Sujet Précédent Sujet Suivant

Virus et log HJT

skyalex Messages postés 95 Statut Membre -  
skyalex Messages postés 95 Statut Membre -
Bonjour,

Je viens de me faire hack mon facebook et mon adresse mail, de plus j'ai énormément de coupure internet, voici donc un log HJT, je compte sur votre aide :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:29, on 6/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SmartSVN 6.5.2\bin\statuscached.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Curse\CurseClient.exe
C:\Program Files\Belkin\F5D7000v7032\Belkinwcui.exe
D:\Orbitdownloader\orbitdm.exe
D:\Orbitdownloader\orbitnet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files\LiveZilla\LiveZilla.exe" -minimize
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - Startup: MultiRes
O4 - Global Startup: Belkin Wireless G Desktop Card Client Utility.lnk = ?
O4 - Global Startup: Orbit.lnk = D:\Orbitdownloader\orbitdm.exe
O4 - Global Startup: SmartSVN 6.5.2 (background).lnk = C:\Program Files\SmartSVN 6.5.2\bin\smartsvn.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/BEFR/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://ww38.instantaction.com/download/iaplayer.cab
O16 - DPF: {EC0403E0-9158-4CF8-A2B6-3C62C3B9B6B7} - https://remote.gralex.be/CitrixLogonPoint/portal/EPAClient/EPAClient.exe
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1ca0dedb1b468e2) (gupdate1ca0dedb1b468e2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Sac78uyweast - Ralink Technology Inc. - (no file)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SmartSVN Status Cache (statuscached) - Unknown owner - C:\Program Files\SmartSVN 6.5.2\bin\statuscached.exe
O23 - Service: wampapache - Apache Software Foundation - D:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - D:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
A voir également:

13 réponses

Réponse 1 / 13
Utilisateur anonyme
 
Bonjour skyalex

Commences par ceci stp:

Télécharges AD-REMOVER
ou
AD-REMOVER

(de Cyrildu17 / C_XX) sur ton Bureau.

Déconnectes-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
Double-clique sur l'icône [AD-Remover située sur ton Bureau.
Au menu principal, choisis l'option L.Postes le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Puis ds un second message :

Télécharge RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

Les rapports sont dans le dossier ici C:\rsit
a+

0
Réponse 2 / 13
skyalex Messages postés 95 Statut Membre
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by Windows at 2010-02-06 22:54:08
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 697 MB (4%) free of 19 GB
Total RAM: 1023 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:54:18, on 6/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SmartSVN 6.5.2\bin\statuscached.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Curse\CurseClient.exe
C:\Program Files\Belkin\F5D7000v7032\Belkinwcui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Windows.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files\LiveZilla\LiveZilla.exe" -minimize
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O4 - Startup: MultiRes
O4 - Global Startup: Belkin Wireless G Desktop Card Client Utility.lnk = ?
O4 - Global Startup: SmartSVN 6.5.2 (background).lnk = C:\Program Files\SmartSVN 6.5.2\bin\smartsvn.exe
O8 - Extra context menu item: &Download by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/BEFR/install.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab
O16 - DPF: {EC0403E0-9158-4CF8-A2B6-3C62C3B9B6B7} - https://remote.gralex.be/CitrixLogonPoint/portal/EPAClient/EPAClient.exe
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1ca0dedb1b468e2) (gupdate1ca0dedb1b468e2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Sac78uyweast - Ralink Technology Inc. - (no file)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SmartSVN Status Cache (statuscached) - Unknown owner - C:\Program Files\SmartSVN 6.5.2\bin\statuscached.exe
O23 - Service: wampapache - Apache Software Foundation - D:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - D:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
0
Réponse 3 / 13
skyalex Messages postés 95 Statut Membre
 
.
======= LOGFILE OF AD-REMOVER 1.1.4.6_J | ONLY XP/VISTA/7 =======
.
Updated by C_XX on 05.02.2010 at 17:34
Contact: AdRemover.contact@gmail.com
Website: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Launch at: 22:57:20, sam. 06/02/2010 | Normal Boot | Option: CLEAN
Executed from: C:\Ad-Remover\
Operating system: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Computer Name: ENFANTS | Current user: Windows
.
============== NEUTRALIZED ELEMENT(S) ==============
.

C:\DOCUME~1\Windows\APPLIC~1\Mozilla\FireFox\Profiles\li36axzx.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\DOCUME~1\Windows\MENUDM~1\PROGRA~1\Ask Search Assistant
C:\Program Files\Ask Search Assistant
C:\Program Files\AskBarDis
C:\DOCUME~1\Windows\APPLIC~1\Desktopicon
C:\DOCUME~1\Windows\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Ebay.lnk
C:\DOCUME~1\Windows\MENUDM~1\Ebay.lnk

(!) -- Temp files deleted.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\AskBarDis
HKCU\software\microsoft\internet explorer\searchscopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
HKLM\software\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
HKLM\Software\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\Ask.com Search Assistant
HKLM\Software\Mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
.
============== Added scan ==============
.
.
* Mozilla FireFox Version 3.0.15 [fr] *
.
ProfilePath: li36axzx.default (Windows)
.
(Windows, prefs.js) Browser.download.dir, D:
(Windows, prefs.js) Browser.download.lastDir, C:\Documents and Settings\Windows\Mes documents
(Windows, prefs.js) Browser.search.defaultenginename, Google
(Windows, prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
(Windows, prefs.js) Browser.search.selectedEngine, DAEMON Search
(Windows, prefs.js) Browser.startup.homepage, hxxp://search.orbitdownloader.com
(Windows, prefs.js) Extensions.enabledItems, {bb6bc1bb-f824-4702-90cd-35e2fb24f25c}:0.2.1.3,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,DTToolbar@toolbarnet.com:1.0.8.0552,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091216W,illimitux@illimitux.net:3.2,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,real.debrid@gmail.com:0.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
.
.
* Internet Explorer Version 7.0.5730.13 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\Windows\Local Settings\temp\HouseCall\bspatch.exe
C:\Documents and Settings\Windows\Mes documents\game maker 6.1 + keygen\Game_Maker.exe
C:\Documents and Settings\Windows\Mes documents\game maker 6.1 + keygen\gmaker.exe
C:\Documents and Settings\Windows\Mes documents\game maker 6.1 + keygen\test.exe
C:\Documents and Settings\Windows\Mes documents\game maker 6.1 + keygen\Uninstal.exe
C:\Documents and Settings\Windows\Mes documents\Ma musique\crack\virtualdj_trial.exe
.
===================================
.
6081 Byte(s) - C:\Ad-Report-CLEAN[1].log
.
608 File(s) - C:\DOCUME~1\Windows\LOCALS~1\Temp
160 File(s) - C:\WINDOWS\Temp
10 File(s) - C:\WINDOWS\Prefetch
.
17 File(s) - C:\Ad-Remover\BACKUP
46 File(s) - C:\Ad-Remover\QUARANTINE
.
End at: 23:08:25 | sam. 06/02/2010 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 4 / 13
Utilisateur anonyme
 
Ok....impec

Fais cci maintenant stp

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
TOOLbar-s&d

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2 (suppression). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

Puis:........

Fais un scan avec cet antispyware :
Malwarebytes + tutoriel

Tu l´installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l´onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "oui".
A la fin un rapport va s´ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.

a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
skyalex Messages postés 95 Statut Membre
 
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Windows ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:0 Go)
D:\ (Local Disk) - NTFS - Total:57 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:16 Go (Free:7 Go)
F:\ (Local Disk) - FAT32 - Total:6 Go (Free:2 Go)
G:\ (Local Disk) - FAT32 - Total:8 Go (Free:5 Go)
H:\ (CD or DVD)
I:\ (CD or DVD)
K:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( dim. 07/02/2010|13:18 )

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ Extensions

(Windows) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Windows) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Windows) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Windows) - {bb6bc1bb-f824-4702-90cd-35e2fb24f25c} => addneditcookies

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://www.msn.com/fr-fr/"
"Search bar"="http://www.bing.com/spresults.aspx"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\dxdata
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\fnames
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Game_Maker.chm
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Game_Maker.exe
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\gmaker.exe
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\gm_changes.html
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\gm_license.html
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\gm_readme.html
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\rundata
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\test.exe
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Uninstal.exe
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\back1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\back2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\back3.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\back4.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\bgtile.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\gray2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\sand1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\sand2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\sky.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\stars.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Backgrounds\wood1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\1945.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\asteroids.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\hit the ball.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\pacman.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\street race.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\test.gb1
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Examples\test.gm6
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\01_move.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\02_main1.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\03_main2.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\04_control.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\05_score.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\06_extra.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\lib\07_draw.lib
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\applause.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep1.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep2.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep3.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep4.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep5.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep6.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\beep7.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\boink1.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\boink2.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\click.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\explosion.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\gunshot1.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\gunshot2.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\gunshot3.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sounds\zap.wav
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\ball1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\ball2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bat1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bat2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bat3.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb01.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb02.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb03.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb04.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb05.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bomb06.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus01.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus02.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus03.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus04.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus05.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus06.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus07.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus08.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus09.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus10.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus11.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bonus12.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\bullet.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\monster1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\monster2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\monster3.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone01.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone02.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone03.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone04.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone05.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone06.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone07.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone08.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone09.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone10.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone11.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone12.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone13.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone14.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone15.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone16.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone17.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone18.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone19.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone20.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone21.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\stone22.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\breakout\Thumbs.db
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\atoms.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\ball_blue.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\ball_green.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\ball_red.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\dot.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\dynamite.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\finish.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\ghost.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\hole.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\mine.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\move.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\rock.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\shovel.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\Thumbs.db
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\trigger.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\maze\wall.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\bonus.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\dot.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\monster1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\monster2.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\monster3.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\monster4.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\monster5.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\pacman_down.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\pacman_left.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\pacman_right.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\pacman_stand.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\pacman_up.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\scared.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\special.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\Thumbs.db
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\pacman\wall.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Ball1.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Ball2.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Ball3.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Bear.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Burger.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Diamant.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Dot.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Explode1.gif
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Fire.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Ghost1.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Ghost2.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Money.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Square.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Stone.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Stop.ico
C:\DOCUME~1\Windows\Mes documents\game maker 6.1 + keygen\Sprites\various\Thumbs.db
C:\DOCUME~1\Windows\Mes documents\I-Doser Pack\Dose Files\Crack.drg
C:\DOCUME~1\Windows\Mes documents\I-Doser Pack\Dose Files\Unofficial\Crack_unofficial.drg
C:\DOCUME~1\Windows\Mes documents\Ma musique\crack
C:\DOCUME~1\Windows\Mes documents\Ma musique\crack\virtualdj_trial.exe
C:\DOCUME~1\Windows\Recent\Crack_unofficial.lnk
C:\DOCUME~1\Windows\Recent\ophcrack-vista-livecd-2.3.1 (1).lnk

1 - "C:\ToolBar SD\TB_1.txt" - dim. 07/02/2010|13:22 - Option : [2]

-----------\\ Fin du rapport a 13:22:56,06
0
Réponse 6 / 13
skyalex Messages postés 95 Statut Membre
 
Et le malware Bytes :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3700
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

7/02/2010 13:33:32
mbam-log-2010-02-07 (13-33-28).txt

Type de recherche: Examen rapide
Eléments examinés: 128935
Temps écoulé: 11 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 7 / 13
Utilisateur anonyme
  
-> No action taken


Rien n'a été supprimé !

A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.

==> Postes le nouveau rapport généré .

a+
0
Réponse 8 / 13
skyalex Messages postés 95 Statut Membre
 
Je l'ai fais après mais je trouepas le bon rapport :s
0
Réponse 9 / 13
skyalex Messages postés 95 Statut Membre
 
Ah voilà :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3700
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

7/02/2010 13:39:47
mbam-log-2010-02-07 (13-39-47).txt

Type de recherche: Examen rapide
Eléments examinés: 128935
Temps écoulé: 11 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 10 / 13
Utilisateur anonyme
 
• Télécharge USBFIX
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 2 " (suppression) et tape sur [entrée]

• Laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

a+
0
Réponse 11 / 13
skyalex Messages postés 95 Statut Membre
 
Je ne branche jamais rien, mais je t'envois quand même le rapport :

############################## | UsbFix V6.091 |

User : Windows (Administrateurs) # ENFANTS
Update on 05/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:41:14 | 7/02/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2200+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 7.0.5730.13
Windows Firewall Status : Enabled
AV : Avira AntiVir PersonalEdition 8.0.1.30 [ (!) Disabled | Updated ]

A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 19,03 Go (464,36 Mo free) [WINXP] # NTFS
D:\ -> Disque fixe local # 57,66 Go (5,8 Go free) [APPLI] # NTFS
E:\ -> Disque fixe local # 16,06 Go (7,62 Go free) [DEVELOP] # FAT32
F:\ -> Disque fixe local # 6,9 Go (2,34 Go free) [GAMES] # FAT32
G:\ -> Disque fixe local # 8,49 Go (5,02 Go free) [DATA] # FAT32
H:\ -> Disque CD-ROM
I:\ -> Disque CD-ROM
K:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\KB905474\wgasetup.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SmartSVN 6.5.2\bin\statuscached.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## | Elements infectieux |

Supprimé ! C:\DOCUME~1\Windows\LOCALS~1\Temp\Setup.exe
Supprimé ! C:\Recycler\S-1-5-21-1275210071-1637723038-725345543-1003
Supprimé ! D:\game.exe
Supprimé ! D:\Recycler\S-1-5-21-1275210071-1637723038-725345543-1003
Supprimé ! D:\Recycler\S-1-5-21-776561741-1677128483-1202660629-1003
Supprimé ! D:\Recycler\S-1-5-21-776561741-1677128483-1202660629-1005
Supprimé ! D:\Recycler\S-1-5-21-776561741-1677128483-1202660629-1006
Supprimé ! G:\autorun.inf

################## | Registre |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{62baf298-d790-11de-9e0b-0050704406fd}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{646c3644-8847-11de-9dc9-0050704406fd}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e092727f-9c9c-11de-9dd0-0050704406fd}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e0927280-9c9c-11de-9dd0-0050704406fd}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[06/02/2010 23:08|--a------|6414] C:\Ad-Report-CLEAN[1].log
[04/09/2009 18:00|--a------|1347354] C:\Apr2005_d3dx9_25_x64.cab
[04/09/2009 18:00|--a------|1078954] C:\Apr2005_d3dx9_25_x86.cab
[04/09/2009 18:00|--a------|1397822] C:\Apr2006_d3dx9_30_x64.cab
[04/09/2009 18:00|--a------|1115221] C:\Apr2006_d3dx9_30_x86.cab
[04/09/2009 18:00|--a------|916430] C:\Apr2006_MDX1_x86.cab
[04/09/2009 18:00|--a------|4162630] C:\Apr2006_MDX1_x86_Archive.cab
[04/09/2009 18:00|--a------|179125] C:\Apr2006_XACT_x64.cab
[04/09/2009 18:00|--a------|133095] C:\Apr2006_XACT_x86.cab
[04/09/2009 18:00|--a------|87101] C:\Apr2006_xinput_x64.cab
[04/09/2009 18:00|--a------|46002] C:\Apr2006_xinput_x86.cab
[04/09/2009 18:00|--a------|698612] C:\APR2007_d3dx10_33_x64.cab
[04/09/2009 18:00|--a------|695857] C:\APR2007_d3dx10_33_x86.cab
[04/09/2009 18:00|--a------|1607358] C:\APR2007_d3dx9_33_x64.cab
[04/09/2009 18:00|--a------|1606031] C:\APR2007_d3dx9_33_x86.cab
[04/09/2009 18:00|--a------|195758] C:\APR2007_XACT_x64.cab
[04/09/2009 18:00|--a------|151225] C:\APR2007_XACT_x86.cab
[04/09/2009 18:01|--a------|96817] C:\APR2007_xinput_x64.cab
[04/09/2009 18:01|--a------|53294] C:\APR2007_xinput_x86.cab
[04/09/2009 18:01|--a------|1350534] C:\Aug2005_d3dx9_27_x64.cab
[04/09/2009 18:01|--a------|1077644] C:\Aug2005_d3dx9_27_x86.cab
[04/09/2009 18:01|--a------|182903] C:\AUG2006_XACT_x64.cab
[04/09/2009 18:01|--a------|137235] C:\AUG2006_XACT_x86.cab
[04/09/2009 18:01|--a------|87142] C:\AUG2006_xinput_x64.cab
[04/09/2009 18:01|--a------|46058] C:\AUG2006_xinput_x86.cab
[04/09/2009 18:01|--a------|852286] C:\AUG2007_d3dx10_35_x64.cab
[04/09/2009 18:01|--a------|796859] C:\AUG2007_d3dx10_35_x86.cab
[04/09/2009 18:01|--a------|1800152] C:\AUG2007_d3dx9_35_x64.cab
[04/09/2009 18:01|--a------|1708144] C:\AUG2007_d3dx9_35_x86.cab
[04/09/2009 18:01|--a------|198088] C:\AUG2007_XACT_x64.cab
[04/09/2009 18:01|--a------|153004] C:\AUG2007_XACT_x86.cab
[04/09/2009 18:01|--a------|867604] C:\Aug2008_d3dx10_39_x64.cab
[04/09/2009 18:01|--a------|849167] C:\Aug2008_d3dx10_39_x86.cab
[04/09/2009 18:01|--a------|1794076] C:\Aug2008_d3dx9_39_x64.cab
[04/09/2009 18:01|--a------|1464664] C:\Aug2008_d3dx9_39_x86.cab
[04/09/2009 18:01|--a------|121764] C:\Aug2008_XACT_x64.cab
[04/09/2009 18:01|--a------|92996] C:\Aug2008_XACT_x86.cab
[04/09/2009 18:01|--a------|271404] C:\Aug2008_XAudio_x64.cab
[04/09/2009 18:01|--a------|271038] C:\Aug2008_XAudio_x86.cab
[04/09/2009 18:01|--a------|919036] C:\Aug2009_D3DCompiler_42_x64.cab
[04/09/2009 18:01|--a------|900598] C:\Aug2009_D3DCompiler_42_x86.cab
[04/09/2009 18:01|--a------|3112103] C:\Aug2009_d3dcsx_42_x64.cab
[04/09/2009 18:01|--a------|3319732] C:\Aug2009_d3dcsx_42_x86.cab
[04/09/2009 18:01|--a------|232635] C:\Aug2009_d3dx10_42_x64.cab
[04/09/2009 18:01|--a------|192131] C:\Aug2009_d3dx10_42_x86.cab
[04/09/2009 18:01|--a------|136301] C:\Aug2009_d3dx11_42_x64.cab
[04/09/2009 18:01|--a------|105036] C:\Aug2009_d3dx11_42_x86.cab
[04/09/2009 18:01|--a------|930108] C:\Aug2009_d3dx9_42_x64.cab
[04/09/2009 18:01|--a------|728456] C:\Aug2009_d3dx9_42_x86.cab
[04/09/2009 18:01|--a------|122408] C:\Aug2009_XACT_x64.cab
[04/09/2009 18:01|--a------|93098] C:\Aug2009_XACT_x86.cab
[04/09/2009 18:01|--a------|273264] C:\Aug2009_XAudio_x64.cab
[04/09/2009 18:01|--a------|272634] C:\Aug2009_XAudio_x86.cab
[19/01/2005 15:10|--a------|0] C:\AUTOEXEC.BAT
[04/09/2009 18:01|--a------|1155483] C:\BDANT.cab
[04/09/2009 18:01|--a------|975148] C:\BDAXP.cab
[13/08/2009 21:03|-rahs----|212] C:\boot.ini
[13/09/2002 16:55|-rahs----|4952] C:\Bootfont.bin
[29/01/2010 18:57|--a------|9934511] C:\CA-Cheats.eu Gordon Pass.exe
[06/08/2008 15:13|--a------|11720] C:\ComboFix.txt
[19/01/2005 15:10|--a------|0] C:\CONFIG.SYS
[30/05/2009 14:44|--a------|1791816] C:\CrossFireSetupDownloader_v1011.exe
[04/09/2009 18:01|--a------|1357968] C:\Dec2005_d3dx9_28_x64.cab
[04/09/2009 18:01|--a------|1079448] C:\Dec2005_d3dx9_28_x86.cab
[04/09/2009 18:01|--a------|212799] C:\DEC2006_d3dx10_00_x64.cab
[04/09/2009 18:01|--a------|191712] C:\DEC2006_d3dx10_00_x86.cab
[04/09/2009 18:01|--a------|1571154] C:\DEC2006_d3dx9_32_x64.cab
[04/09/2009 18:01|--a------|1574376] C:\DEC2006_d3dx9_32_x86.cab
[04/09/2009 18:01|--a------|192467] C:\DEC2006_XACT_x64.cab
[04/09/2009 18:01|--a------|145591] C:\DEC2006_XACT_x86.cab
[04/09/2009 18:01|--a------|94024] C:\DSETUP.dll
[04/09/2009 18:01|--a------|1691464] C:\dsetup32.dll
[04/09/2009 18:01|--a------|44440] C:\dxdllreg_x86.cab
[04/09/2009 18:01|--a------|13264168] C:\dxnt.cab
[04/09/2009 18:01|--a------|525656] C:\DXSETUP.exe
[04/09/2009 18:01|--a------|95637] C:\dxupdate.cab
[04/09/2009 18:01|--a------|1247499] C:\Feb2005_d3dx9_24_x64.cab
[04/09/2009 18:01|--a------|1013225] C:\Feb2005_d3dx9_24_x86.cab
[04/09/2009 18:01|--a------|1362796] C:\Feb2006_d3dx9_29_x64.cab
[04/09/2009 18:01|--a------|1084712] C:\Feb2006_d3dx9_29_x86.cab
[04/09/2009 18:01|--a------|178359] C:\Feb2006_XACT_x64.cab
[04/09/2009 18:01|--a------|132409] C:\Feb2006_XACT_x86.cab
[04/09/2009 18:01|--a------|194667] C:\FEB2007_XACT_x64.cab
[04/09/2009 18:01|--a------|147983] C:\FEB2007_XACT_x86.cab
[19/01/2005 15:10|-rahs----|0] C:\IO.SYS
[04/09/2009 18:01|--a------|1336002] C:\Jun2005_d3dx9_26_x64.cab
[04/09/2009 18:01|--a------|1064925] C:\Jun2005_d3dx9_26_x86.cab
[04/09/2009 18:01|--a------|180777] C:\JUN2006_XACT_x64.cab
[04/09/2009 18:01|--a------|133663] C:\JUN2006_XACT_x86.cab
[04/09/2009 18:01|--a------|699044] C:\JUN2007_d3dx10_34_x64.cab
[04/09/2009 18:01|--a------|698464] C:\JUN2007_d3dx10_34_x86.cab
[04/09/2009 18:01|--a------|1607766] C:\JUN2007_d3dx9_34_x64.cab
[04/09/2009 18:01|--a------|1607278] C:\JUN2007_d3dx9_34_x86.cab
[04/09/2009 18:01|--a------|197114] C:\JUN2007_XACT_x64.cab
[04/09/2009 18:01|--a------|152901] C:\JUN2007_XACT_x86.cab
[04/09/2009 18:01|--a------|867828] C:\JUN2008_d3dx10_38_x64.cab
[04/09/2009 18:01|--a------|849919] C:\JUN2008_d3dx10_38_x86.cab
[04/09/2009 18:01|--a------|1792600] C:\JUN2008_d3dx9_38_x64.cab
[04/09/2009 18:01|--a------|1463878] C:\JUN2008_d3dx9_38_x86.cab
[04/09/2009 18:01|--a------|55154] C:\JUN2008_X3DAudio_x64.cab
[04/09/2009 18:01|--a------|21905] C:\JUN2008_X3DAudio_x86.cab
[04/09/2009 18:01|--a------|121054] C:\JUN2008_XACT_x64.cab
[04/09/2009 18:01|--a------|93128] C:\JUN2008_XACT_x86.cab
[04/09/2009 18:01|--a------|269620] C:\JUN2008_XAudio_x64.cab
[04/09/2009 18:01|--a------|269016] C:\JUN2008_XAudio_x86.cab
[27/01/2005 17:46|--a------|183] C:\LogiSetup.log
[04/09/2009 18:01|--a------|844884] C:\Mar2008_d3dx10_37_x64.cab
[04/09/2009 18:01|--a------|818260] C:\Mar2008_d3dx10_37_x86.cab
[04/09/2009 18:01|--a------|1769862] C:\Mar2008_d3dx9_37_x64.cab
[04/09/2009 18:01|--a------|1443274] C:\Mar2008_d3dx9_37_x86.cab
[04/09/2009 18:01|--a------|55050] C:\Mar2008_X3DAudio_x64.cab
[04/09/2009 18:01|--a------|21867] C:\Mar2008_X3DAudio_x86.cab
[04/09/2009 18:01|--a------|122336] C:\Mar2008_XACT_x64.cab
[04/09/2009 18:01|--a------|93726] C:\Mar2008_XACT_x86.cab
[04/09/2009 18:01|--a------|251186] C:\Mar2008_XAudio_x64.cab
[04/09/2009 18:01|--a------|226242] C:\Mar2008_XAudio_x86.cab
[04/09/2009 18:01|--a------|1067160] C:\Mar2009_d3dx10_41_x64.cab
[04/09/2009 18:01|--a------|1040737] C:\Mar2009_d3dx10_41_x86.cab
[04/09/2009 18:01|--a------|1973702] C:\Mar2009_d3dx9_41_x64.cab
[04/09/2009 18:01|--a------|1612446] C:\Mar2009_d3dx9_41_x86.cab
[04/09/2009 18:01|--a------|54600] C:\Mar2009_X3DAudio_x64.cab
[04/09/2009 18:01|--a------|21298] C:\Mar2009_X3DAudio_x86.cab
[04/09/2009 18:01|--a------|121506] C:\Mar2009_XACT_x64.cab
[04/09/2009 18:01|--a------|92732] C:\Mar2009_XACT_x86.cab
[04/09/2009 18:01|--a------|275036] C:\Mar2009_XAudio_x64.cab
[04/09/2009 18:01|--a------|273010] C:\Mar2009_XAudio_x86.cab
[19/01/2005 15:10|-rahs----|0] C:\MSDOS.SYS
[06/08/2008 11:00|--a------|242845] C:\MSNFix.bat
[04/09/2009 18:01|--a------|864600] C:\Nov2007_d3dx10_36_x64.cab
[04/09/2009 18:01|--a------|803876] C:\Nov2007_d3dx10_36_x86.cab
[04/09/2009 18:01|--a------|1802058] C:\Nov2007_d3dx9_36_x64.cab
[04/09/2009 18:01|--a------|1709360] C:\Nov2007_d3dx9_36_x86.cab
[04/09/2009 18:01|--a------|46144] C:\NOV2007_X3DAudio_x64.cab
[04/09/2009 18:01|--a------|18496] C:\NOV2007_X3DAudio_x86.cab
[04/09/2009 18:01|--a------|196754] C:\NOV2007_XACT_x64.cab
[04/09/2009 18:01|--a------|148264] C:\NOV2007_XACT_x86.cab
[04/09/2009 18:01|--a------|994154] C:\Nov2008_d3dx10_40_x64.cab
[04/09/2009 18:01|--a------|965421] C:\Nov2008_d3dx10_40_x86.cab
[04/09/2009 18:01|--a------|1906870] C:\Nov2008_d3dx9_40_x64.cab
[04/09/2009 18:01|--a------|1550796] C:\Nov2008_d3dx9_40_x86.cab
[04/09/2009 18:01|--a------|54522] C:\Nov2008_X3DAudio_x64.cab
[04/09/2009 18:01|--a------|21843] C:\Nov2008_X3DAudio_x86.cab
[04/09/2009 18:01|--a------|121786] C:\Nov2008_XACT_x64.cab
[04/09/2009 18:01|--a------|92676] C:\Nov2008_XACT_x86.cab
[04/09/2009 18:01|--a------|273960] C:\Nov2008_XAudio_x64.cab
[04/09/2009 18:01|--a------|272603] C:\Nov2008_XAudio_x86.cab
[02/03/2005 23:18|-rahs----|47564] C:\NTDETECT.COM
[06/08/2008 16:33|-rahs----|252240] C:\ntldr
[04/09/2009 18:01|--a------|86029] C:\Oct2005_xinput_x64.cab
[04/09/2009 18:01|--a------|45351] C:\Oct2005_xinput_x86.cab
[04/09/2009 18:01|--a------|1412894] C:\OCT2006_d3dx9_31_x64.cab
[04/09/2009 18:01|--a------|1127209] C:\OCT2006_d3dx9_31_x86.cab
[04/09/2009 18:01|--a------|182361] C:\OCT2006_XACT_x64.cab
[04/09/2009 18:01|--a------|138009] C:\OCT2006_XACT_x86.cab
[?|?|?] C:\pagefile.sys
[08/08/2008 08:40|--a------|5209] C:\rapport.txt
[20/06/2008 08:17|--a------|1274] C:\server.cfg
[07/02/2010 13:22|--a------|16320] C:\TB.txt
[07/02/2010 14:52|--a------|13740] C:\UsbFix.txt
[04/01/2010 22:12|--a------|60579] D:\18365_1283565641987_1015485634_30889266_755701_n.jpg
[21/11/2009 13:08|--a------|155145728] D:\betatest.avi
[04/07/2008 13:57|--a------|3763] D:\Cursor.ogg
[28/07/2008 15:01|--a------|111] D:\Game.ini
[28/07/2008 15:02|--a------|31096052] D:\Game.rgssad
[05/11/2009 23:27|--a------|814143398] D:\loleusetup.exe
[17/05/2008 12:12|--a------|2181054464] D:\reason V.4.iso
[17/08/2008 16:44|--a------|39664363] D:\Rpgdofusarena.exe
[17/01/2010 22:04|--a------|8612] D:\sans-titre-1-34ec20c854.png
[18/10/2005 19:59|--a------|229376] E:\9290921_MVM_0.tmp
[20/11/2005 19:44|--a------|5111808] E:\28751171_MVM_0.tmp
[30/05/2009 22:35|--a------|128] E:\ProgramFlow.txt
[30/05/2009 22:35|--a------|49] E:\Warnings.txt
[08/08/2007 21:56|--a------|2670854] F:\JS Nature.exe
[21/10/2009 18:18|--a------|1095313408] F:\Gran_Turismo.iso
[08/12/2006 18:33|--a------|241618] F:\UMDGen.chm
[11/12/2006 11:26|--a------|1279488] F:\UMDGen.exe
[27/10/2006 23:47|--ahs----|4096] F:\Thumbs.db
[13/04/2008 19:34|--a------|28672] G:\setupSNK.exe
[08/08/2007 21:56|--a------|2670854] G:\JS Nature.exe
[03/11/2002 17:58|--a------|64512] G:\LeCarnetDuLeon.xls
[03/11/2002 19:59|--a------|24] G:\acdsee.txt
[04/11/2002 01:41|--ah-----|667648] G:\ffastun0.ffx
[04/11/2002 01:41|--ah-----|32768] G:\ffastun.ffo
[04/11/2002 01:41|--ah-----|40960] G:\ffastun.ffl
[04/11/2002 01:41|--ah-----|4379] G:\ffastun.ffa
[11/09/2007 12:31|--a------|110615] G:\LISEZ_MOI.pdf

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix .
# D:\autorun.inf -> Dossier créé par UsbFix .
# E:\autorun.inf -> Dossier créé par UsbFix .
# F:\autorun.inf -> Dossier créé par UsbFix .
# G:\autorun.inf -> Dossier créé par UsbFix .

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_ENFANTS.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.091 ! |
0
Réponse 12 / 13
Utilisateur anonyme
 
Comment se comporte le pc?

a+
0
Réponse 13 / 13
skyalex Messages postés 95 Statut Membre
 
Pas trop mal, pas encore eu de déconnexion internet, mais je n'ai pas vu énormément d'infection dangereuse supprimée :/. Je te tiens au courant
0

Discussions similaires

TI college plus (calculatrice probleme)
help39 -
Utilisateur anonyme -

3 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses