High-Tech Santé Médecine Droit-Finances

Connecter

la Wii à Internet

Rechercher : dans
Par :

Virus ?

Dernière réponse le 15 nov 2009 à 19:46:22 bidou19, le 5 nov 2009 à 14:16:35 
 Signaler ce message aux modérateurs

Bonjour,
tout d'abord merci de votre aide .
J'ai eu quelques probleme avec ma connexion WIFI livebox ces derniers jours a mise en route de ordi je me connectai pas et un message s'affichait "erreur systeme conflit adresse ip" apres avoir modifier mon adresse ip cela refonctionne (d'ailleur dans connexion reseau un nouvelle icone est apparut "passerelle reseau") mais meme si cela refonctionne je voudrai savoir pourquoi sa a deco... alors que tout fonctionnait correctement jusque la est ce que quelqu'un a peu ce connecter a mon reseau ? ou est ce juste un conflit IP du au hasard ?
merci de votre aide qui mais precieuse en esperant que vous pourrez repondre a mes questions !

Configuration: Windows XP Internet Explorer 6.0

Meilleures réponses pour « virus ? » dans :
Virus - Introduction aux virus Voir Virus Un virus est un petit programme informatique situé dans le corps d'un autre, qui, lorsqu'on l'exécute, se charge en mémoire et exécute les instructions que son auteur a programmé. La définition d'un virus pourrait être la suivante : « Tout...
Utilitaires de désinfection des principaux virus et vers Voir Qu'est-ce qu'un kit de désinfection ? Un kit de désinfection est un petit exécutable dont le but est de nettoyer une machine infectée par un virus particulier. Chaque kit de désinfection est donc uniquement capable d'éradiquer un type de virus...
Télécharger AVG Anti-Virus Voir
[Virus] Que faire quand on est infecté ? VoirSi vous savez ou vous pensez être infecté par un virus Si vous savez ou vous pensez être infecté par un virus, il faut s'en occuper le plus rapidement possible car l'infection peut inviter d'autres infections dans votre PC et votre système risque...
Virus et Malwares ... Le truc pour les éliminer Voir
Quel est le meilleur anti-virus ? VoirC'est une question qui est très souvent posée dans le forum et les débats sont très souvent animés. Certains pensent que les meilleurs anti-virus sont ceux ci-dessous : ANTIVIR AVAST AVG Gdata Bit Defender
Télécharger Kaspersky Anti-Virus Voir
Télécharger Avast! Virus Cleaner VoirTout le monde connaît l' antivirus gratuit Avast. Son éditeur propose avast! Virus Cleaner, un nettoyeur de virus gratuit, permettant de supprimer de l'ordinateur, les infections d'une vaste gamme de virus et de vers (worms). Si, malgré toutes...
Télécharger Kaspersky Anti-Virus 2010 Voir
Posez votre question Répondre

1

bidou19, le 5 nov 2009 à 14:22:49

Logfile of random's system information tool 1.06 (written by random/random)
Run by SARINA at 2009-11-05 14:02:21
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 30 GB (27%) free of 114 GB
Total RAM: 255 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:23, on 05/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\SARINA\Bureau\RSIT.exe
C:\Program Files\trend micro\SARINA.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://GLOBAL.ACER.COM/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sabidoubou.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{034D8EA9-DD10-491B-96B1-78799B7AD9D0}: NameServer = 80.10.246.1,80.10.246.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D7C14E9-34A4-4619-B35F-B3826378C6AF}: NameServer = 80.10.246.1,80.10.246.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CA2E3ED-91C0-4385-A642-56B3DAC142C9}: NameServer = 85.255.116.69,85.255.112.110
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.69 85.255.112.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{034D8EA9-DD10-491B-96B1-78799B7AD9D0}: NameServer = 80.10.246.1,80.10.246.139
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.69 85.255.112.110
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: ideusr50 - ideusr50.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Service - Unknown owner - C:\WINDOWS\System32\Service.exe
End of file - 9117 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-05-08 77824]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-05-16 79224]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"StandardInstall"= []
"SystrayORAHSS"=C:\Program Files\Orange HSS\Systray\SystrayApp.exe [2007-07-24 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-07-24 102400]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-05 67128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\afu630qf]
C:\WINDOWS\System32\afu630qf.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe [2003-01-27 376912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\System32\ctfmon.exe [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disk Monitor]
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe [2003-06-18 466944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dmlwd.exe]
C:\WINDOWS\System32\dmlwd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iamapp]
C:\Program Files\Norton Internet Security\IAMAPP.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV Agent]
C:\PROGRA~1\NORTON~1\navapw32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\System32\\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2005-05-08 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2003-09-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
C:\Program Files\Spyware Doctor\swdoctor.exe /Q []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe [2004-11-10 218240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe [2003-08-19 32873]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe [2005-06-13 95960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.EXE MINI []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UserAccess7"=2
"SymWSC"=2
"SymProxySvc"=2
"SNDSrvc"=3
"SDhelper"=2
"SBService"=2
"NISUM"=3
"NISSERV"=2
"navapsvc"=2
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ideusr50]
ideusr50.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SystemCheck2 -
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
"system"=cspyf.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoBandCustomize"=0
"NoActiveDesktop"=0
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=157

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c4a1b382-3e36-11de-a09a-00115b131519}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe


======List of files/folders created in the last 1 months======

2009-11-05 13:59:21 ----D---- C:\Program Files\trend micro
2009-11-05 13:59:17 ----D---- C:\rsit
2009-10-24 22:06:38 ----D---- C:\Documents and Settings\SARINA\Application Data\Mavi
2009-10-11 11:13:26 ----D---- C:\Documents and Settings\All Users\Application Data\Boss Media
2009-10-11 11:13:01 ----D---- C:\Program Files\BetClic Poker
2009-10-08 21:07:22 ----D---- C:\notes cours iufm

======List of files/folders modified in the last 1 months======

2009-11-04 20:15:56 ----A---- C:\WINDOWS\SchedLgU.Txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-05-16 26944]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-05-16 42912]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-08-16 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-05-16 94416]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\C4C_FALL.sys [2002-07-08 303171]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\C4C_FSKS.sys [2002-07-08 124703]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\C4C_K56K.sys [2002-07-08 428578]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-09-17 17744]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\C4C_FAXX.sys [2002-07-08 212494]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\C4C_TONE.sys [2002-07-08 59664]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\C4C_V124.sys [2002-07-08 542223]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-09-23 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-09-23 462940]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-05-16 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-07-20 600064]
R3 C4C_BSC2;C4C_BSC2; C:\WINDOWS\System32\DRIVERS\C4C_BSC2.sys [2002-07-08 84788]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [2004-06-27 6912]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-09-29 47360]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\C4C_SAMP.sys [2002-07-08 62422]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-08-04 65152]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver; C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 450560]
R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\C:\WINDOWS\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\System32\Drivers\SYMIDS.SYS []
R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\System32\Drivers\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-07-08 591520]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2007-01-16 17664]
S1 idersrvc;IDE memory buffer2; \??\C:\WINDOWS\System32\idersrvc.sys []
S2 ntio256;Input and output operations; \??\C:\WINDOWS\System32\ntio256.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOCUME~1\SARINA\LOCALS~1\Temp\DMSKSSRh.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2004-08-03 12672]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbsermptxp;Motorola USB Modem Driver for MPT XP; C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys [2008-01-01 25600]
S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []
S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-05-16 17272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-05-16 144760]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-07-31 65536]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-05-16 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-05-16 349560]
S2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe []
S2 Service;Service; C:\WINDOWS\System32\Service.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-20 138168]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-07-20 303104]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-01-21 206552]
S4 SymWSC;SymWMI Service; C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe [2004-11-02 316544]
S4 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\System32\UAService7.exe [2005-05-16 126976]

-----------------EOF-----------------

   
Répondre à bidou19

2

jlpjlp, le 5 nov 2009 à 14:27:58

Slt tu es infecté:
Enregistre wort sur ton bureau:


http://pc-system.fr/WORT/WORT.exe


Double-clique sur le fichier WORT.exe et sélectionne le Bureau à l'aide du bouton "Parcourir". Suis les instructions et double-clique sur le fichier Wareout Removal Tool.bat qui vient d'être créé sur le Bureau. Sélectionne l'option 1 et valide par entrée.

Double-clique sur le fichier WORT.exe et sélectionne le Bureau à l'aide du bouton "Parcourir". Suis les instructions et double-clique sur le fichier Wareout Removal Tool.bat qui vient d'être créé sur le Bureau. Sélectionne l'option 1 et valide par entrée.

_______________________

scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:


http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php­

______________________


• Télécharge et installe
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
http://forum-aide-contre-virus.be/download/Chiquitine29/UsbFix.exe

par Chiquitine29



(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

• Laisse travailler l'outil.

