:31:48
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 22:27:18
AERDL.DLL : 8.1.1.3 438645 Bytes 06/11/2008 22:29:31
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 23:31:47
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 22:27:17
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 22:27:16
AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 22:27:13
AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 22:27:12
AEEMU.DLL : 8.1.0.9 393588 Bytes 06/11/2008 22:29:21
AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 22:27:01
AEBB.DLL : 8.1.0.3 53618 Bytes 06/11/2008 22:29:19
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 06/11/2008 22:29:19
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 13 novembre 2008 20:52

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'Agent_WiFi.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'QuickAccess.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '72' files ).

Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds.zip
[0] Archive type: ZIP SFX (self extracting)
--> Stwars_Galactic_Battlegrounds/swbg.ace
[1] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds\Stwars_Galactic_Battlegrounds\swbg.ace
[0] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GSZKR156\OnlineScanner[1].cab
[0] Archive type: CAB (Microsoft)
--> OnlineScannerLang.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>

End of the scan: jeudi 13 novembre 2008 22:51
Used time: 1:58:42 Hour(s)

The scan has been done completely.

10945 Scanning directories
463691 Files were scanned
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were renamed
2 Files cannot be scanned
463688 Files not concerned
14229 Archives were scanned
5 Warnings
1 Notes
0
Réponse 30 / 36
Utilisateur anonyme
 
bonjour execute ceci

tu n'a activer la recherche de rootkit de antivir ,

Search for rootkits..............: off

cherche dans sa configuration et active ce module !

ensuite

Désactiver les fichiers cachés :
- Panneau Config > Apparences & Thèmes > Options des Dossiers (onglet Affichage)
- Cocher « Afficher Fichiers & Dossiers cachés ».
- Décocher « masquer les extensions de fichiers dont le type est connu ».
- Décocher « masquer les Fichiers protégés du Système d’Exploitation ».

ensuite va faire analyser ces dossiers sur virus total

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ces fichiers ( tu ne peu analyser qu'un seul fichier a la fois ) :

C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds.zip

C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds\Stwars_Galactic_Battlegrounds\swbg.ace

C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GSZKR156\OnlineScanner[1].cab

C:\WINDOWS\system32\drivers\sptd.sys

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.
0
psychopath66
 
j'ai pu scanner que 2 fichiers:

Fichier swbg.ace reçu le 2008.11.14 18:02:35 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/36 (0.00%)

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.14.3 2008.11.14 -
AntiVir 7.9.0.31 2008.11.14 -
Authentium 5.1.0.4 2008.11.14 -
Avast 4.8.1281.0 2008.11.14 -
AVG 8.0.0.199 2008.11.14 -
BitDefender 7.2 2008.11.14 -
CAT-QuickHeal 10.00 2008.11.13 -
ClamAV 0.94.1 2008.11.14 -
DrWeb 4.44.0.09170 2008.11.14 -
eSafe 7.0.17.0 2008.11.13 -
eTrust-Vet 31.6.6208 2008.11.13 -
Ewido 4.0 2008.11.14 -
F-Prot 4.4.4.56 2008.11.13 -
Fortinet 3.117.0.0 2008.11.14 -
GData 19 2008.11.14 -
Ikarus T3.1.1.45.0 2008.11.14 -
K7AntiVirus 7.10.525 2008.11.14 -
Kaspersky 7.0.0.125 2008.11.14 -
McAfee 5433 2008.11.13 -
Microsoft 1.4104 2008.11.14 -
NOD32 3614 2008.11.14 -
Norman 5.80.02 2008.11.14 -
Panda 9.0.0.4 2008.11.14 -
PCTools 4.4.2.0 2008.11.14 -
Rising 21.03.42.00 2008.11.14 -
SecureWeb-Gateway 6.7.6 2008.11.14 -
Sophos 4.35.0 2008.11.14 -
Sunbelt 3.1.1801.2 2008.11.14 -
Symantec 10 2008.11.14 -
TheHacker 6.3.1.1.152 2008.11.13 -
TrendMicro 8.700.0.1004 2008.11.14 -
VBA32 3.12.8.9 2008.11.14 -
ViRobot 2008.11.14.1468 2008.11.14 -
VirusBuster 4.5.11.0 2008.11.13 -
Information additionnelle
File size: 2913000 bytes
MD5...: 64c3bebf3783932f6570ec4ac8b8e679
SHA1..: db1f1f08f96e11a1cf097b482542c3e593971ee6
SHA256: a849869446240b83c10170fbbcba2ace629a62170da8d759fa2f93feed8a3bbc
SHA512: 78138dcdd6e73a13c54f60b022689218eb4f9623a1b0b8cb9fb4d6302ae9ec28
91f920099ee71a5b110a02869a236c149c6e599f4f66345ddbb0fc45b8d8b6b8
PEiD..: -
TrID..: File type identification
ACE compressed archive (100.0%)
PEInfo: -

Fichier OnlineScanner_1_.cab reçu le 2008.11.14 18:14:47 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 2/36 (5.56%)

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.14.3 2008.11.14 -
AntiVir 7.9.0.31 2008.11.14 -
Authentium 5.1.0.4 2008.11.14 -
Avast 4.8.1281.0 2008.11.14 -
AVG 8.0.0.199 2008.11.14 -
BitDefender 7.2 2008.11.14 -
CAT-QuickHeal 10.00 2008.11.13 -
ClamAV 0.94.1 2008.11.14 -
DrWeb 4.44.0.09170 2008.11.14 -
eSafe 7.0.17.0 2008.11.13 -
eTrust-Vet 31.6.6208 2008.11.13 -
Ewido 4.0 2008.11.14 -
F-Prot 4.4.4.56 2008.11.13 File is damaged
F-Secure 8.0.14332.0 2008.11.14 -
Fortinet 3.117.0.0 2008.11.14 -
GData 19 2008.11.14 -
Ikarus T3.1.1.45.0 2008.11.14 -
K7AntiVirus 7.10.525 2008.11.14 -
Kaspersky 7.0.0.125 2008.11.14 -
McAfee 5433 2008.11.13 -
Microsoft 1.4104 2008.11.14 -
NOD32 3614 2008.11.14 -
Norman 5.80.02 2008.11.14 -
Panda 9.0.0.4 2008.11.14 Suspicious file
PCTools 4.4.2.0 2008.11.14 -
Prevx1 V2 2008.11.14 -
Rising 21.03.42.00 2008.11.14 -
SecureWeb-Gateway 6.7.6 2008.11.14 -
Sophos 4.35.0 2008.11.14 -
Sunbelt 3.1.1801.2 2008.11.14 -
Symantec 10 2008.11.14 -
TheHacker 6.3.1.1.152 2008.11.13 -
TrendMicro 8.700.0.1004 2008.11.14 -
VBA32 3.12.8.9 2008.11.14 -
ViRobot 2008.11.14.1468 2008.11.14 -
VirusBuster 4.5.11.0 2008.11.14 -
Information additionnelle
File size: 932170 bytes
MD5...: 16bbded17221620dea1d65b5c2f782f3
SHA1..: 68fd364b5d674e7729413da5bc81630349edfb65
SHA256: ec62bc89b39db569fd28b1baae7309a477e4cebc1010520c7d560202b623649b
SHA512: ef6e4258101bc6535af2229fd9de8c399fc6d9f717feee36793ea4b7d764ec2d
01db927f07446951cf6b199b68622f9eb25edb4f1269ad4f826f35a9f44a784d
PEiD..: -
TrID..: File type identification
Microsoft Cabinet Archive (99.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: -


Les autres étaient trop gros. Et le c:/windows/system32/drivers/sptd.sys fesait "0Kb".
La à l'analyse avira avec tout les fichiers (cachés et system) concernés, il me demande si jdois mettre:
c:/WINDOWS/system32/DRVSTORE/.../nmwcdcm.sys
en quarantaine.....ca vas pas faire buguer mon pc...?


virustotal me donne ca pour l'analyse de ce fichier:
Fichier nmwcdcj.sys reçu le 2008.11.14 15:43:44 (CET)
Situation actuelle: terminé
Résultat: 1/36 (2.78%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.14.3 2008.11.14 -
AntiVir 7.9.0.31 2008.11.14 TR/Drop.SFC
Authentium 5.1.0.4 2008.11.14 -
Avast 4.8.1281.0 2008.11.14 -
AVG 8.0.0.199 2008.11.14 -
BitDefender 7.2 2008.11.14 -
CAT-QuickHeal 10.00 2008.11.13 -
ClamAV 0.94.1 2008.11.14 -
DrWeb 4.44.0.09170 2008.11.14 -
eSafe 7.0.17.0 2008.11.13 -
eTrust-Vet 31.6.6209 2008.11.14 -
Ewido 4.0 2008.11.14 -
F-Prot 4.4.4.56 2008.11.13 -
F-Secure 8.0.14332.0 2008.11.14 -
Fortinet 3.117.0.0 2008.11.14 -
GData 19 2008.11.14 -
Ikarus T3.1.1.45.0 2008.11.14 -
K7AntiVirus 7.10.524 2008.11.13 -
Kaspersky 7.0.0.125 2008.11.14 -
McAfee 5433 2008.11.13 -
Microsoft 1.4104 2008.11.14 -
NOD32 3613 2008.11.14 -
Norman 5.80.02 2008.11.14 -
Panda 9.0.0.4 2008.11.14 -
PCTools 4.4.2.0 2008.11.14 -
Prevx1 V2 2008.11.14 -
Rising 21.03.42.00 2008.11.14 -
SecureWeb-Gateway 6.7.6 2008.11.14 -
Sophos 4.35.0 2008.11.14 -
Sunbelt 3.1.1801.2 2008.11.14 -
Symantec 10 2008.11.14 -
TheHacker 6.3.1.1.152 2008.11.13 -
TrendMicro 8.700.0.1004 2008.11.14 -
VBA32 3.12.8.9 2008.11.14 -
ViRobot 2008.11.14.1468 2008.11.14 -
VirusBuster 4.5.11.0 2008.11.13 -
Information additionnelle
File size: 12288 bytes
MD5...: 4c3726467d67483f054c88f058e9c153
SHA1..: 2acac9cd3739701ea7769f5068316c4449155bba
SHA256: 5e9a77947b353ac075f4489f49a8f4d2345048a2db7b79fe49290f05d9773c59
SHA512: 9f3ca1ccfba7ab43b8c682441497d7e173e756885aee6ea2334c9d9c59804207
827011a779b7f0ecf24f6265cbca3b92699168a3645b4b3806f7c749098fe570
PEiD..: -
TrID..: File type identification
Clipper DOS Executable (33.3%)
Generic Win/DOS Executable (33.0%)
DOS Executable Generic (33.0%)
VXD Driver (0.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x12605
timedatestamp.....: 0x45dd5111 (Thu Feb 22 08:15:13 2007)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x1bc2 0x1c00 5.71 a9df503075861fd1b42a90650b7439b5
.rdata 0x2080 0x3e8 0x400 4.78 c509344b04149602a41815f60080267f
.data 0x2480 0x108 0x180 3.21 4dd7e120679a7688f6b7e873300004cf
INIT 0x2600 0x3fc 0x400 5.36 41439fd32cdcfae0014b36e4300b6397
.rsrc 0x2a00 0x318 0x380 2.98 7cdd45e14d8b20fae477984952a58250
.reloc 0x2d80 0x20c 0x280 5.01 a2ce5f7ca852a50d9fe34c070593c4cd

( 1 imports )
> ntoskrnl.exe: IoWMIRegistrationControl, IoAttachDeviceToDeviceStack, IoCreateDevice, IoDeleteSymbolicLink, IoRegisterDeviceInterface, IoCreateSymbolicLink, ExFreePoolWithTag, RtlAppendUnicodeToString, memset, ZwClose, ExAllocatePoolWithTag, IoOpenDeviceRegistryKey, IoDeleteDevice, IoDetachDevice, IofCallDriver, IofCompleteRequest, IoSetDeviceInterfaceState, RtlUnicodeStringToInteger, RtlWriteRegistryValue, wcslen, RtlDeleteRegistryValue, IoGetDeviceProperty, wcsncmp, ZwQueryValueKey, RtlInitUnicodeString, KeWaitForSingleObject, IoBuildDeviceIoControlRequest, KeInitializeEvent, KeTickCount, KeBugCheckEx, memcpy, KeSetEvent, PoCallDriver, PoStartNextPowerIrp, PsGetVersion, MmGetSystemRoutineAddress

( 0 exports )
0
Réponse 31 / 36
Utilisateur anonyme
 
bonjour , si antivir te demande de mettre en quarentaine , fait le il n'y a pas de risque

je regarde tes rapprorts et te tiens informé
0
Réponse 32 / 36
psychopath66
 
Okay merci, ba voilà le nouveau rapport antivir:

Avira AntiVir Personal
Report file date: vendredi 14 novembre 2008 19:54

Scanning for 1034249 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: HP_Propriétaire
Computer name: ENER

Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 22:29:14
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 00:58:28
ANTIVIR2.VDF : 7.1.0.57 2048 Bytes 09/11/2008 00:58:29
ANTIVIR3.VDF : 7.1.0.83 190976 Bytes 13/11/2008 23:33:05
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 06/11/2008 22:29:35
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 23:31:48
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 22:27:18
AERDL.DLL : 8.1.1.3 438645 Bytes 06/11/2008 22:29:31
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 23:31:47
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 22:27:17
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 22:27:16
AEHELP.DLL : 8.1.1.3 119157 Bytes 07/11/2008 22:27:13
AEGEN.DLL : 8.1.1.0 319859 Bytes 07/11/2008 22:27:12
AEEMU.DLL : 8.1.0.9 393588 Bytes 06/11/2008 22:29:21
AECORE.DLL : 8.1.4.1 172405 Bytes 07/11/2008 22:27:01
AEBB.DLL : 8.1.0.3 53618 Bytes 06/11/2008 22:29:19
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 06/11/2008 22:29:19
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 14 novembre 2008 19:54

Starting search for hidden objects.
'94446' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'DivXsm.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'TuneUpDefragService.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'Agent_WiFi.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'QuickAccess.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'issch.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ALCXMNTR.EXE' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'UAService7.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
47 processes with 47 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '72' files ).

Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds.zip
[0] Archive type: ZIP SFX (self extracting)
--> Stwars_Galactic_Battlegrounds/swbg.ace
[1] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds\Stwars_Galactic_Battlegrounds\swbg.ace
[0] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GSZKR156\OnlineScanner[1].cab
[0] Archive type: CAB (Microsoft)
--> OnlineScannerLang.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcj.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[NOTE] The file was moved to '4994e42e.qua'!
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcm.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[NOTE] The file was moved to '4994e432.qua'!
C:\WINDOWS\system32\drivers\nmwcdcj.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[WARNING] The file was ignored!
C:\WINDOWS\system32\drivers\nmwcdcm.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[WARNING] The file was ignored!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\DRVSTORE\nmwcdcj_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcj.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[WARNING] The file was ignored!
C:\WINDOWS\system32\DRVSTORE\nmwcdm2k_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcm.sys
[DETECTION] Is the TR/Drop.SFC Trojan
[NOTE] The file was moved to '4995c5d0.qua'!
Begin scan in 'D:\' <HP_RECOVERY>

End of the scan: samedi 15 novembre 2008 13:58
Used time: 18:04:48 Hour(s)

The scan has been done completely.

10942 Scanning directories
463838 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
463830 Files not concerned
14181 Archives were scanned
8 Warnings
3 Notes
94446 Objects were scanned with rootkit scan
0 Hidden objects were found
0
Réponse 33 / 36
Utilisateur anonyme
 
Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :

http://oldtimer.geekstogo.com/OTMoveIt3.exe

Double-clique sur OTMoveIt3.exe pour le lancer.

Vérifie que la case devant "Unregister Dll's and Ocx's est bien cochée.

Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans le cadre de gauche de OTMoveIt : "Paste instructions for item to be moved".

:Processes
explorer.exe

:Services

:Reg

:Files
C:\WINDOWS\system32\DRVSTORE\nmwcdcj_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcj.sys
C:\WINDOWS\system32\DRVSTORE\nmwcdm2k_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcm.sys
C:\WINDOWS\system32\drivers\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcj.sys
C:\WINDOWS\system32\drivers\nmwcdcj.sys

:Commands
[start explorer]

[emptytemp]

[Reboot]

Clique sur "MoveIt!" pour lancer la suppression.

Le résultat apparaitra dans le cadre "Results".

Clique sur "Exit" pour fermer.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom xxxxxx_xxxxxxxxxx.log .

Il te sera peut-être demander de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.
0
psychopath66
 
Arf euh y a rien en gars :/ C'est ca que je dois copier ou aussi :Processes explorer.exe ...?

C:\WINDOWS\system32\DRVSTORE\nmwcdcj_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcj.sys
C:\WINDOWS\system32\DRVSTORE\nmwcdm2k_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcm.sys
C:\WINDOWS\system32\drivers\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcj.sys
C:\WINDOWS\system32\drivers\nmwcdcj.sys
0
psychopath66 > psychopath66
 
en GRAS* pas en gars....ce qui ne voulait rien dire ^_-
0
Réponse 34 / 36
Utilisateur anonyme
 
pardon lol

:Processes
explorer.exe

:Services

:Reg

:Files
C:\WINDOWS\system32\DRVSTORE\nmwcdcj_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcj.sys
C:\WINDOWS\system32\DRVSTORE\nmwcdm2k_F3FA2468AF360A65811B287DD7A88CB715CF7275\nmwcdcm.sys
C:\WINDOWS\system32\drivers\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcm.sys
C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcj.sys
C:\WINDOWS\system32\drivers\nmwcdcj.sys

:Commands
[start explorer]

[emptytemp]

[Reboot]
0
psychopath66
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\WINDOWS\system32\DRVSTORE\nmwcdcj_F3FA2468AF360A65811B287­DD7A88CB715CF7275\nmwcdcj.sys not found.
File/Folder C:\WINDOWS\system32\DRVSTORE\nmwcdm2k_F3FA2468AF360A65811B28­7DD7A88CB715CF7275\nmwcdcm.sys not found.
C:\WINDOWS\system32\drivers\nmwcdcm.sys moved successfully.
File/Folder C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcm.sys not found.
File/Folder C:\Program Files\Nokia\Connectivity Cable Driver\nmwcdcj.sys not found.
C:\WINDOWS\system32\drivers\nmwcdcj.sys moved successfully.
========== COMMANDS ==========
Explorer started successfully
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\svb9d.tmp\svb9e.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cPUAhapP.avi.part scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\etilqs_previf5275d7RMbgqxZv scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF1821.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF1904.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF3576.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF35BB.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFE2B.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\22B903D5d01 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\6BB0D206d01 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\8E648C1Ad01 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11152008_211231

Files moved on Reboot...
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\svb9d.tmp\svb9e.tmp not found!
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\cPUAhapP.avi.part moved successfully.
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\etilqs_previf5275d7RMbgqxZv not found!
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hpodvd09.log moved successfully.
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\_hphtra07.log moved successfully.
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF1821.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF1904.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF3576.tmp not found!
File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF35BB.tmp not found!
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFFE2B.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\22B903D5d01 not found!
File C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\6BB0D206d01 not found!
File C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\8E648C1Ad01 not found!
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\5dryw6j6.default\urlclassifier3.sqlite moved successfully.
0
Réponse 35 / 36
Utilisateur anonyme
 
bonjour effectue la mise a jours d'antivir et redemarre en mode sans echecs puis effectue un scan complet du pc

https://www.malekal.com/demarrer-windows-mode-sans-echec/
0
psychopath66
 
Bonjour, voila le scan sous mode sans échec:

Avira AntiVir Personal
Report file date: mardi 18 novembre 2008 22:38

Scanning for 1040492 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: Administrateur
Computer name: ENER

Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 22:29:14
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 00:58:28
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 17:59:34
ANTIVIR3.VDF : 7.1.0.104 80384 Bytes 18/11/2008 21:15:14
Engineversion : 8.2.0.34
AEVDF.DLL : 8.1.0.6 102772 Bytes 06/11/2008 22:29:35
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 23:31:48
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 22:27:18
AERDL.DLL : 8.1.1.3 438645 Bytes 06/11/2008 22:29:31
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 23:31:47
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 07/11/2008 22:27:17
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 07/11/2008 22:27:16
AEHELP.DLL : 8.1.2.0 119159 Bytes 18/11/2008 21:15:22
AEGEN.DLL : 8.1.1.4 319861 Bytes 18/11/2008 21:15:21
AEEMU.DLL : 8.1.0.9 393588 Bytes 06/11/2008 22:29:21
AECORE.DLL : 8.1.5.0 172407 Bytes 18/11/2008 21:15:15
AEBB.DLL : 8.1.0.3 53618 Bytes 06/11/2008 22:29:19
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 06/11/2008 22:29:19
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 18 novembre 2008 22:38

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '72' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds.zip
[0] Archive type: ZIP SFX (self extracting)
--> Stwars_Galactic_Battlegrounds/swbg.ace
[1] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Bureau\(pc games) Star Wars Galactic Battlegrounds\Stwars_Galactic_Battlegrounds\swbg.ace
[0] Archive type: ACE
--> Game\Avi\logo1.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GSZKR156\OnlineScanner[1].cab
[0] Archive type: CAB (Microsoft)
--> OnlineScannerLang.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <HP_RECOVERY>


End of the scan: mercredi 19 novembre 2008 03:30
Used time: 4:51:32 Hour(s)

The scan has been done completely.

11427 Scanning directories
458083 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
458081 Files not concerned
14081 Archives were scanned
5 Warnings
0 Notes
0
Réponse 36 / 36
Utilisateur anonyme
 
bonjour poste stp un nouveau rapport hijackthis stp
0
psychopath66
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:08:24, on 21/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.gamesload.fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [regcmdcons] c:\hp\bin\cloaker.exe c:\hp\bin\cmdcons.cmd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\Cegetel\C-BOX\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://a248.e.akamai.net
O15 - Trusted Zone: http://*.bitdefender.com
O15 - Trusted Zone: http://ssl-hints.netflame.cc
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0