win32.brontok Résolu

Question

Bonjour, voila mon ordi est infecté par ce brontok c'est mon antivirus (symantec antivirus) qui me le dit tout les 30 min , mon beau-pere qui est informaticien me dit que je v devoir rebouter mon ordi , je vien vous voir pour vous demander si vous auriez une solution pour enlever ce virus sans etre obliger de redémarrer a zéro mon ordi voila merci

yoann80 · Answer

bon j'ai telecharger hijacktis comme vous le dite dans un autre post et voila le resultat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:17, on 31/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\WINDOWS\system32
vsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\windows\System32\TUProgSt.exe
C:\Program Files\Winsudate\gibsvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:pissavy@jeuxvideo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
View
wiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - https://benchmarks.ul.com?redirected=true
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\windows\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\windows\System32\TUProgSt.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

yoann80 · Answer

svp aider moi

yoann80 · Answer

encore une fenetre avec win32.brontok et je peut que cocher enable protection comment ca ce fait?

yoann80 · Answer

si quelqu'un pouvez m'aider ce serait sympa j'ai vut que ce n'etait pas facile d'eliminer ce virus mais ca coute rien d'essayer

chimay8 · Answer

salut

ta plusieurs infections

va d'abord dans le gestionnaire des taches
et stop ce processus
gibsvc.exe

rends toi ici
C:\Program Files\Winsudate=> tu le supprimes(si tu sais pas,essaye en mode sans echec!)

ensuite

relance hijack(scan only) et coche ces lignes

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll    
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll    
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll  
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation
View
wiz.exe /install    
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background    
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')    
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')    
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab  

clic sur fix checked

ensuite

Télécharge Toolbar-S&D (Eric_71, Angeldark, Sham_Rock et XmichouX) sur ton Bureau. 
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2 

en cas de problêmes,tu as un tuto
Tutorial Toolbar S&D

* Lance l'installation du programme en exécutant le fichier téléchargé. 
* Double-clique sur le raccourci de Toolbar-S&D. 
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis valide avec la touche "Entrée". 
Tape sur "2" puis valide en appuyant sur "Entrée". 
*** Ne ferme pas la fenêtre lors de la suppression *** 
* Poste le rapport généré. (C:\TB.txt)



ensuite

Télécharge Malwarebytes' Anti-Malware et enregistre le sur ton Bureau. 
https://www.malwarebytes.com/ 

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci. 
Double-clique sur l'icône "Download_mbam-setup.exe" sur ton bureau pour démarrer le programme d'installation.
 
Pendant l'installation, suis les indications n'apporte aucune modification aux réglages par défaut et en fin d'installation, vérifie que les options "Update Malwarebytes' Anti-Malware" et "Launch Malwarebytes' Anti-Malware" soit cochées.
 
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue.
La fenêtre principale de MBAM s'affiche : 
Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse. 
MBAM analyse ton ordinateur.
 
L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
 
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre. 
Si des malwares sont détectés, leur liste s'affiche. 
***EN CLIQUANT SUR SUPPRESSION(?)FAIT LE*** , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. 

MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs) 
Ferme MBAM en cliquant sur Quitter.
 
Poste le rapport dans ta réponse

yoann80 · Answer

voila le rappor toolbar


   -----------\  ToolBar S&D 1.2.8   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
   BIOS : Default System BIOS
   USER : pour les jeux ( Administrator )
   BOOT : Normal boot
   Antivirus : Symantec AntiVirus Corporate Edition 10.0.0.359 (Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:149 Go (Free:31 Go)
   D:\ (CD or DVD)
   E:\ (USB)
   F:\ (USB)
   G:\ (USB)
   H:\ (USB)
   I:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
   Option : [1] ( 31/07/2009|16:12 )

   -----------\  Recherche de Fichiers / Dossiers ...

   [Service] ASKUpgrade
   C:\Program Files\AskBarDis
   C:\Program Files\AskBarDis\bar
   C:\Program Files\AskBarDis\PopSwatter
   C:\Program Files\AskBarDis\unins000.dat
   C:\Program Files\AskBarDis\unins000.exe
   C:\Program Files\AskBarDis\bar\bin
   C:\Program Files\AskBarDis\bar\Cache
   C:\Program Files\AskBarDis\bar\History
   C:\Program Files\AskBarDis\bar\Settings
   C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
   C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
   C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
   C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
   C:\Program Files\AskBarDis\bar\bin\psvince.dll
   C:\Program Files\AskBarDis\bar\Cache\0002CFAA
   C:\Program Files\AskBarDis\bar\Cache\0002FCC5
   C:\Program Files\AskBarDis\bar\Cache\00042392
   C:\Program Files\AskBarDis\bar\Cache\0004E471
   C:\Program Files\AskBarDis\bar\Cache\001214E8.bin
   C:\Program Files\AskBarDis\bar\Cache\00121A18.bin
   C:\Program Files\AskBarDis\bar\Cache\00121B8F.bin
   C:\Program Files\AskBarDis\bar\Cache\00121D15.bin
   C:\Program Files\AskBarDis\bar\Cache\00121EAC.bin
   C:\Program Files\AskBarDis\bar\Cache\00122061.bin
   C:\Program Files\AskBarDis\bar\Cache\0960A9F2
   C:\Program Files\AskBarDis\bar\Cache\files.ini
   C:\Program Files\AskBarDis\bar\History\search
   C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
   C:\Program Files\AskBarDis\bar\Settings\config.dat
   C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
   C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
   C:\Program Files\AskBarDis\PopSwatter\History
   C:\Program Files\AskBarDis\PopSwatter\History\allowed
   C:\Program Files\AskBarDis\PopSwatter\History
otallow
   C:\Program Files\DAEMON Tools Toolbar
   C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
   C:\Program Files\DAEMON Tools Toolbar\Resources
   C:\Program Files\DAEMON Tools Toolbar\uninst.exe
   C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
   C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
   C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
   C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\dtt16.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\dtt32.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\favicon.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\GameS.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\GameSA.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
   C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\hide.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\ImageS.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\ImageSA.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
   C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources
ext.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
ext_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
ext_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
ext_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
one.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
one_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources
oW.gif
   C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioM.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resourcesbcheck.ico
   C:\Program Files\DAEMON Tools Toolbar\Resourcesbtxt.ico
   C:\Program Files\DAEMON Tools Toolbar\Resourcesefresh.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resourcesefresh_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resourcesefresh_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resourcesefresh_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RssA.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RssA1.ico
   C:\Program Files\DAEMON Tools Toolbar\ResourcesssClose.ico
   C:\Program Files\DAEMON Tools Toolbar\ResourcesssL.bmp
   C:\Program Files\DAEMON Tools Toolbar\ResourcesssOpen.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\s2.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\show.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources	ime.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources	oolbar.xml
   C:\Program Files\DAEMON Tools Toolbar\Resources	rans.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
   C:\Program Files\DAEMON Tools Toolbar\Resources\WebS.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\WebSa.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi14.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
   C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico

   -----------\  Extensions

   (pour les jeux) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus


   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Local Page"="C:\WINDOWS\system32\blank.htm"
   "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\POURLE~1\Application Data\uTorrent\Virtua.Tennis.2009.Crack.rar.torrent



   1 - "C:\ToolBar SD\TB_1.txt" - 31/07/2009|16:13 - Option : [1]

   -----------\  Fin du rapport a 16:13:25,71

chimay8 · Answer

je t'ai demandé l'option 2,pas la 1(je le sais que ta des toolbar dégueu!)

yoann80 · Answer

desolé pour les toolbar degueu voila j'ai fait le 2 comme tu ma dit par contre malwarebytes ne se lance pas je ne comprend pas pourquoi
   -----------\  ToolBar S&D 1.2.8   XP/Vista

   Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
   BIOS : Default System BIOS
   USER : pour les jeux ( Administrator )
   BOOT : Normal boot
   Antivirus : Symantec AntiVirus Corporate Edition 10.0.0.359 (Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:149 Go (Free:31 Go)
   D:\ (CD or DVD)
   E:\ (USB)
   F:\ (USB)
   G:\ (USB)
   H:\ (USB)
   I:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
   Option : [2] ( 31/07/2009|16:21 )

   -----------\ SUPPRESSION

   Supprime! - [Service] ASKUpgrade
   Supprime! - C:\Program Files\AskBarDis\bar
   Supprime! - C:\Program Files\AskBarDis\PopSwatter
   Supprime! - C:\Program Files\AskBarDis\unins000.dat
   Supprime! - C:\Program Files\AskBarDis\unins000.exe
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
   Supprime! - C:\Program Files\AskBarDis
   Supprime! - C:\Program Files\DAEMON Tools Toolbar

   -----------\  Recherche de Fichiers / Dossiers ...