• Ensuite poste le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

   
Répondre à jlpjlp

3

bidou19, le 5 nov 2009 à 14:50:46

===== Rapport WareOut Removal Tool =====

version 3.6.2

analyse effectuée le 05/11/2009 à 14:45:34,14

Résultats de l'analyse :
========================

~~~~ Recherche d'infections dans C:\ ~~~~


~~~~ Recherche d'infections dans C:\Program Files\ ~~~~


~~~~ Recherche d'infections dans C:\WINDOWS\system\ ~~~~


~~~~ Recherche d'infections dans C:\WINDOWS\system32\ ~~~~


~~~~ Recherche d'infections dans C:\WINDOWS\system32\drivers\ ~~~~


~~~~ Recherche d'infections dans C:\Documents and Settings\SARINA\Application Data\ ~~~~


~~~~ Recherche d'infections dans C:\Documents and Settings\SARINA\Bureau\ ~~~~


~~~~ Recherche de détournement de DNS ~~~~

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\­Parameters]
NameServer REG_SZ 85.255.116.69 85.255.112.110
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\­Parameters\Interfaces\{4CA2E3ED-91C0-4385-A642-56B3DAC142C9}­]
NameServer REG_SZ 85.255.116.69,85.255.112.110
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\­Parameters\Interfaces\{EFE0CD64-7278-43E5-A2FA-3FCACEAE7FFE}­]
DhcpNameServer REG_SZ 85.255.116.69,85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Para­meters\Interfaces\{CB691517-608E-4F29-9456-8E8CCA267C0F}]
NameServer REG_SZ 85.255.113.147,85.255.112.23
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Para­meters\Interfaces\{EFE0CD64-7278-43E5-A2FA-3FCACEAE7FFE}]
NameServer REG_SZ 85.255.113.147,85.255.112.23
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Para­meters]
NameServer REG_SZ 85.255.116.69 85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Para­meters\Interfaces\{4CA2E3ED-91C0-4385-A642-56B3DAC142C9}]
NameServer REG_SZ 85.255.116.69,85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Para­meters\Interfaces\{EFE0CD64-7278-43E5-A2FA-3FCACEAE7FFE}]
DhcpNameServer REG_SZ 85.255.116.69,85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Tcpip\Para­meters]
NameServer REG_SZ 85.255.116.69 85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Tcpip\Para­meters\Interfaces\{4CA2E3ED-91C0-4385-A642-56B3DAC142C9}]
NameServer REG_SZ 85.255.116.69,85.255.112.110
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Tcpip\Para­meters\Interfaces\{EFE0CD64-7278-43E5-A2FA-3FCACEAE7FFE}]
DhcpNameServer REG_SZ 85.255.116.69,85.255.112.110


~~~~ Recherche de Rootkits ~~~~

____________________________________________________________­___________

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-05 14:45:54
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden files ...

scan completed successfully
hidden files: 0

____________________________________________________________­___________

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
System REG_SZ cspyf.exe



~~~~ Recherche d'infections dans C:\DOCUME~1\SARINA\LOCALS~1\Temp\ ~~~~


~~~~ Recherche d'infections dans C:\Documents and Settings\SARINA\Start Menu\Programs\ ~~~~


~~~~ Nettoyage du registre ~~~~


~~~~ Tentative de réparation des entrées suivantes: ~~~~

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] = "System"

[HKLM\SYSTEM\CurrentControlSet\Services\Windows Tribute Service]
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Windows Tribute Service]

~~~~ Vérification: ~~~~

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
System REG_SZ



_________________________________

développé par http://pc-system.fr
_________________________________

   
Répondre à bidou19

4

bidou19, le 5 nov 2009 à 14:53:32

Salut et encore merci de ton aide !
voila je t'ai poster le rapport wort-report !

   
Répondre à bidou19

5

bidou19, le 5 nov 2009 à 15:46:12

Voila je te poste le rapport malwarebyte : MERCI


Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3105
Windows 5.1.2600 Service Pack 2

05/11/2009 15:44:03
mbam-log-2009-11-05 (15-43-45).txt

Type de recherche: Examen rapide
Eléments examinés: 229652
Temps écoulé: 41 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{24311111-1111-1121-1111-111191113457} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\service (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\service (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\service (Backdoor.Bot) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ntio256 (Rootkit.Agent) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\BitDownload (Trojan.Swizzor) -> No action taken.

   
Répondre à bidou19

6

bidou19, le 5 nov 2009 à 17:26:14

Voila je croi avoir fais toutes les etapes j'attend la suite merci !

   
Répondre à bidou19

7

jlpjlp, le 5 nov 2009 à 20:48:12

Non il manque usbfix!!!



• Télécharge et installe
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­
http://forum-aide-contre-virus.be/download/Chiquitine29/UsbF­ix.exe

par Chiquitine29



(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

• Laisse travailler l'outil.

• Ensuite poste le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html


##################### | XP _ Suppression | ########################



(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]

• Ton bureau disparaitra et le pc redémarrera .

• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )








puis

fais aussi ceci


tu télécharge Lop S&D.exe sur ton Bureau.http://eric.71.mespages.googlepages.com/LopSD.exe

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

   
Répondre à jlpjlp

8

bidou19, le 6 nov 2009 à 21:20:57

Voici le rapport usbfix :
a
############################## | UsbFix V6.049 |

User : SARINA (Administrateurs) # OEM-UUAFPGEWSWI
Update on 06/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 21:16:09 | 06/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 3000+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1201 [VPS 080531-1] 4.8.1201 [ Enabled | (!) Outdated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 111,76 Go (29,38 Go free) # FAT32
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 432
C:\WINDOWS\system32\csrss.exe 700
C:\WINDOWS\system32\winlogon.exe 724
C:\WINDOWS\system32\services.exe 768
C:\WINDOWS\system32\lsass.exe 780
C:\WINDOWS\system32\svchost.exe 920
C:\WINDOWS\system32\svchost.exe 972
C:\WINDOWS\System32\svchost.exe 1012
C:\WINDOWS\System32\svchost.exe 1152
C:\WINDOWS\System32\svchost.exe 1232
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1428
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1476
C:\WINDOWS\system32\spoolsv.exe 172
C:\WINDOWS\System32\svchost.exe 256
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 344
C:\WINDOWS\System32\svchost.exe 1272
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 588
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 620
C:\WINDOWS\system32\wscntfy.exe 1376
C:\WINDOWS\System32\alg.exe 1396
C:\WINDOWS\system32\SVCHOST.EXE 388
C:\WINDOWS\Explorer.EXE 396
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 1260
C:\Program Files\Orange HSS\Systray\SystrayApp.exe 2324
C:\WINDOWS\System32\svchost.exe 2372
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe 2380
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe 2392
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe 2424
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe 3016
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe 3304
C:\Program Files\FinePixViewer\QuickDCF2.exe 3316
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe 1896
C:\Program Files\Internet Explorer\iexplore.exe 2956
C:\WINDOWS\system32\wbem\wmiprvse.exe 692

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{c4a1b382-3e36-11de-a09a-00115b131519}
Shell\AutoRun\command =F:\EmDesk.exe
Shell\EmDesk\command =F:\EmDesk.exe

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.049 ! |

   
Répondre à bidou19

9

bidou19, le 6 nov 2009 à 21:30:18

Et voila l'autre merci !

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : SARINA ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1201 [VPS 080531-1] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:111 Go (Free:29 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 06/11/2009|21:21 )

--------------------\\ Listing des dossiers dans APPLIC~1

[27/06/2004|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[27/06/2004|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[27/06/2004|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/06/2004|00:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[02/10/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2009|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boss Media
[01/01/2008|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[30/03/2006|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[27/06/2004|00:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/07/2005|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/02/2009|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[20/10/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/06/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LGMOBILEAX
[05/11/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/05/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/06/2004|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[08/05/2005|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mindscape
[29/10/2006|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[22/08/2007|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[20/11/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[08/05/2005|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/11/2006|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/05/2005|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/12/2006|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[06/11/2006|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[05/03/2007|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/10/2007|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/02/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[17/10/2007|15:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[27/06/2004|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[27/06/2004|00:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/06/2004|00:28] C:\DOCUME~1\pro\APPLIC~1\Adobe
[19/07/2005|10:05] C:\DOCUME~1\pro\APPLIC~1\Canon
[18/03/2005|13:37] C:\DOCUME~1\pro\APPLIC~1\Help
[27/06/2004|00:26] C:\DOCUME~1\pro\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\pro\APPLIC~1\InterTrust
[05/12/2006|12:10] C:\DOCUME~1\pro\APPLIC~1\Lavasoft
[08/05/2005|18:42] C:\DOCUME~1\pro\APPLIC~1\Macromedia
[27/06/2004|00:15] C:\DOCUME~1\pro\APPLIC~1\Microsoft
[14/09/2005|15:21] C:\DOCUME~1\pro\APPLIC~1\Mindscape
[18/11/2006|07:55] C:\DOCUME~1\pro\APPLIC~1\Motive
[20/11/2004|17:47] C:\DOCUME~1\pro\APPLIC~1\MSN6
[08/05/2005|21:36] C:\DOCUME~1\pro\APPLIC~1\OLYMPUS
[13/07/2006|11:45] C:\DOCUME~1\pro\APPLIC~1\PC Tools
[27/06/2004|00:31] C:\DOCUME~1\pro\APPLIC~1\Sun
[09/05/2005|20:52] C:\DOCUME~1\pro\APPLIC~1\Symantec
[18/11/2004|11:46] C:\DOCUME~1\pro\APPLIC~1\Template


[27/06/2004|00:28] C:\DOCUME~1\SARINA\APPLIC~1\Adobe
[29/11/2006|15:25] C:\DOCUME~1\SARINA\APPLIC~1\Ahead
[02/03/2008|15:52] C:\DOCUME~1\SARINA\APPLIC~1\Anuman Interactive
[23/04/2007|12:40] C:\DOCUME~1\SARINA\APPLIC~1\BitDownload
[06/01/2007|12:44] C:\DOCUME~1\SARINA\APPLIC~1\Canon
[29/04/2009|21:11] C:\DOCUME~1\SARINA\APPLIC~1\DataCast
[06/11/2006|14:32] C:\DOCUME~1\SARINA\APPLIC~1\DivX
[18/05/2009|22:45] C:\DOCUME~1\SARINA\APPLIC~1\dvdcss
[13/05/2007|06:38] C:\DOCUME~1\SARINA\APPLIC~1\FUJIFILM
[20/10/2007|14:08] C:\DOCUME~1\SARINA\APPLIC~1\Google
[08/05/2005|19:56] C:\DOCUME~1\SARINA\APPLIC~1\Help
[27/06/2004|00:26] C:\DOCUME~1\SARINA\APPLIC~1\Identities
[16/12/2007|17:41] C:\DOCUME~1\SARINA\APPLIC~1\InstallShield
[27/06/2004|00:28] C:\DOCUME~1\SARINA\APPLIC~1\InterTrust
[30/07/2005|12:04] C:\DOCUME~1\SARINA\APPLIC~1\Lavasoft
[25/01/2009|14:01] C:\DOCUME~1\SARINA\APPLIC~1\Leadertech
[23/06/2009|20:04] C:\DOCUME~1\SARINA\APPLIC~1\LG Electronics
[22/02/2008|19:54] C:\DOCUME~1\SARINA\APPLIC~1\LimeWire
[08/05/2005|19:00] C:\DOCUME~1\SARINA\APPLIC~1\Macromedia
[05/11/2009|14:58] C:\DOCUME~1\SARINA\APPLIC~1\Malwarebytes
[24/10/2009|22:06] C:\DOCUME~1\SARINA\APPLIC~1\Mavi
[27/11/2006|12:06] C:\DOCUME~1\SARINA\APPLIC~1\Media Player Classic
[27/06/2004|00:15] C:\DOCUME~1\SARINA\APPLIC~1\Microsoft
[07/11/2006|18:48] C:\DOCUME~1\SARINA\APPLIC~1\Motive
[21/02/2008|13:19] C:\DOCUME~1\SARINA\APPLIC~1\Mozilla
[13/05/2005|23:24] C:\DOCUME~1\SARINA\APPLIC~1\MSN6
[22/11/2006|13:24] C:\DOCUME~1\SARINA\APPLIC~1\My Games
[04/06/2005|17:01] C:\DOCUME~1\SARINA\APPLIC~1\OLYMPUS
[19/10/2008|18:07] C:\DOCUME~1\SARINA\APPLIC~1\OpenOffice.org
[10/11/2005|17:18] C:\DOCUME~1\SARINA\APPLIC~1\PC Tools
[23/05/2009|06:35] C:\DOCUME~1\SARINA\APPLIC~1\PhotoFiltre Studio X
[23/05/2007|20:08] C:\DOCUME~1\SARINA\APPLIC~1\Screenshot Sender
[25/03/2008|11:04] C:\DOCUME~1\SARINA\APPLIC~1\Shareaza
[24/02/2008|18:42] C:\DOCUME~1\SARINA\APPLIC~1\Shareaza(3)
[18/07/2007|13:45] C:\DOCUME~1\SARINA\APPLIC~1\Soft-R Research
[11/07/2007|19:32] C:\DOCUME~1\SARINA\APPLIC~1\Sports Interactive
[27/06/2004|00:31] C:\DOCUME~1\SARINA\APPLIC~1\Sun
[08/05/2005|17:08] C:\DOCUME~1\SARINA\APPLIC~1\Symantec
[04/06/2005|17:09] C:\DOCUME~1\SARINA\APPLIC~1\Template
[29/04/2007|20:55] C:\DOCUME~1\SARINA\APPLIC~1\uTorrent
[15/05/2009|20:57] C:\DOCUME~1\SARINA\APPLIC~1\vlc
[21/05/2006|19:56] C:\DOCUME~1\SARINA\APPLIC~1\Vso
[22/02/2006|23:37] C:\DOCUME~1\SARINA\APPLIC~1\VSO_HWE
[05/01/2009|20:20] C:\DOCUME~1\SARINA\APPLIC~1\Windows Live Writer
[09/02/2009|20:05] C:\DOCUME~1\SARINA\APPLIC~1\Zylom

