Tom's Guide > Forum > Sécurité - Virus > PC qui rame et iexplore.exe a 100%

PC qui rame et iexplore.exe a 100%

Forum Sécurité - Virus : PC qui rame et iexplore.exe a 100%

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
Freepard   26-04-2008 à 19:29:19

Bonjour,
Je viens de créer un compte ici en espérant avoir un peu d'aide.

En effet, je suis sur un PC qui est très lent au démarrage, et rame comme pas possible. J'ai consulter les processus, et au démarrage j'ai le processus iexplore.exe (et non iexplorer.exe) qui consomme de plus en plus la ressource processeur pour arriver à 100% de l'UC. Lorsque je le kille, il réapparait plusieurs fois, je le tue jusqu'à ce que ça marche.

Mais j'aimerais bien me débarasser de ce problème qui je supose est un virus, seulement je ne sais pas vraiment comment m'y prendre.

Merci de votre aide.

Je suis sous Windows XP

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
Freepard   26-04-2008 à 19:30:33
- 0 +

Voici le scan HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:27, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Papa-Maman-Caro\Bureau\HiJackThis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - C:\DOCUME~1\GUILLA~1\APPLIC~1\CASHDA~1\Lies Mess.exe (file missing)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [mode bind] C:\DOCUME~1\PAPA-M~1\APPLIC~1\TIMEME~1\bore more load.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/engli [...] nicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 7156 bytes

Répondre à Freepard
Egwene   26-04-2008 à 19:33:34
- 0 +

:hello: Bonjour,

Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau. ~>Tuto<~

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré ( C:\lopR.txt )

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Freepard   26-04-2008 à 19:43:28
- 0 +

Voila le rapport (merci pour cette réponse rapide !)


-----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 26/04/2008 | 19:38:57,17 ] [ PC : GUILLAUME ]
[ MAJ : 26-04-2008 | 11:00 ]

-------------[ Listing des dossiers dans Application Data ]------------

[19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
[31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
[26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
[22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
[14/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
[19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
[22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
[22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
[08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
[13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
[05/06/2005|20:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin
[31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
[31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
[30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
[20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
[01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
[30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
[14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
[02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
[22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
[19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
[27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
[02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
[31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
[04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
[11/12/2004|16:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\SBSoft
[08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
[15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
[29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
[14/07/2006|15:11] C:\DOCUME~1\GUILLA~1\APPLIC~1\timemediaheart
[17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
[09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

[30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
[06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
[31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
[24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
[23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
[21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
[25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
[17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
[19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
[10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
[25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
[30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
[26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
[22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
[03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
[13/12/2004|16:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\SBSoft
[18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
[10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
[08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
[25/04/2008|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\timemediaheart
[22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
[24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[25/04/2008 23:07][--ah-----] C:\WINDOWS\tasks\A9E96A669192E1E2.job
[22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
[26/04/2008 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

A9E96A669192E1E2.job <--> c:\docume~1\papa-m~1\applic~1\timeme~1\support

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[15/07/2006|20:10] C:\Program Files\7-Zip
[10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
[31/10/2007|13:11] C:\Program Files\Acro Software
[15/03/2006|13:10] C:\Program Files\Activision
[19/04/2008|12:44] C:\Program Files\Adobe
[27/06/2006|12:06] C:\Program Files\Adolix
[03/04/2005|18:17] C:\Program Files\Alcohol Soft
[14/07/2006|15:01] C:\Program Files\Alwil Software
[08/09/2006|13:52] C:\Program Files\CCleaner
[16/10/2004|15:35] C:\Program Files\CDex_150
[25/02/2008|12:48] C:\Program Files\Circle Developement
[08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
[31/10/2007|16:20] C:\Program Files\Crimson Editor
[22/01/2005|14:52] C:\Program Files\CyberLink
[07/05/2005|21:07] C:\Program Files\Desktop.ini
[21/05/2007|16:22] C:\Program Files\DivX
[26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
[26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
[25/04/2008|23:51] C:\Program Files\Fichiers communs
[27/06/2006|13:48] C:\Program Files\GameSpy Arcade
[23/07/2006|18:27] C:\Program Files\Google
[10/01/2007|21:14] C:\Program Files\Hardware
[26/11/2004|18:06] C:\Program Files\il2_core.dll
[26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
[07/10/2006|19:10] C:\Program Files\Illusion Softworks
[17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
[11/04/2008|19:29] C:\Program Files\Internet Explorer
[31/07/2004|19:53] C:\Program Files\Jasc Software Inc
[19/04/2008|13:36] C:\Program Files\Java
[29/07/2005|16:01] C:\Program Files\Lavalys
[22/01/2005|14:54] C:\Program Files\Lavasoft
[12/04/2008|12:38] C:\Program Files\LimeWire
[30/06/2005|19:20] C:\Program Files\Logitech
[06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
[06/02/2005|23:32] C:\Program Files\MatroskaProp
[18/02/2005|20:29] C:\Program Files\Messenger
[01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
[25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
[26/11/2004|11:35] C:\Program Files\mg_snd.dll
[26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
[23/02/2007|16:21] C:\Program Files\MicroProse Software
[26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2004|23:31] C:\Program Files\microsoft frontpage
[15/07/2006|17:22] C:\Program Files\Microsoft Games
[22/01/2005|21:41] C:\Program Files\Microsoft Office
[25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
[20/09/2006|19:49] C:\Program Files\Monte Cristo
[13/02/2005|14:29] C:\Program Files\Movie Maker
[26/04/2008|19:20] C:\Program Files\Mozilla Firefox
[25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
[06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
[26/02/2008|20:56] C:\Program Files\MSN
[30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
[25/02/2008|12:48] C:\Program Files\MSN Messenger
[18/11/2006|00:36] C:\Program Files\MSXML 4.0
[13/02/2005|14:25] C:\Program Files\NetMeeting
[16/11/2007|20:41] C:\Program Files\Neuf
[31/07/2004|13:14] C:\Program Files\Nikon
[17/12/2006|22:08] C:\Program Files\Norton AntiVirus
[19/04/2008|12:28] C:\Program Files\OpenCV
[13/06/2007|19:22] C:\Program Files\Outlook Express
[24/07/2006|00:51] C:\Program Files\Power Tab Software
[15/07/2006|21:23] C:\Program Files\Project64 1.6
[08/09/2006|13:42] C:\Program Files\QuickTime
[14/01/2005|18:31] C:\Program Files\Real
[17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
[08/09/2006|13:46] C:\Program Files\RegSupreme
[06/10/2006|17:40] C:\Program Files\Securitoo
[30/07/2004|23:30] C:\Program Files\Services en ligne
[19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
[25/02/2008|12:49] C:\Program Files\timemediaheart
[26/04/2008|19:14] C:\Program Files\Trend Micro
[28/03/2005|19:12] C:\Program Files\trial_setup.ini
[31/07/2004|00:54] C:\Program Files\VIAudioi
[19/04/2008|12:50] C:\Program Files\VideoLAN
[09/08/2004|12:30] C:\Program Files\Viewpoint
[09/12/2006|19:02] C:\Program Files\Wanadoo
[31/12/2004|11:41] C:\Program Files\Wanadoo Messager
[19/04/2008|12:50] C:\Program Files\Winamp
[27/02/2008|20:55] C:\Program Files\Windows Live
[13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
[13/12/2006|17:26] C:\Program Files\Windows Media Player
[13/02/2005|14:25] C:\Program Files\Windows NT
[21/05/2007|16:35] C:\Program Files\WinRAR
[31/01/2008|20:23] C:\Program Files\WinZip
[30/07/2004|23:31] C:\Program Files\xerox
[29/12/2007|22:30] C:\Program Files\Yahoo!
[11/03/2005|14:37] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
[08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
[28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
[22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
[30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
[03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
[30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
[30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
[25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
[31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
[09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
[04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
[30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
[31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
[17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|19:22] C:\Program Files\Fichiers communs\System
[25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 31

iexplore.exe ~ [1204]
iexplore.exe ~ [3084]

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\GUILLA~1\APPLIC~1\timeme~1
C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1
C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\bore more load.exe
C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\qqbawwqj.exe
C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\Real Meet Barb Sect.exe
C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\support open dart.exe
C:\Program Files\timeme~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\WINDOWS\Tasks\A9E96A669192E1E2.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mode bind"="C:\\DOCUME~1\\PAPA-M~1\\APPLIC~1\\TIMEME~1\\bore more load.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 8250 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 19:40:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:18][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
/!\ [Fich:156][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:42:13,65 ]----------------------

Répondre à Freepard
Egwene   26-04-2008 à 20:50:08
- 0 +

Re,

Relance Lop S&D

  • Choisis cette fois ci l'Option 2 ( Suppression )

  • Ne ferme pas la fenêtre lors de la suppression !