   -----------\  Extensions

   (pour les jeux) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus


   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\windows\system32\blank.htm"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Local Page"="C:\WINDOWS\system32\blank.htm"
   "Start Page"="https://www.msn.com/fr-fr/"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\POURLE~1\Application Data\uTorrent\Virtua.Tennis.2009.Crack.rar.torrent



   1 - "C:\ToolBar SD\TB_1.txt" - 31/07/2009|16:13 - Option : [1]
   2 - "C:\ToolBar SD\TB_2.txt" - 31/07/2009|16:21 - Option : [2]

   -----------\  Fin du rapport a 16:21:51,81

chimay8 · Answer

par contre malwarebytes ne se lance pas

il te donne une raison?

yoann80 · Answer

nan rien du tout je clik sur l'icone et rien ne s'affiche

yoann80 · Answer

il apparait toujours win32.brontok

chimay8 · Answer

Il apparait toujours win32.brontok

normal ici on a enlevé deux truc qui n'ont rien avoir avec brontok

bon,puisque MBAM veut pas se lancer fais ceci stp

Télécharge ==>Combofix sUBs<== 
et sauvegarde le sur ton bureau et pas ailleurs! 

**Désactive les logiciels de protection** (Antivirus, Antispywares) puis : 
deconnecte toi d'internet,ferme tout les programmes 

Double-clique sur combofix,si il te demande d'installer la console,fais le(voir plus bas)
ensuite,
il va te poser une question, réponds par la touche 1 et entrée pour valider. 
ne touche plus à rien, même pas ta souris!! 

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport. 

-----------------------------------------------------

installer la Console de Récupération sur ton pc(cela permettra de réparer ton système au cas où le pc ne redémarrerait plus suite à la désinfection.)

Clique sur le lien ci-dessous pour aller sur le site Web de Microsoft:

https://support.microsoft.com/en-us/help/310994

descend jusqu'à "Téléchargement du fichier programme des disquettes d'installation" et clique sur le téléchargement correspondant à ta version de Windows XP (Édition familiale ou Professionnel) et au Service Pack que tu as installé.
**note: pour le SP3 charge le Service Pack 2
        pour Windows XP Media Center charge XP Pro Service Pack 2.

enregistre le sur ton bureau. 

fais un glisser/déposer du fichier sur l'icone de combofix comme ceci
http://img.bleepingcomputer.com/combofix/usage/rc.gif

Combofix va installer la console de récupération sur ton pc	  

a la fin de l'installation,combofix va afficher un message qui te signale que la console est installée.

---------------------------------------------------------------------

yoann80 · Answer

ComboFix 09-07-29.04 - pour les jeux 31/07/2009 16:55.1.1 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1023.595 [GMT 2:00]
Running from: c:\documents and settings\pour les jeux\Bureau\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\pour les jeux\Application Data\Google\cqvgl19623160.exe
c:\documents and settings\pour les jeux\Application Data\Google\Shell32.dll
c:\windows\system32\drivers\svchost.exe

.
(((((((((((((((((((((((((   Files Created from 2009-06-28 to 2009-07-31  )))))))))))))))))))))))))))))))
.

2009-07-31 14:16 . 2009-07-13 11:36	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-31 14:16 . 2009-07-31 14:16	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-07-31 14:16 . 2009-07-31 14:16	--------	dc----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-31 14:16 . 2009-07-13 11:36	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-07-31 14:11 . 2009-07-31 14:21	--------	dc----w-	C:\ToolBar SD
2009-07-31 13:13 . 2009-07-31 13:13	--------	d-----w-	c:\program files\Trend Micro
2009-07-31 12:47 . 2009-07-31 12:47	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\Malwarebytes
2009-07-31 12:07 . 2009-07-31 12:07	4956408	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\pdinstall.exe
2009-07-31 11:56 . 2009-07-31 11:56	422	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\DivX\mario.exe
2009-07-31 11:56 . 2009-07-31 11:56	16141	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\Help\flamiks32.exe
2009-07-31 11:56 . 2009-07-31 11:56	145131	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\dvdcss\pingo.dll
2009-07-31 11:56 . 2009-07-31 11:56	13221	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite\xl12.exe
2009-07-31 11:56 . 2009-07-31 11:56	11232	-c--a-w-	c:\documents and settings\pour les jeux\Application Data\Adobe
origami.dll
2009-07-30 11:59 . 2009-07-30 11:59	--------	d-----w-	c:\windows\Eurobarre
2009-07-29 11:45 . 2009-07-29 11:54	--------	d-----w-	c:\program files\GUILD WARS
2009-07-28 23:16 . 2009-07-03 16:57	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-28 23:16 . 2009-07-03 16:57	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2009-07-28 14:26 . 2009-07-28 14:26	--------	dc----w-	C:\CrashReport
2009-07-27 20:55 . 2009-07-30 23:51	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\VirtuaTennis2009
2009-07-27 11:11 . 2009-07-27 11:11	--------	d-----w-	c:\program files\NVIDIA Corporation
2009-07-27 11:11 . 2009-07-27 11:11	--------	dc----w-	c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-07-27 10:52 . 2009-07-27 10:52	--------	d-----w-	c:\program files\Electronic Arts
2009-07-25 17:31 . 2009-07-25 17:37	--------	d-----w-	c:\program files\BitComet
2009-07-25 17:24 . 2009-07-25 17:24	--------	d-----w-	c:\program files\uTorrent
2009-07-23 17:55 . 2009-07-23 17:57	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\TigerPlayer
2009-07-23 17:53 . 2009-07-23 17:53	--------	dc----w-	c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-23 17:51 . 2009-07-23 17:55	--------	d-----w-	c:\program files\MpcStar
2009-07-22 15:04 . 2009-07-27 21:18	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Adobe
2009-07-21 20:04 . 2009-07-21 20:04	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Help
2009-07-21 10:42 . 2009-07-21 10:42	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\TuneUp Software
2009-07-20 21:14 . 2009-07-20 21:14	--------	dcsh--w-	c:\documents and settings\pour les jeux\IECompatCache
2009-07-18 15:32 . 2009-07-18 15:32	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Mozilla
2009-07-18 11:07 . 2009-07-29 14:25	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\dvdcss
2009-07-16 21:20 . 2009-07-16 21:20	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\vlc
2009-07-16 21:19 . 2009-07-16 21:19	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\DivX
2009-07-16 19:04 . 2009-07-16 19:04	--------	dc-h--r-	c:\documents and settings\pour les jeux\Application Data\SecuROM
2009-07-16 11:23 . 2009-07-31 15:02	--------	dc----w-	c:\documents and settings\pour les jeux\Tracing
2009-07-15 20:09 . 2009-07-15 20:09	48120	-c--a-w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-15 19:50 . 2009-07-15 19:50	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Electronic Arts
2009-07-15 19:34 . 2009-07-15 19:35	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite
2009-07-14 11:34 . 2009-07-14 11:34	86016	----a-w-	c:\windows\system32
vmctray.dll
2009-07-14 11:29 . 2009-07-14 11:29	--------	dcsh--w-	c:\documents and settings\pour les jeux\PrivacIE
2009-07-14 10:06 . 2009-07-14 10:06	--------	d-----w-	c:\program files\Firaxis Games
2009-07-13 08:50 . 2009-07-13 08:50	--------	dc----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-07-12 18:46 . 2009-07-13 13:39	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\dvdcss
2009-07-12 14:26 . 2009-07-12 14:26	--------	d-----w-	c:\program files\Fichiers communs\DirectX
2009-07-12 13:57 . 2009-07-12 13:57	--------	dc----w-	C:\AeriaGames
2009-07-12 01:06 . 2009-07-12 01:06	--------	d-----w-	c:\program files\Microsoft CAPICOM 2.1.0.2
2009-07-11 18:39 . 2009-07-11 18:39	--------	d-----w-	c:\program files\psx emulation cheater
2009-07-11 18:26 . 2008-04-14 12:00	221184	----a-w-	c:\windows\system32\wmpns.dll
2009-07-11 18:14 . 2009-07-11 18:14	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\fltk.org
2009-07-11 10:49 . 2009-07-11 10:58	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Mount&Blade
2009-07-11 10:39 . 2009-07-11 10:56	--------	d-----w-	c:\program files\Mount&Blade
2009-07-11 09:37 . 2009-07-11 09:37	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Electronic Arts
2009-07-11 09:35 . 2009-07-11 09:36	--------	d--h--w-	c:\windows\msdownld.tmp
2009-07-11 00:46 . 2008-10-16 12:06	268648	----a-w-	c:\windows\system32\mucltui.dll
2009-07-11 00:46 . 2008-10-16 12:06	208744	----a-w-	c:\windows\system32\muweb.dll
2009-07-10 11:30 . 2009-07-17 00:09	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Tracing
2009-07-10 11:28 . 2009-07-24 17:45	--------	d-----w-	c:\program files\Microsoft Silverlight
2009-07-10 11:27 . 2009-07-10 11:27	--------	d-----w-	c:\program files\Microsoft Office Outlook Connector
2009-07-10 11:27 . 2009-02-06 16:08	55152	----a-w-	c:\windows\system32\drivers\fssfltr_tdi.sys
2009-07-10 11:26 . 2009-07-10 11:26	--------	d-----w-	c:\program files\Microsoft Sync Framework
2009-07-10 11:25 . 2009-07-10 11:25	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2009-07-10 11:24 . 2009-07-10 11:28	--------	d-----w-	c:\program files\Microsoft
2009-07-10 11:24 . 2009-07-10 11:24	--------	d-----w-	c:\program files\Windows Live SkyDrive
2009-07-10 11:23 . 2009-07-10 11:27	--------	d-----w-	c:\program files\Windows Live
2009-07-10 11:18 . 2009-07-10 11:18	--------	d-----w-	c:\program files\Fichiers communs\Windows Live
2009-07-10 11:00 . 2009-07-10 11:07	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Google
2009-07-10 11:00 . 2009-07-10 12:26	--------	d-----w-	c:\program files\Google
2009-07-10 11:00 . 2009-07-10 11:00	--------	d-----w-	c:\program files\Fichiers communs\DivX Shared
2009-07-10 10:44 . 2009-07-10 10:43	410984	----a-w-	c:\windows\system32\deploytk.dll
2009-07-10 10:43 . 2009-07-10 10:43	--------	d-----w-	c:\program files\Java
2009-07-10 10:32 . 2009-07-10 10:32	0	----a-w-	c:\windows
sreg.dat
2009-07-10 10:32 . 2009-07-10 10:32	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Mozilla
2009-07-10 10:09 . 2009-07-10 10:09	--------	d-----w-	c:\program files\AGEIA Technologies
2009-07-10 10:09 . 2009-07-10 10:09	--------	d-----w-	c:\windows\system32\AGEIA
2009-07-10 10:08 . 2009-07-22 14:22	--------	d-----w-	c:\program files\Fichiers communs\Wise Installation Wizard
2009-07-09 14:43 . 2009-07-09 14:43	96	---ha-w-	c:\windows\system32\HsInfo.dat
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----r-	c:\documents and settings\LocalService\Mes documents
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----r-	c:\documents and settings\LocalService\Favoris
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----w-	c:\documents and settings\LocalService\Menu Démarrer
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----w-	c:\documents and settings\LocalService\Bureau
2009-07-09 10:10 . 2009-07-09 10:10	--------	d-----w-	c:\program files\Winletmin
2009-07-09 10:02 . 2009-07-09 10:02	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Adobe
2009-07-09 01:42 . 2009-07-10 13:04	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Hamachi
2009-07-09 01:42 . 2009-07-09 01:42	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys
2009-07-09 01:42 . 2009-07-09 01:42	--------	d-----w-	c:\program files\Hamachi
2009-07-09 01:19 . 2009-07-09 01:19	--------	d-sh--w-	c:\windows\ftpcache
2009-07-09 00:13 . 2009-07-11 23:05	--------	d-----w-	c:\program files\Postal2STP
2009-07-08 23:53 . 2009-07-09 00:01	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\The Witcher
2009-07-08 21:53 . 2009-07-08 21:53	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\vlc
2009-07-08 21:15 . 2009-07-08 22:23	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Xfire
2009-07-08 21:15 . 2009-07-08 22:23	--------	d-s---w-	c:\program files\Xfire
2009-07-08 18:02 . 2009-07-08 18:02	--------	d-----w-	c:\program files\THQ
2009-07-08 17:23 . 2009-07-08 17:23	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Gas Powered Games
2009-07-08 17:20 . 2009-07-10 11:29	48120	-c--a-w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-08 17:10 . 2009-07-08 17:10	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Stardock
2009-07-08 17:09 . 2009-07-08 17:09	--------	dc-h--w-	c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}
2009-07-08 17:09 . 2009-03-12 19:49	2601464	-c--a-w-	c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
2009-07-08 17:09 . 2009-07-08 17:09	--------	dc----w-	c:\documents and settings\All Users\Application Data\Stardock
2009-07-08 17:09 . 2009-07-08 17:09	--------	d-----w-	c:\program files\Stardock
2009-07-08 17:06 . 2009-07-08 17:06	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Stardock
2009-07-08 13:56 . 2009-07-08 13:56	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Oblivion
2009-07-07 20:27 . 2009-07-07 20:27	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2009-07-07 17:31 . 2009-07-27 15:54	--------	d-----w-	c:\program files\Nobilis
2009-07-07 16:56 . 2009-07-09 08:38	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\VirtuaTennis2009
2009-07-07 16:47 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2009-07-07 16:47 . 2009-03-09 13:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll
2009-07-07 16:47 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2009-07-07 16:47 . 2009-03-16 12:18	69448	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2009-07-07 16:47 . 2009-03-16 12:18	517448	----a-w-	c:\windows\system32\XAudio2_4.dll
2009-07-07 16:47 . 2009-03-16 12:18	235352	----a-w-	c:\windows\system32\xactengine3_4.dll
2009-07-07 16:47 . 2009-03-16 12:18	22360	----a-w-	c:\windows\system32\X3DAudio1_6.dll
2009-07-07 15:57 . 2009-07-07 15:57	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DAEMON Tools Pro
2009-07-07 15:55 . 2009-07-07 15:55	126064	----a-w-	c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\program files\MSBuild
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\windows\system32\XPSViewer
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\program files\Reference Assemblies
2009-07-07 15:38 . 2009-07-31 14:24	--------	d-----w-	c:\program files\SEGA
2009-07-07 09:45 . 2009-07-07 15:37	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DAEMON Tools Lite
2009-07-07 09:43 . 2009-07-17 01:51	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\uTorrent
2009-07-07 09:39 . 2009-07-09 22:41	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Contacts
2009-07-07 09:33 . 2009-07-07 09:33	--------	dcsh--w-	c:\documents and settings\jeux.BUREAU1\PrivacIE
2009-07-07 09:31 . 2009-07-07 09:31	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Symantec
2009-07-07 08:54 . 2009-07-14 11:06	279712	----a-w-	c:\windows\system32\drivers\atksgt.sys

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-31 15:02 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Symantec AntiVirus
2009-07-31 11:56 . 2009-07-14 11:34	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\uTorrent
2009-07-30 09:32 . 2009-06-27 15:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-07-14 18:54 . 2009-06-27 17:14	485920	----a-w-	c:\windows\system32
vudisp.exe
2009-07-14 18:54 . 2009-06-10 16:33	868352	----a-w-	c:\windows\system32
vapi.dll
2009-07-14 18:54 . 2009-06-10 16:33	7741664	----a-w-	c:\windows\system32\drivers
v4_mini.sys
2009-07-14 18:54 . 2009-06-10 16:33	5842816	----a-w-	c:\windows\system32
v4_disp.dll
2009-07-14 18:54 . 2009-06-10 16:33	2189856	----a-w-	c:\windows\system32
vcuvid.dll
2009-07-14 18:54 . 2009-06-10 16:33	2002944	----a-w-	c:\windows\system32
vcuda.dll
2009-07-14 18:54 . 2009-06-10 16:33	1706528	----a-w-	c:\windows\system32
vcuvenc.dll
2009-07-14 18:54 . 2009-06-10 16:33	1597690	----a-w-	c:\windows\system32
vdata.bin
2009-07-14 18:54 . 2009-06-10 16:33	151552	----a-w-	c:\windows\system32
vcodins.dll
2009-07-14 18:54 . 2009-06-10 16:33	151552	----a-w-	c:\windows\system32
vcod.dll
2009-07-14 18:54 . 2009-06-10 16:33	10457088	----a-w-	c:\windows\system32
voglnt.dll
2009-07-14 11:34 . 2009-07-14 11:34	8085504	----a-w-	c:\windows\system32
vdispsr.dll
2009-07-14 11:34 . 2009-07-14 11:34	4923392	----a-w-	c:\windows\system32
vdisps.dll
2009-07-14 11:34 . 2009-07-14 11:34	4640768	----a-w-	c:\windows\system32
vgamesr.dll
2009-07-14 11:34 . 2009-07-14 11:34	458752	----a-w-	c:\windows\system32
vmccssr.dll
2009-07-14 11:34 . 2009-07-14 11:34	3547136	----a-w-	c:\windows\system32
vgames.dll
2009-07-14 11:34 . 2009-07-14 11:34	2854912	----a-w-	c:\windows\system32
vmoblsr.dll
2009-07-14 11:34 . 2009-07-14 11:34	188416	----a-w-	c:\windows\system32
vmccss.dll
2009-07-14 11:34 . 2009-07-14 11:34	168004	----a-w-	c:\windows\system32
vsvc32.exe
2009-07-14 11:34 . 2009-07-14 11:34	143360	----a-w-	c:\windows\system32
vcolor.exe
2009-07-14 11:34 . 2009-07-14 11:34	13877248	----a-w-	c:\windows\system32
vcpl.dll
2009-07-14 11:34 . 2009-07-14 11:34	1286144	----a-w-	c:\windows\system32
vmobls.dll
2009-07-14 11:34 . 2009-07-14 11:34	229376	----a-w-	c:\windows\system32
vmccs.dll
2009-07-10 22:34 . 2009-06-27 17:33	--------	d-----w-	c:\program files\DivX
2009-07-10 11:01 . 2009-07-10 11:01	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DivX
2009-07-07 15:56 . 2008-04-14 12:00	81040	----a-w-	c:\windows\system32\perfc00C.dat
2009-07-07 15:56 . 2008-04-14 12:00	501312	----a-w-	c:\windows\system32\perfh00C.dat
2009-07-04 23:11 . 2009-06-27 15:16	--------	d-----w-	c:\program files\Fichiers communs\InstallShield
2009-07-03 16:57 . 2008-04-14 12:00	915456	----a-w-	c:\windows\system32\wininet.dll
2009-07-01 14:41 . 2009-06-30 15:51	--------	d-----w-	c:\program files\Game Optimizer Pro
2009-07-01 13:41 . 2009-07-01 13:41	--------	dc----w-	c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-07-01 08:34 . 2009-07-01 08:34	--------	d-----w-	c:\program files\Microsoft WSE
2009-07-01 08:14 . 2009-07-01 08:14	--------	d-----w-	c:\program files\DAEMON Tools Lite
2009-07-01 08:10 . 2009-07-01 08:10	721904	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-06-30 17:28 . 2009-06-30 17:28	--------	d-----w-	c:\program files\Bethesda Softworks
2009-06-30 15:51 . 2009-06-30 15:51	--------	d-----w-	c:\program files\RAM Defrag
2009-06-30 08:58 . 2009-06-30 08:58	--------	d-----w-	c:\program files\Fichiers communs\Futuremark Shared
2009-06-29 12:13 . 2009-06-29 10:24	--------	d-----w-	c:\program files\Neuf
2009-06-29 10:59 . 2009-06-29 10:59	--------	d-----w-	c:\program files\CCleaner
2009-06-29 10:35 . 2009-06-29 10:35	--------	d-----w-	c:\program files\OpenAL
2009-06-29 10:35 . 2009-06-29 10:35	413696	----a-w-	c:\windows\system32\wrap_oal.dll
2009-06-29 10:35 . 2009-06-29 10:35	110592	----a-w-	c:\windows\system32\OpenAL32.dll
2009-06-29 10:17 . 2009-06-29 10:17	--------	d-----w-	c:\program files\VideoLAN
2009-06-29 08:48 . 2009-06-28 22:43	--------	d-----w-	c:\program files\SystemRequirementsLab
2009-06-28 23:11 . 2009-06-28 23:11	--------	d-----w-	c:\program files\Fichiers communs\i4j_jres
2009-06-28 15:14 . 2009-06-27 15:05	76507	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-28 09:46 . 2009-06-28 09:46	--------	d-----w-	c:\program files\MSXML 4.0
2009-06-28 00:47 . 2009-06-28 00:46	--------	d-----w-	c:\program files\CyberLink
2009-06-28 00:42 . 2009-06-28 00:42	--------	d-----w-	c:\program files\Fichiers communs\LightScribe
2009-06-28 00:42 . 2009-06-28 00:42	--------	d-----w-	c:\program files\Fichiers communs\Nero
2009-06-28 00:40 . 2009-06-28 00:39	--------	d-----w-	c:\program files\Ahead
2009-06-28 00:39 . 2009-06-28 00:39	--------	d-----w-	c:\program files\Fichiers communs\Ahead
2009-06-28 00:29 . 2009-06-28 00:29	--------	d-----w-	c:\program files\Microsoft.NET
2009-06-28 00:22 . 2009-06-28 00:20	--------	d-----w-	c:\program files\Microsoft Works
2009-06-28 00:14 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Fichiers communs\Symantec Shared
2009-06-28 00:08 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Symantec
2009-06-28 00:08 . 2009-06-28 00:08	--------	dc----w-	c:\documents and settings\All Users\Application Data\Symantec
2009-06-27 17:32 . 2009-06-27 17:32	--------	d-----w-	c:\program files\Fichiers communs\Adobe
2009-06-27 17:08 . 2009-06-27 17:08	--------	d-----w-	c:\program files\ma-config.com
2009-06-27 15:16 . 2009-06-27 15:16	--------	d-----w-	c:\program files\Analog Devices
2009-06-27 15:06 . 2009-06-27 15:06	--------	d-----w-	c:\program files\microsoft frontpage
2009-06-27 15:05 . 2009-06-27 15:05	--------	d-----w-	c:\program files\Services en ligne
2009-06-27 15:04 . 2009-06-27 15:04	21892	----a-w-	c:\windows\system32\emptyregdb.dat
2009-06-21 06:46 . 2009-06-27 17:14	485920	----a-w-	c:\windows\system32\NVUNINST.EXE
2009-06-16 14:40 . 2008-04-14 12:00	81920	----a-w-	c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2008-04-14 12:00	119808	----a-w-	c:\windows\system32	2embed.dll
2009-06-03 19:10 . 2008-04-14 12:00	1297408	----a-w-	c:\windows\system32\quartz.dll
2009-05-07 15:33 . 2008-04-14 12:00	348672	----a-w-	c:\windows\system32\localspl.dll
2009-07-15 22:31 . 2009-07-24 17:57	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-18 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-05-09 85088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-10 148888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]

c:\documents and settings\jeux.BUREAU1\Menu D‚marrer\Programmes\D‚marrage\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2006-2-15 3631752]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun-]
"SoundMAX"="c:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"%windir%\system32\sessmgr.exe"=
"c:\Program Files\VideoLAN\VLC\vlc.exe"=
"c:\Program Files\Java\jre6\bin\javaw.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"c:\Program Files\uTorrent\uTorrent.exe"=
"%windir%\system32\drivers\svchost.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20541:TCP"= 20541:TCP:BitComet 20541 TCP
"20541:UDP"= 20541:UDP:BitComet 20541 UDP
"18192:TCP"= 18192:TCP:BitComet 18192 TCP
"18192:UDP"= 18192:UDP:BitComet 18192 UDP
"8318:TCP"= 8318:TCP:BitComet 8318 TCP
"8318:UDP"= 8318:UDP:BitComet 8318 UDP

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10/07/2009 13:27 55152]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [05/07/2009 15:22 604416]
R3 EraserUtilDrv10910;EraserUtilDrv10910;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrv10910.sys [24/07/2009 20:00 101936]
S2 WinSvc;Gestionnaire de mise à jour Winsudate;c:\program files\Winsudate\gibsvc.exe --> c:\program files\Winsudate\gibsvc.exe [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\20.tmp --> c:\windows\system32\20.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [09/05/2005 10:46 127584]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [28/06/2009 18:27 402432]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32undll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-31 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:42]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
ShellIconOverlayIdentifiers-{B9CE503D-03F8-4161-A8A6-C912ADFCF2D4} - (no file)
HKLM-Run-realteks - c:\documents and settings\pour les jeux\Application Data\Google\cqvgl19623160.exe


.
------- Supplementary Scan -------
.
mWindow Title = 
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" //mailurl:mailto:pissavy@jeuxvideo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
FF - ProfilePath - c:\documents and settings\pour les jeux\Application Data\Mozilla\Firefox\Profiles\vsdb5bnv.default\
FF - plugin: c:\program files\ma-config.com
phardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live
pOLW.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins
ppl3260.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins
prpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-31 17:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\20.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services
pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1715567821-573735546-682003330-1009\Software\SecuROM\License information*]
"datasecu"=hex:9f,2e,17,02,d4,d2,17,79,13,83,1c,4b,7f,82,11,04,84,aa,6a,91,f4,
   08,b6,e0,2f,c8,18,6e,42,63,da,48,e4,e7,3c,3b,2c,ab,49,f5,14,f4,72,be,21,44,\
"rkeysecu"=hex:ca,4e,0e,58,8e,a0,7b,25,24,1d,86,c3,51,c6,36,eb

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3964)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32
vsvc32.exe
c:\program files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\program files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\system32undll32.exe
c:\program files\Symantec AntiVirus\DoScan.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Completion time: 2009-07-31 17:05 - machine was rebooted
ComboFix-quarantined-files.txt  2009-07-31 15:05

Pre-Run: 38 023 966 720 octets libres
Post-Run: 38 074 142 720 octets libres

398	--- E O F ---	2009-07-29 01:01

yoann80 · Answer

voila pas eu besoin de la console

chimay8 · Answer

Copie le texte ci-dessous(qui est en gras) :


File::
c:\documents and settings\pour les jeux\Application Data\pdinstall.exe
c:\documents and settings\pour les jeux\Application Data\DivX\mario.exe
c:\documents and settings\pour les jeux\Application Data\Help\flamiks32.exe
c:\documents and settings\pour les jeux\Application Data\dvdcss\pingo.dll 
c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite\xl12.exe 
c:\documents and settings\pour les jeux\Application Data\Adobe
origami.dll 
c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe  
c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}
c:\windows\system32\20.tmp
Folder::
c:\program files\Winletmin
c:\program files\Winsudate
Registry::
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]       
"ImagePath"=- 



Ouvre le Bloc-Notes puis colle le texte copié. 
(Démarrer\Tous les programmes\Accessoires\Bloc notes.) 
Sauvegarde ce fichier sous le nom de CFScript.txt 

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ceci : 
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif 

Cela va relancer Combofix, 

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide. 

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal! 

Ne touche à rien tant que le scan n'est pas terminé. 

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis. 

S'il n'y a pas de rédémarrage, poste quand même les rapports.

yoann80 · Answer

ComboFix 09-07-29.04 - pour les jeux 31/07/2009 17:43.2.1 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1023.561 [GMT 2:00]
Running from: c:\documents and settings\pour les jeux\Bureau\ComboFix.exe
Command switches used :: c:\documents and settings\pour les jeux\Bureau\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}"
"c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.ex­e"
"c:\documents and settings\pour les jeux\Application Data\Adobe
origami.dll"
"c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite\xl12.exe"
"c:\documents and settings\pour les jeux\Application Data\DivX\mario.exe"
"c:\documents and settings\pour les jeux\Application Data\dvdcss\pingo.dll"
"c:\documents and settings\pour les jeux\Application Data\Help\flamiks32.exe"
"c:\documents and settings\pour les jeux\Application Data\pdinstall.exe"
"c:\windows\system32\20.tmp"
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\pour les jeux\Application Data\Adobe
origami.dll
c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite\xl12.exe
c:\documents and settings\pour les jeux\Application Data\DivX\mario.exe
c:\documents and settings\pour les jeux\Application Data\dvdcss\pingo.dll
c:\documents and settings\pour les jeux\Application Data\Help\flamiks32.exe
c:\documents and settings\pour les jeux\Application Data\pdinstall.exe
c:\program files\Winletmin
c:\program files\Winletmin\Winletmin.exe

.
(((((((((((((((((((((((((   Files Created from 2009-06-28 to 2009-07-31  )))))))))))))))))))))))))))))))
.

2009-07-31 14:16 . 2009-07-31 15:35	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-07-31 14:11 . 2009-07-31 14:21	--------	dc----w-	C:\ToolBar SD
2009-07-31 13:13 . 2009-07-31 13:13	--------	d-----w-	c:\program files\Trend Micro
2009-07-31 12:47 . 2009-07-31 12:47	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\Malwarebytes
2009-07-30 11:59 . 2009-07-30 11:59	--------	d-----w-	c:\windows\Eurobarre
2009-07-29 11:45 . 2009-07-29 11:54	--------	d-----w-	c:\program files\GUILD WARS
2009-07-28 23:16 . 2009-07-03 16:57	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-28 23:16 . 2009-07-03 16:57	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2009-07-28 14:26 . 2009-07-28 14:26	--------	dc----w-	C:\CrashReport
2009-07-27 20:55 . 2009-07-30 23:51	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\VirtuaTennis2009
2009-07-27 11:11 . 2009-07-27 11:11	--------	d-----w-	c:\program files\NVIDIA Corporation
2009-07-27 11:11 . 2009-07-27 11:11	--------	dc----w-	c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-07-27 10:52 . 2009-07-27 10:52	--------	d-----w-	c:\program files\Electronic Arts
2009-07-25 17:31 . 2009-07-25 17:37	--------	d-----w-	c:\program files\BitComet
2009-07-25 17:24 . 2009-07-25 17:24	--------	d-----w-	c:\program files\uTorrent
2009-07-23 17:55 . 2009-07-23 17:57	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\TigerPlayer
2009-07-23 17:53 . 2009-07-23 17:53	--------	dc----w-	c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-23 17:51 . 2009-07-23 17:55	--------	d-----w-	c:\program files\MpcStar
2009-07-22 15:04 . 2009-07-27 21:18	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Adobe
2009-07-21 20:04 . 2009-07-21 20:04	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Help
2009-07-21 10:42 . 2009-07-21 10:42	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\TuneUp Software
2009-07-20 21:14 . 2009-07-20 21:14	--------	dcsh--w-	c:\documents and settings\pour les jeux\IECompatCache
2009-07-18 15:32 . 2009-07-18 15:32	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Mozilla
2009-07-18 11:07 . 2009-07-31 15:46	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\dvdcss
2009-07-16 21:20 . 2009-07-16 21:20	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\vlc
2009-07-16 21:19 . 2009-07-31 15:46	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\DivX
2009-07-16 19:04 . 2009-07-16 19:04	--------	dc-h--r-	c:\documents and settings\pour les jeux\Application Data\SecuROM
2009-07-16 11:23 . 2009-07-31 15:02	--------	dc----w-	c:\documents and settings\pour les jeux\Tracing
2009-07-15 20:09 . 2009-07-15 20:09	48120	-c--a-w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-15 19:50 . 2009-07-15 19:50	--------	dc----w-	c:\documents and settings\pour les jeux\Local Settings\Application Data\Electronic Arts
2009-07-15 19:34 . 2009-07-31 15:46	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\DAEMON Tools Lite
2009-07-14 11:34 . 2009-07-14 11:34	86016	----a-w-	c:\windows\system32
vmctray.dll
2009-07-14 11:29 . 2009-07-14 11:29	--------	dcsh--w-	c:\documents and settings\pour les jeux\PrivacIE
2009-07-14 10:06 . 2009-07-14 10:06	--------	d-----w-	c:\program files\Firaxis Games
2009-07-13 08:50 . 2009-07-13 08:50	--------	dc----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-07-12 18:46 . 2009-07-13 13:39	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\dvdcss
2009-07-12 14:26 . 2009-07-12 14:26	--------	d-----w-	c:\program files\Fichiers communs\DirectX
2009-07-12 13:57 . 2009-07-12 13:57	--------	dc----w-	C:\AeriaGames
2009-07-12 01:06 . 2009-07-12 01:06	--------	d-----w-	c:\program files\Microsoft CAPICOM 2.1.0.2
2009-07-11 18:39 . 2009-07-11 18:39	--------	d-----w-	c:\program files\psx emulation cheater
2009-07-11 18:26 . 2008-04-14 12:00	221184	----a-w-	c:\windows\system32\wmpns.dll
2009-07-11 18:14 . 2009-07-11 18:14	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\fltk.org
2009-07-11 10:49 . 2009-07-11 10:58	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Mount&Blade
2009-07-11 10:39 . 2009-07-11 10:56	--------	d-----w-	c:\program files\Mount&Blade
2009-07-11 09:37 . 2009-07-11 09:37	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Electronic Arts
2009-07-11 09:35 . 2009-07-11 09:36	--------	d--h--w-	c:\windows\msdownld.tmp
2009-07-11 00:46 . 2008-10-16 12:06	268648	----a-w-	c:\windows\system32\mucltui.dll
2009-07-11 00:46 . 2008-10-16 12:06	208744	----a-w-	c:\windows\system32\muweb.dll
2009-07-10 11:30 . 2009-07-17 00:09	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Tracing
2009-07-10 11:28 . 2009-07-24 17:45	--------	d-----w-	c:\program files\Microsoft Silverlight
2009-07-10 11:27 . 2009-07-10 11:27	--------	d-----w-	c:\program files\Microsoft Office Outlook Connector
2009-07-10 11:27 . 2009-02-06 16:08	55152	----a-w-	c:\windows\system32\drivers\fssfltr_tdi.sys
2009-07-10 11:26 . 2009-07-10 11:26	--------	d-----w-	c:\program files\Microsoft Sync Framework
2009-07-10 11:25 . 2009-07-10 11:25	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2009-07-10 11:24 . 2009-07-10 11:28	--------	d-----w-	c:\program files\Microsoft
2009-07-10 11:24 . 2009-07-10 11:24	--------	d-----w-	c:\program files\Windows Live SkyDrive
2009-07-10 11:23 . 2009-07-10 11:27	--------	d-----w-	c:\program files\Windows Live
2009-07-10 11:18 . 2009-07-10 11:18	--------	d-----w-	c:\program files\Fichiers communs\Windows Live
2009-07-10 11:00 . 2009-07-10 11:07	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Google
2009-07-10 11:00 . 2009-07-10 12:26	--------	d-----w-	c:\program files\Google
2009-07-10 11:00 . 2009-07-10 11:00	--------	d-----w-	c:\program files\Fichiers communs\DivX Shared
2009-07-10 10:44 . 2009-07-10 10:43	410984	----a-w-	c:\windows\system32\deploytk.dll
2009-07-10 10:43 . 2009-07-10 10:43	--------	d-----w-	c:\program files\Java
2009-07-10 10:32 . 2009-07-10 10:32	0	----a-w-	c:\windows
sreg.dat
2009-07-10 10:32 . 2009-07-10 10:32	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Mozilla
2009-07-10 10:09 . 2009-07-10 10:09	--------	d-----w-	c:\program files\AGEIA Technologies
2009-07-10 10:09 . 2009-07-10 10:09	--------	d-----w-	c:\windows\system32\AGEIA
2009-07-10 10:08 . 2009-07-22 14:22	--------	d-----w-	c:\program files\Fichiers communs\Wise Installation Wizard
2009-07-09 14:43 . 2009-07-09 14:43	96	---ha-w-	c:\windows\system32\HsInfo.dat
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----r-	c:\documents and settings\LocalService\Mes documents
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----r-	c:\documents and settings\LocalService\Favoris
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----w-	c:\documents and settings\LocalService\Menu Démarrer
2009-07-09 10:11 . 2009-07-09 10:11	--------	d-----w-	c:\documents and settings\LocalService\Bureau
2009-07-09 10:02 . 2009-07-09 10:02	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Adobe
2009-07-09 01:42 . 2009-07-10 13:04	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Hamachi
2009-07-09 01:42 . 2009-07-09 01:42	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys
2009-07-09 01:42 . 2009-07-09 01:42	--------	d-----w-	c:\program files\Hamachi
2009-07-09 01:19 . 2009-07-09 01:19	--------	d-sh--w-	c:\windows\ftpcache
2009-07-09 00:13 . 2009-07-11 23:05	--------	d-----w-	c:\program files\Postal2STP
2009-07-08 23:53 . 2009-07-09 00:01	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\The Witcher
2009-07-08 21:53 . 2009-07-08 21:53	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\vlc
2009-07-08 21:15 . 2009-07-08 22:23	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Xfire
2009-07-08 21:15 . 2009-07-08 22:23	--------	d-s---w-	c:\program files\Xfire
2009-07-08 18:02 . 2009-07-08 18:02	--------	d-----w-	c:\program files\THQ
2009-07-08 17:23 . 2009-07-08 17:23	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Gas Powered Games
2009-07-08 17:20 . 2009-07-10 11:29	48120	-c--a-w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-08 17:10 . 2009-07-08 17:10	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\Stardock
2009-07-08 17:09 . 2009-07-08 17:09	--------	dc-h--w-	c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}
2009-07-08 17:09 . 2009-03-12 19:49	2601464	-c--a-w-	c:\documents and settings\All Users\Application Data\{EA77F737-0FEA-4800-BD99-D6AF1051C7A9}\Impulse_setup.exe
2009-07-08 17:09 . 2009-07-08 17:09	--------	dc----w-	c:\documents and settings\All Users\Application Data\Stardock
2009-07-08 17:09 . 2009-07-08 17:09	--------	d-----w-	c:\program files\Stardock
2009-07-08 17:06 . 2009-07-08 17:06	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Stardock
2009-07-08 13:56 . 2009-07-08 13:56	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Oblivion
2009-07-07 20:27 . 2009-07-07 20:27	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2009-07-07 17:31 . 2009-07-27 15:54	--------	d-----w-	c:\program files\Nobilis
2009-07-07 16:56 . 2009-07-09 08:38	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\VirtuaTennis2009
2009-07-07 16:47 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2009-07-07 16:47 . 2009-03-09 13:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll
2009-07-07 16:47 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2009-07-07 16:47 . 2009-03-16 12:18	69448	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2009-07-07 16:47 . 2009-03-16 12:18	517448	----a-w-	c:\windows\system32\XAudio2_4.dll
2009-07-07 16:47 . 2009-03-16 12:18	235352	----a-w-	c:\windows\system32\xactengine3_4.dll
2009-07-07 16:47 . 2009-03-16 12:18	22360	----a-w-	c:\windows\system32\X3DAudio1_6.dll
2009-07-07 15:57 . 2009-07-07 15:57	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DAEMON Tools Pro
2009-07-07 15:55 . 2009-07-07 15:55	126064	----a-w-	c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\program files\MSBuild
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\windows\system32\XPSViewer
2009-07-07 15:55 . 2009-07-07 15:55	--------	d-----w-	c:\program files\Reference Assemblies
2009-07-07 15:38 . 2009-07-31 14:24	--------	d-----w-	c:\program files\SEGA
2009-07-07 09:45 . 2009-07-07 15:37	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DAEMON Tools Lite
2009-07-07 09:43 . 2009-07-17 01:51	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\uTorrent
2009-07-07 09:39 . 2009-07-09 22:41	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Contacts
2009-07-07 09:33 . 2009-07-07 09:33	--------	dcsh--w-	c:\documents and settings\jeux.BUREAU1\PrivacIE
2009-07-07 09:31 . 2009-07-07 09:31	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Local Settings\Application Data\Symantec
2009-07-07 08:54 . 2009-07-14 11:06	279712	----a-w-	c:\windows\system32\drivers\atksgt.sys
2009-07-07 08:54 . 2009-07-14 11:06	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2009-07-05 17:43 . 2009-07-05 17:43	--------	d---a-w-	c:\program files\RAM Defrag V2.55
2009-07-05 17:43 . 2001-03-28 14:38	69632	----a-w-	c:\windows\system32\GkSui18.EXE
2009-07-05 13:22 . 2009-07-05 13:22	604416	----a-w-	c:\windows\system32\TUProgSt.exe
2009-07-05 13:22 . 2009-04-27 12:21	28928	----a-w-	c:\windows\system32\uxtuneup.dll
2009-07-05 13:22 . 2009-07-05 13:22	361216	----a-w-	c:\windows\system32\TuneUpDefragService.exe
2009-07-05 13:21 . 2009-07-05 13:21	--------	dc----w-	c:\documents and settings\All Users\Application Data\TuneUp Software
2009-07-05 13:21 . 2009-07-05 13:22	--------	d-----w-	c:\program files\TuneUp Utilities 2009
2009-07-05 13:21 . 2009-07-05 13:21	--------	dcsh--w-	c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-07-04 23:13 . 2009-07-04 23:13	--------	d-----w-	c:\program files\Focus

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-31 15:43 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Symantec AntiVirus
2009-07-31 11:56 . 2009-07-14 11:34	--------	dc----w-	c:\documents and settings\pour les jeux\Application Data\uTorrent
2009-07-30 09:32 . 2009-06-27 15:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-07-14 18:54 . 2009-06-27 17:14	485920	----a-w-	c:\windows\system32
vudisp.exe
2009-07-14 18:54 . 2009-06-10 16:33	868352	----a-w-	c:\windows\system32
vapi.dll
2009-07-14 18:54 . 2009-06-10 16:33	7741664	----a-w-	c:\windows\system32\drivers
v4_mini.sys
2009-07-14 18:54 . 2009-06-10 16:33	5842816	----a-w-	c:\windows\system32
v4_disp.dll
2009-07-14 18:54 . 2009-06-10 16:33	2189856	----a-w-	c:\windows\system32
vcuvid.dll
2009-07-14 18:54 . 2009-06-10 16:33	2002944	----a-w-	c:\windows\system32
vcuda.dll
2009-07-14 18:54 . 2009-06-10 16:33	1706528	----a-w-	c:\windows\system32
vcuvenc.dll
2009-07-14 18:54 . 2009-06-10 16:33	1597690	----a-w-	c:\windows\system32
vdata.bin
2009-07-14 18:54 . 2009-06-10 16:33	151552	----a-w-	c:\windows\system32
vcodins.dll
2009-07-14 18:54 . 2009-06-10 16:33	151552	----a-w-	c:\windows\system32
vcod.dll
2009-07-14 18:54 . 2009-06-10 16:33	10457088	----a-w-	c:\windows\system32
voglnt.dll
2009-07-14 11:34 . 2009-07-14 11:34	8085504	----a-w-	c:\windows\system32
vdispsr.dll
2009-07-14 11:34 . 2009-07-14 11:34	4923392	----a-w-	c:\windows\system32
vdisps.dll
2009-07-14 11:34 . 2009-07-14 11:34	4640768	----a-w-	c:\windows\system32
vgamesr.dll
2009-07-14 11:34 . 2009-07-14 11:34	458752	----a-w-	c:\windows\system32
vmccssr.dll
2009-07-14 11:34 . 2009-07-14 11:34	3547136	----a-w-	c:\windows\system32
vgames.dll
2009-07-14 11:34 . 2009-07-14 11:34	2854912	----a-w-	c:\windows\system32
vmoblsr.dll
2009-07-14 11:34 . 2009-07-14 11:34	188416	----a-w-	c:\windows\system32
vmccss.dll
2009-07-14 11:34 . 2009-07-14 11:34	168004	----a-w-	c:\windows\system32
vsvc32.exe
2009-07-14 11:34 . 2009-07-14 11:34	143360	----a-w-	c:\windows\system32
vcolor.exe
2009-07-14 11:34 . 2009-07-14 11:34	13877248	----a-w-	c:\windows\system32
vcpl.dll
2009-07-14 11:34 . 2009-07-14 11:34	1286144	----a-w-	c:\windows\system32
vmobls.dll
2009-07-14 11:34 . 2009-07-14 11:34	229376	----a-w-	c:\windows\system32
vmccs.dll
2009-07-10 22:34 . 2009-06-27 17:33	--------	d-----w-	c:\program files\DivX
2009-07-10 11:01 . 2009-07-10 11:01	--------	dc----w-	c:\documents and settings\jeux.BUREAU1\Application Data\DivX
2009-07-07 15:56 . 2008-04-14 12:00	81040	----a-w-	c:\windows\system32\perfc00C.dat
2009-07-07 15:56 . 2008-04-14 12:00	501312	----a-w-	c:\windows\system32\perfh00C.dat
2009-07-04 23:11 . 2009-06-27 15:16	--------	d-----w-	c:\program files\Fichiers communs\InstallShield
2009-07-03 16:57 . 2008-04-14 12:00	915456	----a-w-	c:\windows\system32\wininet.dll
2009-07-01 14:41 . 2009-06-30 15:51	--------	d-----w-	c:\program files\Game Optimizer Pro
2009-07-01 13:41 . 2009-07-01 13:41	--------	dc----w-	c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-07-01 08:34 . 2009-07-01 08:34	--------	d-----w-	c:\program files\Microsoft WSE
2009-07-01 08:14 . 2009-07-01 08:14	--------	d-----w-	c:\program files\DAEMON Tools Lite
2009-07-01 08:10 . 2009-07-01 08:10	721904	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-06-30 17:28 . 2009-06-30 17:28	--------	d-----w-	c:\program files\Bethesda Softworks
2009-06-30 15:51 . 2009-06-30 15:51	--------	d-----w-	c:\program files\RAM Defrag
2009-06-30 08:58 . 2009-06-30 08:58	--------	d-----w-	c:\program files\Fichiers communs\Futuremark Shared
2009-06-29 12:13 . 2009-06-29 10:24	--------	d-----w-	c:\program files\Neuf
2009-06-29 10:59 . 2009-06-29 10:59	--------	d-----w-	c:\program files\CCleaner
2009-06-29 10:35 . 2009-06-29 10:35	--------	d-----w-	c:\program files\OpenAL
2009-06-29 10:35 . 2009-06-29 10:35	413696	----a-w-	c:\windows\system32\wrap_oal.dll
2009-06-29 10:35 . 2009-06-29 10:35	110592	----a-w-	c:\windows\system32\OpenAL32.dll
2009-06-29 10:17 . 2009-06-29 10:17	--------	d-----w-	c:\program files\VideoLAN
2009-06-29 08:48 . 2009-06-28 22:43	--------	d-----w-	c:\program files\SystemRequirementsLab
2009-06-28 23:11 . 2009-06-28 23:11	--------	d-----w-	c:\program files\Fichiers communs\i4j_jres
2009-06-28 15:14 . 2009-06-27 15:05	76507	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-28 09:46 . 2009-06-28 09:46	--------	d-----w-	c:\program files\MSXML 4.0
2009-06-28 00:47 . 2009-06-28 00:46	--------	d-----w-	c:\program files\CyberLink
2009-06-28 00:42 . 2009-06-28 00:42	--------	d-----w-	c:\program files\Fichiers communs\LightScribe
2009-06-28 00:42 . 2009-06-28 00:42	--------	d-----w-	c:\program files\Fichiers communs\Nero
2009-06-28 00:40 . 2009-06-28 00:39	--------	d-----w-	c:\program files\Ahead
2009-06-28 00:39 . 2009-06-28 00:39	--------	d-----w-	c:\program files\Fichiers communs\Ahead
2009-06-28 00:29 . 2009-06-28 00:29	--------	d-----w-	c:\program files\Microsoft.NET
2009-06-28 00:22 . 2009-06-28 00:20	--------	d-----w-	c:\program files\Microsoft Works
2009-06-28 00:14 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Fichiers communs\Symantec Shared
2009-06-28 00:08 . 2009-06-28 00:08	--------	d-----w-	c:\program files\Symantec
2009-06-28 00:08 . 2009-06-28 00:08	--------	dc----w-	c:\documents and settings\All Users\Application Data\Symantec
2009-06-27 17:32 . 2009-06-27 17:32	--------	d-----w-	c:\program files\Fichiers communs\Adobe
2009-06-27 17:08 . 2009-06-27 17:08	--------	d-----w-	c:\program files\ma-config.com
2009-06-27 15:16 . 2009-06-27 15:16	--------	d-----w-	c:\program files\Analog Devices
2009-06-27 15:06 . 2009-06-27 15:06	--------	d-----w-	c:\program files\microsoft frontpage
2009-06-27 15:05 . 2009-06-27 15:05	--------	d-----w-	c:\program files\Services en ligne
2009-06-27 15:04 . 2009-06-27 15:04	21892	----a-w-	c:\windows\system32\emptyregdb.dat
2009-06-21 06:46 . 2009-06-27 17:14	485920	----a-w-	c:\windows\system32\NVUNINST.EXE
2009-06-16 14:40 . 2008-04-14 12:00	81920	----a-w-	c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2008-04-14 12:00	119808	----a-w-	c:\windows\system32	2embed.dll
2009-06-03 19:10 . 2008-04-14 12:00	1297408	----a-w-	c:\windows\system32\quartz.dll
2009-05-07 15:33 . 2008-04-14 12:00	348672	----a-w-	c:\windows\system32\localspl.dll
2009-07-15 22:31 . 2009-07-24 17:57	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-05-01 21:02 . 2009-05-01 21:02	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-18 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-05-09 85088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-10 148888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]

c:\documents and settings\jeux.BUREAU1\Menu D‚marrer\Programmes\D‚marrage\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2006-2-15 3631752]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun-]
"SoundMAX"="c:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"%windir%\system32\sessmgr.exe"=
"c:\Program Files\VideoLAN\VLC\vlc.exe"=
"c:\Program Files\Java\jre6\bin\javaw.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"c:\Program Files\uTorrent\uTorrent.exe"=
"%windir%\system32\drivers\svchost.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20541:TCP"= 20541:TCP:BitComet 20541 TCP
"20541:UDP"= 20541:UDP:BitComet 20541 UDP
"18192:TCP"= 18192:TCP:BitComet 18192 TCP
"18192:UDP"= 18192:UDP:BitComet 18192 UDP
"8318:TCP"= 8318:TCP:BitComet 8318 TCP
"8318:UDP"= 8318:UDP:BitComet 8318 UDP

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10/07/2009 13:27 55152]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [05/07/2009 15:22 604416]
R3 EraserUtilDrv10910;EraserUtilDrv10910;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrv10910.sys [24/07/2009 20:00 101936]
S2 WinSvc;Gestionnaire de mise à jour Winsudate;c:\program files\Winsudate\gibsvc.exe --> c:\program files\Winsudate\gibsvc.exe [?]
S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\20.tmp --> c:\windows\system32\20.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [09/05/2005 10:46 127584]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [28/06/2009 18:27 402432]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32undll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-31 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:42]
.
.
------- Supplementary Scan -------
.
mWindow Title = 
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" //mailurl:mailto:pissavy@jeuxvideo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
FF - ProfilePath - c:\documents and settings\pour les jeux\Application Data\Mozilla\Firefox\Profiles\vsdb5bnv.default\
FF - plugin: c:\program files\ma-config.com
phardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live
pOLW.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins
ppl3260.dll
FF - plugin: c:\program files\MpcStar\Codecs\Real\browser\plugins
prpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-31 17:46
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\20.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services
pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1715567821-573735546-682003330-1009\Software\SecuROM\License information*]
"datasecu"=hex:9f,2e,17,02,d4,d2,17,79,13,83,1c,4b,7f,82,11,04,84,aa,6a,91,f4,
   08,b6,e0,2f,c8,18,6e,42,63,da,48,e4,e7,3c,3b,2c,ab,49,f5,14,f4,72,be,21,44,\
"rkeysecu"=hex:ca,4e,0e,58,8e,a0,7b,25,24,1d,86,c3,51,c6,36,eb

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL"
.
Completion time: 2009-07-31 17:48
ComboFix-quarantined-files.txt  2009-07-31 15:48
ComboFix2.txt  2009-07-31 15:05

Pre-Run: 38 022 733 824 octets libres
Post-Run: 38 004 662 272 octets libres

389	--- E O F ---	2009-07-29 01:01

chimay8 · Answer

nickel

profite pour dégommer ce machin
c:\windows\Eurobarre

(regarde si il est dans ajout/suppression de fichier)

ensuite

essaye de relancer MBAM

yoann80 · Answer

c bon j'ai supprimer eurobarre c'été ca le virus? MBAM  c malwarebytes?

chimay8 · Answer

c'été ca le virus?
non,c'est tout ce que combofix a supprimé

ta encore un ver!

MBAM,oui c'est malwarebytes
essaye de le lancer,si ça va pas,on feras autrement pour supprimer le reste

yoann80 · Answer

c bon malware fonstionne

chimay8 · Answer

ok,
tu postes le rapport quand c'est terminé

yoann80 · Answer

c 'est bon j'ai dut redémarrer l'ordi donc le raport c'été qu'il a trouvé perfect defender c'été un virus je l'ai eliminer yavé que ca

chimay8 · Answer

y a qu'un objet de trouvé?

yoann80 · Answer

oui qu'1 seul objet trouvé et win32.brontok n'apparait plus

chimay8 · Answer

win32.brontok n'apparait plus
ouais ça je m'en doutait

mais il reste ça

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]     
"ImagePath"="\??\c:\windows\system32\20.tmp"       

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services
pggsvc]     
"ImagePath"="c:\windows\system32\GameMon.des -service" 

on va faire une recherche puis on termine

==> Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton bureau

Double clique sur OAD pour le lancer

- nom de fichier à rechercher tape ou fais un copier/coller de : 20.tmp
- Type de recherche : sélectionne l'option 6 puis valide [entree]

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il ai terminé.
Le rapport de recherche s'affichera automatiquement dès qu'il aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain poste.

Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient   


fais la même chose avec    npggsvc

yoann80 · Answer

31/07/2009 ---- 18:59:20,06  

----------------------------------
§§§§§§ [20.tmp ] §§§§§§
----------------------------------
[X] Registre
 
-------------- [  ] rapide
-- Fichier --- [  ] disque systeme
 ------------- [X] complete


********************
     [Registre] 
********************

Aucune entrée détectée

*******************
     [Fichier] 
*******************



*********************
     [Même date] 
*********************

Aucun fichier créé à la même date détecté


Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§ 
----------------------------------

chimay8 · Answer

n'oublie pas celui-ci

 npggsvc

yoann80 · Answer

31/07/2009 ---- 19:40:37,67  

----------------------------------
§§§§§§ [npggsvc] §§§§§§
----------------------------------
[X] Registre
 
-------------- [  ] rapide
-- Fichier --- [  ] disque systeme
 ------------- [X] complete


********************
     [Registre] 
********************


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc\Security]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc\Security]

*******************
     [Fichier] 
*******************



*********************
     [Même date] 
*********************

Aucun fichier créé à la même date détecté


Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§ 
----------------------------------

chimay8 · Answer

ok,

Télécharge OTMoveIt3( de Old Timer ) 
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/
Une fois téléchargé double-clique sur OTMoveIt3.exe pour le lancer. 
Assure toi que la case "Unregister Dll's and Ocx's" est cochée 
Copie les lignes(qui sont en gras) qui se trouvent ci-dessous : 

:Processes 
explorer.exe
:Reg
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc] 
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc\Security] 
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc] 
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc\Security] 
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc] 
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc\Security]
:Commands 
[emptytemp] 
[Reboot]

et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move." 
Clique sur "MoveIt!" pour lancer la suppression. 
Le résultat apparaitra dans le cadre "Results". 
Clique sur Exit pour fermer. 
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 
 -Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même ) 

/!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître, dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches. 
Puis rends toi sur l'onglet "Processus". Clique en haut à gauche sur "Fichiers" et choisis "Exécuter" 
Tape "explorer.exe"(sans les guillemèts) et valide. Cela fera réapparaître le Bureau.

yoann80 · Answer

ok merci beaucoup de ton aide

yoann80 · Answer

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
pggsvc\Security\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
pggsvc\Security\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
pggsvc\Security\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: pour les jeux
->Temp folder emptied: 2101 bytes
->Temporary Internet Files folder emptied: 2716882 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54592631 bytes
 
%systemdrive% .tmp files removed: 0 bytes
C:\windows\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 2351795 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 56,92 mb
 
 
OTM by OldTimer - Version 3.0.0.5 log created on 07312009_195501

Files moved on Reboot...

Registry entries deleted on Reboot...

chimay8 · Answer

ok,

on termine
vérifie si java est à jour

Télécharge JavaRa.zip  de Paul 'Prm753' McLain et Fred de Vries. 
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates. 
Sélectionne Update Using jucheck.exe puis clique sur Search.  
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log 
(c:\JavaRa.log)
Ferme l'application.

ensuite

Télécharge ToolsCleaner sur ton bureau. 
--> 
https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/

# Clique sur "Recherche" et laisse le scan agir ... 
# Clique sur "Suppression" pour finaliser. 
# Tu peux, si tu le souhaites, te servir des Options facultatives. 
# Clique sur Quitter pour obtenir le rapport. 
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

ensuite

Télécharges : - CCleaner (n'installe pas la barre d'outil Yahoo)
https://www.pcastuces.com/logitheque/ccleaner.htm 
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première. 
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ). 

Un tuto ( aide ): 
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm 

---> Utilisation: 
! déconnectes toi et fermes toutes applications en cours ! 
* vas dans "nettoyeur" : fait analyse puis nettoyage 
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) . 

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )

***très important***

Suppression des points de restauration : 
1.Ouvre le Menu Démarrer 
2.Clique-droit sur Poste de travail 
3.Clique sur Propriétés 
4.Positionne-toi dans l'onglet Restauration du système 
5.Coche "Désactiver la restauration système" 
6.Valide par Ok 
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3 
9.Décoche "Désactiver la restauration système" 
10.Valide par Ok

sous vista
https://www.01net.com/actualites/
https://www.commentcamarche.net/faq/13214-vista-desactiver-reactiver-la-restauration-systeme-de-vista


Ne pas oublier de créer un nouveau point de restauration en procédant comme indiqué sur le lien ci-dessous 

https://www.vulgarisation-informatique.com/creer-point-restauration.php

 
si tu n as pas d autres soucis change le statut du sujet en resolu stp

je ne peux que vous inciter à lire les liens ci-dessous

Prévention & Sécurité sur le net(Format pdf)
comment sécuriser son pc
pourquoi je suis infecté

naruto80240 · Answer

voila j'ai tout fait java est a jour est j'avait deja ccleaner merci beaucoup

naruto80240 · Answer

c yoann80

chimay8 · Answer

remet le bonjour à ton beau-papa
;)

yoann80 · Answer

t'inquiete c'est deja fait lol il a les boule il a pas put le supprimer et toi tu m'aide et hop plus de virus merci encore d'ailleur ^^

Win32.brontok

36 réponses

Votre réponse

Discussions similaires

Newsletters