[27/06/2004|00:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[27/06/2004|00:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[27/06/2004|00:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[10/11/2005|15:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\PC Tools
[27/06/2004|00:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[06/11/2009 20:31][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[06/11/2009 18:18][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[06/11/2009 18:06][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 20:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[10/10/2005|21:25] C:\Program Files\a2 Free
[27/06/2004|00:28] C:\Program Files\Adobe
[16/07/2005|00:25] C:\Program Files\AdTools Service
[09/02/2006|20:49] C:\Program Files\Ahead
[09/12/2006|12:00] C:\Program Files\Alwil Software
[16/07/2008|19:49] C:\Program Files\Anuman Interactive
[06/12/2006|13:32] C:\Program Files\Art Plus
[26/05/2007|06:51] C:\Program Files\Audacity
[27/06/2004|00:27] C:\Program Files\AvRack
[29/10/2005|08:36] C:\Program Files\BaseDVDivX
[11/10/2009|11:13] C:\Program Files\BetClic Poker
[23/04/2007|12:39] C:\Program Files\BitDownload
[23/07/2007|14:26] C:\Program Files\BitTorrent Fastest Tool
[29/10/2006|10:14] C:\Program Files\BroadJump
[06/12/2006|13:25] C:\Program Files\CalMaker
[02/10/2008|20:27] C:\Program Files\Canal
[08/05/2005|16:29] C:\Program Files\Canon
[07/12/2005|15:45] C:\Program Files\Cartpost
[29/10/2006|10:18] C:\Program Files\Club-Internet
[25/07/2005|13:34] C:\Program Files\Common Files
[27/06/2004|00:20] C:\Program Files\ComPlus Applications
[26/11/2004|17:06] C:\Program Files\Conforama
[21/01/2009|14:20] C:\Program Files\Corel
[27/06/2004|00:30] C:\Program Files\CyberLink
[03/11/2006|11:51] C:\Program Files\Defenza
[28/06/2005|20:11] C:\Program Files\directx
[06/11/2006|14:31] C:\Program Files\DivX
[20/07/2005|11:21] C:\Program Files\DVD Decrypter 350
[19/07/2005|22:29] C:\Program Files\DVD Shrink
[31/07/2006|18:41] C:\Program Files\DVDFab Decrypter
[22/02/2006|23:18] C:\Program Files\DVDFab Express
[21/05/2006|12:40] C:\Program Files\DVDFab Gold
[05/04/2006|08:03] C:\Program Files\DVDFab Platinum
[28/06/2005|22:42] C:\Program Files\Eidos
[03/10/2006|07:57] C:\Program Files\Eidos Interactive
[07/06/2006|11:49] C:\Program Files\Elaborate Bytes
[29/10/2006|14:34] C:\Program Files\eMule
[27/06/2004|00:16] C:\Program Files\Fichiers communs
[13/05/2007|06:37] C:\Program Files\FinePixViewer
[22/11/2006|13:18] C:\Program Files\Firaxis Games
[09/11/2008|14:12] C:\Program Files\FotoSketcher
[27/06/2004|00:27] C:\Program Files\Generic
[29/07/2007|14:46] C:\Program Files\Google
[16/08/2007|13:09] C:\Program Files\Hercules
[25/07/2005|13:33] C:\Program Files\IMSI
[10/05/2005|09:36] C:\Program Files\Infogrames
[27/06/2004|00:27] C:\Program Files\InstallShield Installation Information
[27/06/2004|00:20] C:\Program Files\Internet Explorer
[27/06/2004|00:30] C:\Program Files\Java
[19/10/2008|18:04] C:\Program Files\JRE
[08/11/2005|22:35] C:\Program Files\Kaspersky Lab
[18/06/2009|21:09] C:\Program Files\LG Electronics
[23/06/2009|20:04] C:\Program Files\LG PC Suite II
[09/03/2008|18:08] C:\Program Files\Livre Album Fuji Photo
[16/12/2007|17:41] C:\Program Files\Logitech
[05/11/2009|14:57] C:\Program Files\Malwarebytes' Anti-Malware
[29/04/2009|21:11] C:\Program Files\MarkAny
[27/06/2004|00:20] C:\Program Files\Messenger
[23/05/2007|20:06] C:\Program Files\Messenger Plus! Live
[09/05/2005|21:28] C:\Program Files\Micro Application
[24/07/2007|15:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/06/2004|00:22] C:\Program Files\microsoft frontpage
[17/10/2007|15:08] C:\Program Files\Microsoft SQL Server Compact Edition
[27/06/2004|00:56] C:\Program Files\Microsoft Works
[08/05/2005|16:53] C:\Program Files\Mindscape
[01/01/2008|14:26] C:\Program Files\Motorola Phone Tools
[27/06/2004|00:21] C:\Program Files\Movie Maker
[21/02/2008|13:19] C:\Program Files\Mozilla Firefox
[27/06/2004|00:19] C:\Program Files\MSN
[27/06/2004|00:19] C:\Program Files\MSN Gaming Zone
[05/03/2007|21:01] C:\Program Files\MSN Messenger
[06/03/2007|01:36] C:\Program Files\MSXML 4.0
[23/07/2007|14:28] C:\Program Files\Multi_Media
[06/12/2006|13:14] C:\Program Files\My Photo Calendars & Cards
[27/06/2004|00:21] C:\Program Files\NetMeeting
[27/06/2004|00:29] C:\Program Files\NewTech Infosystems
[08/05/2005|16:48] C:\Program Files\OLYMPUS
[19/10/2008|18:03] C:\Program Files\OpenOffice.org 3
[08/01/2008|19:18] C:\Program Files\Orange HSS
[27/06/2004|00:20] C:\Program Files\Outlook Express
[26/03/2006|18:51] C:\Program Files\PC Camera
[10/01/2009|21:13] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
[05/05/2007|14:06] C:\Program Files\Photo Story 3 for Windows
[22/05/2009|09:23] C:\Program Files\PhotoFiltre
[23/05/2009|06:35] C:\Program Files\PhotoFiltre Studio X
[21/01/2009|15:22] C:\Program Files\Picthema
[08/05/2005|16:47] C:\Program Files\PIXELA
[09/11/2008|14:20] C:\Program Files\Poster Forge
[04/12/2006|11:25] C:\Program Files\Project1
[28/11/2008|14:17] C:\Program Files\ProPoster
[08/05/2005|16:47] C:\Program Files\QuickTime
[27/06/2004|00:27] C:\Program Files\Realtek Sound Manager
[13/05/2007|06:35] C:\Program Files\REGSHAVE
[18/03/2005|13:37] C:\Program Files\SAGEM
[08/01/2008|19:11] C:\Program Files\SAGEM WiFi manager
[09/12/2007|20:37] C:\Program Files\Samsung
[08/01/2008|19:00] C:\Program Files\Securitoo
[27/06/2004|00:20] C:\Program Files\Services en ligne
[27/11/2006|10:50] C:\Program Files\Shareaza
[05/02/2008|20:02] C:\Program Files\Shareaza Applications
[02/07/2005|17:48] C:\Program Files\Sports Interactive
[05/11/2006|12:53] C:\Program Files\Spybot - Search & Destroy
[10/11/2005|15:57] C:\Program Files\Spyware Doctor
[08/05/2005|17:07] C:\Program Files\Symantec
[13/06/2005|14:08] C:\Program Files\SymNetDrv
[19/11/2008|14:19] C:\Program Files\TKexe
[23/07/2007|14:27] C:\Program Files\torrent_search
[19/02/2008|10:31] C:\Program Files\TorrentWizard
[05/11/2009|13:59] C:\Program Files\trend micro
[27/06/2004|00:26] C:\Program Files\Uninstall Information
[09/11/2008|13:58] C:\Program Files\VCW VicMan's Photo Editor
[27/11/2006|12:05] C:\Program Files\VDCodecPack3.5
[15/05/2009|20:56] C:\Program Files\VideoLAN
[29/09/2008|13:13] C:\Program Files\vso
[17/10/2007|15:07] C:\Program Files\Windows Desktop Search
[17/10/2007|14:58] C:\Program Files\Windows Live
[16/12/2007|18:53] C:\Program Files\Windows Live Favorites
[05/03/2007|21:01] C:\Program Files\Windows Live Toolbar
[14/12/2008|09:29] C:\Program Files\Windows Media Connect
[06/03/2007|01:20] C:\Program Files\Windows Media Connect 2
[27/06/2004|00:20] C:\Program Files\Windows Media Player
[27/06/2004|00:19] C:\Program Files\Windows NT
[27/06/2004|00:20] C:\Program Files\WindowsUpdate
[27/07/2005|23:31] C:\Program Files\Winsos
[27/06/2004|00:22] C:\Program Files\xerox
[09/02/2009|20:04] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[27/06/2004|00:28] C:\Program Files\Fichiers communs\Adobe
[02/10/2008|20:25] C:\Program Files\Fichiers communs\Adobe AIR
[29/11/2006|15:22] C:\Program Files\Fichiers communs\Ahead
[08/01/2008|19:18] C:\Program Files\Fichiers communs\France Telecom
[27/06/2004|00:27] C:\Program Files\Fichiers communs\InstallShield
[27/06/2004|00:30] C:\Program Files\Fichiers communs\Java
[05/03/2007|20:28] C:\Program Files\Fichiers communs\Logitech
[27/06/2004|00:16] C:\Program Files\Fichiers communs\Microsoft Shared
[29/10/2006|10:19] C:\Program Files\Fichiers communs\Motive
[27/06/2004|00:21] C:\Program Files\Fichiers communs\MSSoap
[27/06/2004|00:16] C:\Program Files\Fichiers communs\ODBC
[27/06/2004|00:21] C:\Program Files\Fichiers communs\Services
[27/06/2004|00:16] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2005|17:07] C:\Program Files\Fichiers communs\Symantec Shared
[27/06/2004|00:20] C:\Program Files\Fichiers communs\System
[15/01/2009|16:13] C:\Program Files\Fichiers communs\Vbox
[16/10/2008|18:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[09/05/2005|21:28] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 31 Processes )

iexplore.exe ~ [PID:2956]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsu132.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsz135.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsi1DC.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsr1DF.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsb2819.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsc2824.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsc281E.tmp
C:\DOCUME~1\SARINA\LOCALS~1\Temp\nsg2998.tmp
C:\DOCUME~1\SARINA\APPLIC~1\Bitdownload
C:\DOCUME~1\SARINA\APPLIC~1\BitDownload
C:\DOCUME~1\SARINA\APPLIC~1\BitDownload\Data
C:\Program Files\BitDownload
C:\Program Files\BitDownload\BitDownload.TRC
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\torrent_search.exe
C:\Program Files\Multi_Media
C:\DOCUME~1\SARINA\Cookies\sarina@advertstream[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@d2.advertserve[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@imagevenue.advertserve[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[3].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[5].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[6].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adultfriendfinder[7].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@klik.klikadvertising[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[3].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[4].txt
C:\DOCUME~1\SARINA\Cookies\sarina@ero-advertising[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[6].txt
C:\DOCUME~1\SARINA\Cookies\sarina@advertising[7].txt
C:\DOCUME~1\SARINA\Cookies\sarina@cotedazurpalace[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@banner.cotedazurpalace[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@serve.cotedazurpalace[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adopt.euroclick[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adopt.euroclick[3].txt
C:\DOCUME~1\SARINA\Cookies\sarina@adopt.euroclick[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@partypoker[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@partypoker[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@www.babes-vegas[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@serve.32vegas[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@www.2xmoinscher[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@www.2xmoinscher[2].txt
C:\DOCUME~1\SARINA\Cookies\sarina@2xmoinscher[4].txt
C:\DOCUME~1\SARINA\Cookies\sarina@2xmoinscher[1].txt
C:\DOCUME~1\SARINA\Cookies\sarina@2xmoinscher[3].txt
C:\DOCUME~1\SARINA\Cookies\sarina@www.2xmoinscher[3].txt
C:\DOCUME~1\SARINA\Cookies\sarina@www.2xmoinscher[5].txt
C:\DOCUME~1\SARINA\Cookies\sarina@cc.2xmoinscher[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-06 21:22:31
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\SARINA\Mes documents\Mes fichiers re‡us\dvdfabcrack.zip


[F:52093][D:679]-> C:\DOCUME~1\SARINA\LOCALS~1\Temp
[F:6548][D:0]-> C:\DOCUME~1\SARINA\Cookies
[F:29530][D:37]-> C:\DOCUME~1\SARINA\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 06/11/2009|21:27 - Option : [1]

--------------------\\ Fin du rapport a 21:27:53

   
Répondre à bidou19

10

bidou19, le 6 nov 2009 à 21:33:25

Voila cette fois je croi avoir tout fais lol !
pourrai tu me dire si quelqu'un a penetrer mon pc et si le faite d'avoir changer d'adresse ip pose probleme ou justement regle le probleme merci encore pour ton aide !
et désoler pour mon ignorance lol

   
Répondre à bidou19

11

jlpjlp, le 7 nov 2009 à 21:28:28

Tout faire !!!



fais l'option de nettoyage (option 2 ) de usbfix puis lop sd et colle les rapports

_______________

pour info tu étais détourné en ukraine ... et en nettoyant on a réctifié cela

il faut tenir son pc à jour cela évite ces risques !

_________________


mettre a jour internet explorer
pour XP
http://download.microsoft.com/...

pour VISTA:
http://download.microsoft.com/...

_____________

mettre à jour adobe reader puis supprimer les anciennes version via le panneau de configuration
http://www.adobe.com/fr/products/reader/

ou passer a un lecteur alternatif ce qui évitera les virus circulant via les PDF comme foxit reader (ne pas mettre les barres foxit, ask, ebay..)

http://www.commentcamarche.net/telecharger/telechargement-20­5-foxit-reader


_____________

Mettre a jour java:
http://javara.fr.malavida.com/d5106-telechargement-gratuit-w­indows


Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.

si cela ne fonctionne pas

http://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80

tu peux désinstaller les vieilles versions.

_______________________

remets un rapport RSIT et dis tes soucis actuels

   
Répondre à jlpjlp

12

bidou19, le 8 nov 2009 à 13:47:25

Rapport de usbfix option nettoyage !
le reste suit.....
############################## | UsbFix V6.049 |

User : SARINA (Administrateurs) # OEM-UUAFPGEWSWI
Update on 06/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 13:40:28 | 08/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 3000+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1201 [VPS 080531-1] 4.8.1201 [ Enabled | (!) Outdated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 111,76 Go (29,45 Go free) # FAT32
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe 432
C:\WINDOWS\system32\csrss.exe 536
C:\WINDOWS\system32\winlogon.exe 564
C:\WINDOWS\system32\services.exe 772
C:\WINDOWS\system32\lsass.exe 784
C:\WINDOWS\system32\svchost.exe 928
C:\WINDOWS\system32\svchost.exe 972
C:\WINDOWS\System32\svchost.exe 1012
C:\WINDOWS\System32\svchost.exe 1148
C:\WINDOWS\System32\svchost.exe 1224
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1436
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1504
C:\WINDOWS\system32\spoolsv.exe 2016
C:\WINDOWS\System32\svchost.exe 176
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 212
C:\WINDOWS\System32\svchost.exe 424
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 896
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 1168
C:\WINDOWS\system32\wscntfy.exe 1664
C:\WINDOWS\System32\alg.exe 1672
C:\WINDOWS\system32\stu2.exe 516
C:\WINDOWS\system32\SVCHOST.EXE 736
C:\WINDOWS\Explorer.EXE 676
C:\WINDOWS\system32\wbem\wmiprvse.exe 1324

################## | Fichiers # Dossiers infectieux |


################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[22/02/2000 13:21|--a------|7] C:\FLAG.ID
[22/02/2000 13:21|--a------|7] C:\FR.ID
[22/02/2000 13:21|--a------|7] C:\XPSP1.ID
[27/06/2004 00:07|---hs----|512] C:\BOOTSECT.DOS
[01/06/2006 20:01|--a------|49276] C:\dvdfab_burn.log
[?|?|?] C:\PAGEFILE.SYS
[28/08/2001 20:00|-rahs----|4952] C:\Bootfont.bin
[05/03/2007 19:42|-rahs----|251712] C:\ntldr
[05/03/2007 19:42|-rahs----|47564] C:\NTDETECT.COM
[05/03/2007 19:47|--ahs----|216] C:\boot.ini
[27/06/2004 00:22|--a------|0] C:\CONFIG.SYS
[27/06/2004 00:22|-rahs----|0] C:\IO.SYS
[27/06/2004 00:22|-rahs----|0] C:\MSDOS.SYS
[03/05/2006 20:39|--a------|83120] C:\dvdfabexpress_burn.log
[15/03/2007 19:49|--a------|3283] C:\lvcoinst.log
[?|?|?] C:\hiberfil.sys
[08/11/2009 13:42|--a------|2717] C:\UsbFix.txt
[09/12/2007 21:06|--a------|0] C:\conmgr.log
[08/01/2008 19:11|--a------|159] C:\Setup.log
[07/05/2005 11:43|--a------|243] C:\UnInstall.dat
[08/05/2005 15:48|--a------|6] C:\ISACER.ID
[02/03/2008 15:53|--a------|1583] C:\anumanlive.log
[05/01/2002 04:38|--a------|54784] C:\msvci70.dll
[08/02/2009 21:20|--a------|1137769] C:\GTB.cab
[09/05/2005 18:16|--ah-----|486] C:\os985006.bin
[06/11/2009 21:27|--a------|19507] C:\lopR.txt
[28/06/2005 07:40|--a------|2265] C:\INSTALL.LOG
[24/05/2001 12:59|--a------|162304] C:\UNWISE.EXE
[17/07/2005 20:23|--a------|665] C:\ALBUM.PVM

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.

################## | Suspect | http://www.virustotal.com |


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.049 ! |

   
Répondre à bidou19

13

bidou19, le 8 nov 2009 à 14:22:44

Rapport lop sd :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : SARINA ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1201 [VPS 080531-1] 4.8.1201 (Activated)
A:\ (USB)
C:\ (Local Disk) - FAT32 - Total:111 Go (Free:29 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08/11/2009|14:14 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[27/06/2004|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[27/06/2004|00:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[27/06/2004|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/06/2004|00:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun

[02/10/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2009|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Boss Media
[01/01/2008|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[30/03/2006|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[27/06/2004|00:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[19/07/2005|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/02/2009|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[20/10/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/06/2009|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LGMOBILEAX
[05/11/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[23/05/2007|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[27/06/2004|00:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[08/05/2005|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mindscape
[29/10/2006|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[22/08/2007|21:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[20/11/2004|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[08/05/2005|16:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[05/11/2006|12:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[08/05/2005|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[24/12/2006|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[06/11/2006|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[05/03/2007|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[17/10/2007|14:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/02/2009|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[17/10/2007|15:08] C:\DOCUME~1\NETWOR~1\APPLIC~1\Identities
[27/06/2004|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[27/06/2004|00:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[27/06/2004|00:28] C:\DOCUME~1\pro\APPLIC~1\Adobe
[19/07/2005|10:05] C:\DOCUME~1\pro\APPLIC~1\Canon
[18/03/2005|13:37] C:\DOCUME~1\pro\APPLIC~1\Help
[27/06/2004|00:26] C:\DOCUME~1\pro\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\pro\APPLIC~1\InterTrust
[05/12/2006|12:10] C:\DOCUME~1\pro\APPLIC~1\Lavasoft
[08/05/2005|18:42] C:\DOCUME~1\pro\APPLIC~1\Macromedia
[27/06/2004|00:15] C:\DOCUME~1\pro\APPLIC~1\Microsoft
[14/09/2005|15:21] C:\DOCUME~1\pro\APPLIC~1\Mindscape
[18/11/2006|07:55] C:\DOCUME~1\pro\APPLIC~1\Motive
[20/11/2004|17:47] C:\DOCUME~1\pro\APPLIC~1\MSN6
[08/05/2005|21:36] C:\DOCUME~1\pro\APPLIC~1\OLYMPUS
[13/07/2006|11:45] C:\DOCUME~1\pro\APPLIC~1\PC Tools
[27/06/2004|00:31] C:\DOCUME~1\pro\APPLIC~1\Sun
[09/05/2005|20:52] C:\DOCUME~1\pro\APPLIC~1\Symantec
[18/11/2004|11:46] C:\DOCUME~1\pro\APPLIC~1\Template


[27/06/2004|00:28] C:\DOCUME~1\SARINA\APPLIC~1\Adobe
[29/11/2006|15:25] C:\DOCUME~1\SARINA\APPLIC~1\Ahead
[02/03/2008|15:52] C:\DOCUME~1\SARINA\APPLIC~1\Anuman Interactive
[06/01/2007|12:44] C:\DOCUME~1\SARINA\APPLIC~1\Canon
[29/04/2009|21:11] C:\DOCUME~1\SARINA\APPLIC~1\DataCast
[06/11/2006|14:32] C:\DOCUME~1\SARINA\APPLIC~1\DivX
[18/05/2009|22:45] C:\DOCUME~1\SARINA\APPLIC~1\dvdcss
[13/05/2007|06:38] C:\DOCUME~1\SARINA\APPLIC~1\FUJIFILM
[20/10/2007|14:08] C:\DOCUME~1\SARINA\APPLIC~1\Google
[08/05/2005|19:56] C:\DOCUME~1\SARINA\APPLIC~1\Help
[27/06/2004|00:26] C:\DOCUME~1\SARINA\APPLIC~1\Identities
[16/12/2007|17:41] C:\DOCUME~1\SARINA\APPLIC~1\InstallShield
[27/06/2004|00:28] C:\DOCUME~1\SARINA\APPLIC~1\InterTrust
[30/07/2005|12:04] C:\DOCUME~1\SARINA\APPLIC~1\Lavasoft
[25/01/2009|14:01] C:\DOCUME~1\SARINA\APPLIC~1\Leadertech
[23/06/2009|20:04] C:\DOCUME~1\SARINA\APPLIC~1\LG Electronics
[22/02/2008|19:54] C:\DOCUME~1\SARINA\APPLIC~1\LimeWire
[08/05/2005|19:00] C:\DOCUME~1\SARINA\APPLIC~1\Macromedia
[05/11/2009|14:58] C:\DOCUME~1\SARINA\APPLIC~1\Malwarebytes
[24/10/2009|22:06] C:\DOCUME~1\SARINA\APPLIC~1\Mavi
[27/11/2006|12:06] C:\DOCUME~1\SARINA\APPLIC~1\Media Player Classic
[27/06/2004|00:15] C:\DOCUME~1\SARINA\APPLIC~1\Microsoft
[07/11/2006|18:48] C:\DOCUME~1\SARINA\APPLIC~1\Motive
[21/02/2008|13:19] C:\DOCUME~1\SARINA\APPLIC~1\Mozilla
[13/05/2005|23:24] C:\DOCUME~1\SARINA\APPLIC~1\MSN6
[22/11/2006|13:24] C:\DOCUME~1\SARINA\APPLIC~1\My Games
[04/06/2005|17:01] C:\DOCUME~1\SARINA\APPLIC~1\OLYMPUS
[19/10/2008|18:07] C:\DOCUME~1\SARINA\APPLIC~1\OpenOffice.org
[10/11/2005|17:18] C:\DOCUME~1\SARINA\APPLIC~1\PC Tools
[23/05/2009|06:35] C:\DOCUME~1\SARINA\APPLIC~1\PhotoFiltre Studio X
[23/05/2007|20:08] C:\DOCUME~1\SARINA\APPLIC~1\Screenshot Sender
[25/03/2008|11:04] C:\DOCUME~1\SARINA\APPLIC~1\Shareaza
[24/02/2008|18:42] C:\DOCUME~1\SARINA\APPLIC~1\Shareaza(3)
[18/07/2007|13:45] C:\DOCUME~1\SARINA\APPLIC~1\Soft-R Research
[11/07/2007|19:32] C:\DOCUME~1\SARINA\APPLIC~1\Sports Interactive
[27/06/2004|00:31] C:\DOCUME~1\SARINA\APPLIC~1\Sun
[08/05/2005|17:08] C:\DOCUME~1\SARINA\APPLIC~1\Symantec
[04/06/2005|17:09] C:\DOCUME~1\SARINA\APPLIC~1\Template
[29/04/2007|20:55] C:\DOCUME~1\SARINA\APPLIC~1\uTorrent
[15/05/2009|20:57] C:\DOCUME~1\SARINA\APPLIC~1\vlc
[21/05/2006|19:56] C:\DOCUME~1\SARINA\APPLIC~1\Vso
[22/02/2006|23:37] C:\DOCUME~1\SARINA\APPLIC~1\VSO_HWE
[05/01/2009|20:20] C:\DOCUME~1\SARINA\APPLIC~1\Windows Live Writer
[09/02/2009|20:05] C:\DOCUME~1\SARINA\APPLIC~1\Zylom

[27/06/2004|00:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[27/06/2004|00:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[27/06/2004|00:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\InterTrust
[27/06/2004|00:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[10/11/2005|15:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\PC Tools
[27/06/2004|00:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[08/11/2009 13:31][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/11/2009 10:18][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[08/11/2009 14:03][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 20:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[10/10/2005|21:25] C:\Program Files\a2 Free
[27/06/2004|00:28] C:\Program Files\Adobe
[16/07/2005|00:25] C:\Program Files\AdTools Service
[09/02/2006|20:49] C:\Program Files\Ahead
[09/12/2006|12:00] C:\Program Files\Alwil Software
[16/07/2008|19:49] C:\Program Files\Anuman Interactive
[06/12/2006|13:32] C:\Program Files\Art Plus
[26/05/2007|06:51] C:\Program Files\Audacity
[27/06/2004|00:27] C:\Program Files\AvRack
[29/10/2005|08:36] C:\Program Files\BaseDVDivX
[11/10/2009|11:13] C:\Program Files\BetClic Poker
[29/10/2006|10:14] C:\Program Files\BroadJump
[06/12/2006|13:25] C:\Program Files\CalMaker
[02/10/2008|20:27] C:\Program Files\Canal
[08/05/2005|16:29] C:\Program Files\Canon
[07/12/2005|15:45] C:\Program Files\Cartpost
[29/10/2006|10:18] C:\Program Files\Club-Internet
[25/07/2005|13:34] C:\Program Files\Common Files
[27/06/2004|00:20] C:\Program Files\ComPlus Applications
[26/11/2004|17:06] C:\Program Files\Conforama
[21/01/2009|14:20] C:\Program Files\Corel
[27/06/2004|00:30] C:\Program Files\CyberLink
[03/11/2006|11:51] C:\Program Files\Defenza
[28/06/2005|20:11] C:\Program Files\directx
[06/11/2006|14:31] C:\Program Files\DivX
[20/07/2005|11:21] C:\Program Files\DVD Decrypter 350
[19/07/2005|22:29] C:\Program Files\DVD Shrink
[31/07/2006|18:41] C:\Program Files\DVDFab Decrypter
[22/02/2006|23:18] C:\Program Files\DVDFab Express
[21/05/2006|12:40] C:\Program Files\DVDFab Gold
[05/04/2006|08:03] C:\Program Files\DVDFab Platinum
[28/06/2005|22:42] C:\Program Files\Eidos
[03/10/2006|07:57] C:\Program Files\Eidos Interactive
[07/06/2006|11:49] C:\Program Files\Elaborate Bytes
[29/10/2006|14:34] C:\Program Files\eMule
[27/06/2004|00:16] C:\Program Files\Fichiers communs
[13/05/2007|06:37] C:\Program Files\FinePixViewer
[22/11/2006|13:18] C:\Program Files\Firaxis Games
[09/11/2008|14:12] C:\Program Files\FotoSketcher
[27/06/2004|00:27] C:\Program Files\Generic
[29/07/2007|14:46] C:\Program Files\Google
[16/08/2007|13:09] C:\Program Files\Hercules
[25/07/2005|13:33] C:\Program Files\IMSI
[10/05/2005|09:36] C:\Program Files\Infogrames
[27/06/2004|00:27] C:\Program Files\InstallShield Installation Information
[27/06/2004|00:20] C:\Program Files\Internet Explorer
[27/06/2004|00:30] C:\Program Files\Java
[19/10/2008|18:04] C:\Program Files\JRE
[08/11/2005|22:35] C:\Program Files\Kaspersky Lab
[18/06/2009|21:09] C:\Program Files\LG Electronics
[23/06/2009|20:04] C:\Program Files\LG PC Suite II
[09/03/2008|18:08] C:\Program Files\Livre Album Fuji Photo
[16/12/2007|17:41] C:\Program Files\Logitech
[05/11/2009|14:57] C:\Program Files\Malwarebytes' Anti-Malware
[29/04/2009|21:11] C:\Program Files\MarkAny
[27/06/2004|00:20] C:\Program Files\Messenger
[23/05/2007|20:06] C:\Program Files\Messenger Plus! Live
[09/05/2005|21:28] C:\Program Files\Micro Application
[24/07/2007|15:23] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[27/06/2004|00:22] C:\Program Files\microsoft frontpage
[17/10/2007|15:08] C:\Program Files\Microsoft SQL Server Compact Edition
[27/06/2004|00:56] C:\Program Files\Microsoft Works
[08/05/2005|16:53] C:\Program Files\Mindscape
[01/01/2008|14:26] C:\Program Files\Motorola Phone Tools
[27/06/2004|00:21] C:\Program Files\Movie Maker
[21/02/2008|13:19] C:\Program Files\Mozilla Firefox
[27/06/2004|00:19] C:\Program Files\MSN
[27/06/2004|00:19] C:\Program Files\MSN Gaming Zone
[05/03/2007|21:01] C:\Program Files\MSN Messenger
[06/03/2007|01:36] C:\Program Files\MSXML 4.0
[06/12/2006|13:14] C:\Program Files\My Photo Calendars & Cards
[27/06/2004|00:21] C:\Program Files\NetMeeting
[27/06/2004|00:29] C:\Program Files\NewTech Infosystems
[08/05/2005|16:48] C:\Program Files\OLYMPUS
[19/10/2008|18:03] C:\Program Files\OpenOffice.org 3
[08/01/2008|19:18] C:\Program Files\Orange HSS
[27/06/2004|00:20] C:\Program Files\Outlook Express
[26/03/2006|18:51] C:\Program Files\PC Camera
[10/01/2009|21:13] C:\Program Files\Photo Print Calendar from YOKOHAMA Ver.3.00E beta
[05/05/2007|14:06] C:\Program Files\Photo Story 3 for Windows
[22/05/2009|09:23] C:\Program Files\PhotoFiltre
[23/05/2009|06:35] C:\Program Files\PhotoFiltre Studio X
[21/01/2009|15:22] C:\Program Files\Picthema
[08/05/2005|16:47] C:\Program Files\PIXELA
[09/11/2008|14:20] C:\Program Files\Poster Forge
[04/12/2006|11:25] C:\Program Files\Project1
[28/11/2008|14:17] C:\Program Files\ProPoster
[08/05/2005|16:47] C:\Program Files\QuickTime
[27/06/2004|00:27] C:\Program Files\Realtek Sound Manager
[13/05/2007|06:35] C:\Program Files\REGSHAVE
[18/03/2005|13:37] C:\Program Files\SAGEM
[08/01/2008|19:11] C:\Program Files\SAGEM WiFi manager
[09/12/2007|20:37] C:\Program Files\Samsung
[08/01/2008|19:00] C:\Program Files\Securitoo
[27/06/2004|00:20] C:\Program Files\Services en ligne
[27/11/2006|10:50] C:\Program Files\Shareaza
[05/02/2008|20:02] C:\Program Files\Shareaza Applications
[02/07/2005|17:48] C:\Program Files\Sports Interactive
[05/11/2006|12:53] C:\Program Files\Spybot - Search & Destroy
[10/11/2005|15:57] C:\Program Files\Spyware Doctor
[08/05/2005|17:07] C:\Program Files\Symantec
[13/06/2005|14:08] C:\Program Files\SymNetDrv
[19/11/2008|14:19] C:\Program Files\TKexe
[23/07/2007|14:27] C:\Program Files\torrent_search
[19/02/2008|10:31] C:\Program Files\TorrentWizard
[05/11/2009|13:59] C:\Program Files\trend micro
[27/06/2004|00:26] C:\Program Files\Uninstall Information
[09/11/2008|13:58] C:\Program Files\VCW VicMan's Photo Editor
[27/11/2006|12:05] C:\Program Files\VDCodecPack3.5
[15/05/2009|20:56] C:\Program Files\VideoLAN
[29/09/2008|13:13] C:\Program Files\vso
[17/10/2007|15:07] C:\Program Files\Windows Desktop Search
[17/10/2007|14:58] C:\Program Files\Windows Live
[16/12/2007|18:53] C:\Program Files\Windows Live Favorites
[05/03/2007|21:01] C:\Program Files\Windows Live Toolbar
[14/12/2008|09:29] C:\Program Files\Windows Media Connect
[06/03/2007|01:20] C:\Program Files\Windows Media Connect 2
[27/06/2004|00:20] C:\Program Files\Windows Media Player
[27/06/2004|00:19] C:\Program Files\Windows NT
[27/06/2004|00:20] C:\Program Files\WindowsUpdate
[27/07/2005|23:31] C:\Program Files\Winsos
[27/06/2004|00:22] C:\Program Files\xerox
[09/02/2009|20:04] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[27/06/2004|00:28] C:\Program Files\Fichiers communs\Adobe
[02/10/2008|20:25] C:\Program Files\Fichiers communs\Adobe AIR
[29/11/2006|15:22] C:\Program Files\Fichiers communs\Ahead
[08/01/2008|19:18] C:\Program Files\Fichiers communs\France Telecom
[27/06/2004|00:27] C:\Program Files\Fichiers communs\InstallShield
[27/06/2004|00:30] C:\Program Files\Fichiers communs\Java
[05/03/2007|20:28] C:\Program Files\Fichiers communs\Logitech
[27/06/2004|00:16] C:\Program Files\Fichiers communs\Microsoft Shared
[29/10/2006|10:19] C:\Program Files\Fichiers communs\Motive
[27/06/2004|00:21] C:\Program Files\Fichiers communs\MSSoap
[27/06/2004|00:16] C:\Program Files\Fichiers communs\ODBC
[27/06/2004|00:21] C:\Program Files\Fichiers communs\Services
[27/06/2004|00:16] C:\Program Files\Fichiers communs\SpeechEngines
[08/05/2005|17:07] C:\Program Files\Fichiers communs\Symantec Shared
[27/06/2004|00:20] C:\Program Files\Fichiers communs\System
[15/01/2009|16:13] C:\Program Files\Fichiers communs\Vbox
[16/10/2008|18:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[09/05/2005|21:28] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 37 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-08 14:17:14
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\SARINA\Mes documents\Mes fichiers re‡us\dvdfabcrack.zip


[F:52116][D:675]-> C:\DOCUME~1\SARINA\LOCALS~1\Temp
[F:6531][D:0]-> C:\DOCUME~1\SARINA\Cookies
[F:15868][D:37]-> C:\DOCUME~1\SARINA\LOCALS~1\TEMPOR~1\content.IE5
[F:6][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 06/11/2009|21:27 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/11/2009|14:21 - Option : [2]

--------------------\\ Fin du rapport a 14:21:10

   
Répondre à bidou19

14

bidou19, le 8 nov 2009 à 17:53:47

Rapport java :
JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Nov 08 17:51:28 2009

Found and removed: C:\Program Files\Java\j2re1.4.2_01

Found and removed: C:\Program Files\Java\jre1.6.0_04

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142010}

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA­}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB­}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC­}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B­0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B­0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7­000B0D610004

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_04

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeC­odes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A­8-6813-11D6-A77B-00B0D0160040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A­8-6813-11D6-A77B-00B0D0142010}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA­}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB­}

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B­0D410201

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Products\8A0F841731866D117AB7000B0D410201

Found and removed: SOFTWARE\Classes\JavaPlugin.142_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_01

Found and removed: Software\Classes\JavaPlugin.142_01

Found and removed: Software\Classes\JavaPlugin.160_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA­}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_04

Found and removed: Software\JavaSoft\Java2D\1.6.0_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA­}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB­}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Components\ACB9B14518A96D117A58000B0D410201

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData­\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A­8-6813-11D6-A77B-00B0D0160070}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\­\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\­\C:\Program Files\Java\jre1.6.0_04\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\­\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.

   
Répondre à bidou19

15

bidou19, le 8 nov 2009 à 17:56:02

Et enfin le rapport rsit :

   
Répondre à bidou19

16

bidou19, le 8 nov 2009 à 17:56:32

Logfile of random's system information tool 1.06 (written by random/random)
Run by SARINA at 2009-11-08 17:54:42
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 32 GB (28%) free of 114 GB
Total RAM: 255 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:08, on 08/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Orange HSS\Systray\SystrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\SARINA\Bureau\RSIT.exe
C:\Program Files\trend micro\SARINA.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange HSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange HSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sabidoubou.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{034D8EA9-DD10-491B-96B1-78799B7AD9D0}: NameServer = 80.10.246.1,80.10.246.139
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D7C14E9-34A4-4619-B35F-B3826378C6AF}: NameServer = 80.10.246.1,80.10.246.139
O17 - HKLM\System\CS2\Services\Tcpip\..\{034D8EA9-DD10-491B-96B1-78799B7AD9D0}: NameServer = 80.10.246.1,80.10.246.139
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: ideusr50 - ideusr50.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Service - Unknown owner - C:\WINDOWS\System32\Service.exe
End of file - 9010 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Symantec NetDetect.job
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-05-08 77824]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-05-16 79224]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"StandardInstall"= []
"SystrayORAHSS"=C:\Program Files\Orange HSS\Systray\SystrayApp.exe [2007-07-24 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange HSS\SessionManager\SessionManager.exe [2007-07-24 102400]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-05 67128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\afu630qf]
C:\WINDOWS\System32\afu630qf.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe [2003-01-27 376912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\System32\ctfmon.exe [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disk Monitor]
C:\Program Files\Generic\USB Card Reader Driver v1.9e3\Disk_Monitor.exe [2003-06-18 466944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dmlwd.exe]
C:\WINDOWS\System32\dmlwd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iamapp]
C:\Program Files\Norton Internet Security\IAMAPP.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV Agent]
C:\PROGRA~1\NORTON~1\navapw32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\System32\\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2005-05-08 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2003-09-23 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
C:\Program Files\Spyware Doctor\swdoctor.exe /Q []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe [2004-11-10 218240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe [2005-06-13 95960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.EXE MINI []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
C:\PROGRA~1\CLUB-I~1\LECOMP~1\bin\matcli.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UserAccess7"=2
"SymWSC"=2
"SymProxySvc"=2
"SNDSrvc"=3
"SDhelper"=2
"SBService"=2
"NISUM"=3
"NISSERV"=2
"navapsvc"=2
"Ati HotKey Poller"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ideusr50]
ideusr50.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
SystemCheck2 -
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=128
"NoDriveAutoRun"=128
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-11-08 14:00:19 ----D---- C:\WINDOWS\ie8updates
2009-11-08 13:59:04 ----D---- C:\WINDOWS\WBEM
2009-11-08 13:57:01 ----HD---- C:\WINDOWS\ie8
2009-11-08 13:42:38 ----RASHD---- C:\autorun.inf
2009-11-08 13:40:22 ----A---- C:\UsbFix.txt
2009-11-06 21:21:07 ----A---- C:\lopR.txt
2009-11-06 21:20:42 ----D---- C:\Lop SD
2009-11-06 21:15:30 ----D---- C:\UsbFix
2009-11-05 14:58:11 ----D---- C:\Documents and Settings\SARINA\Application Data\Malwarebytes
2009-11-05 14:57:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-05 14:57:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-05 14:44:06 ----D---- C:\WORT
2009-11-05 13:59:21 ----D---- C:\Program Files\trend micro
2009-11-05 13:59:17 ----D---- C:\rsit
2009-10-24 22:06:38 ----D---- C:\Documents and Settings\SARINA\Application Data\Mavi
2009-10-11 11:13:26 ----D---- C:\Documents and Settings\All Users\Application Data\Boss Media
2009-10-11 11:13:01 ----D---- C:\Program Files\BetClic Poker

======List of files/folders modified in the last 1 months======

2009-11-08 14:52:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-08 14:00:46 ----A---- C:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-05-16 26944]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-19 41600]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-05-16 42912]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-08-16 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-05-16 94416]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\C4C_FALL.sys [2002-07-08 303171]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\C4C_FSKS.sys [2002-07-08 124703]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\C4C_K56K.sys [2002-07-08 428578]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2001-09-17 17744]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\C4C_FAXX.sys [2002-07-08 212494]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\C4C_TONE.sys [2002-07-08 59664]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\C4C_V124.sys [2002-07-08 542223]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-09-23 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-09-23 462940]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-05-16 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-07-20 600064]
R3 C4C_BSC2;C4C_BSC2; C:\WINDOWS\System32\DRIVERS\C4C_BSC2.sys [2002-07-08 84788]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [2004-06-27 6912]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-09-29 47360]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\C4C_SAMP.sys [2002-07-08 62422]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-08-04 65152]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver; C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 450560]
R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\C:\WINDOWS\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\System32\Drivers\SYMIDS.SYS []
R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\System32\Drivers\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-07-08 591520]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2007-01-16 17664]
S1 idersrvc;IDE memory buffer2; \??\C:\WINDOWS\System32\idersrvc.sys []
S2 ntio256;Input and output operations; \??\C:\WINDOWS\System32\ntio256.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\SARINA\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOCUME~1\SARINA\LOCALS~1\Temp\DMSKSSRh.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys []
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\drivers\LVPr2Mon.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\System32\DRIVERS\slabbus.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-23 6912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2004-08-03 12672]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbsermptxp;Motorola USB Modem Driver for MPT XP; C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys [2008-01-01 25600]
S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []
S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-05-16 17272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-05-16 144760]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-07-31 65536]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-05-16 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-05-16 349560]
S2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe []
S2 Service;Service; C:\WINDOWS\System32\Service.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-20 138168]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-07-20 303104]
S4 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2005-01-21 206552]
S4 SymWSC;SymWMI Service; C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe [2004-11-02 316544]
S4 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\System32\UAService7.exe [2005-05-16 126976]

-----------------EOF-----------------

   
Répondre à bidou19

17

bidou19, le 8 nov 2009 à 18:01:50

Voila je crois avoir tout effectuer :
quand a mes problemes rencontrer il n'y en a plus vraiment juste des question un peu de novice je pense comme :
est ce que le faite d'avoir creer une passerelle reseau pose a probleme ?
est ce que la personne qui a piraté mon pc a peu y enregistrer des chose confidentiel comme mot de passe rct... ?
et enfin estc e qu'avec toutes ces manip. il n'a plus accés a mon pc ?
merci pour ton aide precieuse et merci d'avoir passer du temps sur mon probleme !!!!!!!

   
Répondre à bidou19

18

jlpjlp, le 8 nov 2009 à 19:15:37

Analyse ces deux fichiers sur virus total et colle les rapports http://www.virustotal.com/fr/

C:\DOCUME~1\SARINA\Mes documents\Mes fichiers re‡us\dvdfabcrack.zip
C:\WINDOWS\System32\Service.exe

   
Répondre à jlpjlp

19

bidou19, le 8 nov 2009 à 20:12:16

Le 1er :
Fichier dvdfabcrack.zip reçu le 2009.11.08 19:09:33 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


Résultat: 0/40 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 1.
L'heure estimée de démarrage est entre 43 et 62 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email:


Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.41 2009.11.08 -
AhnLab-V3 5.0.0.2 2009.11.06 -
AntiVir 7.9.1.61 2009.11.08 -
Antiy-AVL 2.0.3.7 2009.11.05 -
Authentium 5.2.0.5 2009.11.08 -
Avast 4.8.1351.0 2009.11.08 -
AVG 8.5.0.423 2009.11.08 -
BitDefender 7.2 2009.11.08 -
CAT-QuickHeal 10.00 2009.11.07 -
ClamAV 0.94.1 2009.11.08 -
Comodo 2886 2009.11.08 -
DrWeb 5.0.0.12182 2009.11.08 -
eTrust-Vet 35.1.7108 2009.11.06 -
F-Prot 4.5.1.85 2009.11.08 -
F-Secure 9.0.15370.0 2009.11.04 -
Fortinet 3.120.0.0 2009.11.08 -
GData 19 2009.11.08 -
Ikarus T3.1.1.74.0 2009.11.08 -
Jiangmin 11.0.800 2009.11.08 -
K7AntiVirus 7.10.891 2009.11.07 -
Kaspersky 7.0.0.125 2009.11.08 -
McAfee 5796 2009.11.08 -
McAfee+Artemis 5796 2009.11.08 -
McAfee-GW-Edition 6.8.5 2009.11.08 -
Microsoft 1.5202 2009.11.08 -
NOD32 4585 2009.11.08 -
Norman 6.03.02 2009.11.06 -
nProtect 2009.1.8.0 2009.11.08 -
Panda 10.0.2.2 2009.11.08 -
PCTools 7.0.3.5 2009.11.06 -
Prevx 3.0 2009.11.08 -
Rising 21.54.62.00 2009.11.08 -
Sophos 4.47.0 2009.11.08 -
Sunbelt 3.2.1858.2 2009.11.08 -
Symantec 1.4.4.12 2009.11.08 -
TheHacker 6.5.0.2.063 2009.11.06 -
TrendMicro 9.0.0.1003 2009.11.08 -
VBA32 3.12.10.11 2009.11.07 -
ViRobot 2009.11.6.2025 2009.11.06 -
VirusBuster 4.6.5.0 2009.11.08 -
Information additionnelle
File size: 1915 bytes
MD5...: cda1ea7374fcfe0f2be60ce77004034f
SHA1..: e2b59a69bdd4df165d842b09579299894081d53d
SHA256: 3deb0d3941de5e4e231b09ad9fb3cc25e2cbefd2e97a146f55aad43d8978337f
ssdeep: 48:ysnXCIbD0IvNz/DiMlkATVXlPnHnW/RanF1EWve7qZAM:yYrbD0AzTVXtWpuF
le7sr

PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: ZIP compressed archive (99.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

   
Répondre à bidou19
32 réponses 12 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide
Collection CommentÇaMarche.net