Un virus...

Résolu
SpOke1503 Messages postés 12 Statut Membre -  
SpOke1503 Messages postés 12 Statut Membre -
Bonjour,Voila tout... J'ai attrapé un virus avant hier Mais il m'a Bloqué avast Malware-Antimaleware Internet Exploreur mozila etc... je peux plus allez faire de recherche sur internet J'ai fait un rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:25:59, on 13/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Pristy Utils\Tray Agent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Pristy Utils\CD Hotkey F9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\explorer.exe
J:\HiJackThis.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=1208&m=imedia_a4730_fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=1208&m=imedia_a4730_fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Tray Agent.lnk = C:\Program Files\Pristy Utils\Tray Agent.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2290217-1F67-41D2-A277-E62335CC781C}: NameServer = 85.255.112.225,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{C402E126-ACC1-4537-AB6B-2B6DE61F00E8}: NameServer = 85.255.112.225,85.255.112.199
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.225,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.225,85.255.112.199
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1ca0ddb7eee11f5) (gupdate1ca0ddb7eee11f5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 9569 bytes

Merci de Me répondre Svp.
Configuration: Windows XP
Firefox 3.0.13

17 réponses

  1. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Bonjour,

    --> Désactive l'UAC le temps de la désinfection.

    /!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

    --> Télécharge ComboFix (de sUBs) sur ton Bureau.
    --> Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur afin de le lancer.
    --> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    0
  2. SpOke1503 Messages postés 12 Statut Membre
     
    Voila Merci D'avoir répondu aussi vite J'ai mis un peu de temps dsl mais c'est le Scan...

    ComboFix 09-08-10.06 - Benjamin 13/08/2009 18:51.1.4 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3326.2448 [GMT 2:00]
    Running from: J:\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\$recycle.bin\S-1-5-21-1891926680-1825607294-912342561-500
    c:\$recycle.bin\S-1-5-21-2615618031-1473878728-100546447-500
    c:\windows\system32\drivers\ESQULqubtmkmucymiqhppsfvtpcbpvhdpbxsc.sys
    c:\windows\System32\ESQULbeinejefessoaemkcobukpxuycqmrdiy.dll
    c:\windows\System32\ESQULysxvniabogmwyrmmwrhrewyeqbvvgqpc.dll
    c:\windows\TEMP\63693617.tmp

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_ESQULserv.sys
    -------\Legacy_ESQULserv.sys
    -------\Service_ESQULserv.sys

    ((((((((((((((((((((((((( Files Created from 2009-07-13 to 2009-08-13 )))))))))))))))))))))))))))))))
    .

    2009-08-13 17:01 . 2009-08-13 17:04 -------- d-----w- c:\users\Benjamin\AppData\Local\temp
    2009-08-13 17:01 . 2009-08-13 17:01 -------- d-----w- c:\users\Default\AppData\Local\temp
    2009-08-12 11:27 . 2009-02-11 08:19 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-08-12 11:27 . 2009-02-11 08:19 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-08-12 11:27 . 2009-08-12 11:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-08-12 09:57 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2009-08-12 09:57 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2009-08-12 09:57 . 2009-08-12 09:57 -------- d-----w- c:\program files\Avira
    2009-08-12 09:57 . 2009-08-12 09:57 -------- d-----w- c:\progra~2\Avira
    2009-08-05 00:33 . 2009-08-05 00:33 3033712 ----a-w- c:\windows\system32\drivers\appdrv01.sys
    2009-08-05 00:33 . 2009-08-05 00:33 316816 ----a-w- c:\windows\system32\appdrvrem01.exe
    2009-08-04 20:23 . 2009-08-11 18:44 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Pro Cycling Manager 2009
    2009-08-04 19:55 . 2009-08-04 22:22 -------- d-----w- c:\program files\Cyanide
    2009-08-04 19:45 . 2009-08-04 19:49 -------- d-----w- c:\program files\Windows Live Safety Center
    2009-08-04 18:55 . 2009-08-04 18:55 -------- d-----w- c:\program files\MSN Messenger
    2009-08-04 16:55 . 2009-08-04 16:55 -------- d-----w- c:\program files\SimBin
    2009-07-31 17:36 . 2009-07-31 17:36 -------- d-----w- c:\program files\Codemasters
    2009-07-28 08:55 . 2009-07-28 08:55 -------- dc----w- c:\progra~2\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
    2009-07-28 08:48 . 2009-07-28 08:48 -------- d-----w- c:\progra~2\PC Drivers HeadQuarters
    2009-07-26 14:33 . 2009-07-31 13:30 -------- d-----w- c:\users\Benjamin\AppData\Roaming\dvdcss
    2009-07-26 10:24 . 2009-07-26 10:24 -------- d-----w- c:\progra~2\Google Updater
    2009-07-18 07:44 . 2009-08-02 16:00 -------- d-----w- c:\program files\Common Files\Symantec Shared
    2009-07-18 07:44 . 2009-08-07 16:00 -------- d-----w- c:\program files\Norton Security Scan
    2009-07-17 22:12 . 2009-07-17 22:12 -------- d-----w- c:\windows\system32\Adobe
    2009-07-15 11:15 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
    2009-07-15 11:15 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
    2009-07-15 11:15 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
    2009-07-15 11:15 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
    2009-07-14 19:46 . 2009-07-14 19:49 170339 ----a-w- c:\windows\hpqins00.dat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-08-13 16:56 . 2008-01-21 08:40 669328 ----a-w- c:\windows\system32\perfh00C.dat
    2009-08-13 16:56 . 2008-01-21 08:40 123350 ----a-w- c:\windows\system32\perfc00C.dat
    2009-08-12 11:55 . 2008-12-16 03:38 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-08-12 11:50 . 2009-04-17 13:56 1 ----a-w- c:\users\Benjamin\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2009-08-12 11:12 . 2009-06-16 12:08 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Skype
    2009-08-12 11:11 . 2009-06-16 12:11 -------- d-----w- c:\users\Benjamin\AppData\Roaming\skypePM
    2009-08-12 08:26 . 2009-07-12 18:07 -------- d-----w- c:\users\Benjamin\AppData\Roaming\vlc
    2009-08-10 18:08 . 2009-03-06 22:58 -------- d-----w- c:\program files\Steam
    2009-08-10 18:08 . 2009-08-10 18:08 125 ----a-w- c:\windows\tmp.tmp.tmp
    2009-08-05 00:02 . 2009-03-22 17:54 -------- d-----w- c:\users\Benjamin\AppData\Roaming\uTorrent
    2009-08-02 13:53 . 2009-06-16 08:56 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Mumble
    2009-08-02 08:59 . 2009-03-10 07:15 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-07-31 16:20 . 2008-12-16 03:47 -------- d-----w- c:\progra~2\Symantec
    2009-07-27 08:44 . 2009-03-22 19:49 -------- d-----w- c:\progra~2\HP
    2009-07-27 08:27 . 2009-03-22 20:14 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Image Zone Express
    2009-07-26 10:27 . 2008-12-27 12:41 -------- d-----w- c:\program files\Google
    2009-07-21 21:52 . 2009-07-29 07:12 915456 ----a-w- c:\windows\system32\wininet.dll
    2009-07-21 21:47 . 2009-07-29 07:12 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2009-07-21 21:47 . 2009-07-29 07:12 71680 ----a-w- c:\windows\system32\iesetup.dll
    2009-07-21 20:13 . 2009-07-29 07:12 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-07-18 07:41 . 2009-03-06 22:53 -------- d-----w- c:\program files\Messenger Plus! Live
    2009-07-15 18:51 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
    2009-07-13 19:15 . 2009-07-13 19:15 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Canneverbe_Limited
    2009-07-13 19:14 . 2009-07-13 19:14 -------- d-----w- c:\program files\CDBurnerXP
    2009-07-13 17:07 . 2009-03-06 17:06 75824 ----a-w- c:\users\Benjamin\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-07-13 17:01 . 2008-12-16 03:21 -------- d-----w- c:\progra~2\Microsoft Help
    2009-07-12 15:12 . 2009-04-17 13:39 -------- d-----w- c:\program files\Java
    2009-07-11 20:41 . 2009-03-06 23:07 -------- d-----w- c:\program files\Common Files\Steam
    2009-06-27 10:37 . 2009-06-27 10:37 -------- d-----w- c:\program files\Avanquest update
    2009-06-27 10:35 . 2009-06-27 10:35 -------- d-----w- c:\progra~2\BVRP Software
    2009-06-27 10:30 . 2009-06-27 10:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
    2009-06-26 19:37 . 2009-06-26 19:37 -------- d-----w- c:\program files\Sony Ericsson
    2009-06-26 19:37 . 2009-06-26 19:37 -------- d-----w- c:\progra~2\Sony Ericsson
    2009-06-22 13:47 . 2009-03-18 16:18 -------- d-----w- c:\users\Benjamin\AppData\Roaming\Hamachi
    2009-06-19 11:19 . 2009-06-19 11:19 10134 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
    2009-06-19 11:18 . 2009-06-19 11:18 -------- d-----w- c:\program files\Microsoft WSE
    2009-06-19 11:08 . 2009-04-13 22:09 -------- d-----w- c:\program files\Electronic Arts
    2009-06-18 17:25 . 2009-03-25 17:06 -------- d-----w- c:\users\Benjamin\AppData\Roaming\HP
    2009-06-16 12:08 . 2009-06-16 12:08 -------- d-----r- c:\program files\Skype
    2009-06-16 12:08 . 2009-06-16 12:08 -------- d-----w- c:\program files\Common Files\Skype
    2009-06-16 12:08 . 2009-06-16 12:08 -------- d-----w- c:\progra~2\Skype
    2009-06-16 08:56 . 2009-06-16 08:53 -------- d-----w- c:\program files\Mumble
    2009-05-21 09:33 . 2009-04-18 09:13 410984 ----a-w- c:\windows\system32\deploytk.dll
    2009-05-17 18:13 . 2009-05-17 18:13 8854 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}\UNINST_Uninstall_Cub_E6B4523BA47C4DBA918CD9E220B3F4EC.exe
    2009-05-17 18:13 . 2009-05-17 18:13 71542 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}\ARPPRODUCTICON.exe
    2009-05-17 18:13 . 2009-05-17 18:13 110592 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}\NewShortcut1_E6B4523BA47C4DBA918CD9E220B3F4EC.exe
    2009-05-17 18:13 . 2009-05-17 18:13 110592 ----a-r- c:\users\Benjamin\AppData\Roaming\Microsoft\Installer\{E6B4523B-A47C-4DBA-918C-D9E220B3F4EC}\Cube.exe1_E6B4523BA47C4DBA918CD9E220B3F4EC.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-06 68856]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-10 397312]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
    "SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13584928]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-12-27 24064]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-02-18 6793760]
    "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-01-29 52392]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

    c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
    Tray Agent.lnk - c:\program files\Pristy Utils\Tray Agent.exe [2009-4-25 12800]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "HideFastUserSwitching"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{1D17A1B2-F82D-48D8-8765-1AF230282335}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{F644351D-C165-468B-82A9-30066C4D89BB}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{BF072197-A0A0-495C-B55A-48D48B918009}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
    "{6232EE71-1427-4311-8520-15799F0C8A7F}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
    "{27F5AF59-1BC3-411B-A5A6-F9FDE9745B21}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{E96B3A2D-958D-434D-B96F-34FA2540B2AF}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
    "{A8D550EE-E2CA-4ABC-B6BB-3804F509E8D4}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "{64A3640D-4334-46F1-8D7E-7488332532C9}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
    "{114A3CFE-FC68-402B-B8D5-C0C15ABF95EB}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{B69285AC-3154-4E8F-B6B7-54A271E5AAA1}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "{5EC7BFD9-2C99-4CFB-A47B-1424D8465CAF}"= UDP:c:\program files\eMule\emule.exe:eMule
    "{D7A8910F-B6F3-40F7-98DF-0F3F8F5CA0D1}"= TCP:c:\program files\eMule\emule.exe:eMule
    "4cfcce4d-f849-40d8-a8b7-242c7ae33eff"= %ProgramFiles%\eMule\emule.exe:Emule
    "TCP Query User{8FF81173-624D-467A-84D7-F3F6B566589F}c:\\program files\\steam\\steamapps\\clouter73\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\clouter73\counter-strike source\hl2.exe:hl2
    "UDP Query User{E3A7ACF0-2F1B-4851-B0B9-D01636202322}c:\\program files\\steam\\steamapps\\clouter73\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\clouter73\counter-strike source\hl2.exe:hl2
    "TCP Query User{78FF6101-EDE5-4F20-91A4-BD153609E007}c:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= UDP:c:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
    "UDP Query User{9DD01BA8-E108-4ADD-B991-E427DFBF9F73}c:\\program files\\trackmania nations eswc\\tmnationseswc.exe"= TCP:c:\program files\trackmania nations eswc\tmnationseswc.exe:TmNationsESWC
    "{FCFDA27F-E6E3-458D-8B37-BB774C26FDD2}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "TCP Query User{2A0457C3-0F7E-4D83-81E5-726D4C764563}c:\\program files\\steam\\steamapps\\clouter73\\counter-strike\\hl.exe"= UDP:c:\program files\steam\steamapps\clouter73\counter-strike\hl.exe:Half-Life Launcher
    "UDP Query User{934A9FE1-3AB2-4F60-B4C3-4D3685312B96}c:\\program files\\steam\\steamapps\\clouter73\\counter-strike\\hl.exe"= TCP:c:\program files\steam\steamapps\clouter73\counter-strike\hl.exe:Half-Life Launcher
    "TCP Query User{E6AEDFBF-AC6B-4AAC-B747-DFE11BB85800}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{3B6409D5-B9E0-4BA1-8279-03D1426E0EE1}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{444C7645-544A-478F-95AE-DF1EF7660F6C}c:\\program files\\left 4 dead\\left4dead.exe"= UDP:c:\program files\left 4 dead\left4dead.exe:left4dead
    "UDP Query User{3D9ABA87-ECBF-460B-BE8A-1D300C8FD67E}c:\\program files\\left 4 dead\\left4dead.exe"= TCP:c:\program files\left 4 dead\left4dead.exe:left4dead
    "TCP Query User{41911C11-884D-4E4D-AEDB-4587C4F8C287}c:\\program files\\steam\\steamapps\\clouter73\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\clouter73\day of defeat source\hl2.exe:hl2
    "UDP Query User{7D725196-28B2-4C05-BE72-5ACC05231D19}c:\\program files\\steam\\steamapps\\clouter73\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\clouter73\day of defeat source\hl2.exe:hl2
    "TCP Query User{AC2E86A9-7FBB-4C8C-9492-3619DDE61E0C}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
    "UDP Query User{2BE4F0E2-516E-41C7-BAEC-A22CD1E68B78}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
    "{83DBA98E-1148-4AA4-9BA1-D70A7FF62F02}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
    "{636440CA-CFC1-4B0B-BF77-E0DD8F620DAB}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
    "{4963FF7B-E3C8-478C-8E58-EA331840285D}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:Pro Cycling Manager - Season 2009
    "{EA056C93-A5D1-429D-8E13-1E16B43BEF90}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:Pro Cycling Manager - Season 2009
    "{C16D6C0C-19A1-4C8D-8231-1B6D0FA8BADE}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2009 - AutoRun
    "{89DAB405-615D-45B8-96A0-EFF6E7A3EFCD}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2009 - AutoRun

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)
    "DoNotAllowExceptions"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "DefaultOutboundAction"= 0 (0x0)
    "DefaultInboundAction"= 1 (0x1)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

    R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [03/02/2009 17:39 63096]
    R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [11/07/2006 09:30 42392]
    R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [05/08/2009 02:33 3033712]
    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [05/06/2009 19:11 114768]
    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11/09/2007 01:45 124832]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [12/08/2009 11:57 108289]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [05/06/2009 19:11 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [05/06/2009 19:11 51792]
    R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:23 21504]
    S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
    S2 gupdate1ca0ddb7eee11f5;Service Google Update (gupdate1ca0ddb7eee11f5);c:\program files\Google\Update\GoogleUpdate.exe [26/07/2009 12:26 133104]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [06/03/2009 22:52 28224]
    S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\System32\drivers\s3017bus.sys [26/06/2009 21:37 83880]
    S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\System32\drivers\s3017mdfl.sys [26/06/2009 21:37 15016]
    S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\System32\drivers\s3017mdm.sys [26/06/2009 21:37 110632]
    S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s3017mgmt.sys [26/06/2009 21:37 104616]
    S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\System32\drivers\s3017nd5.sys [26/06/2009 21:37 25512]
    S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\System32\drivers\s3017obex.sys [26/06/2009 21:37 100648]
    S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\System32\drivers\s3017unic.sys [26/06/2009 21:37 110120]
    S4 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/12/2008 14:41 24064]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=1208&m=imedia_a4730_fr
    mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&s=1&o=vp32&d=1208&m=imedia_a4730_fr
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    .

    **************************************************************************
    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files:

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-1891926680-1825607294-912342561-1000\Software\SecuROM\License information*]
    "datasecu"=hex:53,81,18,34,a7,5c,3a,fe,0a,c4,79,50,1d,9b,dd,62,1e,4d,fc,f8,03,
    b1,5e,54,da,2b,d6,10,56,e4,da,42,06,75,2f,20,4b,29,ba,75,3b,90,30,30,07,fc,\
    "rkeysecu"=hex:3f,9c,78,ff,47,48,6d,75,26,24,a5,a3,5a,8d,9d,60

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\System32\nvvsvc.exe
    c:\windows\System32\Ati2evxx.exe
    c:\windows\System32\audiodg.exe
    c:\windows\System32\rundll32.exe
    c:\windows\System32\Ati2evxx.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\System32\conime.exe
    c:\program files\Avira\AntiVir Desktop\avguard.exe
    c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
    c:\windows\System32\IoctlSvc.exe
    c:\program files\Alwil Software\Avast4\ashDisp.exe
    c:\windows\System32\WUDFHost.exe
    c:\program files\Pristy Utils\CD Hotkey F9.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\System32\wbem\WMIADAP.exe
    .
    **************************************************************************
    .
    Completion time: 2009-08-13 19:10 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-08-13 17:09

    Pre-Run: 855 973 928 960 octets libres
    Post-Run: 855 913 099 264 octets libres

    273 --- E O F --- 2009-08-10 15:37
    0
  3. SpOke1503 Messages postés 12 Statut Membre
     
    S'il vous plaits Répondez moi
    0
  4. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Internet refonctionne ?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. SpOke1503 Messages postés 12 Statut Membre
     
    Comment réactiver UAC Parce qu'il me mettes
    "tentive d'opération non autorisé sur une clé du Registre marqué pour supression" le non de la fenètre c'est explorer.exe
    0
  7. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Il suffit de recocher la case que tu as décoché.
    0
  8. SpOke1503 Messages postés 12 Statut Membre
     
    Oui mais je peux plus rien faire quoi que je fasse j'ai ce message..
    0
  9. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Redémarre ton PC.
    0
  10. SpOke1503 Messages postés 12 Statut Membre
     
    Ok je redémarre.
    0
  11. SpOke1503 Messages postés 12 Statut Membre
     
    C'est bon j'redémarre l'ordi pour mettre l'UAC.
    Je te dis après.
    0
  12. SpOke1503 Messages postés 12 Statut Membre
     
    J'peux aller sur internet explorer j'ai plus de message d'erreurs.
    Maintenant qu'est-ce qu'il faut faire pour détruire complètement le virus ( s'il est pas détruit déja ) ?
    0
  13. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    ---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
    ---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
    ---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
    ---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
    ---> Sélectionne Exécuter un examen rapide.
    ---> Clique sur Rechercher. L'analyse démarre.

    A la fin de l'analyse, un message s'affiche :

    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    ---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
    ---> Ferme tes navigateurs.
    Si des malwares ont été détectés, clique sur Afficher les résultats.
    ---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
    ---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    0
  14. SpOke1503 Messages postés 12 Statut Membre
     
    D'accord. Merci Beaucoup Je met en pause les anti-virus pendant le scan? je te copierai Le Scan avant de suprimer
    0
  15. SpOke1503 Messages postés 12 Statut Membre
     
    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2551
    Windows 6.0.6001 Service Pack 1

    13/08/2009 20:20:18
    mbam-log-2009-08-13 (20-20-03).txt

    Type de recherche: Examen rapide
    Eléments examinés: 84256
    Temps écoulé: 6 minute(s), 18 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> No action taken.

    Voila le Résultat. je suprime?
    0
  16. SpOke1503 Messages postés 12 Statut Membre
     
    ???
    0
  17. Destrio5 Messages postés 99820 Date d'inscription   Statut Modérateur Dernière intervention   10 324
     
    Oui, supprime.
    0
  18. SpOke1503 Messages postés 12 Statut Membre
     
    Malwarebytes' Anti-Malware 1.40
    Version de la base de données: 2551
    Windows 6.0.6001 Service Pack 1

    13/08/2009 20:43:58
    mbam-log-2009-08-13 (20-43-58).txt

    Type de recherche: Examen rapide
    Eléments examinés: 84256
    Temps écoulé: 6 minute(s), 18 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

    Voila. Merci Beaucoup Pour Tout, Je Mets un résolut. Merci Destrio
    0