Sujet Précédent Sujet Suivant

Gmer impossible d'effacer les lignes rouges

kamel67000 Messages postés 140 Statut Membre -  
Narco!4 Messages postés 2446 Statut Contributeur -
Bonjour,
impossible d'effacer les lignes rouges sur gmer car j'ai la memoire infecter si quelq'un peut m'aider merci ?
A voir également:

27 réponses

  • 1
  • 2
Réponse 1 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
Bonjour
Télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
0
Réponse 2 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
slt ok desoler mets comme sa beugge a cause d'un virus j'ai mit un peut de temps a repondre mets j'ai l'impression que cela veut pas marcher de scanner ses un virus

virus win32/rookits.agent.odg cheval de troie
0
Réponse 3 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
voici le raport mets il y a un probleme je peut pas acceder au mode sans echec depuit ce virus
0
Réponse 4 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
ou le rapport ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
voici le raport

Rapport GenProc 2.617 [2] - 02/09/2009 à 19:11:25
@ Windows XP Service Pack 3 - Mode normal
@ Internet Explorer (8.0.6001.18702) [Navigateur par défaut]

~~ CM DISK ERROR ~~

# Etape 1/ Télécharge :

- USBFix http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe (Chiquitine29) sur le Bureau, et procède simplement à son installation.

- Yoog_Fix http://batchdhelus.open-web.fr/programme/Yoog_Fix.exe (Batch_Man) sur le Bureau.

- ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe (sUBs) sur ton Bureau.
Désactive ton antivirus, ton pare-feu et ferme tes programmes en cours. Lance combofix.exe et accepte les termes en cliquant sur OUI. Patiente. Au message "ComboFix a détecté que la 'console de récupération Windows' n'existe pas sur ce PC", clique sur oui puis sur OK, puis patiente. Valide le CLUF Microsoft. Au message "La console de récupération a été installée avec succès", clique impérativement sur NON pour quitter le programme (ferme également le rapport CF-RC.txt qui s'est ouvert)

Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** UPR9002 *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[2]" sur ton bureau).

# Etape 2/

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir, puis double-clique sur le raccourci USBFix présent sur ton Bureau : choisis l' option 2 (Suppression), ton bureau disparaitra et le pc redémarrera. Au redémarrage, USBFix scannera ton pc, laisse travailler l'outil.

# Etape 3/

Lance Yoog_Fix depuis le Bureau et choisis l'option 1 (Recherche/Suppression). Accepte le disclaimer, patiente et lorsque c'est terminé, clique sur OK.

# Etape 4/

Double clique sur combofix.exe et suis les instructions. Attention de ne pas utiliser ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne au risque de figer l'ordinateur.

# Etape 5/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 6/

Redémarre normalement et poste, dans la même réponse :

- Le contenu du rapport UsbFix.txt situé dans C:\ ;
- Le contenu du rapport Yoog.txt situé sur le Bureau ;
- Le contenu du rapport Combofix.txt situé dans C:\ ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;
- Un nouveau rapport GenProc ;

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

~~ Arguments de la procédure ~~

# Détections [2] GenProc 2.617 02/09/2009 à 19:12:52
USBFix:le 02/09/2009 à 19:21:18 "C:\WINDOWS\System32\autorun.inf"
Yoog:le 02/09/2009 à 19:21:19 "C:\Documents and Settings\UPR9002\Application Data\Mozilla\Firefox\Profiles\gzy04u72.default\searchplugins\Yoog Search.xml "
TDSS:le 02/09/2009 à 19:21:19 "C:\WINDOWS\System32\UAC*.???"

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 19:22:23 ~~
0
Réponse 6 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
j'arrive plus a aller au mode sans echec pour info
0
Réponse 7 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
fait tous en mode normal
0
Réponse 8 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
je trouve pas les deux programme combi fix et youg fix
0
Réponse 9 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
tu les as télécharger ?
0
Réponse 10 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
oui les combi fix et yogi fix
0
Réponse 11 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
et alors ?
0
Réponse 12 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
j'ai reussie a aller en mode sans echec puit j'ai lancer combi fix il ses finie mets il dit qui va envoyer un raport le chkdsk ses remis en route ecran bleu le volume et impropre puit genre sa se reparer car j'avait un message avant qu'il etait endommager ou ilisible je pense que sa reparer le fichier et log que j'attend le raport

le voila:

ComboFix 09-09-01.07 - UPR9002 02/09/2009 20:33.1.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1534.1182 [GMT 2:00]
Running from: c:\documents and settings\UPR9002\Mes documents\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\UPR9002\Application Data\inst.exe
c:\windows\Installer\10639ac7.msi
c:\windows\Installer\16a5d.msi
c:\windows\Installer\1c770fa.msi
c:\windows\Installer\350aec.msi
c:\windows\Installer\44a58be.msi
c:\windows\Installer\486cc.msi
c:\windows\Installer\713298.msi
c:\windows\Installer\a4a2300.msi
c:\windows\Installer\b843f.msi
c:\windows\msb.exe
c:\windows\msn_display.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\c5eb5511-aed1-e74e-7b10-065a8fa0572b.exe
c:\windows\system32\Cache
c:\windows\system32\drivers\kbiwkmoibljnix.sys
c:\windows\system32\drivers\UACkmpwhqtfrb.sys
c:\windows\system32\kbiwkmagfbgrte.dll
c:\windows\system32\kbiwkmbuxxrmrs.dat
c:\windows\system32\kbiwkmibitnwev.dll
c:\windows\system32\kbiwkmipfypuxy.dll
c:\windows\system32\kbiwkmorvthvuc.dll
c:\windows\system32\kbiwkmpfdxlbdr.dat
c:\windows\system32\kbiwkmpkopavym.dat
c:\windows\system32\kbiwkmqiemxfra.dat
c:\windows\system32\logs
c:\windows\system32\mdm.exe
c:\windows\system32\UACcntddqlqdw.dat
c:\windows\system32\UACdqguffblym.db
c:\windows\system32\UACflgqjkvgch.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACkyafncfxta.dll
c:\windows\system32\UACmdqodyvsal.dll
c:\windows\system32\UACndjkcbuetn.dll
c:\windows\system32\UACxnnsjoiifs.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys
-------\Legacy_UACd.sys
-------\Legacy_IPRIP
-------\Legacy_NWCWORKSTATION
-------\Service_kbiwkmjawnbpox

((((((((((((((((((((((((( Files Created from 2009-08-02 to 2009-09-02 )))))))))))))))))))))))))))))))
.

2009-09-02 17:51 . 2009-09-02 17:51 -------- d-----w- C:\Yoog_Fix
2009-09-02 17:28 . 2009-09-02 17:28 -------- d-----w- C:\UsbFix
2009-09-02 17:02 . 2009-09-02 17:11 -------- d-----w- C:\GenProc
2009-09-02 16:15 . 2009-09-02 16:15 -------- d-----w- c:\program files\BitDefender
2009-09-02 16:01 . 2009-09-02 16:01 38 ----a-w- C:\BdUninstallTool2009.09.02-06.01.49.reg
2009-09-02 15:33 . 2009-09-02 15:33 -------- d-----w- c:\program files\Nero
2009-09-02 13:44 . 2009-09-02 14:08 -------- d-----w- c:\program files\Ad-remover
2009-09-02 13:24 . 2009-09-02 13:24 -------- d-----w- C:\Rooter$
2009-09-02 13:05 . 2009-09-02 13:06 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Nero
2009-09-02 12:46 . 2009-09-02 13:05 -------- d-----w- C:\ToolBar SD
2009-09-02 12:00 . 2009-09-02 12:00 -------- d-----w- c:\documents and settings\UPR9002\Local Settings\Application Data\ESET
2009-09-02 10:59 . 2009-09-02 10:59 -------- d-----w- c:\windows\BDOSCAN8
2009-09-02 09:47 . 2009-09-02 12:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-02 09:43 . 2009-09-02 13:21 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-08-31 16:34 . 2009-08-31 16:34 -------- d-----w- c:\program files\Power IE
2009-08-31 14:36 . 2009-09-02 13:38 -------- d-----w- c:\program files\Navilog1
2009-08-30 21:15 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-30 21:15 . 2009-09-02 13:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-30 21:15 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-30 17:59 . 2009-09-02 09:31 -------- d-----w- c:\program files\Lavasoft
2009-08-30 15:24 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-30 15:24 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-30 15:24 . 2009-08-30 15:24 -------- d-----w- c:\program files\Avira
2009-08-30 02:40 . 2009-08-30 02:40 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-08-30 02:33 . 2009-08-30 02:42 -------- d-----w- c:\documents and settings\UPR9002\Application Data\DAEMON Tools Lite
2009-08-29 23:26 . 2009-08-29 23:26 -------- d-----w- c:\program files\Full Pack Codecs
2009-08-29 16:19 . 2009-09-02 09:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-29 16:19 . 2009-09-02 09:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-29 10:04 . 2009-08-29 10:04 -------- d-----w- c:\documents and settings\All Users\Application Data\SITEguard
2009-08-29 10:03 . 2009-08-29 10:03 -------- d-----w- c:\program files\Fichiers communs\iS3
2009-08-29 02:19 . 2009-08-29 02:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-08-29 00:28 . 2009-08-29 00:28 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Logs
2009-08-25 22:53 . 2009-09-02 18:33 -------- d-----w- c:\windows\system32\CatRoot2
2009-08-25 22:32 . 2009-08-25 22:32 -------- d-----w- c:\documents and settings\UPR9002\Local Settings\Application Data\Microsoft Corporation
2009-08-25 22:32 . 2009-08-25 22:48 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-08-17 13:04 . 2009-08-17 15:38 -------- d-----w- c:\program files\Fichiers communs\Uninstall
2009-08-12 12:16 . 2009-08-12 12:21 -------- d-----w- c:\documents and settings\UPR9002\Application Data\PhotoFiltre Studio X
2009-08-12 12:15 . 2009-08-12 12:19 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-08-12 05:23 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-11 23:41 . 2009-08-11 23:43 -------- d-----w- C:\Xenofex 2
2009-08-11 21:25 . 2004-05-19 08:02 49152 ----a-w- c:\windows\system32\Xsusie.dll
2009-08-11 21:25 . 2004-05-19 08:02 225280 ----a-w- c:\windows\system32\Xjp2.dll
2009-08-11 21:25 . 2004-05-19 08:02 114688 ----a-w- c:\windows\system32\Xjpegls.dll
2009-08-11 21:25 . 2004-05-19 08:01 81920 ----a-w- c:\windows\system32\Xjbig.dll
2009-08-11 21:25 . 2004-05-19 08:01 49152 ----a-w- c:\windows\system32\Xjng.dll
2009-08-11 21:25 . 2004-05-27 14:46 872448 ----a-w- c:\windows\system32\libgfl211.dll
2009-08-11 21:25 . 2004-05-19 08:01 364544 ----a-w- c:\windows\system32\Xfpx.dll
2009-08-11 21:25 . 2004-02-04 04:33 307200 ----a-w- c:\windows\system32\libmng.dll
2009-08-11 19:39 . 2009-08-11 19:39 -------- d-----w- c:\program files\UnFREEz
2009-08-09 01:13 . 2009-08-09 01:15 -------- d-----w- c:\program files\PhotoFiltre
2009-08-09 00:54 . 2009-08-09 00:54 -------- d-----w- c:\program files\MSN Messenger
2009-08-05 09:00 . 2009-08-05 09:00 205312 ------w- c:\windows\system32\dllcache\mswebdvd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-02 18:53 . 2009-02-04 22:09 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Skype
2009-09-02 18:52 . 2009-06-17 16:02 -------- d-----w- c:\program files\Steam
2009-09-02 16:19 . 2009-02-04 22:11 -------- d-----w- c:\documents and settings\UPR9002\Application Data\skypePM
2009-09-02 16:15 . 2009-07-10 13:27 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-09-02 16:11 . 2009-03-26 17:20 -------- d-----w- c:\documents and settings\UPR9002\Application Data\uTorrent
2009-09-02 15:33 . 2008-11-08 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-02 09:31 . 2008-02-06 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-31 14:56 . 2009-07-12 13:03 -------- d-----w- c:\program files\Trend Micro
2009-08-30 02:33 . 2009-02-25 21:00 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-30 01:46 . 2006-02-03 16:39 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-29 16:55 . 2009-07-06 22:32 -------- d-----w- c:\program files\Common Files
2009-08-29 10:20 . 2009-08-29 10:07 3256 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-08-29 10:12 . 2009-08-29 10:08 792 ----a-w- c:\windows\system32\drivers\kgpfr2.cfg
2009-08-29 02:40 . 2009-08-29 02:40 285704 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys.upd
2009-08-29 02:40 . 2009-05-26 11:47 110472 ----a-w- c:\windows\system32\drivers\bdfndisf.sys
2009-08-23 21:53 . 2009-03-26 17:20 -------- d-----w- c:\program files\uTorrent
2009-08-23 16:59 . 2009-07-11 23:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-08-19 16:52 . 2009-07-09 18:36 249856 ------w- c:\windows\Setup1.exe
2009-08-19 16:52 . 2009-07-09 18:36 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-08-14 00:37 . 2009-07-15 17:01 -------- d-----w- c:\program files\URUSoft
2009-08-11 14:36 . 2009-07-20 09:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-08-05 09:00 . 2004-08-19 13:03 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 17:51 . 2009-04-17 16:36 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-30 14:55 . 2009-07-30 14:49 -------- d-----w- c:\program files\Uniblue
2009-07-30 14:50 . 2008-03-11 22:23 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Uniblue
2009-07-24 10:26 . 2009-07-24 10:26 285704 ----a-w- c:\windows\system32\drivers\TBMB.tmp
2009-07-23 09:59 . 2009-05-31 10:20 -------- d-----w- c:\program files\TimeAdjuster
2009-07-20 23:47 . 2009-07-12 14:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-07-19 19:49 . 2009-07-19 19:49 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-19 19:36 . 2004-08-19 13:03 570236 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-19 19:36 . 2004-08-19 13:03 107672 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-19 06:07 . 2006-02-06 13:15 71920 ----a-w- c:\documents and settings\UPR9002\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-19 06:07 . 2009-07-19 06:06 -------- d-----w- c:\documents and settings\UPR9002\Application Data\ViStart
2009-07-19 05:30 . 2009-07-19 05:30 -------- d-----w- c:\documents and settings\UPR9002\Application Data\ViSplore
2009-07-19 05:26 . 2009-07-19 05:26 -------- d-----w- c:\program files\TrueTransparency
2009-07-17 19:03 . 2004-08-19 13:03 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 17:22 . 2009-07-15 17:22 -------- d-----w- c:\program files\SubSync
2009-07-13 21:43 . 2004-08-19 13:04 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-13 00:54 . 2009-07-09 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\INTERNET SPAM SUPPORT AUDIO
2009-07-12 14:20 . 2009-07-12 14:20 -------- d-----w- c:\program files\CCleaner
2009-07-12 14:20 . 2009-07-12 14:20 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Yahoo!
2009-07-12 01:24 . 2009-07-12 01:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-11 17:30 . 2009-06-17 21:29 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Desktopicon
2009-07-10 14:35 . 2009-07-10 14:35 105736 ----a-w- c:\windows\system32\drivers\bdhv.sys
2009-07-10 14:35 . 2009-05-25 17:05 152328 ----a-w- c:\windows\system32\drivers\bdfm.sys
2009-07-10 14:34 . 2009-07-10 14:34 279176 ----a-w- c:\windows\system32\drivers\TBMD.tmp
2009-07-10 14:34 . 2009-05-08 14:39 279176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2009-07-10 13:29 . 2009-07-10 13:29 -------- d-----w- c:\documents and settings\UPR9002\Application Data\BitDefender
2009-07-10 13:28 . 2009-07-10 13:26 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-07-07 19:04 . 2009-07-07 19:04 -------- d-----w- c:\program files\Bonjour
2009-07-07 19:04 . 2006-02-01 13:28 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-07-07 18:27 . 2007-12-09 17:48 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-07 18:15 . 2009-07-07 18:15 -------- d-----w- c:\program files\Fichiers communs\Macrovision Shared
2009-07-06 22:21 . 2009-07-06 22:21 -------- d-----w- c:\documents and settings\UPR9002\Application Data\Autodesk
2009-07-06 22:21 . 2009-07-06 22:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2009-07-06 22:00 . 2009-07-06 22:00 -------- d-----w- c:\program files\MSBuild
2009-07-06 21:59 . 2009-07-06 21:59 -------- d-----w- c:\program files\Reference Assemblies
2009-07-06 19:58 . 2006-02-01 08:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-03 16:57 . 2004-08-19 13:03 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 08:26 . 2004-08-19 13:03 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:26 . 2004-08-19 13:03 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:26 . 2004-08-19 13:03 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:26 . 2004-08-19 13:03 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:26 . 2004-08-19 13:03 736768 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:26 . 2004-08-19 13:03 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2004-08-19 13:03 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-17 15:53 . 2008-06-26 15:18 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-16 14:40 . 2004-08-19 13:03 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2004-08-19 13:03 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:44 . 2004-08-19 13:03 78848 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 10:44 . 2004-08-19 13:03 82944 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:14 . 2004-08-19 13:03 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:21 . 2004-08-19 13:14 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:15 . 2004-08-19 13:03 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-26 11:18 . 2009-07-10 13:35 45056 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2008-08-09 11:51 . 2007-12-01 20:43 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-08-09 11:51 . 2007-12-01 20:43 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-08-09 11:51 . 2008-02-14 11:07 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-08-09 11:51 . 2008-02-14 11:07 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-08-09 11:51 . 2007-12-01 20:43 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-03-26 14:22 . 2009-03-26 14:22 23 --sha-w- c:\windows\system32\fbdad2_d.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2009-05-21 2094616]
"{DD02A4EB-4AFD-4D60-99D8-E67F964CA813}"= "c:\program files\PHPNukeEN\tbPHP0.dll" [2009-05-30 2094616]
"{26639A45-65D8-4E33-90C2-123FADA08DCD}"= "c:\program files\Reload_Paradise\tbRelo.dll" [2009-06-08 2124824]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CLASSES_ROOT\clsid\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]

[HKEY_CLASSES_ROOT\clsid\{26639a45-65d8-4e33-90c2-123fada08dcd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26639a45-65d8-4e33-90c2-123fada08dcd}]
2009-06-08 07:55 2124824 ----a-w- c:\program files\Reload_Paradise\tbRelo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
2009-05-30 18:09 2094616 ----a-w- c:\program files\PHPNukeEN\tbPHP0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2009-05-21 12:23 2094616 ----a-w- c:\program files\free-downloads.net\tbfre1.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfre1.dll" [2009-05-21 2094616]
"{DD02A4EB-4AFD-4D60-99D8-E67F964CA813}"= "c:\program files\PHPNukeEN\tbPHP0.dll" [2009-05-30 2094616]
"{26639A45-65D8-4E33-90C2-123FADA08DCD}"= "c:\program files\Reload_Paradise\tbRelo.dll" [2009-06-08 2124824]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CLASSES_ROOT\clsid\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]

[HKEY_CLASSES_ROOT\clsid\{26639a45-65d8-4e33-90c2-123fada08dcd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-07 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-02 23975720]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2009-02-24 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"Steam"="c:\program files\Steam\Steam.exe" [2009-06-17 1217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WireLessMouse"="c:\program files\Multimedia Mouse Driver\V5\StartAutorun.exe" [2005-11-30 94208]
"Athan"="c:\program files\Athan\Athan.exe" [2009-01-18 1081344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-2-24 450560]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^UPR9002^Menu Démarrer^Programmes^Démarrage^FreeBot.lnk]
backup=c:\windows\pss\FreeBot.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"LogitechVideoTray"=c:\program files\Logitech\Video\LogiTray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Documents and Settings\\UPR9002\\Mes documents\\Downloads\\utorrent.exe"=
"c:\\Documents and Settings\\UPR9002\\Mes documents\\Downloads\\utorrent (1).exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\Steam\\steamapps\\chorba67\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7834:TCP"= 7834:TCP:bit torrent
"7635:TCP"= 7635:TCP:bit torrent
"6881:TCP"= 6881:TCP:bit torrent
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"33196:TCP"= 33196:TCP:*:Disabled:utorrent
"33196:UDP"= 33196:UDP:*:Disabled:utorrent
"3074:TCP"= 3074:TCP:*:Disabled:u torrent
"3074:UDP"= 3074:UDP:*:Disabled:u torrent
"49700:UDP"= 49700:UDP:*:Disabled:u torrent
"7634:TCP"= 7634:TCP:*:Disabled:u torrent
"7634:UDP"= 7634:UDP:*:Disabled:u torrent
"7635:UDP"= 7635:UDP:*:Disabled:u torrent
"6882:TCP"= 6882:TCP:*:Disabled:u torrent
"6882:UDP"= 6882:UDP:*:Disabled:u torrent
"86:TCP"= 86:TCP:BroadCam Web Server

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [19/08/2004 15:03 14336]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [26/05/2009 13:47 110472]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys --> c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [?]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [29/08/2009 04:40 176128]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [25/05/2009 19:05 152328]
S3 DoradoPC;Polaroid PDC 301 VGA Camera;c:\windows\system32\drivers\drdvid40.sys [30/07/2006 16:55 106816]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [20/10/2004 15:23 21344]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
bdx REG_MULTI_SZ scan
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3979984330-2063461283-4077185267-1007Core.job
- c:\documents and settings\UPR9002\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-23 12:44]

2009-09-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3979984330-2063461283-4077185267-1007UA.job
- c:\documents and settings\UPR9002\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-23 12:44]

2009-09-02 c:\windows\Tasks\User_Feed_Synchronization-{6F4838DA-3945-47CF-A1B8-46366746BA4C}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

2009-09-02 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

2009-09-02 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-12 20:18]
.
- - - - ORPHANS REMOVED - - - -

BHO-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\myBabylon_English\tbmyBa.dll
Toolbar-{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - c:\program files\myBabylon_English\tbmyBa.dll
Toolbar-SITEguard - (no file)
WebBrowser-{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - c:\program files\myBabylon_English\tbmyBa.dll

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://google.com/
mWindow Title =
uInternet Settings,ProxyServer = microsoft.com:80
uInternet Settings,ProxyOverride = <local>;localhost;*.local
TCP: {5C4E4DB4-4C50-4483-BD1D-96F07018907A} = 212.27.53.252,212.27.54.252
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\UPR9002\Application Data\Mozilla\Firefox\Profiles\gzy04u72.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www17.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|https://www.msn.com/fr-fr
FF - prefs.js: keyword.URL - hxxp://www17.yoog.com/search.php?q=
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}\components\FFAlert.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www17.yoog.com/search.php?q=
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www17.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-02 20:52
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\kbiwkmjawnbpox]
"imagepath"="\systemroot\system32\drivers\kbiwkmoibljnix.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead COOL 360]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead Photo Explorer]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Ulead Systems\Ulead Photo Express My Custom Edition]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Ulead Systems\UserInfo]
@DACL=(02 0000)
"UserName"="nc"
"UserEmail"=""
"CompanyName"=""
"ClientID"="2391966"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\kbiwkmjawnbpox]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\kbiwkmoibljnix.sys"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3580)
c:\docume~1\UPR9002\LOCALS~1\Temp\IadHide4.dll
c:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll
c:\program files\Fichiers communs\Ahead\Lib\MFC71U.DLL
c:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\snmp.exe
c:\program files\Multimedia Mouse Driver\V5\MouseDrv.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Windows Live\Messenger\usnsvc.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2009-09-02 21:00 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-02 19:00

Pre-Run: 3 197 882 368 octets libres
Post-Run: 3 971 751 936 octets libres

Current=3 Default=3 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5
428 --- E O F --- 2009-08-30 01:01
0
Réponse 13 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
la suite est simple
lance yoog puis usbfix
0
Réponse 14 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
en mode sans echec ou normal
merci de l'aide
0
Réponse 15 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
je lance l'operation et je te tiens au courrant des que ses finie merci encore
0
Réponse 16 / 27
Narco!4 Messages postés 2446 Statut Contributeur 467
 
en sans echec
0
Réponse 17 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
voici le raport de mets j'avait pas vue qu'il y avait une 2eme page donc je les fait en normal voicie le raport

Yoog_Fix 3.0.1 de Batch_Man | UPR9002 (Administrateur)
Debut a 21:17 le 02/09/2009
Microsoft Windows XP Professionnel(5.1.2600)

Intel(R) Pentium(R) 4 CPU 3.00GHz
Ram : 1534 Mo
Normal boot

Antivirus: BitDefender Antivirus 13.0.13 (Not activated)
Pare-Feu: BitDefender Firewall 13.0 (Activated)
Lancé de "C:\Documents and Settings\UPR9002\Bureau\Yoog_Fix.bat"

C:\ [Fixed] - NTFS - (Total:76230 Mo/Free:3827 Mo)
D:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
F:\ [Removable] (Total:982 Mo/Free:444 Mo)

Option [1] 2 3 Recherche / Suppression

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»» [Suppression: Fichiers / Dossiers / Clés / Prefs Firefox]

SUPPRIME - C:\Program Files\Mozilla Firefox\components\FFComm.dll

SUPPRIME - prefs.js [UPR9002 - gzy04u72.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www17.yoog.com/search.php?q=");
SUPPRIME - prefs.js [UPR9002 - gzy04u72.default] user_pref("browser.search.defaultenginename", "Yoog Search");
SUPPRIME - prefs.js [UPR9002 - gzy04u72.default] user_pref("browser.search.defaulturl", "http://www17.yoog.com/search.php?q=");
SUPPRIME - prefs.js [UPR9002 - gzy04u72.default] user_pref("browser.search.selectedEngine", "Yoog Search");
SUPPRIME - prefs.js [UPR9002 - gzy04u72.default] user_pref("keyword.URL", "http://www17.yoog.com/search.php?q=");
SUPPRIME - user.js [UPR9002 - gzy04u72.default] user_pref("browser.search.defaultenginename", "Yoog Search");
SUPPRIME - user.js [UPR9002 - gzy04u72.default] user_pref("browser.search.defaulturl", "http://www17.yoog.com/search.php?q=");
SUPPRIME - user.js [UPR9002 - gzy04u72.default] user_pref("browser.search.selectedEngine", "Yoog Search");
SUPPRIME - user.js [UPR9002 - gzy04u72.default] user_pref("keyword.URL", "http://www17.yoog.com/search.php?q=");
SUPPRIME - user.js [UPR9002 - hzki36xw.default] user_pref("browser.search.defaultenginename", "Yoog Search");
SUPPRIME - user.js [UPR9002 - hzki36xw.default] user_pref("browser.search.defaulturl", "http://www17.yoog.com/search.php?q=");
SUPPRIME - user.js [UPR9002 - hzki36xw.default] user_pref("browser.search.selectedEngine", "Yoog Search");
SUPPRIME - user.js [UPR9002 - hzki36xw.default] user_pref("keyword.URL", "http://www17.yoog.com/search.php?q=");

------------[Suspects]

Aucun fichier suspect trouvé

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»» [Recherche: Analyse de Firefox]

------------[Analyse de Firefox]

Mozilla Firefox 2.0.0.16 (fr)
Répertoire d'installation : C:\Program Files\Mozilla Firefox
Path: C:\Documents and Settings\UPR9002\Application Data\Mozilla\Firefox\Profiles\gzy04u72.default
Path: C:\Documents and Settings\UPR9002\Application Data\Mozilla\Firefox\Profiles\hzki36xw.default

[UPR9002\..\prefs.js] browser.startup.homepage: "https://gamespace.daemon-tools.cc/fra/home|https://www.msn.com/fr-fr"
[UPR9002\..\prefs.js] browser.startup.homepage: "https://gamespace.daemon-tools.cc/fra/home|https://www.msn.com/fr-fr"
[UPR9002\..\prefs.js] browser.startup.homepage: "https://www.msn.com/fr-fr/?ocid=iehp"

------------[Extensions Firefox]

[UPR9002] ar@dictionaries.addons.mozilla.org = Arabic spell-checking dictionary
[UPR9002] de-AT@dictionaries.addons.mozilla.org = Deutsches Wörterbuch, erweitert für Österreich">
[UPR9002] de-DE@dictionaries.addons.mozilla.org = Deutsches Wörterbuch">
[UPR9002] en-GB@dictionaries.addons.mozilla.org = British English Dictionary">
[UPR9002] en-US@dictionaries.addons.mozilla.org = United States English Dictionary
[UPR9002] {3112ca9c-de6d-4884-a869-9855de68056c} = Google Toolbar for Firefox
[UPR9002] {635abd67-4fe9-1b23-4f01-e679fa7484c1} = Yahoo! Toolbar
[UPR9002] {E9A1DEE0-C623-4439-8932-001E7D17607D} = Ask Toolbar for Firefox

{20a82645-c095-46ed-80e3-08825760534b} = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FFToolbar@bitdefender.com = C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\

------------[Mozilla Plugins]

Path = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\WINDOWS\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe® Flash® Player Plugin
Vendor = Adobe Systems Incorporated
Version = 10.0.22.87

Path = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
ProductName = Adobe Shockwave Player
Vendor = Adobe Systems Inc
Version = 11.0.0.458

Path = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
XPTPath = C:\Program Files\DivX\DivX Web Player\npdivx32.xpt
GeckoVersion = 1.00
Version = 1.0.0

Vendor = DivX,Inc.
ProductName = DivX Web Player
Path = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
XPTPath = C:\Program Files\DivX\DivX Content Uploader\npUpload.xpt
GeckoVersion = 1.00
Version = 1.0.0

Vendor = DivX,Inc.
ProductName = DivX® Content Upload Plugin
Path = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
XPTPath = C:\Program Files\DivX\DivX Player\nsIDivxPlayerPlugin.xpt
GeckoVersion = 1.00
Version = 1.0.0

Vendor = DivX,Inc.
ProductName = DivX® Player Plugin
Vendor = iViVo
Version = 1.6.1a

GeckoVersion = 1.7.5
Path = c:\Program Files\Microsoft Silverlight\3.0.40723.0\npctrl.dll
ProductName = Ag Player
Vendor = Microsoft
Version = 3.0

GeckoVersion = 1.7.2
Path = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
ProductName = Windows Presentation Foundation
Vendor = Microsoft Corp.
Version = 3.5

Path = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
XPTPath = C:\WINDOWS\system32\Macromed\Flash\flashplayer.xpt
ProductName = Adobe Flash Player
Vendor = Adobe Systems Inc.
Version = 9.0.115.0

Path = C:\Documents and Settings\UPR9002\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
ProductName = Google Update
Vendor = Google
Version = 8

------------[Plugins de recherche]

[UPR9002] bing.xml = https://www.bing.com/?cc=fr&toHttps=1&redig=4A724A8119B443148846ADF1DAF48F9E
[UPR9002] FireSearch.xml = http://www.ffsearch.net/
[UPR9002] live-search.xml = https://outlook.live.com/owa/
[Program Files] amazon-france.xml = https://www.amazon.fr/
[Program Files] eBay-france.xml = http://search.ebay.fr/
[Program Files] google.xml = https://www.google.com/
[Program Files] MediaDICO-fr.xml = http://www.dictionnaire-mediadico.com/dictionnaires.asp
[Program Files] wikipedia-fr.xml = https://fr.wikipedia.org/wiki/Sp%C3%A9cial:Recherche
[Program Files] yahoo-france.xml = https://fr.search.yahoo.com/

------------[Listing de dossiers]

[09/08/2008 13:51 | 67696 bytes] C:\Program Files\Mozilla Firefox\Components\jar50.dll
[09/08/2008 13:51 | 54376 bytes] C:\Program Files\Mozilla Firefox\Components\jsd3250.dll
[09/08/2008 13:51 | 34952 bytes] C:\Program Files\Mozilla Firefox\Components\myspell.dll
[09/08/2008 13:51 | 46720 bytes] C:\Program Files\Mozilla Firefox\Components\spellchk.dll
[09/08/2008 13:51 | 172144 bytes] C:\Program Files\Mozilla Firefox\Components\xpinstal.dll
[01/05/2009 23:02 | 1044480 bytes] C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[17/06/2008 16:12 | 114688 bytes] C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[23/01/2008 08:20 | 491520 bytes] C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[12/05/2009 20:46 | 1650992 bytes] C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[19/05/2009 00:41 | 98304 bytes] C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[09/08/2008 13:51 | 22664 bytes] C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[27/02/2009 13:13 | 103792 bytes] C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[01/05/2009 23:02 | 200704 bytes] C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»» [Recherche: Analyse d'Internet explorer / Registre ]

Internet Explorer : 8.0.6001.18702

L1 = HKLM\..\Main.Start Page = https://www.msn.com/fr-fr
L1 = HKLM\..\Main.Start Page = REG_MULTI_SZ
L1 = HKLM\..\Main.Start Page =
L1 = HKLM\..\Main.Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Search Bar = http://www.bing.com/spresults.aspx
L1 = HKLM\..\Main.Window Title =
L1 = HKCU\..\Main.Start Page = https://www.google.com/?gws_rd=ssl
L1 = HKCU\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\.DEFAULT\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\.DEFAULT\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-21-3979984330-2063461283-4077185267-1007\..\Main.Start Page = https://www.google.com/?gws_rd=ssl
L1 = HKU\S-1-5-21-3979984330-2063461283-4077185267-1007\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKU\S-1-5-18\..\Main.Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
L1 = HKU\S-1-5-18\..\Main.Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Main.Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
L1 = HKLM\..\Main.Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
L1 = HKLM\..\Main.CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
L1 = HKLM\..\Main.SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
L1 = HKLM\..\Main.SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
L1 = HKLM\..\Main.CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60347
L1 = HKLM\..\Search.Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
L1 = HKLM\..\Search.CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
L1 = HKCU\..\Toolbar.LinksFolderName = Liens
L1 = HKU\.DEFAULT\..\Main.Default_Page_URL = https://www.dell.com/fr-fr
L1 = HKU\S-1-5-21-3979984330-2063461283-4077185267-1007\..\Toolbar.LinksFolderName = Liens
L1 = HKU\S-1-5-18\..\Main.Default_Page_URL = https://www.dell.com/fr-fr
L1 = HKU\.DEFAULT\..\Main.First Home Page= https://www.dell.com/fr-fr
L1 = HKU\S-1-5-18\..\Main.First Home Page= https://www.dell.com/fr-fr
L2 = HKCU\..\Internet Settings.ProxyServer = microsoft.com:80
L2 = HKCU\..\Internet Settings.ProxyOverride = <local>;localhost;*.local

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet =
NavigationFailure = res://ieframe.dll/navcancl.htm
DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm
NavigationCanceled = res://ieframe.dll/navcancl.htm
OfflineInformation = res://ieframe.dll/offcancl.htm
Home = 0x10e
blank = res://mshtml.dll/blank.htm
PostNotCached = res://ieframe.dll/repost.htm
NoAdd-ons = res://ieframe.dll/noaddon.htm
NoAdd-onsInfo = res://ieframe.dll/noaddoninfo.htm
SecurityRisk = res://ieframe.dll/securityatrisk.htm
Tabs = res://ieframe.dll/tabswelcome.htm
InPrivate = res://ieframe.dll/inprivate.htm

--------[Browser Helper Object]

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670},@SANS NOM=3.0
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3},@SANS NOM=3.0
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3},@SANS NOM=AcroIEHelperStub
BHO: {22BF413B-C6D2-4d91-82A9-A0F997BA588C},@SANS NOM=3.0
BHO: {22BF413B-C6D2-4d91-82A9-A0F997BA588C},@SANS NOM=Skype add-on (mastermind)
BHO: {26639a45-65d8-4e33-90c2-123fada08dcd},@SANS NOM=3.0
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43},@SANS NOM=3.0
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6},@SANS NOM=3.0
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7},@SANS NOM=3.0
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D},@SANS NOM=3.0
BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0},@SANS NOM=3.0
BHO: {dd02a4eb-4afd-4d60-99d8-e67f964ca813},@SANS NOM=3.0
BHO: {ecdee021-0d17-467f-a1ff-c7a115230949},@SANS NOM=3.0

--------[SearchScopes]

[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes],@DefaultScope={9D5BD211-422C-4164-9298-BB4186A30F31}
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\${searchCLSID}],@DisplayName=@ieframe.dll,-12512
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{097E7337-311D-44FF-A853-3F454FE1A682}],@DisplayName=Barre d'outils D-i-v-X AV Codec Pack
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{0E788F77-3132-4553-AC5A-472EE3371E2C}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}],@DisplayName=Search the web
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{17634B7F-8F12-4EB6-A1BA-00AB35CF5D06}],@DisplayName=Dealio Search
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}],@DisplayName=Ask
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{1A4220E9-3ACA-44D9-A66C-4D8753145366}],@DisplayName=Yahoo! Search
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{4286522C-887F-4362-9CE5-1EC06948E709}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{9106D232-E775-4B58-8E63-B6F00842435F}],@DisplayName=P2P_Torrent Customized Web Search
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{9545D454-11E6-4566-87A3-6248182DA310}],@DisplayName=Le Monde
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}],@DisplayName=DAEMON Search
[HKEY_USERS\S-1-5-21-3979984330-2063461283-4077185267-1007\..\SearchScopes\{B4B23539-75F1-4470-ADB8-B2BB45263CC4}],@DisplayName=Wikipedia (en)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={9D5BD211-422C-4164-9298-BB4186A30F31}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes],@DefaultScope={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C21-4689-8DBE-D226CF777FE9}],@DisplayName=IESearch
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6B601D11-7C1C-47B1-911A-E0097787E061}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}],@DisplayName=Ask Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}],@DisplayName=@ieframe.dll,-12512
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{097E7337-311D-44FF-A853-3F454FE1A682}],@DisplayName=Barre d'outils D-i-v-X AV Codec Pack
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0E788F77-3132-4553-AC5A-472EE3371E2C}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}],@DisplayName=Search the web
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{17634B7F-8F12-4EB6-A1BA-00AB35CF5D06}],@DisplayName=Dealio Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}],@DisplayName=Ask
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1A4220E9-3ACA-44D9-A66C-4D8753145366}],@DisplayName=Yahoo! Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4286522C-887F-4362-9CE5-1EC06948E709}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}],@DisplayName=Google
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9106D232-E775-4B58-8E63-B6F00842435F}],@DisplayName=P2P_Torrent Customized Web Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9545D454-11E6-4566-87A3-6248182DA310}],@DisplayName=Le Monde
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}],@DisplayName=Live Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}],@DisplayName=DAEMON Search
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4B23539-75F1-4470-ADB8-B2BB45263CC4}],@DisplayName=Wikipedia (en)

--------[Extensions]

Uninstall BitDefender Online Scanner v8: %windir%\bdoscandel.exe - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
@xpsp3res.dll,-20001: %windir%\Network Diagnostic\xpnetdiag.exe - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
Windows Messenger: C:\Program Files\Messenger\msmsgs.exe - {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}

--------[Clé Run]

------------[Autres infections]

Adware.Zango - C:\Program Files\mozilla firefox\components\npclntax.xpt

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»» [Autres rapports]

[02/09/2009 19:52] C:\Yoog_Fix\Logs\Rapport_02_09_2009_n1.txt - (Choix 1 : Recherche / Suppression)
[02/09/2009 21:22] C:\Yoog_Fix\Logs\Rapport_02_09_2009_n3.txt - (Choix 1 : Recherche / Suppression)

-------------------------->>

Veuillez uploader le fichier C:\Yoog_Fix\Backups\Backup_02_09_2009_3.zip à l'adresse suivante : http://batchdhelus.open-web.fr/upload
Aide en images : http://batchdhelus.open-web.fr/upload/procedure.html

Si la procédure échoue, veuillez l'envoyer à l'adresse email suivante : yoog.fix.sav@gmail.com

+--------------[Fin à 21h 22min]
0
Réponse 18 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
je lance l'outil suivant en mode sans echec et j'envoi le raport merci de l'aide encore
0
Réponse 19 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
merci de l'aide voici le raport

############################## | UsbFix V6.024 |

User : UPR9002 (Administrateurs) # USER
Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
Start at: 21:38:18 | 02/09/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : BitDefender Antivirus 13.0.13 [ (!) Disabled | (!) Outdated ]
FW : BitDefender Firewall[ Enabled ]13.0

C:\ -> Disque fixe local # 74,44 Go (3,69 Go free) # NTFS
D:\ -> Disque CD-ROM
F:\ -> Disque amovible # 982,22 Mo (444,92 Mo free) # FAT

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe

################## | Fichiers # Dossiers infectieux |

################## | Autres |

################## | Suspect ! ... | https://www.virustotal.com/gui/ |

################## | Registre # Clés Run infectieuses |

################## | Registre # Mountpoints2 |

################## | Listing des fichiers présent |

[02/09/2009 11:15|--a------|4049] -> C:\aaw7boot.log
[02/09/2009 16:08|--a------|1761] -> C:\Ad-Report-CLEAN.log
[11/05/2009 16:00|--a------|16] -> C:\asdict.dat
[21/06/2004 17:35|---------|398] -> C:\AUTOEXEC.UP
[16/03/2009 20:46|--a------|119295] -> C:\Azureus_Stats.xml
[02/09/2009 18:01|--a------|514] -> C:\BdUninstallTool2009.09.02-06.01.49.log
[02/09/2009 18:01|--a------|38] -> C:\BdUninstallTool2009.09.02-06.01.49.reg
[14/03/2008 01:13|-rahs----|212] -> C:\BOOT.BAK
[31/08/2009 00:01|-rahs----|279] -> C:\boot.ini
[28/08/2001 14:00|-r-hs----|4952] -> C:\Bootfont.bin
[02/09/2009 15:38|--a------|892] -> C:\cleannavi.txt
[01/04/2008 14:37|---------|74] -> C:\CMLoader.log
[02/09/2009 21:00|--a------|29735] -> C:\ComboFix.txt
[19/08/2004 15:18|---------|0] -> C:\CONFIG.SYS
[21/06/2004 17:36|---------|77] -> C:\CONFIG.UP
[21/06/2004 17:36|---------|85] -> C:\COPYUP.BAT
[04/12/2007 22:47|---------|532] -> C:\DealioAu.log
[30/11/2005 16:17|-r-h-----|3317] -> C:\dell.sdr
[21/06/2004 17:36|---------|2613] -> C:\DELLBOOT.EXE
[21/06/2004 17:36|---------|799] -> C:\DIR.LST
[01/02/2006 10:53|---------|4128] -> C:\INFCACHE.1
[19/08/2004 15:18|---h-----|0] -> C:\IO.SYS
[24/02/2009 20:06|--a------|183] -> C:\LogiSetup.log
[19/08/2004 15:18|---h-----|0] -> C:\MSDOS.SYS
[13/04/2008 09:43|-r-hs----|47564] -> C:\NTDETECT.COM
[13/04/2008 11:31|-r-hs----|252240] -> C:\ntldr
[29/02/2004 17:44|--a------|52576] -> C:\orange.bmp
[?|?|?] -> C:\pagefile.sys
[04/01/2009 16:18|--ah-----|268] -> C:\sqmdata00.sqm
[04/01/2009 17:48|--ah-----|268] -> C:\sqmdata01.sqm
[18/01/2009 23:11|--ah-----|268] -> C:\sqmdata02.sqm
[19/01/2009 02:21|--ah-----|268] -> C:\sqmdata03.sqm
[25/03/2009 22:03|--ah-----|268] -> C:\sqmdata04.sqm
[25/03/2009 22:09|--ah-----|268] -> C:\sqmdata05.sqm
[26/03/2009 16:34|--ah-----|268] -> C:\sqmdata06.sqm
[27/03/2009 17:03|--ah-----|268] -> C:\sqmdata07.sqm
[17/04/2009 19:01|--ah-----|268] -> C:\sqmdata08.sqm
[18/04/2009 23:36|--ah-----|268] -> C:\sqmdata09.sqm
[03/05/2009 22:54|--ah-----|232] -> C:\sqmdata10.sqm
[27/06/2009 16:53|--ah-----|268] -> C:\sqmdata11.sqm
[13/07/2009 02:55|--ah-----|268] -> C:\sqmdata12.sqm
[05/08/2009 13:11|--ah-----|268] -> C:\sqmdata13.sqm
[05/08/2009 13:11|--ah-----|172] -> C:\sqmdata14.sqm
[29/12/2008 02:24|--ah-----|268] -> C:\sqmdata15.sqm
[30/12/2008 20:24|--ah-----|268] -> C:\sqmdata16.sqm
[31/12/2008 18:45|--ah-----|268] -> C:\sqmdata17.sqm
[02/01/2009 10:30|--ah-----|268] -> C:\sqmdata18.sqm
[04/01/2009 15:28|--ah-----|268] -> C:\sqmdata19.sqm
[04/01/2009 15:28|--ah-----|244] -> C:\sqmnoopt00.sqm
[04/01/2009 16:18|--ah-----|244] -> C:\sqmnoopt01.sqm
[04/01/2009 17:48|--ah-----|244] -> C:\sqmnoopt02.sqm
[18/01/2009 23:11|--ah-----|244] -> C:\sqmnoopt03.sqm
[19/01/2009 02:21|--ah-----|244] -> C:\sqmnoopt04.sqm
[25/03/2009 22:03|--ah-----|244] -> C:\sqmnoopt05.sqm
[25/03/2009 22:09|--ah-----|244] -> C:\sqmnoopt06.sqm
[26/03/2009 16:34|--ah-----|244] -> C:\sqmnoopt07.sqm
[27/03/2009 17:03|--ah-----|244] -> C:\sqmnoopt08.sqm
[17/04/2009 19:01|--ah-----|244] -> C:\sqmnoopt09.sqm
[18/04/2009 23:36|--ah-----|244] -> C:\sqmnoopt10.sqm
[03/05/2009 22:54|--ah-----|244] -> C:\sqmnoopt11.sqm
[27/06/2009 16:53|--ah-----|244] -> C:\sqmnoopt12.sqm
[13/07/2009 02:55|--ah-----|244] -> C:\sqmnoopt13.sqm
[05/08/2009 13:11|--ah-----|244] -> C:\sqmnoopt14.sqm
[05/08/2009 13:11|--ah-----|172] -> C:\sqmnoopt15.sqm
[29/12/2008 02:24|--ah-----|244] -> C:\sqmnoopt16.sqm
[30/12/2008 20:24|--ah-----|244] -> C:\sqmnoopt17.sqm
[31/12/2008 18:45|--ah-----|244] -> C:\sqmnoopt18.sqm
[02/01/2009 10:30|--ah-----|244] -> C:\sqmnoopt19.sqm
[02/09/2009 15:05|--a------|3297] -> C:\TB.txt
[02/09/2009 21:42|--a------|5826] -> C:\UsbFix.txt
[20/07/2009 13:52|--a------|31894] -> C:\video.pass
[11/03/2009 13:10|--a------|4697777] -> F:\Nate Dogg & Waren G - Nobody Does It Better.mp3
[26/05/2009 19:09|--a------|61588] -> F:\PARTIE I.docx
[26/05/2009 23:23|--a------|39037] -> F:\PARTIE I.odt
[26/05/2009 19:05|--a------|41214] -> F:\Partie II.docx
[26/05/2009 23:24|--a------|27665] -> F:\Partie II.odt
[14/07/2009 00:16|--a------|3228512] -> F:\salif 2009 cv.mp3
[13/07/2009 23:37|--a------|958784] -> F:\sefyu 2009.mp3
[13/07/2009 23:23|--a------|3096032] -> F:\street lourd .mp3
[13/07/2009 23:55|--a------|3635168] -> F:\toulouse all star.mp3
[19/03/2006 15:16|--a------|3982733] -> F:\Warren G. & Nate Dogg - Regulate.mp3
[20/04/2009 01:58|--a------|296] -> F:\WMPInfo.xml
[14/07/2009 01:43|--a------|2476736] -> F:\y a quoi .mp3
[26/06/2009 13:04|--a------|3743782] -> F:\(11) [Unite Special feat Ngo] Millionnaire.mp3
[26/06/2009 12:40|--a------|4510721] -> F:\(18) [Booba feat Dhe, Brams et Mala] On Controle La Zone.mp3
[11/03/2009 12:10|--a------|4457588] -> F:\[DJ Kane(DKC) Remix] 05. 2Pac - Smile (feat. Scarface) (Unreleased) (Clean Edit).mp3
[17/03/2009 21:42|--a------|4908308] -> F:\[DJ Kane(DKC) Remix] 08. 2Pac - Still Ballin' (feat. Trick Daddy).mp3
[11/03/2009 12:10|--a------|6795072] -> F:\[DJ Kane(DKC) Remix] 10. 2Pac - World Don't Take Me Personally (feat. Young Swoop G).mp3
[17/03/2009 20:32|--a------|5365288] -> F:\[DJ Kane(DKC) Remix] 11. 2Pac - Let's Fight For California Love (feat. Busta Rhymes).mp3
[04/10/2008 15:31|--a------|5741202] -> F:\01 - Sinik - Cheb Billal - Big Ali - Bienvenue chez les Bylkas.mp3
[23/03/2009 13:46|--a------|4989849] -> F:\01 -Dj Nassim - Reveillon 2009.mp3
[14/07/2009 00:20|--a------|764384] -> F:\1 pulsif.mp3
[20/04/2009 02:39|--a------|5741481] -> F:\01 Raye.mp3
[12/12/2008 16:15|--a------|5338432] -> F:\01-rohff-rap_game.mp3
[29/05/2009 20:22|--a------|4729770] -> F:\01-zeler_lim-juste_quelques_mots_ft._houari_marsaoui.mp3
[01/07/2009 01:10|--a------|5926438] -> F:\02-113_jamel_debouze_et_awa_imani-celebration.mp3
[23/03/2009 13:55|--a------|3616017] -> F:\02 -Dj Nassim - Reveillon 2009.mp3
[11/03/2009 12:10|--a------|3145728] -> F:\2 Pac & Coolio - Rollin With My Homies.mp3
[01/08/2009 13:55|--a------|2634272] -> F:\2 pac remix.mp3
[25/09/2008 11:28|--a------|6282049] -> F:\02-le_rat_luciano_and_costello-au-dela_des_lignes.mp3
[11/03/2009 13:10|--a------|3393841] -> F:\2pac-fuck all ya'll(dj marcy marc remix)(doperman prod).mp3
[29/05/2009 20:22|--a------|4580689] -> F:\02-zeler_lim-bebebest_ft._boulox.mp3
[12/04/2009 21:26|--a------|5693237] -> F:\03. Black March‚ & Le Rat Luciano - Hommes de fer.mp3
[29/05/2009 20:23|--a------|4762230] -> F:\03-zeler_lim-je_porte_plainte.mp3
[06/07/2009 20:47|--a------|5996504] -> F:\04 - 2pac - Hellrazor in the end.mp3
[29/05/2009 20:23|--a------|6757107] -> F:\04-zeler_lim-je_viens_representer.mp3
[11/10/2008 18:06|--a------|5501444] -> F:\05 - Tlf - Zahouania - Amiti‚s Sacr‚s.mp3
[12/11/2008 21:10|--a------|5086437] -> F:\05-black_marche_feat_rimk-on_mord_pas_on_devore.mp3
[08/02/2009 13:57|--a------|3668966] -> F:\05-esprit6nik-la_vie_continue_(ft_mic_fury).mp3
[25/05/2009 16:02|--a------|9586932] -> F:\05-kery_james-limpasse_feat_bene.mp3
[01/07/2009 17:11|--a------|7041667] -> F:\05-revolution_urbaine-chapitre_i_au_jour_daujourdhui.mp3
[13/12/2008 14:38|--a------|4482369] -> F:\05-rohff-Repris de justesse.mp3
[29/05/2009 20:25|--a------|5517180] -> F:\05-zeler_lim-homme_de_main_ft._fantom.mp3
[01/08/2009 14:18|--a------|3801080] -> F:\06 Zk Thug Feat Rma2n - Si tu vient pas d'ici.wma
[08/02/2009 13:57|--a------|3884975] -> F:\06-esprit6nik-legendes_urbaines.mp3
[12/11/2008 20:27|--a------|5303995] -> F:\06-grodash_and_la_fouine-tenter_ca_chance.mp3
[29/05/2009 20:24|--a------|5191118] -> F:\06-zeler_lim-fils_dimmigres_ft._cheb_fouzi.mp3
[12/12/2008 00:17|--a------|4846684] -> F:\07-rohff-si_seul_feat_wallen.mp3
[29/05/2009 20:23|--a------|4167927] -> F:\07-zeler_lim-je_fume_la_vie.mp3
[29/05/2009 20:23|--a------|3293915] -> F:\08-zeler_lim-combien.mp3
[27/12/2007 23:06|--a------|4757755] -> F:\09-legende_urbaine_et_lim-la_firme_du_crime.mp3
[29/05/2009 20:23|--a------|4415333] -> F:\09-zeler_lim-blazes_crames_ft._meh.mp3
[11/03/2009 12:09|--a------|3546094] -> F:\10 Justicier.mp3
[29/05/2009 20:25|--a------|6034874] -> F:\10-zeler_lim-si.mp3
[21/04/2009 16:53|--a------|5817883] -> F:\11 Ca ira mieux demain.mp3
[01/07/2009 17:10|--a------|4889082] -> F:\11-revolution_urbaine-marseyes.mp3
[29/05/2009 20:23|--a------|4356262] -> F:\11-zeler_lim-a_qui_la_faute.mp3
[18/03/2009 15:56|--a------|3078312] -> F:\12-kayline-cest_la_kalitey.mp3
[19/02/2009 16:55|--a------|6536682] -> F:\12-la_fouine-hamdoulah_moi_ca_va_feat_canardo.mp3
[29/05/2009 20:23|--a------|5056244] -> F:\12-zeler_lim-vie_de_rue.mp3
[29/05/2009 20:24|--a------|5321023] -> F:\13-zeler_lim-elles_veulent.mp3
[29/05/2009 20:24|--a------|5146745] -> F:\14-zeler_lim-coup_detat_ft._dokou.mp3
[13/04/2009 23:16|--a------|5886613] -> F:\15 Toujours au top.mp3
[29/05/2009 20:24|--a------|5156413] -> F:\15-zeler_lim-ca_se_nique.mp3
[12/11/2008 20:35|--a------|3594059] -> F:\16-cifack-a_la_dur.mp3
[29/05/2009 20:24|--a------|5342283] -> F:\16-zeler_lim-comme_il_se_doit_ft._tero-kho.mp3
[21/08/2008 19:08|--a------|3325432] -> F:\17 Zebobignio - ghetto.mp3
[25/09/2008 11:29|--a------|6878806] -> F:\17-revolution_urbaine-terre_promise.mp3
[29/05/2009 20:24|--a------|4915689] -> F:\17-zeler_lim-coute_que_coute.mp3
[29/05/2009 20:25|--a------|5557025] -> F:\18-zeler_lim-je_viens_de_me_faire_crever.mp3
[29/05/2009 20:25|--a------|5663440] -> F:\19-zeler_lim-on_est_devenu.mp3
[29/05/2009 20:25|--a------|5554130] -> F:\20-zeler_lim-algerie_ft._houari_marsaoui.mp3
[29/05/2009 20:26|--a------|6138424] -> F:\21-zeler_lim-numero_1.mp3
[11/03/2009 12:10|--a------|2953056] -> F:\32 Stone.mp3
[11/03/2009 12:10|--a------|3868127] -> F:\90s rap Coolio - Gangsta's Paradise.mp3
[10/03/2009 06:48|--a------|6858249] -> F:\101-rohff-rap_game_(rap_connection_2009).mp3
[11/05/2009 18:59|--a------|8428992] -> F:\101-tlf_feat_nessbeal_and_salif-survivant_du_bitume.mp3
[01/03/2009 06:39|--a------|4548644] -> F:\101-zehef-clicli_notre_plaque_tournante_feat_alpha_5.20.mp3
[24/02/2009 11:49|--a------|4845711] -> F:\102-nessbeal_feat_luciano-les_anges_aux_visages_sales.mp3
[16/03/2009 14:38|--a------|9140039] -> F:\102-salif-tricar.mp3
[11/03/2009 11:53|--a------|4704613] -> F:\102-truand_2_la_galere-paire_2_crouille_feat_kamelancien.mp3
[13/06/2009 17:09|--a------|5142127] -> F:\103-rr_and_sefyu-loeil_du_ghetto_(93).mp3
[12/04/2009 21:38|--a------|5219283] -> F:\104-salif-dans_ce_game.mp3
[11/05/2009 18:53|--a------|6256465] -> F:\104-tunisiano_feat_aketo_and_tlf-le_meilleur_reste_a_venir.mp3
[11/05/2009 18:58|--a------|6965658] -> F:\105-lim_feat_dokou_boulox_zeler_and_big_boss-made_in_ghetto.mp3
[13/03/2009 16:02|--a------|5791556] -> F:\106-truand_2_la_galere-les_balles_feat_100bastos.mp3
[11/05/2009 18:54|--a------|10023550] -> F:\107-va-4_coins_de_la_france.mp3
[21/11/2008 12:10|--a------|5586552] -> F:\108-costa_feat_kalash_lafro-ce_qui_se_passe_ici.mp3
[11/04/2009 13:21|--a------|5512379] -> F:\108-salif-journee_en_enfer.mp3
[11/05/2009 18:49|--a------|7251526] -> F:\108-tlf_feat_le_rat_luciano_black_marche_and_alonzo-monnaie.mp3
[11/05/2009 18:24|--a------|5540418] -> F:\109-vari-mille_piqures.mp3
[11/05/2009 18:55|--a------|5049233] -> F:\110-narkotype-mort_vivant.mp3
[11/05/2009 18:47|--a------|5428038] -> F:\112-gued1-avant_la_crise.mp3
[27/12/2007 22:06|--a------|5517312] -> F:\113 - Au Summum.mp3
[11/05/2009 18:55|--a------|6105098] -> F:\113-mze-personne_me_freine.mp3
[01/03/2009 06:41|--a------|7048233] -> F:\114-zehef-les_elites_du_rap_feat_va.mp3
[16/03/2009 14:43|--a------|6324357] -> F:\203-alonzo-macadam_fight_feat_salif.mp3
[11/05/2009 18:09|--a------|7446180] -> F:\205-sultan-quoi_quil_arrive.mp3
[11/05/2009 18:43|--a------|4778932] -> F:\206-need_127_feat_zareb-desorienter.mp3
[11/05/2009 18:51|--a------|6560962] -> F:\209-sarazin-quartier_attitude.mp3
[02/08/2009 00:57|--a------|6620189] -> F:\210-teuchiland-issue_de_secours.mp3
[11/05/2009 18:47|--a------|5036029] -> F:\211-1pulsif_feat_djaz_and_tlf-on_les_enterre.mp3
[11/05/2009 18:55|--a------|5500974] -> F:\212-meiday-banlieusard.mp3
[11/05/2009 18:44|--a------|5906343] -> F:\214-e-lone-ou_lon_va.mp3
[11/05/2009 18:49|--a------|5457074] -> F:\216-raven_feat_tlf-on_a_pas_fini.mp3
[24/02/2009 21:08|--a------|4015684] -> F:\317-rekta_feat_kamelancien_and_brams-hymme_a_lespoir.mp3
[15/02/2009 15:35|--a------|6290987] -> F:\416-black_marche_feat_alonzo-faites_13_attention.mp3
[19/05/2009 18:11|--a------|21504] -> F:\12618_Bibliographie Histoire Europe.doc
[19/05/2009 18:11|--a------|39424] -> F:\13623_Plan intro et 1Šre partie Hist Europe (1).doc
[19/05/2009 18:10|--a------|32256] -> F:\13707_Plan 2Šme partie Hist Europe.doc
[11/05/2009 15:25|--a------|6692093] -> F:\Barre de fer.mp3
[14/07/2009 00:59|--a------|4494560] -> F:\cro 67.mp3
[26/05/2009 19:05|--a------|20117] -> F:\Introduction.docx
[26/05/2009 23:20|--a------|13862] -> F:\Introduction.odt
[13/07/2009 23:32|--a------|4335872] -> F:\joey star et kool shen.mp3
[13/07/2009 23:51|--a------|2996960] -> F:\kamel l'ancien t'es foutu .mp3
[04/12/2007 22:34|--a------|4980256] -> F:\Lost Boys - Me and My Crazy World.mp3
[14/07/2009 00:02|--a------|3543584] -> F:\mala.mp3
[11/03/2009 13:10|--a------|4415198] -> F:\Menace 2 society MC Eight - Straight Up Menace.mp3
[11/03/2009 13:10|--a------|4992572] -> F:\Menace 2 Society Soundtrack - Guerillas Ain't G's.MP3
[11/03/2009 13:10|--a------|3672436] -> F:\Menace 2 society-Ice Cube-Ghetto Bird.mp3
[02/09/2009 20:01|--a------|1160] -> F:\BOOTEX.LOG

################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\UPR9002\Mes documents\Azureus Downloads\Download Direct\Download Direct\Crack\DLD.exe"
17/09/2007 01:16 |Size : 1343488 |Crc32 : 4370740d |Md5 : e3f3a57fe025255b7e98ee3dd58a7ddb

"C:\Documents and Settings\UPR9002\Mes documents\Downloads\PhotoFiltre Studio X keygen\PhotoFiltre_Studio_X_By_Xn\pfs-setup_By_XN.exe"
13/07/2009 10:36 |Size : 10922480 |Crc32 : 62145416 |Md5 : 9eb7de2426c0d76f6cf4b041d4ea6e3f

"C:\Documents and Settings\UPR9002\Mes documents\Downloads\Windows.Genuine.Advantage.Validation.v1.9.40.0.Cracked\WGA.CRACKED.exe"
27/03/2009 19:12 |Size : 1531560 |Crc32 : 249c7b62 |Md5 : 4bf30754250fd2ac44641a295d6fd7f2

"C:\Documents and Settings\UPR9002\Mes documents\Downloads\WinRar v3.80 latest cracked by b3uti\WinRar.exe"
24/10/2008 15:23 |Size : 968704 |Crc32 : fa2e2eb5 |Md5 : 82511436ff791fcc42ad0d52fda68e08

"C:\Documents and Settings\UPR9002\Mes documents\Downloads\WinZip 12.0 Fran‡aise - Keygen - Daemonstreet\Keygen\keygen.exe"
04/06/2009 21:56 |Size : 131072 |Crc32 : a3867fe8 |Md5 : b6da58e148dd317cfc0799685473dd86

"C:\Documents and Settings\UPR9002\Mes documents\Downloads\YouTube Movie Downloader v2.2.3 serial En\youtube_movie_downloader.exe"
13/07/2009 22:58 |Size : 4016428 |Crc32 : d9cb36fd |Md5 : 59a428356e776dd327d6a69b0d4dde9b

################## | ! Fin du rapport # UsbFix V6.024 ! |
0
Réponse 20 / 27
kamel67000 Messages postés 140 Statut Membre 2
 
j'ai lancer une analyse malwerbytes car je pouvait plus le lancer,

une question ses normal que d'un coup il rame le pc merci de l'aide
0

Discussions similaires

Afficher toutes les lignes masquées excel
livlarsen -
Mehdiiii -

27 réponses
PIX
plart -
jordane45 -

1 réponse
Tukif bloqué ? Solutions express !
Paparazzi -
bzh60 -

5 réponses
Cacher une commande amazon en 2025
Matthew5 -
Adraen -

25 réponses
remettre toutes les colonnes et les lignes masquées
mousaillon -
oumnas -

4 réponses