Fichiers .exe

nanoux21 Messages postés 27 Statut Membre -
nanoux21 Messages postés 27 Statut Membre - 9 mai 2009 à 14:54

Bonjour,lors de chaque demarrage un fichier 'bureau .exe' apparait sur le bureau. De meme qd j ouvre un flash disk. La taille du fichier est tjrs la meme 370 ko
comment le supprimer?
mci

Afficher la suite

A voir également:

Mssoap nude
.Exe - Télécharger - Divers Utilitaires
Svchost exe - Guide
Renommer des fichiers en masse - Guide
Fichiers epub - Guide
Winrar exe - Télécharger - Compression & Décompression

9 réponses

Réponse 1 / 9

Utilisateur anonyme

Salut ,

Télécharge random's system information tool (RSIT) et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt

nanoux21 Messages postés 27 Statut Membre

Merci Chiquitine
j ai telecharger hijack mais comment je peux te poster log.txt
En faisant copie-coller?

nanoux21 Messages postés 27 Statut Membre

ogfile of random's system information tool 1.06 (written by random/random)
Run by Réza at 2009-04-19 11:54:31
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 5 GB (27%) free of 20 GB
Total RAM: 502 MB (10% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:56:36, on 19/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\RZA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Documents and Settings\Réza\Application Data\smss.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
D:\Programmes divers\BatteryMonitor.exe
C:\Documents and Settings\Réza\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Réza\Bureau\utorrent.exe
C:\Documents and Settings\Réza\Mes documents\My Completed Downloads\RSIT.exe
C:\Program Files\trend micro\Réza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [FrameWorkService] C:\WINDOWS\Inf\smss.exe I'm so ugly, I hate myself and I want to die
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Programmes divers\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [NT_Authority] C:\Documents and Settings\Réza\Application Data\svchost.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: Dos Optimizer.pif = ?
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Laptop Battery Power Monitor.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Réponse 2 / 9

Utilisateur anonyme

yes

nanoux21 Messages postés 27 Statut Membre

Re salut
ci dessous log
mci

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2043
Windows 5.1.2600 Service Pack 2

26/04/2009 10:28:37
mbam-log-2009-04-26 (10-28-37).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 144242
Temps écoulé: 44 minute(s), 23 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 277

Processus mémoire infecté(s):
C:\Documents and Settings\Réza\Application Data\svchost.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nt_authority (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\frameworkservice (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind (Hijack.Find) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun (Hijack.Run) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
D:\Programmes divers\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
D:\Programmes divers\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\- Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\01 01 01 01 01 01 Piste 1.wma - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\0854 - Mario Slam Basketball (E) NDS [idgamez.co.uk].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Admission Postbac - Baccalauréat - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Admission Postbac - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Advanced AVG Settings.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Assistant Impression de photographies.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Astuce du jour.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\AVG Anti-Virus Free.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\AVG Antivirus and Security Software - Real-time protection against viruses, spyware and malicious websites - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\AVG Notification Window.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Blocage sd card nds - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Bloqués sur un jeu - Forum - Page 1 sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Bourse en ligne, conseils boursiers, actualité boursière, cours de bourse en direct - Investir.fr - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Boîte de réception - Outlook Express.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Brothers in Arms DS.zip - Add New Torrent.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Brulure.fr, le site de la brulure non chirurgicale - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Brûlure - Wikipédia - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\can cant.pdf - Foxit Reader 2.0 - [can cant.pdf].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\CANELLE CAKE.doc (Lecture seule) [Mode de compatibilité] - Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\CGG VERITAS (ex GEOPHYSIQUE) - Boursorama, Votre partenaire pour investir. - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Choix d'une application externe.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Chutes, bosses, blessures, les petits accidents de parcours - Santé - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\cloque brulure - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\COMMENT ECLATER UNE AMPOULE SUITE A BRULURE - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Comment supprimer autorun.inf [Résolu] - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\comment supprimer fichier .exe sur flash disk - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\comment supprimer fichier .exe sur flashdisk - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Comment supprimer fichier exe sur flashdisk - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Comment Ça Marche - Communauté informatique - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Confirmation d'ajout de message - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Confirmer le remplacement du fichier.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Connexion - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Conseils - Les brûlures - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Continuer - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Copie de DSC00882.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Could not open image file..exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Cyberplus (connexion) - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Cyberplus - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DAP File Shredder.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Diaporama PowerPoint - [Ana Paula Oliveira -Bandeirinha.pps [Mode de compatibilité]].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Diaporama PowerPoint - [Femmes Escritos Milenares_aco.pps [Mode de compatibilité]].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DivX Menu Navigator.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Document1 - Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\dossier post bac.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Download Accelerator Plus (DAP) .exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00012.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00019.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00758.JPG - Visionneuse de photos Picasa.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00761.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00773.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00834.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00835.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00853.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00855.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00861.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00866.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00875.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00888.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00894.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC00895.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC02198.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC02207.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DSC02453.JPG - Visionneuse de photos Picasa.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Déconnecter - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Envoi du fichier.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Erreur de chargement de la page - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\fichier .exe 370 ko impossible a supprimer - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\fichier .exe impossible à supprimer ! - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\fichier .exe trojan - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\fichier exe impossible a supprimer - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Fichier exe trojan - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Fichier Récalcitrant (impossible à supprimer) [Résolu] - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Fichiers .exe - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\FONCTION RECHERCHER N APPARAIT PLUS DANS LE MENU DEMARRER - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Forum d'assistance informatique - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Forum Jeux vidéos - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\FreeDSL - L'Internet haut débit chez vous - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\FROMAGE BHAJIA.doc (Lecture seule) [Mode de compatibilité] - Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 301 - Avec le temps....avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 304 - Maux de cœur.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 310 - Affaires de famille.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 313 - Sexe concurrence et charité.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 314 - L'empoisonneuse.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 315 - Tous sur le pont.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 325 - Le bonheur était presque parfait.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 401 - Le vent du changement.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 402 - Tous accros.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 403 - Paroles Paroles.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 404 - Prêtes à tout.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 405 - Epreuve de force.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 406 - Savoir lacher prise.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 407 - Attraction Physique réaction chimique.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 409 - Quitte ou double.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Greys Anatomy 414 - .avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Guide d'utilisation du forum de CommentCaMarche.net - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\high school musical - Google Recherche d'images - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\high school musical - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\hilton.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\HOT BABE gets naked while riding around in car she spanks her shaved pussy big tits ass kayla kream amateur porn sex gone wild fuck girls doggy style suck dick blowjob sexy you.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\HP Deskjet F2100 series - Utiliser l'imprimante hors connexion.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Illusions d optique - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Illusions d optique - Page 2 - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Illusions d optique - Page 3 - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Illusions d optique - Page 4 - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Installation - Malwarebytes' Anti-Malware.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\J.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\JDIC Tray Icon.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jeux commençant par C sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jeux commençant par L sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jeux commençant par S sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jeux contenant call of duty sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\jeux de disneychanel fr - Jeux de fille - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\JeuxCherche - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\La fonction Rechercher - Aidewindows.net - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\La fonction rechercher sous windows XP ne marche plus - Forum Logiciel - Software - Open Source - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\le forum de tout vos problèmes informatique - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Lecteur Windows Media.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Les meilleurs prix pour le jeu vidéo call sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Leyah et Canelle.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\LineBourse - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Liste des astuces pour Sega Superstars Tennis - Accueil sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\lit.avi - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\ma session - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Madagascar - sobika.com le site des malgaches dans le monde - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Maquiller Avril Lavigne ! Jeux de filles - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Meebo - Connecting AIM, MSN, Yahoo, Facebook, MySpace messengers - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\meebo.com - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\meebo.com - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Message - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Excel - Caisse Social Welfer et AKES.xls [Mode de compatibilité].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Excel - Classeur1.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Excel - Suivi Donation SWB-AKES.xls [Mode de compatibilité].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Office Excel.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Office Picture Manager.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Office Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Modification du texte WordArt.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Mon compte sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\mp - Outlook Express.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\n1518352943_30226440_5970245.jpg - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\nanou et moi.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Nero Burning ROM.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Nero Splash Screen.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Nouvelle version disponible !.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Opt in List! HTMail offer opt in email advertising, internet marketing and online marketing using optin email - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Ouverture de can cant.pdf.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Ouverture de do does.gif.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Ouverture de poem.docx.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Ouverture de this that.gif.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Ouverture de [NDS]Tornado[EUR][ESPALNDS.com].zip [mininova].torrent.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\P3040003.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\P3040008.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\P3110022.JPG - Aperçu des images et des télécopies Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Panneau de configuration.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\patch - Lexique du jeu vidéo - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\PhotoGeniale.doc [Mode de compatibilité] - Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Pinball 3D pour Windows - Cadet de l'Espace.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Piste 3 - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Pose ta question sur le forum Bloqués sur un jeu - Page 1 sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Pose ta question sur le forum Bloqués sur un jeu - Sega Superstars Tennis - Page 1 sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Poste de travail.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-11078904-sweet young teen pussy.mpg ( anal virgin porn wet nudist amateur penis upskirt XXX sexy oral intercourse balls porn cleavage wet amateur sex.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-11705988-18 year old teen rips my pants off to get a taste of my cock (amateur oral sex porn).avi . group blow job interracial blow job .mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-11783841-cute blonde gets hard cock deep in her tight ass! teens s girls anal sex amateur anal sex lesbian anal sex wife anal anal sex forum free anal sex galleries.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-209094928-homemade my ex girlfriend diane very hot XXX porn sex fick blowjob handjob fuck private teen cumsh.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-3657726-one 14 years young nudists girl standing on beach with very ver - xxx porno videos amateur tits sex hard zoo mature young nudist(1).mpeg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Preview-T-85655556-BangBros - Big Tits Round Asses - Nancy.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Probleme gestionnaire de tache sous xp - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Profil de Chiquitine29 - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\projet détudes bac.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Propriétés de Divers+archives.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Propriétés de Document HP Deskjet F2100 series.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Propriétés de la Barre des tâches et du menu Démarrer.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Propriétés de Mes documents.exe.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Propriétés de Poste de travail.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\pvt.slad - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Rafraichir - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Rappel du mot de passe - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Rechercher un dossier.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Rendez-vous sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\ROM - Lexique du jeu vidéo - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Résolution de problème informatique - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Rétablir la fonction Rechercher dans le menu Démarrer - Le PC facile - Tutoriaux, astuces, conseils, ressources, ... accessible à tous les niveaux! - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\S'identifier - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sans titre - Paint.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Se connecter sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Search results for nds - Mininova - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sega Superstars Tennis sur NDS avec NDS Soluces - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Segal Invitation Letter for Exhibition.doc [Mode de compatibilité] - Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\shoot'em up - Lexique du jeu vidéo - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\site resolution problemes informatique - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Supprimer le périphérique en toute sécurité.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Swift Alnoor.pdf - Foxit Reader 2.0 - [Swift Alnoor.pdf].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sélection d'un titre pour le programme.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sélectionner les destinataires.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sélectionnez un fichier image à ouvrir.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-191946252-BangBros - Bangbus Girls - Rene - Blonde Sexy School Teacher.mpeg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-209094928-homemade my ex girlfriend diane very hot XXX porn sex fick blowjob handjob fuck private teen cumsh.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-3640352-big breasted milf gets fucked and cum squirts her face- sexy big black booty busty tit busty tgp thick booty amateur porn petite teen sex .mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-51446216-Sex two lesbians on black sofa enjoying themselves good quality adult porn movie xxx fucking blonde girl.mpeg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-55584816-ideepthroat - Heather Brooke - teaching schoolgirl Lisa how to deepthroat assfuck.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\T-85655556-BangBros - Big Tits Round Asses - Nancy.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Today's torrents - Mininova - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\tof nanou et loulou.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Transport - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\USB Disk Security - zbshareware.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Vidéo Brothers In Arms DS (Jeuxvideo.TV) - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Vidéo C.O.R.E. (Jeuxvideo.TV) - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Virus qui renomme les dossiers en .exe - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\VLC (hardware YUV overlay DirectX output).exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\what_do_they_eat.pdf - Foxit Reader 2.0 - [what_do_they_eat.pdf].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Win32 trojan s attaque au exe - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Windows Internet Explorer.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Windows Live Hotmail - Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Word of God Art of Man Reading Guide Final.pdf - Foxit Reader 2.0 - [Word of God Art of Man Reading Guide Final.pdf].exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Éléments envoyés - Outlook Express.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\ALZip v6.7.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Application Data.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\AVG Update.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Battery Monitor.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Connections Tray.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\DivX EKG.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\ds mathieu.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Enregistrer l'image.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Explorateur Windows.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jauge d'énergie.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Jeux DS.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\MAILING JAMAT.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Malwarebytes' Anti-Malware.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Menu Démarrer.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Mes documents.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Excel.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Microsoft Word.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Mozilla Firefox.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Nero ShowTime.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Nouveau message.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Outlook Express.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Partie terminée.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Photos divers.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Photos louloux.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Picasa 3.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Piriform CCleaner.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Program Manager.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Programmes divers.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Sauvegarde DS.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Statistiques Spider.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Super Finder.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Texte 3D.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\TrendMicro HijackThis.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Vacances FD.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\Vacances Reunion.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\µTorrent 1.8.2.exe (Trojan.Lop.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\lsass.exe (Trojan.Delf) -> Quarantined and deleted successfully.
C:\Documents and Settings\Réza\Application Data\smss.exe (Trojan.Delf) -> Quarantined and deleted successfully.
C:\WINDOWS\inf\smss.exe (Trojan.Delf) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Sexy Girls.scr (Trojan.Delf) -> Quarantined and deleted successfully.

Réponse 3 / 9

Utilisateur anonyme

Telecharge malwarebytes
https://www.malwarebytes.com/

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log

nanoux21 Messages postés 27 Statut Membre

Ok Chiquitine
je vais essayer et te dis
Mci

Réponse 4 / 9

Utilisateur anonyme

élécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm

nanoux21 Messages postés 27 Statut Membre

ok
ci dessous rap lop
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2060 @ 1.60GHz )
BIOS : Ver 1.00PARTTBLP
USER : Réza ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:19 Go (Free:5 Go)
D:\ (Local Disk) - NTFS - Total:54 Go (Free:34 Go)
E:\ (CD or DVD)
F:\ (USB) - FAT - Total:963 Mo (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 26/04/2009|10:55 )

--------------------\\ Listing des dossiers dans APPLIC~1

[29/06/2008|13:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\AccurateRip
[29/06/2008|13:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\AD ON Multimedia
[15/05/2008|18:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[02/07/2007|18:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[02/07/2007|14:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[18/05/2008|20:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\AVS4YOU
[09/11/2008|17:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[26/06/2008|21:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canneverbe_Limited
[02/07/2007|15:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[07/08/2008|15:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\DMCache
[20/01/2009|11:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\dvdcss
[31/05/2008|21:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[14/05/2008|19:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[01/06/2008|11:32] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[31/07/2008|20:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\HP
[31/07/2008|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\HPAppData
[02/07/2007|17:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[07/08/2008|15:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\IDM
[19/07/2008|15:26] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[02/07/2007|15:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[25/12/2007|10:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\Joost
[01/02/2009|11:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[08/02/2009|11:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[12/07/2008|20:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[13/09/2008|17:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[29/06/2008|10:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Orbit
[07/10/2007|10:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\PPTminimizer
[01/05/2008|11:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[12/01/2009|10:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sage
[13/11/2007|20:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Simply Super Software
[23/03/2008|09:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Steganos
[08/07/2007|10:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[13/11/2007|18:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\U3
[08/02/2009|21:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
[18/09/2007|22:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[18/05/2008|17:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
[04/11/2008|16:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
[25/01/2009|17:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\XnView

[09/02/2009|20:54] C:\DOCUME~1\ADMINI~1.AC~\APPLIC~1\Acer
[09/02/2009|20:54] C:\DOCUME~1\ADMINI~1.AC~\APPLIC~1\Identities
[09/02/2009|20:54] C:\DOCUME~1\ADMINI~1.AC~\APPLIC~1\Intel
[09/02/2009|20:55] C:\DOCUME~1\ADMINI~1.AC~\APPLIC~1\Microsoft
[09/02/2009|20:54] C:\DOCUME~1\ADMINI~1.AC~\APPLIC~1\Nero

[27/07/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/01/2009|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/05/2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[04/11/2008|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[10/08/2008|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[02/07/2007|15:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/05/2008|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/07/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[31/07/2008|20:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[31/01/2009|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[31/07/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[31/07/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[02/07/2007|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[09/10/2007|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[23/09/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[03/11/2007|12:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/10/2007|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[13/01/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sage
[29/06/2008|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiComponents
[13/11/2008|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Simply Super Software
[03/11/2007|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/01/2009|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
[31/01/2009|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[31/07/2008|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG

[09/02/2009|18:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Acer
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ahead
[15/02/2009|08:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg8
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\AVS4YOU
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Azureus
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BVRP Software
[02/07/2007|15:26] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\CyberLink
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[07/03/2009|18:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ESTsoft
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Hewlett-Packard
[31/01/2009|09:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\HP
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\HP Product Assistant
[31/07/2008|20:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\HPSSUPPLY
[02/07/2007|14:59] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Intel
[09/10/2007|15:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab Setup Files
[26/04/2009|09:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[11/02/2009|11:23] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[23/03/2009|06:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
[09/02/2009|16:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Nero
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime
[13/01/2009|11:17] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Sage
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SiComponents
[09/02/2009|17:09] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Simply Super Software
[03/11/2007|16:18] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype
[25/01/2009|21:40] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SpeedBit
[20/03/2009|17:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[09/02/2009|17:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WEBREG
[26/02/2009|11:53] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage

[09/02/2009|13:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[09/02/2009|16:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[09/02/2009|15:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[09/02/2009|18:57] C:\DOCUME~1\RZA~1\APPLIC~1\Acer
[16/02/2009|14:32] C:\DOCUME~1\RZA~1\APPLIC~1\Adobe
[09/02/2009|17:00] C:\DOCUME~1\RZA~1\APPLIC~1\CyberLink
[09/02/2009|16:06] C:\DOCUME~1\RZA~1\APPLIC~1\DivX
[21/04/2009|00:01] C:\DOCUME~1\RZA~1\APPLIC~1\dvdcss
[07/03/2009|18:04] C:\DOCUME~1\RZA~1\APPLIC~1\ESTsoft
[09/02/2009|14:58] C:\DOCUME~1\RZA~1\APPLIC~1\Identities
[09/02/2009|15:32] C:\DOCUME~1\RZA~1\APPLIC~1\Intel
[19/04/2009|20:27] C:\DOCUME~1\RZA~1\APPLIC~1\LimeWire
[09/02/2009|14:53] C:\DOCUME~1\RZA~1\APPLIC~1\Macromedia
[26/04/2009|09:27] C:\DOCUME~1\RZA~1\APPLIC~1\Malwarebytes
[23/03/2009|06:56] C:\DOCUME~1\RZA~1\APPLIC~1\Microsoft
[10/02/2009|20:57] C:\DOCUME~1\RZA~1\APPLIC~1\Mozilla
[09/02/2009|16:35] C:\DOCUME~1\RZA~1\APPLIC~1\Nero
[09/02/2009|14:53] C:\DOCUME~1\RZA~1\APPLIC~1\Sun
[19/04/2009|18:53] C:\DOCUME~1\RZA~1\APPLIC~1\uTorrent
[11/02/2009|20:04] C:\DOCUME~1\RZA~1\APPLIC~1\vlc

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[26/04/2009 10:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[06/09/2002 23:59][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[09/02/2009|16:07] C:\Program Files\Adobe
[27/02/2009|18:05] C:\Program Files\AskSBar
[09/02/2009|15:59] C:\Program Files\AVG
[15/03/2009|15:41] C:\Program Files\Best_Security_Tips
[09/02/2009|20:30] C:\Program Files\Ciel e-Commerce
[09/02/2009|20:22] C:\Program Files\Common Files
[09/02/2009|13:56] C:\Program Files\ComPlus Applications
[15/03/2009|15:41] C:\Program Files\Conduit
[09/02/2009|15:12] C:\Program Files\CONEXANT
[09/02/2009|16:59] C:\Program Files\CyberLink
[27/02/2009|18:11] C:\Program Files\DAP
[09/02/2009|16:01] C:\Program Files\DivX
[19/02/2009|22:11] C:\Program Files\Fichiers communs
[09/02/2009|16:06] C:\Program Files\Google
[19/02/2009|22:11] C:\Program Files\Hewlett-Packard
[18/02/2009|20:11] C:\Program Files\HP
[09/02/2009|20:24] C:\Program Files\InstallShield Installation Information
[09/02/2009|15:31] C:\Program Files\Intel
[09/02/2009|14:38] C:\Program Files\Internet Explorer
[09/02/2009|14:53] C:\Program Files\Java
[09/02/2009|14:08] C:\Program Files\JEUX
[09/02/2009|18:51] C:\Program Files\Launch Manager
[11/02/2009|13:15] C:\Program Files\Microsoft
[09/02/2009|14:00] C:\Program Files\microsoft frontpage
[09/02/2009|16:18] C:\Program Files\Microsoft Office
[09/02/2009|16:18] C:\Program Files\Microsoft Visual Studio
[09/02/2009|16:15] C:\Program Files\Microsoft Visual Studio 8
[09/02/2009|16:19] C:\Program Files\Microsoft Works
[09/02/2009|16:17] C:\Program Files\Microsoft.NET
[09/02/2009|13:57] C:\Program Files\Movie Maker
[26/04/2009|10:52] C:\Program Files\Mozilla Firefox
[09/02/2009|16:19] C:\Program Files\MSBuild
[09/02/2009|13:55] C:\Program Files\MSN Gaming Zone
[09/02/2009|14:36] C:\Program Files\MSXML 4.0
[17/02/2009|22:03] C:\Program Files\MSXML 6.0
[09/02/2009|16:30] C:\Program Files\Nero
[09/02/2009|13:57] C:\Program Files\NetMeeting
[09/02/2009|13:57] C:\Program Files\Outlook Express
[09/02/2009|17:06] C:\Program Files\PDFCreator
[09/02/2009|17:06] C:\Program Files\PDFCreator Toolbar
[09/02/2009|15:10] C:\Program Files\Realtek
[09/02/2009|20:03] C:\Program Files\Smart Projects
[09/02/2009|16:04] C:\Program Files\SuperCopier2
[09/02/2009|15:12] C:\Program Files\Synaptics
[19/04/2009|11:56] C:\Program Files\trend micro
[09/02/2009|13:56] C:\Program Files\Uninstall Information
[09/02/2009|15:56] C:\Program Files\USB Disk Security
[09/02/2009|14:08] C:\Program Files\UTILS
[09/02/2009|15:15] C:\Program Files\WIDCOMM
[11/02/2009|13:15] C:\Program Files\Windows Live
[11/02/2009|13:14] C:\Program Files\Windows Live SkyDrive
[09/02/2009|14:51] C:\Program Files\Windows Media Connect 2
[09/02/2009|14:52] C:\Program Files\Windows Media Player
[09/02/2009|13:55] C:\Program Files\Windows NT
[09/02/2009|13:58] C:\Program Files\WindowsUpdate
[09/02/2009|19:04] C:\Program Files\WinPCap
[09/02/2009|15:59] C:\Program Files\WinRAR
[15/03/2009|15:40] C:\Program Files\WinStart Manager
[09/02/2009|16:01] C:\Program Files\WinZip
[09/02/2009|14:51] C:\Program Files\WMV9_VCM
[09/02/2009|14:08] C:\Program Files\WSTARTUP
[09/02/2009|14:00] C:\Program Files\xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[09/02/2009|16:08] C:\Program Files\Fichiers communs\Adobe
[09/02/2009|16:18] C:\Program Files\Fichiers communs\DESIGNER
[19/02/2009|22:11] C:\Program Files\Fichiers communs\Hewlett-Packard
[09/02/2009|18:56] C:\Program Files\Fichiers communs\InstallShield
[09/02/2009|14:53] C:\Program Files\Fichiers communs\Java
[13/04/2009|09:35] C:\Program Files\Fichiers communs\Microsoft Shared
[09/02/2009|13:57] C:\Program Files\Fichiers communs\MSSoap
[09/02/2009|16:33] C:\Program Files\Fichiers communs\Nero
[09/02/2009|16:48] C:\Program Files\Fichiers communs\ODBC
[09/02/2009|13:57] C:\Program Files\Fichiers communs\Services
[09/02/2009|16:48] C:\Program Files\Fichiers communs\SpeechEngines
[09/02/2009|16:14] C:\Program Files\Fichiers communs\System
[11/02/2009|11:24] C:\Program Files\Fichiers communs\Windows Live

--------------------\\ Process

( 49 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 10:56:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:2][D:2]-> C:\DOCUME~1\RZA~1\LOCALS~1\Temp
[F:2][D:0]-> C:\DOCUME~1\RZA~1\Cookies
[F:102][D:4]-> C:\DOCUME~1\RZA~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 26/04/2009|10:57 - Option : [1]

--------------------\\ Fin du rapport a 10:57:15

@+

nanoux21 Messages postés 27 Statut Membre

Salut Chiquitine
tu as pu trouver des solutuions pour les fichiers exe au vu des differents rapports que je t ai envoye
Merci d avance

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 9

Utilisateur anonyme

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique sur combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

nanoux21 Messages postés 27 Statut Membre

ok mci
jessaye et te di

nanoux21 Messages postés 27 Statut Membre

slt
ci dessous rap
ComboFix 09-04-30.05 - Réza 01/05/2009 18:18:13.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.502.123 [GMT 3:00]
Lancé depuis: C:\Documents and Settings\Réza\Mes documents\My Completed Downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Application Data\inst.exe
C:\Documents and Settings\Réza\Favoris\Favoris.exe
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\Packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\winspool.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-01 au 2009-05-01 ))))))))))))))))))))))))))))))))))))
.

2009-05-01 15:22:15 . 2009-05-01 15:22:16 0 d-----w C:\WINDOWS\LastGood
2009-04-26 07:54:35 . 2009-04-26 07:57:15 0 d-----w C:\Lop SD
2009-04-26 07:31:24 . 2007-03-08 10:25:04 378880 ----a-w C:\WINDOWS\system32\Sexy Girls.scr
2009-04-26 06:27:34 . 2009-04-06 12:32:46 15504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2009-04-26 06:27:32 . 2009-04-06 12:32:54 38496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-04-26 06:27:30 . 2009-04-26 06:27:30 0 d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-04-19 08:54:33 . 2009-04-19 08:56:36 0 d-----w C:\Program Files\trend micro
2009-04-19 08:54:31 . 2009-04-19 08:56:39 0 d-----w C:\rsit

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 12:41:26 . 2009-03-15 12:41:23 0 d-----w C:\Program Files\Best_Security_Tips
2009-03-15 12:41:25 . 2009-03-15 12:41:25 0 d-----w C:\Program Files\Conduit
2009-03-15 12:40:19 . 2009-03-15 12:40:19 0 d-----w C:\Program Files\WinStart Manager
2009-03-03 18:30:13 . 2009-02-09 12:59:26 10520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2009-03-03 18:30:13 . 2009-02-09 12:59:22 325128 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2009-03-03 18:30:10 . 2009-02-09 12:59:26 107272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2009-03-01 05:49:35 . 2009-03-01 05:49:35 2678 ----a-w C:\WINDOWS\java\Packages\Data\5JDB739R.DAT
2009-03-01 05:49:30 . 2009-03-01 05:49:30 2678 ----a-w C:\WINDOWS\java\Packages\Data\5RHV9JJD.DAT
2009-03-01 05:49:29 . 2009-03-01 05:49:29 2678 ----a-w C:\WINDOWS\java\Packages\Data\ZXVZNLFV.DAT
2009-03-01 05:49:29 . 2009-03-01 05:49:29 2678 ----a-w C:\WINDOWS\java\Packages\Data\OXVFPFZD.DAT
2009-03-01 05:49:29 . 2009-03-01 05:49:29 2678 ----a-w C:\WINDOWS\java\Packages\Data\A9J7ZPBN.DAT
2009-02-26 14:15:16 . 2009-02-26 14:15:16 50704 ---ha-w C:\WINDOWS\system32\mlfcache.dat
2009-02-19 19:11:39 . 2009-02-19 19:10:24 134198 ----a-w C:\WINDOWS\hpoins14.dat
2009-02-10 17:57:19 . 2009-02-10 17:57:19 0 ----a-w C:\WINDOWS\nsreg.dat
2009-02-10 16:56:05 . 2002-09-06 20:59:59 76134 ----a-w C:\WINDOWS\system32\perfc00C.dat
2009-02-10 16:56:05 . 2002-09-06 20:59:59 468276 ----a-w C:\WINDOWS\system32\perfh00C.dat
2009-02-09 17:54:30 . 2009-02-09 17:54:30 68464 ----a-w C:\Documents and Settings\Administrateur.ACER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-02-09 17:54:10 . 2009-02-09 17:54:10 142 ----a-w C:\Documents and Settings\Administrateur.ACER\Local Settings\Application Data\fusioncache.dat
2009-02-09 17:23:15 . 2009-02-09 17:23:15 2232 ----a-w C:\WINDOWS\java\Packages\Data\NZTNZNXV.DAT
2009-02-09 17:23:15 . 2009-02-09 17:23:15 155995 ----a-w C:\WINDOWS\java\Packages\4FPBLF1B.ZIP
2009-02-09 17:22:53 . 2009-02-09 17:22:53 69632 ----a-w C:\WINDOWS\system32\coface.dll
2009-02-09 17:22:53 . 2009-02-09 17:22:53 172032 ----a-w C:\WINDOWS\system32\portal.dll
2009-02-09 17:22:52 . 2009-02-09 17:22:52 753664 ----a-w C:\WINDOWS\system32\ifsrel.dll
2009-02-09 14:06:29 . 2009-02-09 14:06:29 253139 ----a-w C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_1781.exe
2009-02-09 13:03:45 . 2009-02-09 13:03:45 50688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2009-02-09 12:32:19 . 2009-02-09 12:32:19 21275 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2009-02-09 11:26:25 . 2009-02-09 10:59:02 86331 ----a-w C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-02-09 10:59:22 . 2002-09-06 20:59:59 67 --sha-w C:\WINDOWS\Fonts\desktop.ini
2009-02-09 10:56:12 . 2009-02-09 10:56:12 21892 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2009-02-06 15:52:40 . 2009-02-06 15:52:40 49504 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-03-08 10:25:04 . 2009-05-01 14:49:55 378880 --sh--r C:\WINDOWS\inf\smss.exe
.

------- Sigcheck -------

[-] 2006-11-11 14:02:01 359808 8D8949936913B041C6A0E184FBF1030B C:\WINDOWS\system32\drivers\tcpip.sys

[-] 2006-11-18 23:59:06 1035264 7BA68DF484B550C1F75DD80AE1D7EF67 C:\WINDOWS\explorer.exe

[-] 2006-12-13 13:06:09 1548288 0CEF991C04073F5EC8BFD65B961705F1 C:\WINDOWS\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da30eff8-ccc6-4162-a20d-67402a26a215}]
2009-03-08 10:28:22 2079256 ----a-w C:\Program Files\Best_Security_Tips\tbBest.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da30eff8-ccc6-4162-a20d-67402a26a215}"= "C:\Program Files\Best_Security_Tips\tbBest.dll" [2009-03-08 10:28:22 2079256]

[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= "C:\Program Files\Best_Security_Tips\tbBest.dll" [2009-03-08 10:28:22 2079256]

[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09:51 15360]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" [2009-01-07 10:22:30 6959104]
"NT_Authority"="C:\Documents and Settings\Réza\Application Data\smss.exe" [2007-03-08 10:25:04 378880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 05:55:00 98304]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 05:52:00 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 05:55:00 118784]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-21 07:02:36 53248]
"USB Antivirus"="C:\Program Files\USB Disk Security\USBGuard.exe" [2008-06-14 08:16:30 798720]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-03-03 18:30:10 1601304]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2005-11-24 04:45:42 589824]
"FrameWorkService"="C:\WINDOWS\Inf\smss.exe" [2007-03-08 10:25:04 378880]
"RTHDCPL"="RTHDCPL.EXE" - C:\WINDOWS\RTHDCPL.exe [2005-12-19 06:52:52 15797248]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
ClickTray Calendar.lnk - D:\Programmes divers\ClickTray Calendar\ClickTray.exe [2008-6-28 3495936]

C:\Documents and Settings\R‚za\Menu D‚marrer\Programmes\D‚marrage\
Dos Optimizer.pif [2007-3-8 378880]
IcoSauve.lnk - C:\WINDOWS\system32\IcoSauve.exe [2009-2-9 112128]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-9-16 610365]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)
"DisallowRun"= 1 (0x1)
"NoFolderOptions"= 1 (0x1)
"NoRun"= 1 (0x1)
"NoFind"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"= cmd.exe
"2"= mmc.exe
"3"= rstrui.exe
"4"= regedit.exe
"5"= regedt32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-03 18:30:13 10520 ----a-w C:\WINDOWS\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Documents and Settings\\Réza\\Bureau\\utorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Programmes divers\\LimeWire\\LimeWire.exe"=

R1 efbDisk;efbDisk; [x]
R3 NdisFilt;OSA NdisFilter Protocol;C:\WINDOWS\system32\Drivers\NdisFilt.sys [2005-09-13 12:34:40 4392]
R3 SIoctl;SIoctl;c:\windows\system32\drivers\sioctl.sys [2008-04-25 14:04:28 6144]
S1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-03 18:30:13 325128]
S1 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-03 18:30:10 107272]
S1 OsaFsLoc;OsaFsLoc;C:\WINDOWS\system32\drivers\OsaFsLoc.sys [2005-10-15 15:20:44 12106]
S2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-03-03 18:29:53 903960]
S2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-03-03 18:29:58 298264]
S2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 13:57:06 4096]
S2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 13:57:06 78208]
S2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 13:58:24 7296]
S2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 12:57:16 4010]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-UnlockerAssistant - D:\Programmes divers\Unlocker\UnlockerAssistant.exe

.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.eurosport.fr/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
IE: &Sample Toolband Serach - C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - C:\Documents and Settings\Réza\Application Data\Mozilla\Firefox\Profiles\5wgiyhj5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.sobika.com/
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - component: C:\Documents and Settings\Réza\Application Data\Mozilla\Firefox\Profiles\5wgiyhj5.default\extensions\{f592709f-ff4a-4862-b659-4afabda56312}\components\FFAlert.dll
FF - component: C:\Program Files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: C:\Program Files\Java\jre1.6.0\bin\npoji610.dll
.

nanoux21 Messages postés 27 Statut Membre

slt chiquitine
des nouvelles apres rapport combo fix?
:) Mci

nanoux21 Messages postés 27 Statut Membre

Sorry je n ai plus ds le menu demarrer la fonction executer et rechercher.
Peut cela a un lien avec tt cela?
Mci

Réponse 6 / 9

Utilisateur anonyme

• Télécharge et install UsbFix

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Choisis l'option 1 ( Recherche )

• Laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

nanoux21 Messages postés 27 Statut Membre

re slt
ci dessous rap usbfix

############################## [ UsbFix V3.016 # Scan ]

# User : Réza (Administrateurs) # ACER
# Update on 02/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 17:46:08 | 03/05/2009

# Genuine Intel(R) CPU T2060 @ 1.60GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 19,53 Go (5,75 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 54,99 Go (31,06 Go free) [Data] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 963,7 Mo (612,77 Mo free) [ZEMOT] # FAT

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\DOCUME~1\RZA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\Inf\smss.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\Documents and Settings\Réza\Application Data\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
D:\Programmes divers\BatteryMonitor.exe
C:\Documents and Settings\Réza\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Réza\Bureau\utorrent.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://www.eurosport.fr/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Réza"
HKLM_logon: "AltDefaultUserName"="Réza"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: igfxtray=C:\WINDOWS\system32\igfxtray.exe
HKLM_Run: igfxhkcmd=C:\WINDOWS\system32\hkcmd.exe
HKLM_Run: igfxpers=C:\WINDOWS\system32\igfxpers.exe
HKLM_Run: AzMixerSel=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: USB Antivirus=C:\Program Files\USB Disk Security\USBGuard.exe
HKLM_Run: AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
HKLM_Run: LManager=C:\PROGRA~1\LAUNCH~1\LManager.exe
HKLM_Run: UnlockerAssistant="D:\Programmes divers\Unlocker\UnlockerAssistant.exe"
HKLM_Run: FrameWorkService=C:\WINDOWS\Inf\smss.exe I'm so ugly, I hate myself and I want to die
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: DownloadAccelerator="C:\Program Files\DAP\DAP.EXE" /STARTUP
HKCU_Run: NT_Authority=C:\Documents and Settings\Réza\Application Data\smss.exe

################## [ Informations ]

################## [ Fichiers # Dossiers infectieux ]

Found ! C:\WINDOWS\inf\smss.exe
Found ! "C:\WINDOWS\system32\Sexy Girls.scr"
Found ! "C:\Documents and Settings\Réza\Application Data\svchost.exe"
Found ! "C:\Documents and Settings\Réza\Application Data\lsass.exe"
Found ! "C:\Documents and Settings\Réza\Application Data\smss.exe"

################## [ Registre # Clés Run infectieuses ]

Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "FrameWorkService"

################## [ Registre # Mountpoints2 ]

# -> Not Found !

################## [ ! Fin du rapport # UsbFix V3.016 ! ]

Réponse 7 / 9

Utilisateur anonyme

• Double clic sur le raccourci UsbFix présent sur ton bureau

• choisis l'option 2 ( Suppression )

• Ton bureau disparaitra et le pc redémarrera .

• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

nanoux21 Messages postés 27 Statut Membre

slt
ci dessous rap usbfix apres suppression

############################## [ UsbFix V3.016 # Cleaning ]

# User : Réza (Administrateurs) # ACER
# Update on 02/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 21:02:41 | 03/05/2009

# Genuine Intel(R) CPU T2060 @ 1.60GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 19,53 Go (5,72 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 54,99 Go (31,06 Go free) [Data] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque amovible # 963,7 Mo (612,77 Mo free) [ZEMOT] # FAT

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\WINDOWS\inf\smss.exe
Deleted ! "C:\WINDOWS\system32\Sexy Girls.scr"
Deleted ! "C:\Documents and Settings\Réza\Application Data\svchost.exe"
Deleted ! "C:\Documents and Settings\Réza\Application Data\lsass.exe"
Deleted ! "C:\Documents and Settings\Réza\Application Data\smss.exe"

################## [ Registre # Clés Run infectieuses ]

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "FrameWorkService"

################## [ Registre # Mountpoints2 ]

# -> Not Found !

################## [ Listing des fichiers présent ]

[09/02/2009 18:52|--a------|700] - C:\boot.ini
[06/09/2002 23:59|-rahs----|4952] - C:\Bootfont.bin
[04/08/2004 03:00|-r-hs----|263488] - C:\cmldr
[09/02/2009 14:00|--a------|0] - C:\CONFIG.SYS
[?|?|?] - C:\hiberfil.sys
[09/02/2009 16:50|--a------|4128] - C:\INFCACHE.1
[09/02/2009 14:00|-rahs----|0] - C:\IO.SYS
[09/02/2009 19:19|--a------|6] - C:\ISACER.ID
[26/04/2009 10:57|--a------|13811] - C:\lopR.txt
[09/02/2009 14:00|-rahs----|0] - C:\MSDOS.SYS
[04/08/2004 02:38|-rahs----|47564] - C:\NTDETECT.COM
[04/08/2004 02:59|-rahs----|251712] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[03/05/2009 21:04|--a------|3012] - C:\UsbFix.txt
[09/02/2009 14:59|--a------|56] - C:\XP_Version.txt
[07/06/2008 10:07|--a------|48831512] - D:\avg_free_stf_en_8_100a1323.exe
[28/01/2009 16:15|--a------|115200] - D:\coordonnées Jamat Tana sept 2006 maj.XLS
[12/03/2009 07:31|--a------|1833359758] - D:\Divers+archives.zip
[15/09/2008 12:53|--a------|22016] - D:\NOM EL E4K.xls
[14/02/2007 14:11|--a------|23706] - D:\Tutoriel Supercard DS One.pdf
[31/03/2009 12:02|--a------|357376] - F:\LISTE KLAXCAR 21 11 08.xls
[07/04/2009 08:58|--a------|52736] - F:\IRSA.xls
[14/04/2009 11:48|--a------|40960] - F:\BILAN KATIJA2008.xls
[11/04/2009 11:19|--a------|46080] - F:\BILAN GIA 2008.xls
[15/04/2009 09:20|--a------|110592] - F:\DBX PF 300309 INVOICE for AT.xls
[22/04/2009 08:21|--a------|3232] - F:\BOOTEX.LOG
[20/04/2009 15:09|--a------|147721] - F:\Audit NC 2008.eml
[22/04/2009 14:37|--a------|169954] - F:\lettre swift.jpg
[08/03/2007 13:25|--a------|378880] - F:\réza_Fichiers.exe
[25/04/2009 12:06|--a------|44544] - F:\AIDES SWB PAR NOM-REGION 2008.xls

################## [ Vaccination ]

################## [ Cracks / Keygens / Serials ]

C:\Documents and Settings\Réza\Mes documents\Downloads\Avanquest Fix-It Utilities v9.0.2.3 Pro+Keygen-HeartBug\Fix-It_Professional_9023.exe
C:\Documents and Settings\Réza\Mes documents\Downloads\Trojan Remover 6.7.6\patch\trjrmvr.exe

################## [ ! Fin du rapport # UsbFix V3.016 ! ]

Réponse 8 / 9

Utilisateur anonyme

Met malewarebytes a jours , ensuite lance un scan rapide et post le rapport stp

nanoux21 Messages postés 27 Statut Membre

slt
ci dessous rap malware
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2071
Windows 5.1.2600 Service Pack 2

03/05/2009 22:18:57
mbam-log-2009-05-03 (22-18-46).txt

Type de recherche: Examen rapide
Eléments examinés: 96408
Temps écoulé: 12 minute(s), 8 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 96

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NT_Authority (Trojan.Delf) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 (Security.Hijack) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 (Security.Hijack) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 (Security.Hijack) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Réza\Application Data\###### UsbFix by Chiquitine29, C_XX & Chimay8 ######.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Actualité des Vols - Informations vols en Cours Air France - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Air France - Informations sur les horaires des vols - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\aliments sperme - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Archive name and parameters.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Arrêt de LimeWire....exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\AVG Anti-Virus Free.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\AVG Notification Window.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Bang Bus presents - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\BangBros - Big Tits Round Asses - Nancy.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Boîte d'envoi - Outlook Express.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Boîte de réception - Outlook Express.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Centre d'aide et de support.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Choisissez un motif de carte.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Comment Ça Marche - Communauté informatique - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Confirmation d'ajout de message - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Connexion - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Connexion au réseau local.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Continuer - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Could not open image file..exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Creating archive avg_free_stf_en_8_100a1323.rar.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Creating archive Photos divers.zip.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\destination - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Diaporama PowerPoint - [PourlaPAIX.pps [Mode de compatibilité]].exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Effacer mes traces.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\EJACULATION PRECOCE ou éjaculation prématurée - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Erreur de chargement de la page - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\fax-20090428-153055.pdf - Foxit Reader 2.0 - [fax-20090428-153055.pdf].exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Fichiers .exe - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\File Download - Download Accelerator Plus (DAP).exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Fonction executer disparue - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Fonction executer sous xp - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Fonction rechercher xp - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Forum CCM - édition du message - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\FreeDSL - L'Internet haut débit chez vous - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Gape - Little Woman Squeezes Out Nut Thru Her Tiny Gape(creampie.babymaker) cum in asshole of pink blond sexy asian preteen hardcore anal rape bondage mature amateur teen young.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Google - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\horaires avion air france - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\JDIC Tray Icon.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Lien rechercher n apparait plus dans menu demarrer - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Madagascar - sobika.com le site des malgaches dans le monde - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Mise à jour.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Onglet rechercher n apparait plus dans menu demarrer - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\opeation annulee restrictions en vigueur - Live Search - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Operation annulee - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Operation annulee en raison rstrictions en vigueur sue cet ordinateur - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Operation annulee en raison rstrictions en vigueur sur cet ordinateur - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Operation annulée restriction vigueur (lien) - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Opération annulée à cause de restrictions - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Personnaliser le menu Démarrer classique.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Photos fetes ecole juillet 2008.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Poste de travail.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Preview-T-209094928-homemade my ex girlfriend diane very hot XXX porn sex fick blowjob handjob fuck private teen cumsh.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Preview-T-85655556-BangBros - Big Tits Round Asses - Nancy.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Propriétés de Administrateur.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Propriétés de la Barre des tâches et du menu Démarrer.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Protection de fichiers Windows.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Rafraichir - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Rechercher - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Rechercher un dossier.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Restriction en vigueur de mon administration - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\RESTRICTIONS EN VIGUEUR SUR CET ORDINATEUR - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\rss - Recherche Google - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Résultats de la recherche - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Résultats de la recherche pour « ctrl alt suppr n apparait pas » dans le forum - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Résultats de la recherche pour « ctrl alt suppr » dans le forum - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\S'identifier - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Sans titre - Paint.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Search results for fix it utilities - Mininova - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\T-209094928-homemade my ex girlfriend diane very hot XXX porn sex fick blowjob handjob fuck private teen cumsh.mpg - Lecteur multimédia VLC.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Transport - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Tutorial Lop S&D - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Utilisateurs et groupes locaux.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\VLC (hardware YUV overlay DirectX output).exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Windows Live Hotmail - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Windows XP la fonction recherche inopérante - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\[Restriction en vigueur] - Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\µTorrent User Manual.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Éléments envoyés - Outlook Express.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Éléments supprimés - Outlook Express.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Application Data.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Battery Monitor.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Comptes d'utilisateurs.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Malwarebytes' Anti-Malware.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Menu Démarrer.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Mozilla Firefox.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Nouveau message.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Nouvelle archive.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Options Internet.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Outlook Express.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Partie terminée.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Photos divers.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Program Manager.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Programmes divers.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\Texte 3D.exe (Trojan.Lop.H) -> No action taken.
C:\Documents and Settings\Réza\Application Data\µTorrent 1.8.2.exe (Trojan.Lop.H) -> No action taken.

Réponse 9 / 9

Utilisateur anonyme

OK , refais un scan RIST et post log.txt stp

nanoux21 Messages postés 27 Statut Membre

slt chiquitine
ci dessous dernier rapport rist
ogfile of random's system information tool 1.06 (written by random/random)
Run by Réza at 2009-05-04 18:35:20
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 6 GB (28%) free of 20 GB
Total RAM: 502 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:35:25, on 04/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
D:\Programmes divers\BatteryMonitor.exe
C:\Documents and Settings\Réza\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\RZA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Réza\Mes documents\My Completed Downloads\RSIT.exe
C:\Documents and Settings\Réza\Mes documents\My Completed Downloads\Réza.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBest.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Programmes divers\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [FrameWorkService] C:\WINDOWS\Inf\smss.exe I'm so ugly, I hate myself and I want to die
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [NT_Authority] C:\Documents and Settings\Réza\Application Data\lsass.exe
O4 - Startup: Dos Optimizer.pif = ?
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Laptop Battery Power Monitor.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

nanoux21 Messages postés 27 Statut Membre

Slt Chiquitine
tu as pu voir apres dernier rapport rist poste?
le fichier bureau.exe apparait tjrs et bolque les fonctions executer et rechercher du menu demarrer
mci

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne

Newsletters

Newsletters

Actu du jour

Voir un exemple