  • Poste le rapport généré ( C:\lopR.txt )


(Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

+ nouveau rapport hijackthis.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Freepard   26-04-2008 à 21:00:15
- 0 +

Alors voilà le rapport lopR.txt


-----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 26/04/2008 | 20:54:56,64 ] [ PC : GUILLAUME ]
[ MAJ : 26-04-2008 | 11:00 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\bore more load.exe
Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\qqbawwqj.exe
Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\Real Meet Barb Sect.exe
Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1\support open dart.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\WINDOWS\Tasks\A9E96A669192E1E2.job
Supprimé! - C:\DOCUME~1\GUILLA~1\APPLIC~1\timeme~1
Supprimé! - C:\DOCUME~1\PAPA-M~1\APPLIC~1\timeme~1
Supprimé! - C:\Program Files\timeme~1
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
[31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
[26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[26/04/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[25/02/2008|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
[22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
[14/07/2006|15:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
[19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
[22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
[22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
[08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
[13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
[05/06/2005|20:25] C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin
[31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
[31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
[30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
[20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
[01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
[30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
[14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
[02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
[22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
[19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
[27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
[02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
[31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
[04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
[08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
[15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
[29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
[17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
[09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

[30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
[06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
[31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
[24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
[23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
[21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
[25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
[17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
[19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
[10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
[25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
[30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
[26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
[22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
[03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
[18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
[10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
[08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
[22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
[24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
[26/04/2008 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[15/07/2006|20:10] C:\Program Files\7-Zip
[10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
[31/10/2007|13:11] C:\Program Files\Acro Software
[15/03/2006|13:10] C:\Program Files\Activision
[19/04/2008|12:44] C:\Program Files\Adobe
[27/06/2006|12:06] C:\Program Files\Adolix
[03/04/2005|18:17] C:\Program Files\Alcohol Soft
[14/07/2006|15:01] C:\Program Files\Alwil Software
[08/09/2006|13:52] C:\Program Files\CCleaner
[16/10/2004|15:35] C:\Program Files\CDex_150
[08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
[31/10/2007|16:20] C:\Program Files\Crimson Editor
[22/01/2005|14:52] C:\Program Files\CyberLink
[07/05/2005|21:07] C:\Program Files\Desktop.ini
[21/05/2007|16:22] C:\Program Files\DivX
[26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
[26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
[26/04/2008|19:54] C:\Program Files\Fichiers communs
[27/06/2006|13:48] C:\Program Files\GameSpy Arcade
[23/07/2006|18:27] C:\Program Files\Google
[10/01/2007|21:14] C:\Program Files\Hardware
[26/11/2004|18:06] C:\Program Files\il2_core.dll
[26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
[07/10/2006|19:10] C:\Program Files\Illusion Softworks
[17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
[11/04/2008|19:29] C:\Program Files\Internet Explorer
[31/07/2004|19:53] C:\Program Files\Jasc Software Inc
[19/04/2008|13:36] C:\Program Files\Java
[29/07/2005|16:01] C:\Program Files\Lavalys
[26/04/2008|19:55] C:\Program Files\Lavasoft
[12/04/2008|12:38] C:\Program Files\LimeWire
[30/06/2005|19:20] C:\Program Files\Logitech
[06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
[06/02/2005|23:32] C:\Program Files\MatroskaProp
[18/02/2005|20:29] C:\Program Files\Messenger
[01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
[25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
[26/11/2004|11:35] C:\Program Files\mg_snd.dll
[26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
[23/02/2007|16:21] C:\Program Files\MicroProse Software
[26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2004|23:31] C:\Program Files\microsoft frontpage
[15/07/2006|17:22] C:\Program Files\Microsoft Games
[22/01/2005|21:41] C:\Program Files\Microsoft Office
[25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
[20/09/2006|19:49] C:\Program Files\Monte Cristo
[13/02/2005|14:29] C:\Program Files\Movie Maker
[26/04/2008|19:20] C:\Program Files\Mozilla Firefox
[25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
[06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
[26/02/2008|20:56] C:\Program Files\MSN
[30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
[25/02/2008|12:48] C:\Program Files\MSN Messenger
[18/11/2006|00:36] C:\Program Files\MSXML 4.0
[13/02/2005|14:25] C:\Program Files\NetMeeting
[16/11/2007|20:41] C:\Program Files\Neuf
[31/07/2004|13:14] C:\Program Files\Nikon
[17/12/2006|22:08] C:\Program Files\Norton AntiVirus
[19/04/2008|12:28] C:\Program Files\OpenCV
[13/06/2007|19:22] C:\Program Files\Outlook Express
[24/07/2006|00:51] C:\Program Files\Power Tab Software
[15/07/2006|21:23] C:\Program Files\Project64 1.6
[08/09/2006|13:42] C:\Program Files\QuickTime
[14/01/2005|18:31] C:\Program Files\Real
[17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
[08/09/2006|13:46] C:\Program Files\RegSupreme
[06/10/2006|17:40] C:\Program Files\Securitoo
[30/07/2004|23:30] C:\Program Files\Services en ligne
[19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
[26/04/2008|19:14] C:\Program Files\Trend Micro
[28/03/2005|19:12] C:\Program Files\trial_setup.ini
[31/07/2004|00:54] C:\Program Files\VIAudioi
[19/04/2008|12:50] C:\Program Files\VideoLAN
[09/08/2004|12:30] C:\Program Files\Viewpoint
[09/12/2006|19:02] C:\Program Files\Wanadoo
[31/12/2004|11:41] C:\Program Files\Wanadoo Messager
[19/04/2008|12:50] C:\Program Files\Winamp
[27/02/2008|20:55] C:\Program Files\Windows Live
[13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
[13/12/2006|17:26] C:\Program Files\Windows Media Player
[13/02/2005|14:25] C:\Program Files\Windows NT
[21/05/2007|16:35] C:\Program Files\WinRAR
[31/01/2008|20:23] C:\Program Files\WinZip
[30/07/2004|23:31] C:\Program Files\xerox
[29/12/2007|22:30] C:\Program Files\Yahoo!
[11/03/2005|14:37] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
[08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
[28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
[22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
[30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
[03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
[30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
[30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
[25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
[31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
[09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
[04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
[30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
[31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
[17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|19:22] C:\Program Files\Fichiers communs\System
[25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/04/2008|19:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 29

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 20:56:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:2][Doss:2] C:\DOCUME~1\PAPA-M~1\LOCALS~1\Temp
/!\ [Fich:11][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
/!\ [Fich:155][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 20:59:00,57 ]----------------------

Répondre à Freepard
Freepard   26-04-2008 à 21:01:24
- 0 +

Et voilà le nouveau HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:39, on 26/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Papa-Maman-Caro\Bureau\HiJackThis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - C:\DOCUME~1\GUILLA~1\APPLIC~1\CASHDA~1\Lies Mess.exe (file missing)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: WinXS - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - C:\PROGRA~1\MAXIFI~1\IEBand\mf.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [mode bind] C:\DOCUME~1\PAPA-M~1\APPLIC~1\TIMEME~1\bore more load.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/engli [...] nicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 7264 bytes

Répondre à Freepard
Egwene   26-04-2008 à 21:20:00
- 0 +

Re,

Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

Télécharge et installe Antivir. (tuto)
Pourquoi changer ? : Avast! vs Antivir
mais aussi:
14 antivirus au banc d'essai

Citation :

Antivir : le plus efficace des gratuits


Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Freepard   27-04-2008 à 13:44:00
- 0 +

Voila le scan Antivir (à noter que je l'ai fait en deux, fois je l'ai lancé hier soir, mais vu qu'il allait finir très tard je l'ai relancé ce matin.

Hier, il a trouvé 4 virus et voici le rapport de ce matin :



Avira AntiVir Personal
Report file date: dimanche 27 avril 2008 10:12

Scanning for 1237787 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Save mode
Username: *****
Computer name: *****

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 26/04/2008 19:49:05
AVSCAN.DLL : 8.1.1.0 53505 Bytes 26/04/2008 19:49:05
LUKE.DLL : 8.1.2.9 151809 Bytes 26/04/2008 19:49:05
LUKERES.DLL : 8.1.2.1 12033 Bytes 26/04/2008 19:49:05
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:49:06
ANTIVIR2.VDF : 7.0.3.197 1260032 Bytes 22/04/2008 19:49:06
ANTIVIR3.VDF : 7.0.3.216 137216 Bytes 25/04/2008 19:49:06
Engineversion : 8.1.0.35
AEVDF.DLL : 8.1.0.5 102772 Bytes 26/04/2008 19:49:06
AESCRIPT.DLL : 8.1.0.27 233851 Bytes 26/04/2008 19:49:06
AESCN.DLL : 8.1.0.14 119156 Bytes 26/04/2008 19:49:06
AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 19:49:06
AEPACK.DLL : 8.1.1.2 364917 Bytes 26/04/2008 19:49:06
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 26/04/2008 19:49:06
AEHEUR.DLL : 8.1.0.20 1196406 Bytes 26/04/2008 19:49:06
AEHELP.DLL : 8.1.0.14 115063 Bytes 26/04/2008 19:49:06
AEGEN.DLL : 8.1.0.18 299381 Bytes 26/04/2008 19:49:06
AEEMU.DLL : 8.1.0.5 430450 Bytes 26/04/2008 19:49:06
AECORE.DLL : 8.1.0.27 168310 Bytes 26/04/2008 19:49:06
AVWINLL.DLL : 1.0.0.7 14593 Bytes 26/04/2008 19:49:05
AVPREF.DLL : 8.0.0.1 25857 Bytes 26/04/2008 19:49:05
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 26/04/2008 19:49:05
AVARKT.DLL : 1.0.0.23 307457 Bytes 26/04/2008 19:49:05
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 26/04/2008 19:49:05
SQLITE3.DLL : 3.3.17.1 339968 Bytes 26/04/2008 19:49:06
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 26/04/2008 19:49:06
NETNT.DLL : 8.0.0.1 7937 Bytes 26/04/2008 19:49:06
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 26/04/2008 19:49:01
RCTEXT.DLL : 8.0.32.0 86273 Bytes 26/04/2008 19:49:01

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 27 avril 2008 10:12

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '42' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\es.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB833987$\sxs.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\browser.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll
[WARNING] The file could not be opened!
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll
[WARNING] The file could not be opened!
C:\WINDOWS\system\CORE.DLL
[DETECTION] Contains detection pattern of the construction kit KIT/Donrun.2
[NOTE] The file was moved to '4866617f.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd6621.sys
[WARNING] The file could not be opened!


End of the scan: dimanche 27 avril 2008 13:24
Used time: 3:12:14 min

The scan has been done completely.

5833 Scanning directories
268336 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
39 Files cannot be scanned
268335 Files not concerned
10002 Archives were scanned
39 Warnings
1 Notes

Répondre à Freepard
Egwene   27-04-2008 à 17:10:47
- 0 +

Re,

Relance Lop S&D et choisis cette fois-ci l'option 4
Une page blanche va s'ouvrir , copie/colle ce qui se trouve dans le cadre ci-dessous puis ferme la page.
Il y aura une demande pour enregistrer les fichiers , il faut cliquer sur Enregistrer.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin



Cela va lancer la suppression et générer un nouveau rapport. Poste-moi le rapport que tu obtiens.

;)


Message édité par Egwene le 27-04-2008 à 17:11:17
------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Freepard   27-04-2008 à 19:43:52
- 0 +

Hop voilà c'est fait, par contre j'ai lu un peu trop vide et j'ai lancé avec l'option 4 sans avoir rien rempli lors de l'ouverture du bloc note que j'ai fermé :). Du coup j'ai refait la manip en ayant bie rempli le bloc note comme tu me l'as indiqué, j'espère que ça n'a rien fait de spécial.

Bref voici le rapport :

-----------------------[ Lop S&D 4.2.0-1 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Papa-Maman-Caro ] [ "C:\Lop SD" ] [ Selection : 4 ]
[ 27/04/2008 | 19:38:42,12 ] [ PC : GUILLAUME ]
[ MAJ : 26-04-2008 | 11:00 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////

C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin

Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\AtomCurbCopyDefault
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mail For File Wave
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\savebodyhoperef
Supprimé! - C:\DOCUME~1\GUILLA~1\APPLIC~1\Cash Dash Chin

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[31/07/2004|00:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[27/04/2008|10:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[19/04/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/05/2006|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/04/2008|21:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[31/07/2004|00:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/03/2005|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
[26/04/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[26/04/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[22/10/2005|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[17/11/2007|21:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/08/2004|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[16/10/2004|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[30/06/2005|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[27/04/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[30/06/2005|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G3
[19/04/2008|13:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[09/08/2004|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[31/01/2008|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[25/02/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[31/07/2004|00:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[25/04/2008|23:10] C:\DOCUME~1\GUILLA~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\GUILLA~1\APPLIC~1\AOL
[22/06/2005|18:38] C:\DOCUME~1\GUILLA~1\APPLIC~1\Apple Computer
[22/02/2005|19:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Atari
[08/01/2005|15:08] C:\DOCUME~1\GUILLA~1\APPLIC~1\Azureus
[13/07/2006|23:33] C:\DOCUME~1\GUILLA~1\APPLIC~1\BitTorrent
[31/12/2004|18:43] C:\DOCUME~1\GUILLA~1\APPLIC~1\Checkflow
[31/07/2004|00:21] C:\DOCUME~1\GUILLA~1\APPLIC~1\desktop.ini
[30/06/2005|19:20] C:\DOCUME~1\GUILLA~1\APPLIC~1\FotoWire
[20/07/2005|20:42] C:\DOCUME~1\GUILLA~1\APPLIC~1\Google
[01/10/2004|20:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Help
[30/07/2004|23:37] C:\DOCUME~1\GUILLA~1\APPLIC~1\Identities
[14/09/2004|12:29] C:\DOCUME~1\GUILLA~1\APPLIC~1\Jasc
[02/01/2005|20:54] C:\DOCUME~1\GUILLA~1\APPLIC~1\Lavasoft
[22/06/2005|21:57] C:\DOCUME~1\GUILLA~1\APPLIC~1\Macromedia
[19/12/2005|00:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\Microsoft
[27/02/2005|20:18] C:\DOCUME~1\GUILLA~1\APPLIC~1\Mozilla
[02/08/2004|20:56] C:\DOCUME~1\GUILLA~1\APPLIC~1\MSN6
[31/07/2004|13:14] C:\DOCUME~1\GUILLA~1\APPLIC~1\Nikon
[04/08/2005|22:06] C:\DOCUME~1\GUILLA~1\APPLIC~1\Real
[08/01/2005|14:28] C:\DOCUME~1\GUILLA~1\APPLIC~1\Sun
[15/09/2006|20:58] C:\DOCUME~1\GUILLA~1\APPLIC~1\Symantec
[29/04/2005|22:44] C:\DOCUME~1\GUILLA~1\APPLIC~1\Talkback
[17/11/2007|20:34] C:\DOCUME~1\GUILLA~1\APPLIC~1\vlc
[09/08/2004|12:30] C:\DOCUME~1\GUILLA~1\APPLIC~1\You've Got Pictures Screensaver

[30/07/2004|23:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[01/12/2007|20:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[15/09/2006|21:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec

[26/01/2008|11:25] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Adobe
[06/02/2005|20:13] C:\DOCUME~1\PAPA-M~1\APPLIC~1\AOL
[06/05/2006|15:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Apple Computer
[31/07/2004|00:21] C:\DOCUME~1\PAPA-M~1\APPLIC~1\desktop.ini
[24/02/2007|00:50] C:\DOCUME~1\PAPA-M~1\APPLIC~1\dvdcss
[23/12/2005|18:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Ecran de veille
[21/11/2004|14:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Help
[25/10/2004|17:58] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Identities
[17/11/2007|20:11] C:\DOCUME~1\PAPA-M~1\APPLIC~1\InstallShield
[19/04/2008|11:12] C:\DOCUME~1\PAPA-M~1\APPLIC~1\LimeWire
[10/12/2006|13:38] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Macromedia
[25/11/2007|13:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Microsoft
[30/03/2005|20:22] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Mozilla
[26/02/2008|20:56] C:\DOCUME~1\PAPA-M~1\APPLIC~1\MSN6
[22/06/2006|18:44] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Nikon
[03/04/2008|17:32] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Real
[18/03/2007|16:24] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Screenshot Sender
[10/04/2005|14:26] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Sun
[08/07/2005|16:28] C:\DOCUME~1\PAPA-M~1\APPLIC~1\Talkback
[22/12/2007|22:06] C:\DOCUME~1\PAPA-M~1\APPLIC~1\U3
[24/12/2006|22:36] C:\DOCUME~1\PAPA-M~1\APPLIC~1\vlc

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[22/07/2005 07:07][--a------] C:\WINDOWS\tasks\Reveil.job
[27/04/2008 17:49][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[15/07/2006|20:10] C:\Program Files\7-Zip
[10/06/2006|23:09] C:\Program Files\ACE Mega CoDecS Pack
[31/10/2007|13:11] C:\Program Files\Acro Software
[15/03/2006|13:10] C:\Program Files\Activision
[19/04/2008|12:44] C:\Program Files\Adobe
[27/06/2006|12:06] C:\Program Files\Adolix
[03/04/2005|18:17] C:\Program Files\Alcohol Soft
[26/04/2008|21:43] C:\Program Files\Avira
[27/04/2008|13:37] C:\Program Files\CCleaner
[16/10/2004|15:35] C:\Program Files\CDex_150
[08/09/2006|13:40] C:\Program Files\Cool MP3 Converter
[31/10/2007|16:20] C:\Program Files\Crimson Editor
[22/01/2005|14:52] C:\Program Files\CyberLink
[07/05/2005|21:07] C:\Program Files\Desktop.ini
[21/05/2007|16:22] C:\Program Files\DivX
[26/11/2004|16:22] C:\Program Files\fb_3do10p.SFS
[26/11/2004|17:05] C:\Program Files\fb_maps09p.SFS
[26/04/2008|19:54] C:\Program Files\Fichiers communs
[27/06/2006|13:48] C:\Program Files\GameSpy Arcade
[23/07/2006|18:27] C:\Program Files\Google
[10/01/2007|21:14] C:\Program Files\Hardware
[26/11/2004|18:06] C:\Program Files\il2_core.dll
[26/11/2004|18:49] C:\Program Files\il2_coreP4.dll
[07/10/2006|19:10] C:\Program Files\Illusion Softworks
[17/11/2007|21:01] C:\Program Files\InstallShield Installation Information
[11/04/2008|19:29] C:\Program Files\Internet Explorer
[31/07/2004|19:53] C:\Program Files\Jasc Software Inc
[19/04/2008|13:36] C:\Program Files\Java
[29/07/2005|16:01] C:\Program Files\Lavalys
[26/04/2008|19:55] C:\Program Files\Lavasoft
[12/04/2008|12:38] C:\Program Files\LimeWire
[30/06/2005|19:20] C:\Program Files\Logitech
[06/02/2005|22:37] C:\Program Files\Matroska Playback Pack
[06/02/2005|23:32] C:\Program Files\MatroskaProp
[18/02/2005|20:29] C:\Program Files\Messenger
[01/10/2006|14:21] C:\Program Files\Messenger Plus! 3
[25/02/2008|12:48] C:\Program Files\Messenger Plus! Live
[26/11/2004|11:35] C:\Program Files\mg_snd.dll
[26/11/2004|11:39] C:\Program Files\mg_snd_sse.dll
[23/02/2007|16:21] C:\Program Files\MicroProse Software
[26/02/2008|20:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[30/07/2004|23:31] C:\Program Files\microsoft frontpage
[15/07/2006|17:22] C:\Program Files\Microsoft Games
[22/01/2005|21:41] C:\Program Files\Microsoft Office
[25/02/2008|12:57] C:\Program Files\Microsoft SQL Server Compact Edition
[20/09/2006|19:49] C:\Program Files\Monte Cristo
[13/02/2005|14:29] C:\Program Files\Movie Maker
[27/04/2008|19:36] C:\Program Files\Mozilla Firefox
[25/12/2005|16:09] C:\Program Files\MP3 To Wave Maker Plus
[06/02/2005|23:33] C:\Program Files\MRT Codecs Pack
[26/02/2008|20:56] C:\Program Files\MSN
[30/07/2004|23:27] C:\Program Files\MSN Gaming Zone
[25/02/2008|12:48] C:\Program Files\MSN Messenger
[18/11/2006|00:36] C:\Program Files\MSXML 4.0
[13/02/2005|14:25] C:\Program Files\NetMeeting
[16/11/2007|20:41] C:\Program Files\Neuf
[31/07/2004|13:14] C:\Program Files\Nikon
[17/12/2006|22:08] C:\Program Files\Norton AntiVirus
[19/04/2008|12:28] C:\Program Files\OpenCV
[13/06/2007|19:22] C:\Program Files\Outlook Express
[24/07/2006|00:51] C:\Program Files\Power Tab Software
[15/07/2006|21:23] C:\Program Files\Project64 1.6
[08/09/2006|13:42] C:\Program Files\QuickTime
[27/04/2008|14:46] C:\Program Files\Raxco
[14/01/2005|18:31] C:\Program Files\Real
[17/11/2007|21:01] C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility
[08/09/2006|13:46] C:\Program Files\RegSupreme
[06/10/2006|17:40] C:\Program Files\Securitoo
[30/07/2004|23:30] C:\Program Files\Services en ligne
[19/04/2008|13:25] C:\Program Files\Spybot - Search & Destroy
[26/04/2008|19:14] C:\Program Files\Trend Micro
[28/03/2005|19:12] C:\Program Files\trial_setup.ini
[31/07/2004|00:54] C:\Program Files\VIAudioi
[19/04/2008|12:50] C:\Program Files\VideoLAN
[09/08/2004|12:30] C:\Program Files\Viewpoint
[09/12/2006|19:02] C:\Program Files\Wanadoo
[31/12/2004|11:41] C:\Program Files\Wanadoo Messager
[19/04/2008|12:50] C:\Program Files\Winamp
[27/02/2008|20:55] C:\Program Files\Windows Live
[13/12/2006|17:26] C:\Program Files\Windows Media Connect 2
[13/12/2006|17:26] C:\Program Files\Windows Media Player
[13/02/2005|14:25] C:\Program Files\Windows NT
[27/04/2008|13:47] C:\Program Files\WindowsUpdate
[21/05/2007|16:35] C:\Program Files\WinRAR
[31/01/2008|20:23] C:\Program Files\WinZip
[30/07/2004|23:31] C:\Program Files\xerox
[29/12/2007|22:30] C:\Program Files\Yahoo!
[11/03/2005|14:37] C:\Program Files\Zone Labs

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[19/04/2008|12:44] C:\Program Files\Fichiers communs\Adobe
[08/09/2006|13:41] C:\Program Files\Fichiers communs\AOL
[28/08/2004|11:04] C:\Program Files\Fichiers communs\AVP Shared
[22/01/2005|21:41] C:\Program Files\Fichiers communs\DESIGNER
[30/06/2005|19:20] C:\Program Files\Fichiers communs\FotoWire
[03/04/2005|19:03] C:\Program Files\Fichiers communs\InstallShield
[30/11/2007|20:46] C:\Program Files\Fichiers communs\Java
[30/06/2005|19:18] C:\Program Files\Fichiers communs\Logitech
[25/02/2008|12:37] C:\Program Files\Fichiers communs\Microsoft Shared
[30/07/2004|23:28] C:\Program Files\Fichiers communs\MSSoap
[31/07/2004|13:13] C:\Program Files\Fichiers communs\Nikon
[09/08/2004|12:29] C:\Program Files\Fichiers communs\Nullsoft
[04/08/2005|22:04] C:\Program Files\Fichiers communs\Real
[30/07/2004|23:29] C:\Program Files\Fichiers communs\Services
[31/07/2004|00:21] C:\Program Files\Fichiers communs\SpeechEngines
[17/12/2006|22:34] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|19:22] C:\Program Files\Fichiers communs\System
[25/02/2008|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/04/2008|19:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[04/08/2005|22:04] C:\Program Files\Fichiers communs\xing shared

---------------------------[ Process ]--------------------------

... 31

... OK !

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-27 19:40:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------


Aucune autre infection trouvée !

/!\ [Fich:45][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\Temp
/!\ [Fich:15][Doss:0] C:\DOCUME~1\PAPA-M~1\Cookies
/!\ [Fich:155][Doss:4] C:\DOCUME~1\PAPA-M~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:40:55,37 ]----------------------

Répondre à Freepard
Egwene   27-04-2008 à 21:58:56
- 0 +

Re,

Bien :super:

Poste un nouveau rapport hijackthis.

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Freepard   27-04-2008 à 23:12:21
- 0 +

Voila le HJT : (merci pour tout)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:10:18, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Papa-Maman-Caro\Bureau\temporaire\HiJackThis\scanner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - (no file)
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O2 - BHO: (no name) - {F82226A0-0353-5DDC-B67D-D01073712227} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D4F3-BF2CF4D5FA7D} - (no file)
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Hardware\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/engli [...] nicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

--
End of file - 6886 bytes

Répondre à Freepard
Egwene   27-04-2008 à 23:21:29
- 0 +

Re,

Dernière vérification ;)

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

;)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > PC qui rame et iexplore.exe a 100%
Aller à :

Il y a 258 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,219 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens