problème virus small jmh (msn)

Bonjour,

Télécharge MSNFix.zip ([#ff0000]!aur3n7[/#f]) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

[#ff0000]Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.[/#f]

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log

MSNFix 1.690

C:\Documents and Settings\christine\Local Settings\Temporary Internet Files\Content.IE5\27AE5SQR\MSNFix[1]\MSNFix
Fix exécuté le 25/03/2008 - 18:51:09,12 By christine
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\real.txt

************************ Recherche les dossiers présents

Aucun dossier trouvé




************************ Suppression des fichiers

.. OK ... C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\winlogon.exe
.. OK ... C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\services.exe
.. OK ... C:\WINDOWS\system32\LOCALS~1
.. OK ... C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\services.exe
/!\ ... C:\WINDOWS\system32\real.txt



************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\real.txt



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 25032008_18552439.zip

************************ HKLM\...\Winlogon\Userinit

Userinit = C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\morgane\LOCALS~1\Temp\services.exe


------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

bonsoir comme demander voici le rapport msnfix

On va continuer  

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:36, on 25/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\morgane\LOCALS~1\Temp\services.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\morgane\LOCALS~1\Temp\services.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Azureus Vuze.lnk = C:\Program Files\Azureus\Azureus.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/Installe...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://romy5112000.spaces.live.com//PhotoUpload/MsnPUpl...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://romy5112000.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 13379 bytes
re bonsoir voici le rapport hijack this.

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

ComboFix 08-03-25.1 - christine 2008-03-25 22:24:34.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.593 [GMT 1:00]
Endroit: C:\Documents and Settings\christine\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
-- Script messages for sUBs --
VFind -td "C:\WINDOWS\system32\baiso*"
VFind.exe -ltf -s-1300000 -d+2007-12-25 C:\WINDOWS\*
VFind.exe -ltf -s-1000000 -d+2007-12-25 "C:\Program Files\*"

((((((((((((((((((((((((((((( Fichiers créés 2008-02-25 to 2008-03-25 ))))))))))))))))))))))))))))))))))))
.

2008-03-24 16:23 . 2006-08-11 18:53 697 --a------ C:\WINDOWS\system32\Read Me.lnk
2008-03-24 16:09 . 2008-03-24 16:09 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-03-24 15:49 . 2008-03-24 15:49 283 --a------ C:\Raccourci vers ACER (C).lnk
2008-03-23 16:56 . 2008-03-24 21:45 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-23 11:32 . 2008-03-23 11:54 <REP> d-------- C:\SDFix
2008-03-20 22:28 . 2008-03-20 22:28 <REP> d-------- C:\Program Files\AxBx
2008-03-20 18:25 . 2008-03-21 22:28 <REP> d-------- C:\Program Files\a-squared Free
2008-03-19 19:43 . 2008-03-19 19:44 <REP> d-------- C:\Program Files\Executive Software
2008-03-19 19:28 . 2008-03-19 19:28 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-11 21:24 . 2008-03-11 21:24 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 14:13 . 2008-03-08 14:13 <REP> d-------- C:\Program Files\CCleaner
2008-03-04 16:20 . 2008-03-04 16:20 0 --a------ C:\WINDOWS\system32\real.MSNFix
2008-03-03 18:19 . 2008-03-03 18:19 <REP> d-------- C:\Documents and Settings\morgane\Application Data\Leadertech
2008-03-01 21:06 . 2008-03-01 21:06 <REP> d-------- C:\Documents and Settings\christine\Application Data\VadeRetro
2008-03-01 21:06 . 2008-03-07 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-03-01 21:06 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-03-01 21:06 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-03-01 19:39 . 2008-03-01 19:39 <REP> d-------- C:\Documents and Settings\christine\Application Data\Apple Computer
2008-03-01 19:39 . 2008-03-25 20:56 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-01 19:39 . 2008-03-01 19:39 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-01 19:38 . 2008-03-01 19:38 <REP> d-------- C:\Program Files\iTunes
2008-03-01 19:38 . 2008-03-17 21:55 <REP> d-------- C:\Program Files\iPod
2008-03-01 19:38 . 2008-03-01 19:38 <REP> d-------- C:\Program Files\Bonjour
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Program Files\Apple Software Update
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-02-25 10:26 . 2008-02-25 10:26 <REP> d-------- C:\Program Files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-25 11:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-24 09:37 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-03-20 18:30 --------- d-----w C:\Program Files\Macrogaming
2008-03-09 21:18 --------- d-----w C:\Program Files\GemMasterFrench
2008-03-08 13:02 --------- d-----w C:\Program Files\Java
2008-03-07 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\third lies itch ford
2008-03-01 18:38 --------- d-----w C:\Program Files\QuickTime
2008-03-01 18:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-27 18:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-27 08:16 --------- d-----w C:\Program Files\Windows Live
2008-02-26 12:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-24 21:36 --------- d-----w C:\Documents and Settings\christine\Application Data\Leadertech
2008-02-24 21:13 --------- d-----w C:\Documents and Settings\christine\Application Data\Teleca
2008-02-24 18:21 --------- d-----w C:\Program Files\Disc2Phone
2008-02-24 18:05 --------- d-----w C:\Documents and Settings\morgane\Application Data\Teleca
2008-02-24 18:03 --------- d-----w C:\Program Files\Sony Ericsson
2008-02-24 18:03 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared
2008-02-24 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-24 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-22 18:00 --------- d-----w C:\Documents and Settings\morgane\Application Data\Gram View 4
2008-02-15 15:05 --------- d-----w C:\Program Files\Virtual Magnifying Glass
2008-02-12 14:32 --------- d-----w C:\Documents and Settings\morgane\Application Data\LimeWire
2008-02-06 21:54 --------- d-----w C:\Documents and Settings\christine\Application Data\SPAMfighter
2008-02-06 21:48 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-29 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-29 20:44 --------- d-----w C:\Program Files\Yahoo!
.

------- Sigcheck -------

2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 20:02 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 17:47 7573504]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"F-Secure Manager"="C:\Program Files\Pack Sécurité\Common\FSM32.exe" [2006-04-02 02:19 184369]
"F-Secure Startup Wizard"="C:\Program Files\Pack Sécurité\FSGUI\FSSW.exe" [2006-09-01 14:11 724992]
"F-Secure TNB"="C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" [2006-09-01 14:11 671744]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-12-06 00:38 707360]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 20:33 57344]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"Flash Media"="C:\DOCUME~1\morgane\LOCALS~1\Temp\services.exe" [2008-03-03 18:53 64156]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

C:\Documents and Settings\morgane\Menu D‚marrer\Programmes\D‚marrage\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
--a------ 2006-04-18 19:54 49152 C:\WINDOWS\system32\SysMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-10 21:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2006-03-17 15:00 345088 C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-09-29 14:01 67584 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 14:40 413696 C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
--a------ 2004-08-10 21:00 44032 C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-10 21:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-10 21:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 16:15 45056 c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-04-27 17:47 7573504 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2006-04-27 17:47 86016 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-27 17:47 1519616 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-10 21:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-10 21:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-06-01 01:48 16208384 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 2006-05-16 03:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
--a------ 2006-01-07 02:36 81920 C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-11-10 13:03 36975 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-09-23 13:08 61440 C:\Acer\WR_PopUp\WarReg_PopUp.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"=
"C:\\Program Files\\Pack Sécurité\\backweb\\361343\\Program\\fspex.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\DOCUME~1\\morgane\\LOCALS~1\\Temp\\services.exe"=

R2 BackWeb Plug-in - 361343;Pack Sécurité;C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE [2007-06-04 21:01]
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-20 20:37]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 20:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 17:10]
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys [2002-07-24 20:19]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-25 21:00:00 C:\WINDOWS\Tasks\ACC6E28091859318.job"
- c:\docume~1\morgane\applic~1\gramvi~1\meetonegrim.exe
"2008-03-21 12:16:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 22:26:18
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

? [484]

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-25 22:26:39
ComboFix-quarantined-files.txt 2008-03-25 21:26:37
.
2008-03-12 19:56:48 --- E O F ---
voici le rapport demandé Merci

Re,

Fais ça en attendant mon retour.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuée, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clique sur "Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

Malwarebytes' Anti-Malware 1.09
Database version: 549

Scan type: Full Scan (C:\|D:\|F:\|G:\|H:\|I:\|)
Objects scanned: 117350
Time elapsed: 31 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Flash Media (Heuristic.Reserved.Word.Exploit) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Heuristic.Reserved.Word.Exploit) -> Data: c:\docume~1\morgane\locals~1\temp\services.exe -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\morgane\Local Settings\Temp\services.exe (Heuristic.Reserved.Word.Exploit) -> No action taken.
bonsoir voici le rapport de malwarebyte's

Tu as bien supprimé les infections ?

re
ne sachant pas s'il était fait correctement car il était en anglais nous avons refait cette fois en français. sur 3 infections il en a mis une en quarantaine que doit-on faire maintenant ??? nous te renvoyons le rapport en Français


Malwarebytes' Anti-Malware 1.09
Version de la base de données: 549

Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 117896
Temps écoulé: 32 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Flash Media (Heuristic.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Heuristic.Reserved.Word.Exploit) -> Data: c:\docume~1\morgane\locals~1\temp\services.exe -> Delete on reboot.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\morgane\Local Settings\Temp\services.exe (Heuristic.Reserved.Word.Exploit) -> Delete on reboot.

Refais un scan combofix.

ComboFix 08-03-25.1 - christine 2008-03-26 22:27:45.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.633 [GMT 1:00]
Endroit: C:\Documents and Settings\christine\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
-- Script messages for sUBs --
VFind -td "C:\WINDOWS\system32\baiso*"
VFind.exe -ltf -s-1300000 -d+2007-12-26 C:\WINDOWS\*
VFind.exe -ltf -s-1000000 -d+2007-12-26 "C:\Program Files\*"

((((((((((((((((((((((((((((( Fichiers créés 2008-02-26 to 2008-03-26 ))))))))))))))))))))))))))))))))))))
.

2008-03-26 18:45 . 2008-03-26 18:45 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2008-03-26 18:41 . 2008-03-26 18:41 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-26 18:41 . 2008-03-26 18:41 <REP> d-------- C:\Documents and Settings\christine\Application Data\Malwarebytes
2008-03-26 18:41 . 2008-03-26 18:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-24 16:23 . 2006-08-11 18:53 697 --a------ C:\WINDOWS\system32\Read Me.lnk
2008-03-24 16:09 . 2008-03-24 16:09 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-03-24 15:49 . 2008-03-24 15:49 283 --a------ C:\Raccourci vers ACER (C).lnk
2008-03-23 16:56 . 2008-03-24 21:45 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-03-23 11:32 . 2008-03-23 11:54 <REP> d-------- C:\SDFix
2008-03-20 22:28 . 2008-03-20 22:28 <REP> d-------- C:\Program Files\AxBx
2008-03-20 18:25 . 2008-03-21 22:28 <REP> d-------- C:\Program Files\a-squared Free
2008-03-19 19:43 . 2008-03-19 19:44 <REP> d-------- C:\Program Files\Executive Software
2008-03-19 19:28 . 2008-03-19 19:28 <REP> d-------- C:\WINDOWS\ERUNT
2008-03-11 21:24 . 2008-03-11 21:24 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 14:13 . 2008-03-08 14:13 <REP> d-------- C:\Program Files\CCleaner
2008-03-04 16:20 . 2008-03-04 16:20 0 --a------ C:\WINDOWS\system32\real.MSNFix
2008-03-03 18:19 . 2008-03-03 18:19 <REP> d-------- C:\Documents and Settings\morgane\Application Data\Leadertech
2008-03-01 21:06 . 2008-03-01 21:06 <REP> d-------- C:\Documents and Settings\christine\Application Data\VadeRetro
2008-03-01 21:06 . 2008-03-07 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-03-01 21:06 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-03-01 21:06 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-03-01 19:39 . 2008-03-01 19:39 <REP> d-------- C:\Documents and Settings\christine\Application Data\Apple Computer
2008-03-01 19:39 . 2008-03-26 22:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-01 19:39 . 2008-03-01 19:39 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-01 19:38 . 2008-03-01 19:38 <REP> d-------- C:\Program Files\iTunes
2008-03-01 19:38 . 2008-03-17 21:55 <REP> d-------- C:\Program Files\iPod
2008-03-01 19:38 . 2008-03-01 19:38 <REP> d-------- C:\Program Files\Bonjour
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Program Files\Apple Software Update
2008-03-01 19:37 . 2008-03-01 19:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-25 11:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-24 09:37 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-03-20 18:30 --------- d-----w C:\Program Files\Macrogaming
2008-03-09 21:18 --------- d-----w C:\Program Files\GemMasterFrench
2008-03-08 13:02 --------- d-----w C:\Program Files\Java
2008-03-07 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\third lies itch ford
2008-03-01 18:38 --------- d-----w C:\Program Files\QuickTime
2008-03-01 18:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-27 18:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-27 08:16 --------- d-----w C:\Program Files\Windows Live
2008-02-26 12:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-25 09:26 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-24 21:36 --------- d-----w C:\Documents and Settings\christine\Application Data\Leadertech
2008-02-24 21:13 --------- d-----w C:\Documents and Settings\christine\Application Data\Teleca
2008-02-24 18:21 --------- d-----w C:\Program Files\Disc2Phone
2008-02-24 18:05 --------- d-----w C:\Documents and Settings\morgane\Application Data\Teleca
2008-02-24 18:03 --------- d-----w C:\Program Files\Sony Ericsson
2008-02-24 18:03 --------- d-----w C:\Program Files\Fichiers communs\Teleca Shared
2008-02-24 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-24 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-22 18:00 --------- d-----w C:\Documents and Settings\morgane\Application Data\Gram View 4
2008-02-15 15:05 --------- d-----w C:\Program Files\Virtual Magnifying Glass
2008-02-12 14:32 --------- d-----w C:\Documents and Settings\morgane\Application Data\LimeWire
2008-02-06 21:54 --------- d-----w C:\Documents and Settings\christine\Application Data\SPAMfighter
2008-02-06 21:48 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-29 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-29 20:44 --------- d-----w C:\Program Files\Yahoo!
.

------- Sigcheck -------

2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 14:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-03-25_22.26.31,54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-26 21:19:33 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_6cc.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 20:02 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 17:47 7573504]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"F-Secure Manager"="C:\Program Files\Pack Sécurité\Common\FSM32.exe" [2006-04-02 02:19 184369]
"F-Secure Startup Wizard"="C:\Program Files\Pack Sécurité\FSGUI\FSSW.exe" [2006-09-01 14:11 724992]
"F-Secure TNB"="C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" [2006-09-01 14:11 671744]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-12-06 00:38 707360]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17 159744]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 20:33 57344]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [ ]

C:\Documents and Settings\morgane\Menu D‚marrer\Programmes\D‚marrage\
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 20:41:18 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
--a------ 2006-04-18 19:54 49152 C:\WINDOWS\system32\SysMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 03:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-10 21:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
--a------ 2006-03-17 15:00 345088 C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-09-29 14:01 67584 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 14:40 413696 C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
--a------ 2004-08-10 21:00 44032 C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-10 21:00 208952 C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2004-08-10 21:00 59392 C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 16:15 45056 c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-04-27 17:47 7573504 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2006-04-27 17:47 86016 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-27 17:47 1519616 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-10 21:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-10 21:00 455168 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2006-06-01 01:48 16208384 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 2006-05-16 03:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
--a------ 2006-01-07 02:36 81920 C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-11-10 13:03 36975 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-09-23 13:08 61440 C:\Acer\WR_PopUp\WarReg_PopUp.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\coktel\\ADI5\\TTS\\SpeechCube.exe"=
"C:\\Program Files\\Pack Sécurité\\backweb\\361343\\Program\\fspex.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 BackWeb Plug-in - 361343;Pack Sécurité;C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE [2007-06-04 21:01]
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-20 20:37]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 20:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 17:10]
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys [2002-07-24 20:19]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-26 21:00:00 C:\WINDOWS\Tasks\ACC6E28091859318.job"
- c:\docume~1\morgane\applic~1\gramvi~1\meetonegrim.exe
"2008-03-21 12:16:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 22:29:37
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-26 22:30:01
ComboFix-quarantined-files.txt 2008-03-26 21:29:59
ComboFix2.txt 2008-03-25 21:26:40
.
2008-03-12 19:56:48 --- E O F ---


voilà le nouveau rapport combofix

Ton pc se comporte mieux ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

non désolé toujours le même problème nous avons encore eu une double alerte d'avast(lors du transfert du rapport malwarebyte's) tjs le même trojan(small-jmh) 1ds les fichiers tempory et le 2ème ds les doc &sittings ....

crois tu qu'antivir solutionnera notre problème????
en te remerciant d'avance pour tes conseils

Fais ce que j'ai dit, on va y arriver  

bonsoir,

avons suivi tes conseils et avons installé antivir et viré avast comme demandé
ci-joint le rapport d'antivir. Attendons ton verdict avec impatience ???
Merci d'avance



AntiVir PersonalEdition Classic
Report file date: jeudi 27 mars 2008 19:30

Scanning for 1168633 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PATRICK

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:13:25
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 18:13:25
ANTIVIR3.VDF : 7.0.3.86 2048 Bytes 27/03/2008 18:13:25
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 27/03/2008 18:13:26
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 27/03/2008 18:13:26
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 27 mars 2008 19:30

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'fsguidll.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'fspc.exe' - '1' Module(s) have been scanned
Scan process 'FAMEH32.EXE' - '1' Module(s) have been scanned
Scan process 'FCH32.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'FSMB32.EXE' - '1' Module(s) have been scanned
Scan process 'FSMA32.EXE' - '1' Module(s) have been scanned
Scan process 'fsbwsys.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'fspex.exe' - '1' Module(s) have been scanned
Scan process 'DkService.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'vVX3000.exe' - '1' Module(s) have been scanned
Scan process 'SERVIC~1.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'FSM32.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
54 processes with 54 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '27' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\morgane\Application Data\Gram View 4\mpeg heck.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4850e92b.qua'!
C:\Documents and Settings\morgane\Application Data\Gram View 4\sujpflao.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4855e935.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP8\A0009453.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '481bed4d.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP8\A0009454.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '481bed52.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <ACERDATA>


End of the scan: jeudi 27 mars 2008 20:01
Used time: 30:36 min

The scan has been done completely.

7801 Scanning directories
339471 Files were scanned
4 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
4 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
339467 Files not concerned
7754 Archives were scanned
3 Warnings
0 Notes

Reposte un rapport Hijackthis  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:03:52, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\WINDOWS\vVX3000.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Azureus Vuze.lnk = C:\Program Files\Azureus\Azureus.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/Installe...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://romy5112000.spaces.live.com//PhotoUpload/MsnPUpl...
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://romy5112000.spaces.live.com/PhotoUpload/MsnPUpld...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 12892 bytes

Encore des soucis ?

pour l'instant R.A.S MERCI

nous te remerçions pour ton aide et nous te tiendrons au courrant si le problème revient ou pas...

Nous te souhaitons une bonne fin de soirée et surtout une bonne nuit et à plus tard sur le forum.

bonsoir, nous voilà de retour, après avoir fait 2 scans dans la journée antivir
nous détecte toujours 2 trojans Swizzor.Gen (se peut-il que se soit les mêmes qu'avast détectait mais sous un autre nom???) ci-joint rapport d'antivir.



AntiVir PersonalEdition Classic
Report file date: vendredi 28 mars 2008 19:05

Scanning for 1169405 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PATRICK

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 18:13:25
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 18:13:25
ANTIVIR3.VDF : 7.0.3.91 14336 Bytes 28/03/2008 12:52:37
AVEWIN32.DLL : 7.6.0.78 3408384 Bytes 28/03/2008 10:30:43
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 27/03/2008 18:13:26
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 28 mars 2008 19:05

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'CapabilityManager.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'vVX3000.exe' - '1' Module(s) have been scanned
Scan process 'fsguidll.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'FSM32.EXE' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'SSAAD.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'fspc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'FAMEH32.EXE' - '1' Module(s) have been scanned
Scan process 'FCH32.EXE' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'FSMB32.EXE' - '1' Module(s) have been scanned
Scan process 'FSMA32.EXE' - '1' Module(s) have been scanned
Scan process 'fsbwsys.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'fspex.exe' - '1' Module(s) have been scanned
Scan process 'DkService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'SERVIC~1.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '27' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\morgane\Application Data\Gram View 4\meetonegrim.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '485234ed.qua'!
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP8\A0009480.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '481d3955.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <ACERDATA>


End of the scan: vendredi 28 mars 2008 19:38
Used time: 33:34 min

The scan has been done completely.

7893 Scanning directories
343246 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
343244 Files not concerned
7756 Archives were scanned
3 Warnings
0 Notes

Merci d'avance pour ta réponse.

Ok  

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

voici le rapport demandé


-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : christine ] [ "C:\Lop SD" ]
[ 28/03/2008 | 21:36:06,35 ] [ PC : PATRICK ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[11/08/2006|20:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[16/10/2006|01:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/10/2006|01:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[16/10/2006|01:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[24/02/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/03/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/03/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/03/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[13/10/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[09/12/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/01/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/03/2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05/10/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/12/2006|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/01/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[24/02/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/03/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/02/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/02/2008|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[10/12/2006|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/03/2008|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[23/01/2007|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[27/02/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/01/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[29/01/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[07/03/2008|23:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\.
[07/03/2008|23:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\..
[10/12/2006|20:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[11/01/2007|22:11] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[01/03/2008|19:39] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[18/10/2007|20:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Azureus
[09/12/2006|21:35] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\desktop.ini
[10/12/2006|20:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\EPSON
[04/02/2007|20:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\F-Secure
[11/01/2007|21:44] C:\DOCUME~1\CHRIST~1\APPLIC~1\Google
[15/03/2008|19:58] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[16/10/2006|01:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/02/2008|22:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[16/10/2006|01:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/03/2008|18:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[06/05/2007|13:15] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[10/12/2006|18:53] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft Web Folders
[11/01/2007|22:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[04/02/2007|00:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\PEX
[07/04/2007|12:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Screenshot Sender
[01/01/2007|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sony Corporation
[06/02/2008|22:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\SPAMfighter
[22/02/2007|16:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[24/02/2008|22:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\Teleca
[01/03/2008|21:06] C:\DOCUME~1\CHRIST~1\APPLIC~1\VadeRetro
[07/05/2007|20:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc

[25/10/2006|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[25/10/2006|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[11/08/2006|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\.
[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\..
[18/12/2007|18:40] C:\DOCUME~1\morgane\APPLIC~1\Adobe
[22/12/2007|14:25] C:\DOCUME~1\morgane\APPLIC~1\AdobeUM
[16/10/2007|20:06] C:\DOCUME~1\morgane\APPLIC~1\Azureus
[25/12/2006|18:57] C:\DOCUME~1\morgane\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\morgane\APPLIC~1\desktop.ini
[06/06/2007|17:17] C:\DOCUME~1\morgane\APPLIC~1\EPSON
[04/02/2007|13:57] C:\DOCUME~1\morgane\APPLIC~1\F-Secure
[11/01/2007|20:19] C:\DOCUME~1\morgane\APPLIC~1\Google
[28/03/2008|19:10] C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
[16/10/2006|01:34] C:\DOCUME~1\morgane\APPLIC~1\Identities
[03/03/2008|18:19] C:\DOCUME~1\morgane\APPLIC~1\Leadertech
[12/02/2008|15:32] C:\DOCUME~1\morgane\APPLIC~1\LimeWire
[16/02/2007|16:47] C:\DOCUME~1\morgane\APPLIC~1\Macromedia
[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\Malwarebytes
[27/02/2008|16:25] C:\DOCUME~1\morgane\APPLIC~1\Microsoft
[11/01/2007|20:07] C:\DOCUME~1\morgane\APPLIC~1\MSNInstaller
[01/01/2007|19:35] C:\DOCUME~1\morgane\APPLIC~1\Sony Corporation
[20/02/2007|18:15] C:\DOCUME~1\morgane\APPLIC~1\Sun
[24/02/2008|19:05] C:\DOCUME~1\morgane\APPLIC~1\Teleca

[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/03/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/03/2008 21:00][--ah-----] C:\WINDOWS\tasks\ACC6E28091859318.job
[28/03/2008 10:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 21:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[27/03/2008|21:03] C:\Program Files\.
[27/03/2008|21:03] C:\Program Files\..
[10/12/2006|10:36] C:\Program Files\ABBYY FineReader 6.0 Sprint
[16/10/2006|01:35] C:\Program Files\Acer WLAN 11g USB Dongle
[24/02/2008|19:24] C:\Program Files\Adobe
[04/06/2007|20:09] C:\Program Files\Alwil Software
[01/03/2008|19:37] C:\Program Files\Apple Software Update
[28/03/2008|20:56] C:\Program Files\a-squared Free
[27/03/2008|19:11] C:\Program Files\Avira
[20/03/2008|22:28] C:\Program Files\AxBx
[01/03/2008|19:38] C:\Program Files\Bonjour
[08/03/2008|14:13] C:\Program Files\CCleaner
[16/10/2006|01:36] C:\Program Files\commercial
[11/08/2006|18:27] C:\Program Files\ComPlus Applications
[16/10/2006|01:36] C:\Program Files\CyberLink
[13/10/2007|22:05] C:\Program Files\DAEMON Tools
[16/10/2006|01:36] C:\Program Files\DIFX
[24/02/2008|19:21] C:\Program Files\Disc2Phone
[30/03/2007|18:08] C:\Program Files\EA GAMES
[10/12/2006|10:36] C:\Program Files\epson
[19/03/2008|19:44] C:\Program Files\Executive Software
[20/03/2008|21:58] C:\Program Files\Fichiers communs
[27/12/2006|18:18] C:\Program Files\Fisher-Price
[09/03/2008|22:18] C:\Program Files\GemMasterFrench
[26/01/2007|17:51] C:\Program Files\Google
[19/09/2007|11:12] C:\Program Files\INFORAD
[19/09/2007|11:12] C:\Program Files\INFORAD_DRIVERS
[26/02/2008|13:34] C:\Program Files\InstallShield Installation Information
[13/02/2008|09:12] C:\Program Files\Internet Explorer
[17/03/2008|21:55] C:\Program Files\iPod
[01/03/2008|19:38] C:\Program Files\iTunes
[08/03/2008|14:02] C:\Program Files\Java
[13/10/2007|14:18] C:\Program Files\LimeWire
[20/03/2008|19:30] C:\Program Files\Macrogaming
[26/03/2008|18:41] C:\Program Files\Malwarebytes' Anti-Malware
[16/10/2006|01:36] C:\Program Files\Messenger
[22/12/2007|13:43] C:\Program Files\MessengerPlus! 3
[10/12/2006|18:53] C:\Program Files\microsoft frontpage
[10/12/2006|18:53] C:\Program Files\Microsoft Office
[22/12/2007|14:38] C:\Program Files\Microsoft SQL Server Compact Edition
[10/12/2006|18:55] C:\Program Files\Microsoft Visual Studio
[13/10/2007|15:04] C:\Program Files\Movie Maker
[13/10/2007|15:50] C:\Program Files\MSBuild
[11/12/2006|13:01] C:\Program Files\MSN
[16/10/2006|01:36] C:\Program Files\MSN Gaming Zone
[25/02/2008|10:26] C:\Program Files\MSXML 4.0
[13/10/2007|22:10] C:\Program Files\MSXML 6.0
[13/11/2007|18:32] C:\Program Files\NetMeeting
[07/05/2007|20:25] C:\Program Files\Neuf
[16/10/2006|01:36] C:\Program Files\NewTech Infosystems
[16/10/2006|01:36] C:\Program Files\Oca History Tool
[16/10/2006|01:36] C:\Program Files\Online Services
[13/10/2007|15:04] C:\Program Files\Outlook Express
[04/06/2007|20:06] C:\Program Files\Pack Securite
[04/06/2007|21:02] C:\Program Files\Pack S‚curit‚
[09/01/2008|19:06] C:\Program Files\PhoTags Express
[01/03/2008|19:38] C:\Program Files\QuickTime
[16/10/2006|01:36] C:\Program Files\Realtek
[13/10/2007|15:47] C:\Program Files\Reference Assemblies
[16/10/2006|01:36] C:\Program Files\Services en ligne
[01/01/2007|19:32] C:\Program Files\Sony
[01/01/2007|19:32] C:\Program Files\Sony Corporation
[24/02/2008|19:03] C:\Program Files\Sony Ericsson
[27/03/2008|21:03] C:\Program Files\Trend Micro
[11/08/2006|18:40] C:\Program Files\Uninstall Information
[18/10/2007|17:03] C:\Program Files\USB Disk Win98 Driver
[15/02/2008|16:05] C:\Program Files\Virtual Magnifying Glass
[27/02/2008|09:16] C:\Program Files\Windows Live
[24/03/2008|10:37] C:\Program Files\Windows Media Connect 2
[13/10/2007|16:33] C:\Program Files\Windows Media Player
[16/10/2006|01:36] C:\Program Files\Windows NT
[16/10/2006|01:36] C:\Program Files\Windows Plus
[11/08/2006|18:28] C:\Program Files\WindowsUpdate
[16/10/2006|01:36] C:\Program Files\xerox
[29/01/2008|21:44] C:\Program Files\Yahoo!
[23/04/2007|13:49] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[20/03/2008|21:58] C:\Program Files\Fichiers communs\.
[20/03/2008|21:58] C:\Program Files\Fichiers communs\..
[16/10/2006|01:36] C:\Program Files\Fichiers communs\Adobe
[01/03/2008|19:37] C:\Program Files\Fichiers communs\Apple
[10/12/2006|18:55] C:\Program Files\Fichiers communs\Designer
[10/12/2006|10:38] C:\Program Files\Fichiers communs\InstallShield
[09/12/2006|21:14] C:\Program Files\Fichiers communs\Java
[16/10/2006|01:36] C:\Program Files\Fichiers communs\LightScribe
[17/12/2007|18:36] C:\Program Files\Fichiers communs\Microsoft Shared
[16/10/2006|01:36] C:\Program Files\Fichiers communs\MSSoap
[16/10/2006|01:36] C:\Program Files\Fichiers communs\muvee Technologies
[16/10/2006|01:36] C:\Program Files\Fichiers communs\NewTech Infosystems
[16/10/2006|01:36] C:\Program Files\Fichiers communs\ODBC
[16/10/2006|01:36] C:\Program Files\Fichiers communs\Services
[01/01/2007|19:32] C:\Program Files\Fichiers communs\Sony Shared
[16/10/2006|01:36] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|20:26] C:\Program Files\Fichiers communs\System
[24/02/2008|19:03] C:\Program Files\Fichiers communs\Teleca Shared
[17/12/2007|18:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
C:\DOCUME~1\morgane\APPLIC~1\Gram View 4\uploadsettingsfacehole.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASH BLEH.exe
C:\WINDOWS\Tasks\ACC6E28091859318.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-28 21:36:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:10][Doss:4] C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
/!\ [Fich:17][Doss:0] C:\DOCUME~1\CHRIST~1\Cookies
/!\ [Fich:263][Doss:4] C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 21:36:54,62 ]----------------------

On supprime  

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

bonsoir je te poste le rapport

-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : christine ] [ "C:\Lop SD" ]
[ 29/03/2008 | 19:39:48,57 ] [ PC : PATRICK ]
[ MAJ : 26-03-2008 | 13:15 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[11/08/2006|20:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[16/10/2006|01:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/10/2006|01:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/03/2008|18:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[29/03/2008|13:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[27/03/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[24/02/2008|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/03/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/03/2008|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/03/2008|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[13/10/2007|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[09/12/2006|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/01/2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/03/2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05/10/2007|17:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/12/2006|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/01/2007|19:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[24/02/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/03/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/02/2008|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/02/2008|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/03/2008|23:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[10/12/2006|10:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/03/2008|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[23/01/2007|20:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[27/02/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/01/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[29/01/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[07/03/2008|23:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\.
[07/03/2008|23:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\..
[10/12/2006|20:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[11/01/2007|22:11] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[01/03/2008|19:39] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[18/10/2007|20:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Azureus
[09/12/2006|21:35] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\desktop.ini
[10/12/2006|20:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\EPSON
[04/02/2007|20:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\F-Secure
[11/01/2007|21:44] C:\DOCUME~1\CHRIST~1\APPLIC~1\Google
[15/03/2008|19:58] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[16/10/2006|01:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/02/2008|22:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[16/10/2006|01:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/03/2008|18:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[06/05/2007|13:15] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[10/12/2006|18:53] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft Web Folders
[11/01/2007|22:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[04/02/2007|00:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\PEX
[07/04/2007|12:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Screenshot Sender
[01/01/2007|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sony Corporation
[06/02/2008|22:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\SPAMfighter
[22/02/2007|16:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[24/02/2008|22:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\Teleca
[01/03/2008|21:06] C:\DOCUME~1\CHRIST~1\APPLIC~1\VadeRetro
[07/05/2007|20:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc

[25/10/2006|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[25/10/2006|15:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[11/08/2006|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[16/10/2006|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[16/10/2006|01:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\.
[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\..
[18/12/2007|18:40] C:\DOCUME~1\morgane\APPLIC~1\Adobe
[22/12/2007|14:25] C:\DOCUME~1\morgane\APPLIC~1\AdobeUM
[16/10/2007|20:06] C:\DOCUME~1\morgane\APPLIC~1\Azureus
[25/12/2006|18:57] C:\DOCUME~1\morgane\APPLIC~1\CyberLink
[11/08/2006|20:25] C:\DOCUME~1\morgane\APPLIC~1\desktop.ini
[06/06/2007|17:17] C:\DOCUME~1\morgane\APPLIC~1\EPSON
[04/02/2007|13:57] C:\DOCUME~1\morgane\APPLIC~1\F-Secure
[11/01/2007|20:19] C:\DOCUME~1\morgane\APPLIC~1\Google
[28/03/2008|19:10] C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
[16/10/2006|01:34] C:\DOCUME~1\morgane\APPLIC~1\Identities
[03/03/2008|18:19] C:\DOCUME~1\morgane\APPLIC~1\Leadertech
[12/02/2008|15:32] C:\DOCUME~1\morgane\APPLIC~1\LimeWire
[16/02/2007|16:47] C:\DOCUME~1\morgane\APPLIC~1\Macromedia
[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\Malwarebytes
[27/02/2008|16:25] C:\DOCUME~1\morgane\APPLIC~1\Microsoft
[11/01/2007|20:07] C:\DOCUME~1\morgane\APPLIC~1\MSNInstaller
[01/01/2007|19:35] C:\DOCUME~1\morgane\APPLIC~1\Sony Corporation
[20/02/2007|18:15] C:\DOCUME~1\morgane\APPLIC~1\Sun
[24/02/2008|19:05] C:\DOCUME~1\morgane\APPLIC~1\Teleca

[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[16/10/2006|01:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/03/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[29/03/2008 13:00][--ah-----] C:\WINDOWS\tasks\ACC6E28091859318.job
[29/03/2008 19:17][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 21:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[27/03/2008|21:03] C:\Program Files\.
[27/03/2008|21:03] C:\Program Files\..
[10/12/2006|10:36] C:\Program Files\ABBYY FineReader 6.0 Sprint
[16/10/2006|01:35] C:\Program Files\Acer WLAN 11g USB Dongle
[24/02/2008|19:24] C:\Program Files\Adobe
[04/06/2007|20:09] C:\Program Files\Alwil Software
[01/03/2008|19:37] C:\Program Files\Apple Software Update
[28/03/2008|20:56] C:\Program Files\a-squared Free
[27/03/2008|19:11] C:\Program Files\Avira
[20/03/2008|22:28] C:\Program Files\AxBx
[01/03/2008|19:38] C:\Program Files\Bonjour
[08/03/2008|14:13] C:\Program Files\CCleaner
[16/10/2006|01:36] C:\Program Files\commercial
[11/08/2006|18:27] C:\Program Files\ComPlus Applications
[16/10/2006|01:36] C:\Program Files\CyberLink
[13/10/2007|22:05] C:\Program Files\DAEMON Tools
[16/10/2006|01:36] C:\Program Files\DIFX
[24/02/2008|19:21] C:\Program Files\Disc2Phone
[30/03/2007|18:08] C:\Program Files\EA GAMES
[10/12/2006|10:36] C:\Program Files\epson
[19/03/2008|19:44] C:\Program Files\Executive Software
[20/03/2008|21:58] C:\Program Files\Fichiers communs
[27/12/2006|18:18] C:\Program Files\Fisher-Price
[09/03/2008|22:18] C:\Program Files\GemMasterFrench
[26/01/2007|17:51] C:\Program Files\Google
[19/09/2007|11:12] C:\Program Files\INFORAD
[19/09/2007|11:12] C:\Program Files\INFORAD_DRIVERS
[26/02/2008|13:34] C:\Program Files\InstallShield Installation Information
[13/02/2008|09:12] C:\Program Files\Internet Explorer
[17/03/2008|21:55] C:\Program Files\iPod
[01/03/2008|19:38] C:\Program Files\iTunes
[08/03/2008|14:02] C:\Program Files\Java
[13/10/2007|14:18] C:\Program Files\LimeWire
[20/03/2008|19:30] C:\Program Files\Macrogaming
[26/03/2008|18:41] C:\Program Files\Malwarebytes' Anti-Malware
[16/10/2006|01:36] C:\Program Files\Messenger
[22/12/2007|13:43] C:\Program Files\MessengerPlus! 3
[10/12/2006|18:53] C:\Program Files\microsoft frontpage
[10/12/2006|18:53] C:\Program Files\Microsoft Office
[22/12/2007|14:38] C:\Program Files\Microsoft SQL Server Compact Edition
[10/12/2006|18:55] C:\Program Files\Microsoft Visual Studio
[13/10/2007|15:04] C:\Program Files\Movie Maker
[13/10/2007|15:50] C:\Program Files\MSBuild
[11/12/2006|13:01] C:\Program Files\MSN
[16/10/2006|01:36] C:\Program Files\MSN Gaming Zone
[25/02/2008|10:26] C:\Program Files\MSXML 4.0
[13/10/2007|22:10] C:\Program Files\MSXML 6.0
[13/11/2007|18:32] C:\Program Files\NetMeeting
[07/05/2007|20:25] C:\Program Files\Neuf
[16/10/2006|01:36] C:\Program Files\NewTech Infosystems
[16/10/2006|01:36] C:\Program Files\Oca History Tool
[16/10/2006|01:36] C:\Program Files\Online Services
[13/10/2007|15:04] C:\Program Files\Outlook Express
[04/06/2007|20:06] C:\Program Files\Pack Securite
[04/06/2007|21:02] C:\Program Files\Pack S‚curit‚
[09/01/2008|19:06] C:\Program Files\PhoTags Express
[01/03/2008|19:38] C:\Program Files\QuickTime
[16/10/2006|01:36] C:\Program Files\Realtek
[13/10/2007|15:47] C:\Program Files\Reference Assemblies
[16/10/2006|01:36] C:\Program Files\Services en ligne
[01/01/2007|19:32] C:\Program Files\Sony
[01/01/2007|19:32] C:\Program Files\Sony Corporation
[24/02/2008|19:03] C:\Program Files\Sony Ericsson
[29/03/2008|19:26] C:\Program Files\Trend Micro
[11/08/2006|18:40] C:\Program Files\Uninstall Information
[18/10/2007|17:03] C:\Program Files\USB Disk Win98 Driver
[15/02/2008|16:05] C:\Program Files\Virtual Magnifying Glass
[27/02/2008|09:16] C:\Program Files\Windows Live
[24/03/2008|10:37] C:\Program Files\Windows Media Connect 2
[13/10/2007|16:33] C:\Program Files\Windows Media Player
[16/10/2006|01:36] C:\Program Files\Windows NT
[16/10/2006|01:36] C:\Program Files\Windows Plus
[11/08/2006|18:28] C:\Program Files\WindowsUpdate
[16/10/2006|01:36] C:\Program Files\xerox
[29/01/2008|21:44] C:\Program Files\Yahoo!
[23/04/2007|13:49] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[20/03/2008|21:58] C:\Program Files\Fichiers communs\.
[20/03/2008|21:58] C:\Program Files\Fichiers communs\..
[16/10/2006|01:36] C:\Program Files\Fichiers communs\Adobe
[01/03/2008|19:37] C:\Program Files\Fichiers communs\Apple
[10/12/2006|18:55] C:\Program Files\Fichiers communs\Designer
[10/12/2006|10:38] C:\Program Files\Fichiers communs\InstallShield
[09/12/2006|21:14] C:\Program Files\Fichiers communs\Java
[16/10/2006|01:36] C:\Program Files\Fichiers communs\LightScribe
[17/12/2007|18:36] C:\Program Files\Fichiers communs\Microsoft Shared
[16/10/2006|01:36] C:\Program Files\Fichiers communs\MSSoap
[16/10/2006|01:36] C:\Program Files\Fichiers communs\muvee Technologies
[16/10/2006|01:36] C:\Program Files\Fichiers communs\NewTech Infosystems
[16/10/2006|01:36] C:\Program Files\Fichiers communs\ODBC
[16/10/2006|01:36] C:\Program Files\Fichiers communs\Services
[01/01/2007|19:32] C:\Program Files\Fichiers communs\Sony Shared
[16/10/2006|01:36] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|20:26] C:\Program Files\Fichiers communs\System
[24/02/2008|19:03] C:\Program Files\Fichiers communs\Teleca Shared
[17/12/2007|18:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
C:\DOCUME~1\morgane\APPLIC~1\Gram View 4\uploadsettingsfacehole.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASH BLEH.exe
C:\WINDOWS\Tasks\ACC6E28091859318.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-29 19:40:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:15][Doss:5] C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
/!\ [Fich:58][Doss:0] C:\DOCUME~1\CHRIST~1\Cookies
/!\ [Fich:2201][Doss:4] C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 19:40:51,03 ]----------------------

Tu peux retenter l'option 2 ?

bonjour,

Nous avons refait un rapport LopS&D. Lors de l'exécution de celui-ci antivir nous signale un : tr/Inject.Mf, il le met dans access deny (es-ce normal ???)
Ce matin nous avons refait un scan complet et antivir n'a rien détecté.

Voici le rapport....


-----------------------[ Lop S&D 4.1.0-3 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : christine ] [ "C:\Lop SD" ]
[ 30/03/2008 | 13:56:14,23 ] [ PC : PATRICK ]
[ MAJ : 29-03-2008 | 19:52 ]


//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[26/03/2008|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[26/03/2008|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[11/08/2006|21:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[16/10/2006|02:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16/10/2006|02:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[26/03/2008|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Malwarebytes
[29/03/2008|14:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[27/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[27/03/2008|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[24/02/2008|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/03/2008|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[01/03/2008|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[27/03/2008|20:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[13/10/2007|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[09/12/2006|22:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[11/08/2006|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/01/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/03/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05/10/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/12/2006|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[01/01/2007|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[24/02/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/03/2008|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/02/2008|20:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[06/02/2008|23:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[08/03/2008|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[10/12/2006|11:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[07/03/2008|23:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VadeRetro
[23/01/2007|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[04/07/2007|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[27/02/2008|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/01/2007|21:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[29/01/2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[08/03/2008|00:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\.
[08/03/2008|00:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\..
[10/12/2006|21:32] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[11/01/2007|23:11] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[29/03/2008|22:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\Apple Computer
[18/10/2007|21:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Azureus
[09/12/2006|22:35] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[11/08/2006|21:25] C:\DOCUME~1\CHRIST~1\APPLIC~1\desktop.ini
[10/12/2006|21:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\EPSON
[04/02/2007|21:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\F-Secure
[11/01/2007|22:44] C:\DOCUME~1\CHRIST~1\APPLIC~1\Google
[15/03/2008|20:58] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[16/10/2006|02:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/02/2008|23:36] C:\DOCUME~1\CHRIST~1\APPLIC~1\Leadertech
[16/10/2006|02:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/03/2008|19:41] C:\DOCUME~1\CHRIST~1\APPLIC~1\Malwarebytes
[30/03/2008|12:51] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[10/12/2006|19:53] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft Web Folders
[11/01/2007|23:08] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[04/02/2007|01:33] C:\DOCUME~1\CHRIST~1\APPLIC~1\PEX
[07/04/2007|13:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\Screenshot Sender
[01/01/2007|21:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sony Corporation
[06/02/2008|23:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\SPAMfighter
[22/02/2007|17:01] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[24/02/2008|23:13] C:\DOCUME~1\CHRIST~1\APPLIC~1\Teleca
[01/03/2008|22:06] C:\DOCUME~1\CHRIST~1\APPLIC~1\VadeRetro
[07/05/2007|21:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc

[25/10/2006|16:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[25/10/2006|16:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[11/08/2006|21:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/10/2006|02:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[16/10/2006|02:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[16/10/2006|02:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[16/10/2006|02:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[16/10/2006|02:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[16/10/2006|02:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[28/03/2008|21:10] C:\DOCUME~1\morgane\APPLIC~1\.
[28/03/2008|21:10] C:\DOCUME~1\morgane\APPLIC~1\..
[18/12/2007|19:40] C:\DOCUME~1\morgane\APPLIC~1\Adobe
[22/12/2007|15:25] C:\DOCUME~1\morgane\APPLIC~1\AdobeUM
[16/10/2007|21:06] C:\DOCUME~1\morgane\APPLIC~1\Azureus
[25/12/2006|19:57] C:\DOCUME~1\morgane\APPLIC~1\CyberLink
[11/08/2006|21:25] C:\DOCUME~1\morgane\APPLIC~1\desktop.ini
[06/06/2007|18:17] C:\DOCUME~1\morgane\APPLIC~1\EPSON
[04/02/2007|14:57] C:\DOCUME~1\morgane\APPLIC~1\F-Secure
[11/01/2007|21:19] C:\DOCUME~1\morgane\APPLIC~1\Google
[28/03/2008|20:10] C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
[16/10/2006|02:34] C:\DOCUME~1\morgane\APPLIC~1\Identities
[03/03/2008|19:19] C:\DOCUME~1\morgane\APPLIC~1\Leadertech
[12/02/2008|16:32] C:\DOCUME~1\morgane\APPLIC~1\LimeWire
[16/02/2007|17:47] C:\DOCUME~1\morgane\APPLIC~1\Macromedia
[28/03/2008|21:10] C:\DOCUME~1\morgane\APPLIC~1\Malwarebytes
[27/02/2008|17:25] C:\DOCUME~1\morgane\APPLIC~1\Microsoft
[11/01/2007|21:07] C:\DOCUME~1\morgane\APPLIC~1\MSNInstaller
[01/01/2007|20:35] C:\DOCUME~1\morgane\APPLIC~1\Sony Corporation
[20/02/2007|19:15] C:\DOCUME~1\morgane\APPLIC~1\Sun
[24/02/2008|20:05] C:\DOCUME~1\morgane\APPLIC~1\Teleca

[16/10/2006|02:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[16/10/2006|02:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[16/10/2006|02:35] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[28/03/2008 14:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[30/03/2008 13:00][--ah-----] C:\WINDOWS\tasks\ACC6E28091859318.job
[30/03/2008 10:35][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 22:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[29/03/2008|22:48] C:\Program Files\.
[29/03/2008|22:48] C:\Program Files\..
[10/12/2006|11:36] C:\Program Files\ABBYY FineReader 6.0 Sprint
[16/10/2006|02:35] C:\Program Files\Acer WLAN 11g USB Dongle
[24/02/2008|20:24] C:\Program Files\Adobe
[01/03/2008|20:37] C:\Program Files\Apple Software Update
[28/03/2008|21:56] C:\Program Files\a-squared Free
[27/03/2008|20:11] C:\Program Files\Avira
[20/03/2008|23:28] C:\Program Files\AxBx
[01/03/2008|20:38] C:\Program Files\Bonjour
[08/03/2008|15:13] C:\Program Files\CCleaner
[16/10/2006|02:36] C:\Program Files\commercial
[11/08/2006|19:27] C:\Program Files\ComPlus Applications
[16/10/2006|02:36] C:\Program Files\CyberLink
[13/10/2007|23:05] C:\Program Files\DAEMON Tools
[16/10/2006|02:36] C:\Program Files\DIFX
[24/02/2008|20:21] C:\Program Files\Disc2Phone
[30/03/2007|19:08] C:\Program Files\EA GAMES
[10/12/2006|11:36] C:\Program Files\epson
[19/03/2008|20:44] C:\Program Files\Executive Software
[20/03/2008|22:58] C:\Program Files\Fichiers communs
[27/12/2006|19:18] C:\Program Files\Fisher-Price
[09/03/2008|23:18] C:\Program Files\GemMasterFrench
[26/01/2007|18:51] C:\Program Files\Google
[19/09/2007|12:12] C:\Program Files\INFORAD
[19/09/2007|12:12] C:\Program Files\INFORAD_DRIVERS
[26/02/2008|14:34] C:\Program Files\InstallShield Installation Information
[13/02/2008|10:12] C:\Program Files\Internet Explorer
[17/03/2008|22:55] C:\Program Files\iPod
[01/03/2008|20:38] C:\Program Files\iTunes
[08/03/2008|15:02] C:\Program Files\Java
[13/10/2007|15:18] C:\Program Files\LimeWire
[20/03/2008|20:30] C:\Program Files\Macrogaming
[26/03/2008|19:41] C:\Program Files\Malwarebytes' Anti-Malware
[16/10/2006|02:36] C:\Program Files\Messenger
[22/12/2007|14:43] C:\Program Files\MessengerPlus! 3
[10/12/2006|19:53] C:\Program Files\microsoft frontpage
[10/12/2006|19:53] C:\Program Files\Microsoft Office
[22/12/2007|15:38] C:\Program Files\Microsoft SQL Server Compact Edition
[10/12/2006|19:55] C:\Program Files\Microsoft Visual Studio
[13/10/2007|16:04] C:\Program Files\Movie Maker
[13/10/2007|16:50] C:\Program Files\MSBuild
[11/12/2006|14:01] C:\Program Files\MSN
[16/10/2006|02:36] C:\Program Files\MSN Gaming Zone
[25/02/2008|11:26] C:\Program Files\MSXML 4.0
[13/10/2007|23:10] C:\Program Files\MSXML 6.0
[13/11/2007|19:32] C:\Program Files\NetMeeting
[07/05/2007|21:25] C:\Program Files\Neuf
[16/10/2006|02:36] C:\Program Files\NewTech Infosystems
[16/10/2006|02:36] C:\Program Files\Oca History Tool
[16/10/2006|02:36] C:\Program Files\Online Services
[13/10/2007|16:04] C:\Program Files\Outlook Express
[04/06/2007|21:06] C:\Program Files\Pack Securite
[04/06/2007|22:02] C:\Program Files\Pack S‚curit‚
[09/01/2008|20:06] C:\Program Files\PhoTags Express
[01/03/2008|20:38] C:\Program Files\QuickTime
[16/10/2006|02:36] C:\Program Files\Realtek
[13/10/2007|16:47] C:\Program Files\Reference Assemblies
[16/10/2006|02:36] C:\Program Files\Services en ligne
[01/01/2007|20:32] C:\Program Files\Sony
[01/01/2007|20:32] C:\Program Files\Sony Corporation
[24/02/2008|20:03] C:\Program Files\Sony Ericsson
[29/03/2008|20:26] C:\Program Files\Trend Micro
[11/08/2006|19:40] C:\Program Files\Uninstall Information
[18/10/2007|18:03] C:\Program Files\USB Disk Win98 Driver
[15/02/2008|17:05] C:\Program Files\Virtual Magnifying Glass
[27/02/2008|10:16] C:\Program Files\Windows Live
[24/03/2008|11:37] C:\Program Files\Windows Media Connect 2
[13/10/2007|17:33] C:\Program Files\Windows Media Player
[16/10/2006|02:36] C:\Program Files\Windows NT
[16/10/2006|02:36] C:\Program Files\Windows Plus
[11/08/2006|19:28] C:\Program Files\WindowsUpdate
[16/10/2006|02:36] C:\Program Files\xerox
[29/01/2008|22:44] C:\Program Files\Yahoo!
[23/04/2007|14:49] C:\Program Files\Zero G Registry

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[20/03/2008|22:58] C:\Program Files\Fichiers communs\.
[20/03/2008|22:58] C:\Program Files\Fichiers communs\..
[16/10/2006|02:36] C:\Program Files\Fichiers communs\Adobe
[01/03/2008|20:37] C:\Program Files\Fichiers communs\Apple
[10/12/2006|19:55] C:\Program Files\Fichiers communs\Designer
[10/12/2006|11:38] C:\Program Files\Fichiers communs\InstallShield
[09/12/2006|22:14] C:\Program Files\Fichiers communs\Java
[16/10/2006|02:36] C:\Program Files\Fichiers communs\LightScribe
[17/12/2007|19:36] C:\Program Files\Fichiers communs\Microsoft Shared
[16/10/2006|02:36] C:\Program Files\Fichiers communs\MSSoap
[16/10/2006|02:36] C:\Program Files\Fichiers communs\muvee Technologies
[16/10/2006|02:36] C:\Program Files\Fichiers communs\NewTech Infosystems
[16/10/2006|02:36] C:\Program Files\Fichiers communs\ODBC
[16/10/2006|02:36] C:\Program Files\Fichiers communs\Services
[01/01/2007|20:32] C:\Program Files\Fichiers communs\Sony Shared
[16/10/2006|02:36] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|21:26] C:\Program Files\Fichiers communs\System
[24/02/2008|20:03] C:\Program Files\Fichiers communs\Teleca Shared
[17/12/2007|19:35] C:\Program Files\Fichiers communs\WindowsLiveInstaller

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\morgane\APPLIC~1\Gram View 4
C:\DOCUME~1\morgane\APPLIC~1\Gram View 4\uploadsettingsfacehole.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASH BLEH.exe
C:\WINDOWS\Tasks\ACC6E28091859318.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-30 13:56:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:16][Doss:5] C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
/!\ [Fich:55][Doss:0] C:\DOCUME~1\CHRIST~1\Cookies
/!\ [Fich:3396][Doss:8] C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 13:56:54,79 ]----------------------

Tu peux désactiver Antivir puis faire le scan lop sd en option 2 ?

bonsoir, nous te remercions pour ton aide précieuse tout est rentré dans l'ordre, nous n'avons plus aucun problèmes, tout fonctionne correctement. Nous te souhaitons une bonne soirée et encore merci a plus tard et au plaisir.

Pas de rapport ?

salu angeldark, j'ai très atentivement lu tous ce que tu as expliqué à l'autre personne & moi j'ai 1peu le même problème. Sauf que moi je suis archi nul & je ne sait même pas comment elle a pu t'envoyer ses rapport!
moi j'ai xp, mon anti-virus c'est avast & lui il na rien détecté du tout! c'est 1alerte du centre de sécurité windows qui me répète sans sesse que mon ordi est infecté. j'ai donc essayé avec winsos, il a rien trouvé; après spybot & viruskeeper mais aucun n'a réussi a détecter le problème!! Du coup, n'y connaissant rien, je ne sait vraiment +quoi faire. Voilà, si tu pouvè m'aider sa serai super. bis

Chacun son sujet