Probleme de redémarage , merci !

Sécurité et insécurité. Virus, Trojans, Spywares, Failles etc. …

Modérateur: Modérateurs et Modératrices

Règles du forum
Assiste.com a suspendu l'assistance à la décontamination après presque 15 ans sur l'ancien forum puis celui-ci. Voir :

Procédure de décontamination 1 - Anti-malware
Décontamination anti-malwares

Procédure de décontamination 2 - Anti-malware et antivirus (La Manip)
La Manip - Procédure standard de décontamination

Entretien périodique d'un PC sous Windows
Entretien périodique d'un PC sous Windows

Protection des navigateurs, de la navigation et de la vie privée
Protéger le navigateur, la navigation et la vie privée

Messagede trueshade » 18 Jan 2010, 18:27

et puis le dernier :

OTL logfile created on: 2010-01-18 12:19:23 - Run 2
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Shma\Mes documents\Téléchargements
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1 023,00 Mb Total Physical Memory | 579,00 Mb Available Physical Memory | 57,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 24,23 Gb Free Space | 32,51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 3,73 Gb Total Space | 3,70 Gb Free Space | 99,19% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SHADE
Current User Name: Shma
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-01-18 11:58:12 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shma\Mes documents\Téléchargements\OTL.exe
PRC - [2010-01-10 22:31:53 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2009-08-18 14:06:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-08-18 14:06:19 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-10-24 13:14:28 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008-10-24 13:14:25 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008-01-15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2006-10-13 16:04:02 | 00,707,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\Smc.exe
PRC - [2004-08-19 16:09:54 | 01,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010-01-18 11:58:12 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shma\Mes documents\Téléchargements\OTL.exe
MOD - [2004-10-15 18:32:10 | 00,083,096 | ---- | M] (Sygate Technologies, Inc.) -- C:\WINDOWS\system32\SSSensor.dll
MOD - [2004-08-19 16:07:58 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MSCamSvc)
SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - [2009-12-17 19:00:28 | 00,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2009-11-20 20:32:14 | 00,154,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc)
SRV - [2009-08-18 14:06:19 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008-10-24 13:14:28 | 00,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008-10-24 13:14:25 | 00,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008-02-04 14:18:32 | 00,504,104 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008-01-15 02:40:04 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004-10-15 19:40:56 | 02,577,632 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- C:\Program Files\Sygate\SPF\Smc.exe -- (SmcService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-12 23:22:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-10 22:31:57 | 00,000,000 | ---D | M]

[2009-08-04 09:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Mozilla\Extensions
[2009-09-17 16:42:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Mozilla\Firefox\Profiles\iei5wvgg.default\extensions
[2010-01-17 13:59:09 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-15 14:03:50 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009-07-15 14:03:50 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009-07-15 14:03:50 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-07-15 14:03:50 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009-07-15 14:03:50 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010-01-10 14:01:24 | 00,371,083 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 12817 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [SmcService] C:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - Startup: C:\Documents and Settings\Shma\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 59 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 2692024201 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2692484234 (MUWebControl Class)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://ma-config.com/plugins/MaConfig_4_0_1_3.cab (Ma-Config control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Shma\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shma\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-12-24 12:01:29 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010-01-18 12:15:12 | 00,000,000 | ---D | C] -- C:\_OTL
[2010-01-13 23:02:37 | 00,000,000 | ---D | C] -- C:\ProgramData
[2010-01-13 23:02:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010-01-13 23:01:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shma\Mes documents\Electronic Arts
[2010-01-13 22:24:32 | 00,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010-01-13 01:29:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shma\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010-01-12 23:03:42 | 00,000,000 | ---D | C] -- C:\Riot Games
[2010-01-10 23:36:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010-01-10 21:23:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-01-10 21:22:40 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010-01-10 20:23:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Shma\Application Data\Malwarebytes
[2010-01-10 20:23:30 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-10 20:23:27 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-01-10 20:23:27 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-10 20:23:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-01-10 17:40:29 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Shma\Recent
[2010-01-10 15:59:44 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg6n.sys
[2010-01-10 15:59:44 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg5n.sys
[2010-01-10 15:59:43 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg4n.sys
[2010-01-10 15:59:43 | 00,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg3n.sys
[2010-01-10 15:59:42 | 00,060,496 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\Teefer.sys
[2010-01-10 15:59:42 | 00,021,075 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys
[2010-01-10 15:59:34 | 00,083,096 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\SSSensor.dll
[2010-01-10 15:59:30 | 00,000,000 | ---D | C] -- C:\Program Files\Sygate
[2010-01-10 11:18:12 | 00,000,000 | ---D | C] -- C:\Config.Msi
[2010-01-04 12:41:43 | 00,000,000 | ---D | C] -- C:\Program Files\Trine
[2009-10-01 21:46:28 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009-09-10 09:40:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2009-09-07 09:43:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009-01-18 09:53:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009-01-18 09:50:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009-01-18 09:50:15 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008-05-30 18:48:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AdobeUM
[2008-04-26 19:30:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2008-04-26 19:30:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2008-03-13 10:33:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple

========== Files - Modified Within 14 Days ==========

[2010-01-18 12:17:47 | 00,272,291 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-01-18 12:16:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-18 12:16:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-18 12:15:45 | 13,893,632 | ---- | M] () -- C:\Documents and Settings\Shma\ntuser.dat
[2010-01-18 12:13:11 | 00,000,174 | ---- | M] () -- C:\Documents and Settings\Shma\Bureau\Nouveau Document WordPad.doc
[2010-01-18 12:12:25 | 00,001,907 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\EA Download Manager.lnk
[2010-01-18 12:08:14 | 04,804,332 | -H-- | M] () -- C:\Documents and Settings\Shma\Local Settings\Application Data\IconCache.db
[2010-01-17 12:00:26 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-15 11:10:44 | 00,153,600 | ---- | M] () -- C:\Documents and Settings\Shma\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-14 07:03:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-01-12 00:09:26 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Shma\ntuser.ini
[2010-01-10 21:22:44 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\Shma\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2010-01-10 14:01:24 | 00,371,083 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-01-07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-01-05 23:06:05 | 00,000,045 | ---- | M] () -- C:\WINDOWS\popcinfo.dat

========== Files Created - No Company Name ==========

[2010-01-18 12:13:07 | 00,000,174 | ---- | C] () -- C:\Documents and Settings\Shma\Bureau\Nouveau Document WordPad.doc
[2010-01-18 12:12:25 | 00,001,907 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\EA Download Manager.lnk
[2010-01-10 21:22:44 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\Shma\Menu Démarrer\Programmes\Démarrage\ERUNT AutoBackup.lnk
[2009-08-17 22:09:18 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009-07-16 22:20:41 | 01,511,424 | ---- | C] () -- C:\WINDOWS\System32\sn3win.dll
[2009-03-15 01:01:38 | 01,554,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009-03-01 14:05:34 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Shma\Application Data\PnkBstrK.sys
[2008-10-07 08:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-08-20 19:03:43 | 00,000,000 | ---- | C] () -- C:\WINDOWS\WoWEmuHackSettings.ini
[2008-07-29 09:49:22 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008-07-24 11:49:52 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-06-22 18:57:43 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008-06-05 07:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008-06-01 20:04:03 | 01,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2008-04-26 12:12:03 | 00,000,032 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2008-03-07 19:38:42 | 00,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008-02-10 23:26:07 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008-02-10 23:11:44 | 03,889,728 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2008-02-10 23:11:44 | 01,143,989 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll
[2008-02-10 23:11:44 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008-02-10 22:49:39 | 00,000,127 | ---- | C] () -- C:\Documents and Settings\Shma\Local Settings\Application Data\fusioncache.dat
[2008-02-10 22:05:50 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2008-01-16 00:29:25 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2008-01-15 20:35:41 | 00,000,324 | ---- | C] () -- C:\WINDOWS\WPE PRO.INI
[2008-01-15 20:31:51 | 00,001,802 | ---- | C] () -- C:\WINDOWS\TSearch.INI
[2008-01-01 12:25:23 | 00,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008-01-01 12:25:23 | 00,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008-01-01 12:25:23 | 00,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007-12-29 01:01:59 | 00,153,600 | ---- | C] () -- C:\Documents and Settings\Shma\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-12-26 21:24:49 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007-12-25 15:16:41 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007-12-25 13:30:48 | 00,002,043 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2007-12-25 13:29:09 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006-04-27 05:19:01 | 00,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2004-10-15 18:31:56 | 00,218,264 | ---- | C] () -- C:\WINDOWS\System32\SetAid.dll
[2001-10-04 06:56:45 | 00,011,376 | R--- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010-01-18 12:02:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
[2010-01-10 12:12:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2010-01-18 12:12:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2007-12-24 12:11:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009-12-23 12:57:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2009-02-09 09:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009-09-11 11:25:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS
[2009-08-16 20:42:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009-11-14 18:02:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008-02-10 23:27:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\AVSMedia
[2009-06-25 09:34:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Bioshock
[2008-07-24 11:49:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\DAEMON Tools
[2009-04-01 07:46:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\GetRightToGo
[2007-12-24 12:11:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Grisoft
[2009-03-30 09:29:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\id Software
[2008-04-26 19:29:03 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Shma\Application Data\ijjigame
[2010-01-15 16:12:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\LimeWire
[2010-01-13 01:29:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2009-03-09 15:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Nexon
[2009-11-12 22:23:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Pogo Games
[2009-12-04 13:12:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Soldat
[2009-12-21 11:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\Sony Online Entertainment
[2009-12-20 22:55:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\uTorrent
[2009-11-25 14:52:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Shma\Application Data\XnView

========== Purity Check ==========


<End>
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 19 Jan 2010, 00:27

Bonsoir,


Comment se comporte le PC?


Je confirme que la version actuelle d'Avira Antivir est 9.0.0.74, et qu'elle existe en français.
Image

Il n'y aura plus de mises à jour pour la version 8 à compter du 31 mars 2010.
Voir Préparatifs de la migration:
http://www.avira.com/fr/support/portail ... n_av9.html
http://www.avira.com/fr/support/portail ... age_2.html

Note: Ne pas le faire maintenant, mais il faudra
*- télécharger la version 9
*- arrêter la connexion internet
*- désinstaller la version 8
*- faire redémarrer le PC
*- installer la version 9
Présentation sur libellules.ch: http://www.libellules.ch/tuto_antivir.php
Site officiel: http://www.free-av.com/fr/products/1/av ... virus.html
Téléchargement: http://www.free-av.com/en/download/download_servers.php

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede trueshade » 19 Jan 2010, 00:37

Je ne comprend pas le : Ne pas le faire maintenant, J'attend que vous me disiez de le faire? Ou j'étais supposer le faire? Je n'est pas très bien compris (j'ai télécharger la version 9, il ne me reste plus qu'a faire la procédure..)

Merci

A et, j'oubliai, mon ordinateur se comporte bien pour le moment, le seul problème serais le virus qui surviens depuis tout a l'heure..
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 19 Jan 2010, 01:47

Bonsoir,

Il ne faut pas mettre à jour le programme antivirus tant qu'il y des alertes.

Quel est le libellé exact de cette alerte: Nom et emplacement du/des fichier(s) détecté(s) comme infecté(s).

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede trueshade » 19 Jan 2010, 02:34

Je ne sais pas exactement , quand avira le trouve je n'arrive pas a voir le chemin complet , je vais voir dans la quarantaine , sinon je lance un scan Avira

Voila : Dans les évents j'ai cela :

2010-01-18 12:17
Virus or unwanted program 'TR/StartPage.KA.3 [trojan]'
detected in file 'C:\Documents and Settings\Shma\Menu Démarrer\Programmes\Internet Explorer.lnk.
Action performed: Move file to quarantine

et celui la que j'ai non autorisé :

2010-01-18 18:29
Virus or unwanted program 'TR/Trash.Gen [trojan]'
detected in file 'C:\System Volume Information\_restore{EB382137-9A75-4020-A7B7-CA3882D4B384}\RP804\A0222340.dll.
Action performed: Deny access


Je precise que les heure ici et chez vous son différente ( Je vis au canada, Quebec )


merci
trueshade
 
Messages: 28
Inscription: 24 Nov 2009, 02:49

Messagede nickW » 31 Jan 2010, 01:53

Bonsoir,

La première détection est un faux-positif sur le raccourci d'Internet Explorer dans le menu Démarrer.

La deuxième détection concerne un fichier de la Restauration système, sans danger tant que tu n'effectues pas de restauration.

Comment se comporte le PC?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Précédente

Retourner vers Sécurité (Contamination - Décontamination)

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 22 invités

cron