VIRUSS
taoufik0007
Messages postés
113
Statut
Membre
-
taoufik0007 Messages postés 113 Statut Membre -
taoufik0007 Messages postés 113 Statut Membre -
Bonjour,
COMMENT PROCEDER
############################## [ UsbFix V3.026 | Scan ]
# User : Administrateur (Administrateurs) # TAOUFIK
# Update on 26/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 22:21:35 | 24/06/2009
# Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Avira AntiVir PersonalEdition 8.0.1.30 [ Enabled | Updated ]
# FW : Pare-feu Online Armor[ Enabled ]3.5.0.14
# C:\ # Disque fixe local # 68,48 Go (43,13 Go free) # NTFS
# D:\ # Disque fixe local # 164,4 Go (133,67 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# I:\ # Disque fixe local # 111,76 Go (11,5 Go free) [LaCie] # FAT32
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\WinMover\WinMover.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Metacafe\MetacafeAgent.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
################## [ Registre Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://hp.mywebsearch.com/mywebsearch/index.html"
HKCU_Main: "Secondary Start Pages"=hex(7):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,\
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Administrateur"
HKLM_logon: "AltDefaultUserName"="Administrateur"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Camera Assistant Software="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: ISUSPM="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
HKLM_Run: IntelZeroConfig="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
HKLM_Run: IntelWireless="C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
HKLM_Run: KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
HKLM_Run: Easy-PrintToolBox=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
HKLM_Run: Acrobat Assistant 8.0="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
HKLM_Run: Adobe_ID0EYTHM=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
HKLM_Run: @OnlineArmor GUI="C:\Program Files\Tall Emu\Online Armor\oaui.exe"
HKLM_Run: ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
HKLM_Run: MyWebSearch Plugin=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
HKLM_Run: My Web Search Bar Search Scope Monitor="C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
HKLM_Run: MyWebSearch Email Plugin=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKLM_Run: SSBkgdUpdate="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
HKLM_Run: Opware15="C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe"
HKLM_Run: OpScheduler="C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe"
HKLM_Run: PDF3 Registry Controller="C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: WinMover="C:\Program Files\WinMover\WinMover.exe" /q
HKCU_Run: LtMoh=C:\Program Files\ltmoh\Ltmoh.exe
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: LaCie Backup=C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
HKCU_Run: Le Petit Robert V3 Hyperappel=C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: Google Update="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
HKCU_Run: MyWebSearch Email Plugin=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKCU_Run: OpAgent="C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent
HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.026 ! ]
COMMENT PROCEDER
############################## [ UsbFix V3.026 | Scan ]
# User : Administrateur (Administrateurs) # TAOUFIK
# Update on 26/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 22:21:35 | 24/06/2009
# Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Avira AntiVir PersonalEdition 8.0.1.30 [ Enabled | Updated ]
# FW : Pare-feu Online Armor[ Enabled ]3.5.0.14
# C:\ # Disque fixe local # 68,48 Go (43,13 Go free) # NTFS
# D:\ # Disque fixe local # 164,4 Go (133,67 Go free) # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
# I:\ # Disque fixe local # 111,76 Go (11,5 Go free) [LaCie] # FAT32
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\WinMover\WinMover.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\LaCie\Backup Software\LaCieBackup.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Metacafe\MetacafeAgent.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\agent.exe
################## [ Registre Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://hp.mywebsearch.com/mywebsearch/index.html"
HKCU_Main: "Secondary Start Pages"=hex(7):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,\
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Administrateur"
HKLM_logon: "AltDefaultUserName"="Administrateur"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Camera Assistant Software="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: ISUSPM="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
HKLM_Run: IntelZeroConfig="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
HKLM_Run: IntelWireless="C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
HKLM_Run: KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
HKLM_Run: Easy-PrintToolBox=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
HKLM_Run: Acrobat Assistant 8.0="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
HKLM_Run: Adobe_ID0EYTHM=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
HKLM_Run: @OnlineArmor GUI="C:\Program Files\Tall Emu\Online Armor\oaui.exe"
HKLM_Run: ISUSScheduler="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
HKLM_Run: MyWebSearch Plugin=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
HKLM_Run: My Web Search Bar Search Scope Monitor="C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
HKLM_Run: MyWebSearch Email Plugin=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKLM_Run: SSBkgdUpdate="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
HKLM_Run: Opware15="C:\Program Files\ScanSoft\OmniPage15.0\Opware15.exe"
HKLM_Run: OpScheduler="C:\Program Files\ScanSoft\OmniPage15.0\OpScheduler.exe"
HKLM_Run: PDF3 Registry Controller="C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: WinMover="C:\Program Files\WinMover\WinMover.exe" /q
HKCU_Run: LtMoh=C:\Program Files\ltmoh\Ltmoh.exe
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: LaCie Backup=C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background
HKCU_Run: Le Petit Robert V3 Hyperappel=C:\Program Files\Le Robert\Le Petit Robert 2009\RobertHA.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
HKCU_Run: Google Update="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
HKCU_Run: MyWebSearch Email Plugin=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKCU_Run: OpAgent="C:\Program Files\ScanSoft\OmniPage15.0\OpAgent.exe" /agent
HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
################## [ Fichiers # Dossiers infectieux ]
################## [ Registre # Clés Run infectieuses ]
################## [ Registre # Mountpoints2 ]
################## [ Informations # Fichier Suspect ]
################## [ Cracks # Keygens # Serials ]
# -> Nothing found !
################## [ ! Fin du rapport # UsbFix V3.026 ! ]
ES CE QUE JE SUIS INFECTE PAR UN VIRUS