Sujet Précédent Sujet Suivant

AU SECOURS!!! J'AI UN VIRUS DE TYPE BEAGLE!!!

Résolu
christorock Messages postés 605 Statut Membre -  
 Utilisateur anonyme -
Bonjour, Tout le monde =)

j'ai vraiment besoin de votre aide j'ai des virus de type beagle sur mon ordi puis des rookits mais la total la comment faire pour s'en debarasser j'ai essayer le logiciel findkill puis eliglaba sa na rien fais aider moi svp
A voir également:

75 réponses

Précédent
Réponse 21 / 75
christorock Messages postés 605 Statut Membre 10
 
bas j'ai deja fais ton logiciel que tu ma dit est c'est qu'il est puissant tout c'est bien passé je te met le rapport tout de suite
0
Réponse 22 / 75
christorock Messages postés 605 Statut Membre 10
 
ComboFix 09-01-07.01 - christopher 2009-01-07 23:13:46.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2815.1798 [GMT 1:00]
Lancé depuis: c:\users\christopher\Desktop\killbagle.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Services.exe
c:\windows\system32\mpg4c32.dll
f:\rocketdock\RocketDock.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-07 au 2009-01-07 ))))))))))))))))))))))))))))))))))))
.

2009-01-07 16:19 . 2009-01-07 16:19 <REP> d-------- c:\users\christopher\AppData\Roaming\SlipStream
2009-01-07 16:19 . 2009-01-07 16:19 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\SlipStream
2009-01-07 16:19 . 2006-08-03 17:33 86,016 --a------ c:\windows\System32\sliprt.dll
2009-01-07 13:41 . 2009-01-07 13:41 <REP> d-------- c:\program files\Alwil Software
2009-01-07 13:41 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2009-01-06 21:37 . 2009-01-07 23:01 <REP> d-------- c:\program files\FindyKill
2009-01-06 06:55 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\spoolsv.exe
2009-01-06 05:00 . 2008-12-29 01:29 81,920 --a------ c:\windows\ieudinit.exe
2009-01-06 01:48 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\cisvc.exe
2009-01-06 00:11 . 2008-12-29 01:29 81,920 --a------ c:\users\christopher\AppData\Roaming\rsvp.exe
2009-01-06 00:11 . 2008-12-29 01:29 81,920 --a------ c:\users\CHRIST~1\AppData\Roaming\rsvp.exe
2009-01-05 23:08 . 2008-12-29 01:29 81,920 --a------ c:\windows\system\mstsc.exe
2009-01-04 19:08 . 2008-12-29 01:29 81,920 --a------ c:\windows\cisvc.exe
2009-01-04 18:00 . 2009-01-06 22:08 240,633,820 --a------ c:\windows\MEMORY.DMP
2009-01-04 15:37 . 2009-01-04 15:37 <REP> d-------- c:\users\All Users\WebcamMax
2009-01-04 15:37 . 2009-01-04 15:37 <REP> d-------- c:\progra~2\WebcamMax
2009-01-04 15:36 . 2009-01-04 15:37 <REP> d-------- c:\users\christopher\AppData\Roaming\Webcammax
2009-01-04 15:36 . 2009-01-04 15:37 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\Webcammax
2009-01-04 15:30 . 2009-01-04 16:12 <REP> d-------- c:\program files\WebcamMax
2009-01-02 22:37 . 2009-01-02 22:37 <REP> d-------- c:\program files\MSN Messenger
2009-01-02 21:56 . 2009-01-07 16:19 <REP> d-------- c:\program files\ONSPEED
2009-01-02 03:57 . 2009-01-02 03:57 <REP> d-------- c:\program files\inKline Global
2009-01-02 00:50 . 2009-01-04 21:15 <REP> d-------- c:\program files\Windows Live Safety Center
2009-01-01 22:26 . 2009-01-01 22:26 <REP> d-------- c:\program files\Robust.ws
2009-01-01 22:26 . 2005-08-27 03:38 1,435,272 --a------ c:\windows\System32\Flash8.ocx
2009-01-01 22:26 . 2000-05-22 06:00 647,872 --a------ c:\windows\System32\MSCOMCT2.OCX
2009-01-01 22:26 . 2004-02-05 21:53 389,120 --a------ c:\windows\System32\actskn43.ocx
2009-01-01 22:26 . 2004-01-08 01:43 253,952 --a------ c:\windows\System32\histogram.ocx
2009-01-01 22:26 . 2004-01-09 11:54 188,416 --a------ c:\windows\System32\actsplash.ocx
2008-12-30 18:53 . 2008-12-30 21:13 <REP> d-------- c:\program files\PhotoFiltre Studio
2008-12-30 18:53 . 2008-12-30 18:53 45 ---h----- c:\windows\dne 0656.dat
2008-12-29 20:53 . 2008-12-29 20:53 <REP> d-------- c:\program files\Common Files\Logitech
2008-12-29 12:06 . 2008-12-29 13:14 376 --a------ c:\windows\ODBC.INI
2008-12-29 12:06 . 2008-12-29 13:14 35 --a------ c:\windows\vbaddin.ini
2008-12-29 12:04 . 2008-12-29 12:04 <REP> d-------- c:\program files\Microsoft FrontPage
2008-12-29 12:03 . 2008-12-29 12:03 <REP> d-------- c:\users\christopher\AppData\Roaming\Microsoft Web Folders
2008-12-29 12:03 . 2008-12-29 12:03 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\Microsoft Web Folders
2008-12-29 03:02 . 2008-12-29 03:02 <REP> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-12-28 19:45 . 2009-01-02 22:38 <REP> d-------- c:\program files\MessengerDiscovery
2008-12-28 19:45 . 2004-03-09 01:00 609,824 --a------ c:\windows\System32\COMCTL32.ocx
2008-12-28 19:45 . 2004-03-08 23:00 152,848 --a------ c:\windows\System32\comdlg32.OCX
2008-12-28 19:45 . 2004-03-09 01:00 124,688 --a------ c:\windows\System32\MSWINSCK.ocx
2008-12-28 19:36 . 2008-12-28 19:37 <REP> d-------- c:\program files\Messenger Plus! Live
2008-12-28 19:33 . 2008-12-28 19:33 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-12-28 19:30 . 2008-12-28 19:31 <REP> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-28 19:29 . 2008-12-28 19:29 <REP> d-------- c:\users\All Users\WLInstaller
2008-12-28 19:29 . 2008-12-29 03:02 <REP> d-------- c:\program files\Windows Live
2008-12-28 19:29 . 2008-12-28 19:29 <REP> d-------- c:\progra~2\WLInstaller
2008-12-28 15:28 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2008-12-28 15:28 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2008-12-28 15:28 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2008-12-28 15:28 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2008-12-28 15:28 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2008-12-28 15:28 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2008-12-28 15:28 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2008-12-28 15:27 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2008-12-28 15:20 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2008-12-28 15:20 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2008-12-28 15:20 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2008-12-28 15:20 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2008-12-28 15:20 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2008-12-28 08:08 . 2009-01-07 22:39 0 --a------ c:\windows\System32\drivers\lvuvc.hs
2008-12-28 01:51 . 2008-12-28 01:51 <REP> d-------- c:\users\christopher\AppData\Roaming\Leadertech
2008-12-28 01:51 . 2008-12-28 01:51 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\Leadertech
2008-12-28 01:50 . 2008-12-28 01:50 <REP> d-------- c:\users\All Users\Logitech
2008-12-28 01:50 . 2008-12-29 09:55 <REP> d-------- c:\users\All Users\Logishrd
2008-12-28 01:50 . 2008-12-28 01:50 <REP> d-------- c:\program files\Logitech
2008-12-28 01:50 . 2008-12-28 01:50 <REP> d-------- c:\progra~2\Logitech
2008-12-28 01:50 . 2008-12-29 09:55 <REP> d-------- c:\progra~2\Logishrd
2008-12-28 01:46 . 2008-12-28 01:51 <REP> d-------- c:\program files\Common Files\logishrd
2008-12-28 01:03 . 2009-01-04 01:32 <REP> d-------- c:\users\christopher\AppData\Roaming\skypePM
2008-12-28 01:03 . 2009-01-04 01:32 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\skypePM
2008-12-28 01:03 . 2008-12-28 01:03 56 --ah----- c:\users\All Users\ezsidmv.dat
2008-12-28 01:03 . 2008-12-28 01:03 56 --ah----- c:\progra~2\ezsidmv.dat
2008-12-28 00:59 . 2009-01-04 03:33 <REP> d-------- c:\users\christopher\AppData\Roaming\Skype
2008-12-28 00:59 . 2009-01-04 03:33 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\Skype
2008-12-28 00:58 . 2008-12-28 00:59 <REP> d-------- c:\users\All Users\Skype
2008-12-28 00:58 . 2008-12-28 00:59 <REP> d-------- c:\program files\Skype
2008-12-28 00:58 . 2008-12-28 00:58 <REP> d-------- c:\program files\Common Files\Skype
2008-12-28 00:58 . 2008-12-28 00:59 <REP> d-------- c:\progra~2\Skype
2008-12-27 00:18 . 2008-12-28 08:24 <REP> d-------- c:\users\All Users\NOS
2008-12-27 00:18 . 2008-12-28 08:24 <REP> d-------- c:\program files\NOS
2008-12-27 00:18 . 2008-12-28 08:24 <REP> d-------- c:\progra~2\NOS
2008-12-23 01:41 . 2008-12-23 01:41 <REP> d-------- c:\program files\Softick
2008-12-22 01:08 . 2008-12-22 01:08 <REP> d--h----- c:\program files\Temp
2008-12-21 23:56 . 2008-12-21 23:56 <REP> d-------- c:\users\All Users\ma-config.com
2008-12-21 23:56 . 2008-12-21 23:56 <REP> d-------- c:\progra~2\ma-config.com
2008-12-21 22:20 . 2008-12-21 22:20 <REP> d-------- c:\program files\Guitar Pro 5
2008-12-20 20:13 . 2008-12-20 20:15 <REP> d-------- c:\users\christopher\AppData\Roaming\fretsonfire
2008-12-20 20:13 . 2008-12-20 20:15 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\fretsonfire
2008-12-20 19:57 . 2008-12-20 20:13 <REP> d-------- c:\program files\Frets on Fire
2008-12-20 15:45 . 2008-12-20 15:45 <REP> d-------- c:\users\christopher\Library
2008-12-20 15:45 . 2008-12-20 15:45 <REP> d-------- c:\users\christopher\AppData\Roaming\com.adobe.ExMan
2008-12-20 15:45 . 2008-12-20 15:45 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\com.adobe.ExMan
2008-12-20 09:02 . 2008-12-30 12:12 <REP> d-------- c:\users\christopher\AppData\Roaming\SPORE
2008-12-20 09:02 . 2008-12-30 12:12 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\SPORE
2008-12-20 08:57 . 2008-12-20 08:57 <REP> d-------- c:\program files\Electronic Arts
2008-12-19 23:05 . 2008-12-19 23:05 <REP> d-------- c:\users\All Users\FLEXnet
2008-12-19 23:05 . 2008-12-19 23:05 <REP> d-------- c:\progra~2\FLEXnet
2008-12-19 22:58 . 2008-12-19 22:58 <REP> d-------- c:\program files\Adobe Media Player
2008-12-19 22:57 . 2008-12-19 22:57 <REP> d-------- c:\program files\Common Files\Adobe AIR
2008-12-19 22:54 . 2008-12-19 22:54 <REP> d-------- c:\program files\Common Files\Macrovision Shared
2008-12-19 21:24 . 2008-12-19 21:24 362,240 --a------ c:\windows\System32\TuneUpDefragService.exe
2008-12-19 19:23 . 2008-12-19 19:23 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-12-18 21:33 . 2008-12-18 21:45 <REP> d-------- c:\program files\TuneUp Utilities 2009
2008-12-18 21:32 . 2008-12-18 21:32 <REP> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-18 21:32 . 2008-12-18 21:32 <REP> d--hs---- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-18 20:42 . 2008-12-18 20:42 <REP> d-------- c:\program files\CAPCOM
2008-12-18 14:43 . 2009-01-05 00:06 <REP> d-------- c:\program files\Free Video Converter
2008-12-18 14:19 . 2008-12-18 14:19 <REP> d-------- c:\users\christopher\AppData\Roaming\AVSMedia
2008-12-18 14:19 . 2008-12-18 14:19 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\AVSMedia
2008-12-18 14:19 . 2008-12-18 14:19 <REP> d-------- c:\users\All Users\AVS4YOU
2008-12-18 14:19 . 2008-12-18 14:19 <REP> d-------- c:\progra~2\AVS4YOU
2008-12-18 14:12 . 2008-12-18 14:13 <REP> d-------- c:\program files\Common Files\AVSMedia
2008-12-18 14:12 . 2008-12-18 14:12 <REP> d-------- c:\program files\AVSMedia
2008-12-18 14:12 . 2007-02-27 19:36 974,848 --a------ c:\windows\System32\mfc70.dll
2008-12-18 13:50 . 2008-12-18 13:50 <REP> d-------- c:\program files\AviSynth 2.5
2008-12-18 13:50 . 2004-02-22 10:11 719,872 --a------ c:\windows\System32\devil.dll
2008-12-18 13:45 . 2008-12-18 13:46 <REP> d-------- c:\users\christopher\AppData\Roaming\SolidWorks
2008-12-18 13:45 . 2008-12-18 13:46 <REP> d-------- c:\users\CHRIST~1\AppData\Roaming\SolidWorks
2008-12-18 13:44 . 2008-12-18 13:44 <REP> d-------- c:\program files\Common Files\PX Storage Engine
2008-12-18 13:44 . 2008-10-08 03:03 43,872 --------- c:\windows\System32\drivers\PxHelp20.sys
2008-12-18 13:44 . 2008-10-08 03:03 9,200 --------- c:\windows\System32\drivers\cdralw2k.sys
2008-12-18 13:44 . 2008-10-08 03:03 9,072 --------- c:\windows\System32\drivers\cdr4_xp.sys
2008-12-18 13:34 . 2008-12-18 13:38 <REP> d-------- c:\program files\VirtualDJ

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 02:57 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 17:39 1 ----a-w c:\program files\MSWINSCK.OCX
2008-12-26 23:21 --------- d-----w c:\program files\Common Files\Adobe
2008-12-24 07:50 --------- d-----w c:\program files\McAfee
2008-12-22 00:08 319,456 ----a-w c:\windows\DIFxAPI.dll
2008-12-21 23:11 --------- d-----w c:\progra~2\NVIDIA
2008-12-18 14:02 1,051,136 ----a-w c:\windows\system32\drivers\CamthWDM.sys
2008-12-16 22:46 --------- d-----w c:\progra~2\Microsoft Help
2008-12-16 22:41 --------- d-----w c:\program files\Microsoft Works
2008-12-16 14:15 --------- d-----w c:\program files\Windows Mail
2008-12-16 13:45 --------- d-----w c:\progra~2\SiteAdvisor
2008-12-16 13:40 --------- d-----w c:\progra~2\McAfee
2008-12-16 13:32 --------- d-sh--w c:\program files\Fichiers communs
2008-12-16 13:32 --------- d-sh--w c:\progra~2\Modèles
2008-12-16 13:32 --------- d-sh--w c:\progra~2\Menu Démarrer
2008-12-16 13:32 --------- d-sh--w c:\progra~2\Favoris
2008-12-16 13:32 --------- d-sh--w c:\progra~2\Bureau
2008-12-02 09:13 453,152 ----a-w c:\windows\System32\nvuninst.exe
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll
2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-10-16 04:47 827,392 ----a-w c:\windows\System32\wininet.dll
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 23:38 121392 --a------ c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-28 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-06 582992]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-12-07 196128]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-02 13683232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-02 92704]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"WebcamMaxMoniter"="c:\program files\WebcamMax\CAMTHINS.exe" [2007-03-07 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SlipStream"="c:\program files\ONSPEED\onspeedcore.exe" [2006-08-03 258048]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
ONSPEED.lnk - c:\program files\ONSPEED\onspeedgui.exe [2009-01-07 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"Google Update"="c:\users\christopher\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Modem Booster"=c:\program files\inKline Global\Modem Booster\modembtr.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3330372320-3260314469-3726213641-1000]
"EnableNotificationsRef"=dword:00000007

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9A0FC0E6-C41A-491D-85B2-7B42B0C4D7B6}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{9272E7EA-E5B0-4E65-AA03-61B849992A79}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0590D135-20CF-4616-83A2-B4D64D7A7ADC}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{40F60C6C-DD8E-40B8-AB34-5061C567E010}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{EC714915-D3A6-43D3-B785-23155F4ED9A6}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{8FB6D042-3CF4-407D-A2E9-A1CE05C41456}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{542BA28B-703D-48DB-B83F-94E757E578BF}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{B34DAF09-668F-41FD-94EB-A7A892360F5C}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{A924C65E-76C0-4E34-9E09-9FC3F7E6691A}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{F051E17E-51EF-4830-B367-F6DA497077E5}"= c:\program files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator
"{F158742F-48F9-4833-8369-7CBA8CC22457}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{57072285-1559-4EA8-9BA9-D616D959450E}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{51BA392C-367C-4322-8CA1-C7F13B0AE3EF}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{736FFC80-67FA-414F-B458-5E4A1AE6C4CA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A7CC4713-4DA2-4EFF-B786-2405708B101C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{E5B6D03F-FA9F-49D6-AD2A-0210E2149E89}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{DCF25856-082C-4F74-A2E6-DDD3DE119659}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{BE42A89E-CED0-429D-82F2-E52B89EA621D}"= UDP:f:\christopher\logiciel\eMule\emule.exe:emule
"{F86E75B9-F9AD-470C-88ED-4F3751C4EA60}"= TCP:f:\christopher\logiciel\eMule\emule.exe:emule
"TCP Query User{2C21758B-D7AC-448E-8659-B153FE33E1D5}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{D3B72852-301A-4061-A91E-7DB0D0E24B5E}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"{1C602423-1E42-470F-B612-651AA6263590}"= UDP:5353:Adobe CSI CS4
"{F2FD5502-682B-4BAD-A2AD-6D43C635CDFB}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{18B5B73C-53A3-4765-8A73-CC47AFDCA4A5}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{90B9EC54-6855-42D1-8123-63856EA20FCA}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{35CB9A95-A47D-464C-9F2F-CCB9777F897A}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{745445A4-80C4-4DBD-A7D9-B4527DFF4C4F}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{7DB93C13-1857-40C5-AC5E-EA131797DE37}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{B5218947-6408-4043-988D-D123072DE330}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= UDP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"UDP Query User{1804D025-4827-4981-8186-ED42F1A47E2E}c:\\program files\\messengerdiscovery\\messengerdiscovery live.exe"= TCP:c:\program files\messengerdiscovery\messengerdiscovery live.exe:MessengerDiscovery Live the Windows Live Messenger addon
"{91370525-6D54-4A31-8251-FCB1716974CF}"= UDP:c:\program files\ONSPEED\onspeedgui.exe:ONSPEED
"{C6488604-1E29-4B00-BA31-653CD0F8993F}"= TCP:c:\program files\ONSPEED\onspeedgui.exe:ONSPEED

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-07 111184]
R4 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-03-21 269448]
R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-07 20560]
R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-07 51792]
R4 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CamthWDM.sys [2007-01-11 1051136]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-12-16 203280]
S3 maconfservice;Ma-Config Service; [x]
S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-03-21 30752]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-RocketDock - f:\rocketdock\RocketDock.exe
HKLM-Explorer_Run-Spool - c:\users\CHRIST~1\AppData\Local\Temp\spoolsv.exe
HKCU-Explorer_Run-DllHst - c:\users\CHRIST~1\LOCALS~1\APPLIC~1\dllhst3g.exe
HKU-Default-Explorer_Run-Logman - c:\users\CHRIST~1\LOCALS~1\APPLIC~1\logman.exe

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.fr.acer.yahoo.com
mStart Page = hxxp://fr.fr.acer.yahoo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\progra~1\ONSPEED\sliplsp.dll
FF - ProfilePath - c:\users\CHRIST~1\AppData\Roaming\Mozilla\Firefox\Profiles\hy0xd75n.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1529850&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\christopher\AppData\Local\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\users\christopher\AppData\Roaming\Mozilla\Firefox\Profiles\hy0xd75n.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 23:15:29
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(7880)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Heure de fin: 2009-01-07 23:16:50
ComboFix-quarantined-files.txt 2009-01-07 22:16:46

Avant-CF: 93,320,609,792 octets libres
Après-CF: 93,289,861,120 octets libres

312 --- E O F --- 2008-12-29 02:03:11
0
Réponse 23 / 75
Utilisateur anonyme
 
Re,

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :


:files
C:\Users\christopher\Downloads\eMule\Incoming\Onspeed.5.0.181.Full.Setup.and.Crack.v2.2._deXter_.zip

:commands
[purity]
[emptytemp]
[reboot]


---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 24 / 75
christorock Messages postés 605 Statut Membre 10
 
Error: Unable to interpret <files> in the current context!
Error: Unable to interpret <C:\Users\christopher\Downloads\eMule\Incoming\Onspeed.5.0.181.Full.Setup.and.Crack.v2.2._deXter_.zip> in the current context!
========== COMMANDS ==========
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_uogQHosqpHMaKXWTKeee scheduled to be deleted on reboot.
File delete failed. C:\Users\CHRIST~1\AppData\Local\Temp\~DF2AFB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_FGBBpdskx4HDdlr scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_TKhYFMYe4lA7YzV scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_yu3Uf4asWTgol0B scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01072009_232257

Files moved on Reboot...
File C:\Users\CHRIST~1\AppData\Local\Temp\etilqs_uogQHosqpHMaKXWTKeee not found!
C:\Users\CHRIST~1\AppData\Local\Temp\~DF2AFB.tmp moved successfully.
DllUnregisterServer procedure not found in C:\Windows\temp\logishrd\LVPrcInj01.dll
C:\Windows\temp\logishrd\LVPrcInj01.dll NOT unregistered.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.
C:\Windows\temp\sqlite_FGBBpdskx4HDdlr moved successfully.
C:\Windows\temp\sqlite_TKhYFMYe4lA7YzV moved successfully.
C:\Windows\temp\sqlite_yu3Uf4asWTgol0B moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_001_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_002_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_003_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\urlclassifier3.sqlite moved successfully.
C:\Users\christopher\AppData\Local\Mozilla\Firefox\Profiles\hy0xd75n.default\XUL.mfl moved successfully.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 75
Utilisateur anonyme
 
Re,

Redémarre ton pc normalement et fait ce qui suit.

▶ Télécharge hijackthis

▶ Enregistre la cible sous .... "le bureau"

▶ Fais un double-clic sur "HJTInstall.exe" afin de lancer l'installation

▶ Clique sur Install ensuite sur "I Accept"

▶ Clique sur" Do a scan system and save log file"

▶ Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

▶ Tuto hijackthis(Merci à Balltrap34)

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
Réponse 26 / 75
christorock Messages postés 605 Statut Membre 10
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:34:50, on 07/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\System32\nvraidservice.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WebcamMax\CAMTHINS.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: eCATRegistrar Class - {02336F51-24CA-4422-AB63-18841ADF35E6} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ONSPEED - {4BC3AC04-3E56-411D-B465-4FEA06654611} - (no file)
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\CAMTHINS.exe" /m
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Logitech Inc. - (no file)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
0
Réponse 27 / 75
Utilisateur anonyme
 
Re,

Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Tutoriel pour MalwareByte's
0
Réponse 28 / 75
christorock Messages postés 605 Statut Membre 10
 
et je fais quoi du logiciel que tu ma passer je quitte la fenetre ou je dois faires des trucs comme fix checked?
0
Réponse 29 / 75
christorock Messages postés 605 Statut Membre 10
 
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1629
Windows 6.0.6001 Service Pack 1

07/01/2009 23:45:02
mbam-log-2009-01-07 (23-45-02).txt

Type de recherche: Examen rapide
Eléments examinés: 51018
Temps écoulé: 2 minute(s), 32 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Windows\system\mstsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\Users\christopher\AppData\Roaming\Microsoft\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
0
Réponse 30 / 75
Utilisateur anonyme
 
Re,

Fait un examen complet avec malwarebyte STP
0
Réponse 31 / 75
christorock Messages postés 605 Statut Membre 10
 
wi bas enfaite c'est ce que j'ai fais ms le truc ce que jepensais ac tou ce que tu ma dit e faire il y aurai plus aucun fichier infectueux ms si j'y crois pas. mais la oui jetai entrain de faire un scan complet mai seulement du c:
0
Réponse 32 / 75
Utilisateur anonyme
 
Re,

fait uniquement alors la partie ou tu était infecter
0
Réponse 33 / 75
christorock Messages postés 605 Statut Membre 10
 
oui d'accord bas c'est que sur cette partie de toute facon puis tu me conseille quoi comme logiciel pour enfin arreter d'avoir ses infection car c'est la 2eme fois la
0
Réponse 34 / 75
Utilisateur anonyme
 
Re,

Arrête de télécharger des cracks tout simplement.
0
Réponse 35 / 75
christorock Messages postés 605 Statut Membre 10
 
car c'etait a cause de sa que j'ai eu ce probleme??!!
0
Réponse 36 / 75
Utilisateur anonyme
 
Re,

Ben oué!!
0
Réponse 37 / 75
christorock Messages postés 605 Statut Membre 10
 
Okok je vois oui ba quand on a un naviguateur qui rame tu essaille le + possible de l'acellerer c'est pour sa que j'ai telecharger ce crak donc bas je vais desisntaller ce logiciel et puis wé bas je ne telecharge pas trop de crak mis wé je vais faire comme ta dis alors d'arreter de telecharger de crak
0
Réponse 38 / 75
christorock Messages postés 605 Statut Membre 10
 
oui, mais la mon ordi il detecte + d'antivirus je dois reprendre avast?
0
Réponse 39 / 75
Utilisateur anonyme
 
Re,

Et passe malwarebyte en scan complet
0
Réponse 40 / 75
Utilisateur anonyme
 
Re,

Oui le beagle a manger ton antivirus.

▶ Je te conseil D'installer cet Antivirus:

ANTIVIR

▶ Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.

▶ Dans Antivir, choisis Outils puis Configuration.

▶ Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Erreur d'exécution 13 Incompatibilité de type
grace -
pijaku -

5 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses