Problème de virus - Page 2

Résolu
Précédent
  • 1
  • 2
Réponse 21 / 25
jojorisman Messages postés 83 Statut Membre
 
[ Rapport ToolsCleaner version 2.2.5 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\GenProc: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\jeremy\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\jeremy\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\Gmer.zip: trouvé !
C:\Documents and Settings\jeremy\Bureau\Winsoftware.bfu: trouvé !
C:\Documents and Settings\jeremy\Bureau\Bfu.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\GenProc.zip: trouvé !
C:\Documents and Settings\jeremy\Bureau\Navilog1.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\jeremy\Bureau\Gmer.txt: trouvé !
C:\Documents and Settings\jeremy\Bureau\GenProc: trouvé !
C:\Documents and Settings\jeremy\Bureau\GenProc\outil\hijackthis.log: trouvé !
C:\Documents and Settings\jeremy\Bureau\GenProc\outil\mbr.exe: trouvé !
C:\GenProc\outil\mbr.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
0
Réponse 22 / 25
jojorisman Messages postés 83 Statut Membre
 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\AOL\\ACF\\ActCntxt.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\AOL\\ACF\\FreeActr.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\AOL\\ACF\\StaActvr.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\AOL\\aoltpspd.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\Program Files\\Fichiers communs\\AOL\\Flasha.ocx"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Downloaded Program Files\\ReflexiveWebGameLoader.dll"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\System32\\FTRTSVC.exe"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\WINDOWS\\Downloaded Program Files\\stg_drm.ocx"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\PROGRA~1\\Mozilla Firefox\\extensions\\dealio@mybrowserbar.com"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls]
"C:\\PROGRA~1\\Mozilla Firefox\\extensions\\searchsettings@spigot.com"=dword:00000001

[HKEY_CLASSES_ROOT\gibfile\shell\open]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command]
@="C:\\Program Files\\Letmin\\winletmin.exe %1"

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????]

[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????\???????? ? W ?
[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????\??????ment de données
[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????\???????????? ???????? ?
[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????\???????????? ???????? ?
[HKEY_CLASSES_ROOT\gibfile\shell\open\command\729219-1008_CLASSES\.gib\3729219-1008_CLASSES\.gib\4??????\?????????????????????????????
[HKEY_CLASSES_ROOT\CLSID\{38B2A7ED-92EB-11D5-A2D5-001083025146}]
@="IPStaAct Class"

[HKEY_CLASSES_ROOT\CLSID\{38B2A7ED-92EB-11D5-A2D5-001083025146}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\ACF\\StaActvr.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{38B2A7ED-92EB-11D5-A2D5-001083025146}\ProgID]
@="DStaActivator.IPStaAct.1"

[HKEY_CLASSES_ROOT\CLSID\{38B2A7ED-92EB-11D5-A2D5-001083025146}\TypeLib]
@="{38B2A7E0-92EB-11D5-A2D5-001083025146}"

[HKEY_CLASSES_ROOT\CLSID\{38B2A7ED-92EB-11D5-A2D5-001083025146}\VersionIndependentProgID]
@="DStaActivator.IPStaAct"

[HKEY_CLASSES_ROOT\CLSID\{4B2A604D-B751-11D5-A2D5-001083025146}]
@="Activation Class"

[HKEY_CLASSES_ROOT\CLSID\{4B2A604D-B751-11D5-A2D5-001083025146}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\ACF\\ActCntxt.dll"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{4B2A604D-B751-11D5-A2D5-001083025146}\ProgID]
@="Acontext.Activation.1"

[HKEY_CLASSES_ROOT\CLSID\{4B2A604D-B751-11D5-A2D5-001083025146}\TypeLib]
@="{4B2A6040-B751-11D5-A2D5-001083025146}"

[HKEY_CLASSES_ROOT\CLSID\{4B2A604D-B751-11D5-A2D5-001083025146}\VersionIndependentProgID]
@="Acontext.Activation"

[HKEY_CLASSES_ROOT\CLSID\{67377570-6FC6-4B15-A5B9-D6C80957767D}]
@="ALUSchedulerEngine Class"
"AppID"="{0F7E18A5-6DE6-4F73-9DCC-1F9BD36E84CC}"

[HKEY_CLASSES_ROOT\CLSID\{67377570-6FC6-4B15-A5B9-D6C80957767D}\LocalServer32]
@="\"C:\\Program Files\\Symantec\\LiveUpdate\\ALUSchedulerSvc.exe\""

[HKEY_CLASSES_ROOT\CLSID\{67377570-6FC6-4B15-A5B9-D6C80957767D}\ProgID]
@="ALUSchedulerSvc.ALUSchedulerEngine.1"

[HKEY_CLASSES_ROOT\CLSID\{67377570-6FC6-4B15-A5B9-D6C80957767D}\TypeLib]
@="{3A13372E-954F-4FD1-846F-D770B23E11D8}"

[HKEY_CLASSES_ROOT\CLSID\{67377570-6FC6-4B15-A5B9-D6C80957767D}\VersionIndependentProgID]
@="ALUSchedulerSvc.ALUSchedulerEngine"

[HKEY_CLASSES_ROOT\CLSID\{75D44B92-DCAF-43f3-A7D1-91041F34E719}]
@="AOLFlashProp Class"

[HKEY_CLASSES_ROOT\CLSID\{75D44B92-DCAF-43f3-A7D1-91041F34E719}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\Flasha.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{75D44B92-DCAF-43f3-A7D1-91041F34E719}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}]
@="AOL YGP Screensaver"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\Control]

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\SCREEN~1\\YGPSCR~1.DLL"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\ProgID]
@="AOL.PicSsvrCtrl.1"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\ToolboxBitmap32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\SCREEN~1\\YGPSCR~1.DLL, 101"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\TypeLib]
@="{DD3FCE4D-8442-4EFA-A71E-1C131F502F4A}"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{A1B09066-C95C-4EF6-8DFD-3DD0AFE610B6}\VersionIndependentProgID]
@="AOL.PicSsvrCtrl"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}]
@="AOL Flash Object"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Control]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\EnableFullPage]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\EnableFullPage\.spl]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\EnableFullPage\.swf]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Implemented Categories]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\Flasha.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\MiscStatus]
@="0"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\MiscStatus\1]
@="131473"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\ProgID]
@="AOLFlash.AOLFlash.1"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\ToolboxBitmap32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\Flasha.ocx, 1"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\TypeLib]
@="{C114555B-A454-11D4-9020-00D0B7239081}"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{C1145550-A454-11D4-9020-00D0B7239081}\VersionIndependentProgID]
@="AOLFlash.AOLFlash"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}]
@="AOL Flash Factory Object"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\Control]

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\Flasha.ocx"
"ThreadingModel"="Apartment"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\ProgID]
@="AOLFlashFactory.AOLFlashFactory.1"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\Programmable]

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\ToolboxBitmap32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\Flasha.ocx, 1"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\TypeLib]
@="{C114555B-A454-11D4-9020-00D0B7239081}"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\Version]
@="1.0"

[HKEY_CLASSES_ROOT\CLSID\{C1145551-A454-11D4-9020-00D0B7239081}\VersionIndependentProgID]
@="AOLFlashFactory.AOLFlashFactory"

[HKEY_CLASSES_ROOT\CLSID\{F687EF8D-9C9D-11D5-A2D5-001083025146}]
@="FreeActivator Class"

[HKEY_CLASSES_ROOT\CLSID\{F687EF8D-9C9D-11D5-A2D5-001083025146}\InprocServer32]
@="C:\\PROGRA~1\\FICHIE~1\\AOL\\ACF\\FreeActr.dll"
"ThreadingModel"="Free"

[HKEY_CLASSES_ROOT\CLSID\{F687EF8D-9C9D-11D5-A2D5-001083025146}\ProgID]
@="DFreeActivator.FreeActivator.1"

[HKEY_CLASSES_ROOT\CLSID\{F687EF8D-9C9D-11D5-A2D5-001083025146}\TypeLib]
@="{F687EF80-9C9D-11D5-A2D5-001083025146}"

[HKEY_CLASSES_ROOT\CLSID\{F687EF8D-9C9D-11D5-A2D5-001083025146}\VersionIndependentProgID]
@="DFreeActivator.FreeActivator"

[HKEY_CLASSES_ROOT\Interface\{72F6F43A-C397-4763-9D43-00126CF729D0}]
@="IALUSchedulerEngine"

[HKEY_CLASSES_ROOT\Interface\{72F6F43A-C397-4763-9D43-00126CF729D0}\ProxyStubClsid]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{72F6F43A-C397-4763-9D43-00126CF729D0}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_CLASSES_ROOT\Interface\{72F6F43A-C397-4763-9D43-00126CF729D0}\TypeLib]
@="{3A13372E-954F-4FD1-846F-D770B23E11D8}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe]
@="C:\\Program Files\\Trend Micro\\HijackThis\\hijackthis.exe"
"Path"="C:\\Program Files\\Trend Micro\\HijackThis"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\Symantec\\Common Client\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Fichiers communs\\Symantec Shared\\Help\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Fichiers communs\\Symantec Shared\\VirusDefs\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\Symantec\\Norton AntiVirus\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Fichiers communs\\Symantec Shared\\SPManifests\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\data\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\update\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\conf\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\conf\\users\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\data\\contentdb\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Messenger\\resources\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Messenger\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Application Data\\SweetIM\\Messenger\\logs\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Messenger\\resources\\images\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Toolbars\\Internet Explorer\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Toolbars\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Toolbars\\Internet Explorer\\conf\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\SweetIM\\Toolbars\\Internet Explorer\\resources\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\chrome\\content\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\chrome\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\chrome\\locale\\EN-US\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\chrome\\locale\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\chrome\\skin\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\FF\\components\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\Res\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Application Updater\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\IE\\4.0.2\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Dealio Toolbar\\IE\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\chrome\\skin\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\chrome\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\res\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\temp\\"="1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\chrome\\content\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\chrome\\locale\\en-US\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\chrome\\locale\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Search Settings\\FF\\components\\"=""

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover]
"DisplayName"="Ad-Remover By C_XX"
"UninstallString"="\"C:\\Ad-Remover\\Un-ADR.exe\""
"DisplayIcon"="C:\\Ad-Remover\\res\\icon.ico"
"Publisher"="C_XX"
"NoModify"=dword:00000001
"NoRepair"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL Connectivity Services]
"UninstallString"="C:\\PROGRA~1\\FICHIE~1\\AOL\\ACS\\AcsUninstall.exe /c"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AOL YGP Screensaver]
"UninstallString"="C:\\Program Files\\Fichiers communs\\AOL\\Screensaver\\uninst_ygpss.exe"
"DisplayIcon"="C:\\Program Files\\Fichiers communs\\AOL\\Screensaver\\ygpsstra.exe"

[HKEY_LOCAL_MACHINE\Software\TrendMicro]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis]
"Order"=hex:08,00,00,00,02,00,00,00,8a,00,00,00,01,00,00,00,01,00,00,00,7e,\
00,00,00,00,00,00,00,70,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,5e,00,\
32,00,d5,06,00,00,22,3b,d0,9b,20,00,48,49,4a,41,43,4b,7e,31,2e,4c,4e,4b,00,\
00,34,00,03,00,04,00,ef,be,21,3b,a0,6e,6e,3c,90,55,14,00,00,00,48,00,69,00,\
6a,00,61,00,63,00,6b,00,54,00,68,00,69,00,73,00,2e,00,6c,00,6e,00,6b,00,00,\
00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe"="HijackThis"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\jeremy\\Local Settings\\Temporary Internet Files\\Content.IE5\\CKQIRWT7\\OTM[1].exe"="OTM[1]"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\jeremy\\Bureau\\OTM.exe"="OTM"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\jeremy\\Local Settings\\Temporary Internet Files\\Content.IE5\\F5SNHRJI\\ToolsCleaner2[1].exe"="ToolsCleaner2[1]"
0
Réponse 23 / 25
jojorisman Messages postés 83 Statut Membre
 
L'ordi va mieux, il n'y a plus le PERSONAL SECURITY et je n'ai plus besoin de me mettre en mode sans echec donc sa va.
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
ok on verras pour les mise à jour après la j'aimerais bien que tu passes list&kill"em en option search et clean car il y as une ligne qui me plais pas dans le host , merci


Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent(car il est detecté a tort comme infection)

. Télécharge List&Kill'em et enregistre le sur ton bureau

. Branche clés usb , disques durs externes , mp3 , mp4 , etc..

double clique ( clic droit "executer en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation


choisis la langue puis choisis search

. laisse travailler l'outil

à l'apparition de la fenetre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , mais ne le supprime pas pour l instant, le scan n'est pas fini.

. Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'ecran "COMPLETED"

tu peux supprimer le rapport catchme.log de ton bureau maintenant.




==============================



. Relance List&Kill'em(soit en clic droit pour vista),.
mais cette fois-ci :

. choisis clean

laisse travailler l'outil.

en fin de scan un rapport s'ouvre

. colle le contenu dans ta reponse
0
Réponse 24 / 25
jojorisman Messages postés 83 Statut Membre
 
List'em by g3n-h@ckm@n 1.7.0.4

User : jeremy (Administrateurs)
Update on 09/04/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 12:16:14 | 10/04/2010

AMD Athlon(tm) XP 3000+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : avast! antivirus 4.8.1229 [VPS 090831-0] 4.8.1229 [ Enabled | (!) Outdated ]

C:\ -> Disque fixe local | 144,04 Go (2,78 Go free) [HDD] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible

Boot: Normal

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\internet explorer\iexplore.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\List_Kill'em\List_Kill'em.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\List_Kill'em\pv.exe

======================
Keys "Run"
======================

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
WOOKIT REG_SZ C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
swg REG_SZ "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
NCLaunch REG_SZ C:\WINDOWS\NCLAUNCH.EXe
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
WOOWATCH REG_SZ C:\PROGRA~1\Wanadoo\Watch.exe
VTTimer REG_SZ VTTimer.exe
TomcatStartup 2.5 REG_SZ C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
StatusClient 2.6 REG_SZ C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
PCMService REG_SZ "c:\Apps\Powercinema\PCMService.exe"
Google Desktop Search REG_SZ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
ATIPTA REG_SZ C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
UserFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -u
Logitech Hardware Abstraction Layer REG_SZ KHALMNPR.EXE
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
AppleSyncNotifier REG_SZ C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
hpqSRMon REG_SZ C:\Program Files\Hewlett-Packard\hp LaserJet 1160_1320 series\Digital Imaging\bin\hpqSRMon.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

=====================
Other Keys
=====================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)
ConsentPromptBehaviorAdmin REG_DWORD 0 (0x0)

===============
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
NoDriveAutoRun REG_DWORD 255 (0xff)
NoDriveTypeAutoRun REG_DWORD 255 (0xff)
HonorAutoRunSetting REG_DWORD 0 (0x0)

===============
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
HonorAutoRunSetting REG_DWORD 0 (0x0)
NoCDBurning REG_DWORD 0 (0x0)
NoDriveAutoRun REG_DWORD 255 (0xff)
NoDriveTypeAutoRun REG_DWORD 255 (0xff)

===============
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLS REG_SZ C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

===============

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
AutoRestartShell REG_DWORD 1 (0x1)
DefaultDomainName REG_SZ ORDIENFANTS
DefaultUserName REG_SZ jeremy
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD -1 (0xffffffff)
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0 (0x0)
passwordexpirywarning REG_DWORD 14 (0xe)
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 1 (0x1)
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 1 (0x1)
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0 (0x0)
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 1 (0x1)
ShowLogonOptions REG_DWORD 0 (0x0)
AltDefaultUserName REG_SZ jeremy
AltDefaultDomainName REG_SZ ORDIENFANTS

===============

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon]

===============

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ

===============
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
C:\WINDOWS\system32\sessmgr.exe REG_SZ C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019
C:\APPS\Inventime\my.exe REG_SZ C:\APPS\Inventime\my.exe:*:Disabled:INVENTIME
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe REG_SZ C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Enabled:javaw
C:\iTunes.exe REG_SZ C:\iTunes.exe:*:Enabled:iTunes
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\eMule\emule.exe REG_SZ C:\Program Files\eMule\emule.exe:*:Enabled:eMule
C:\Documents and Settings\jeremy\Bureau\Fichiers non utilisés\GameData\jamp.exe REG_SZ C:\Documents and Settings\jeremy\Bureau\Fichiers non utilisés\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer
C:\Program Files\Bonjour\mDNSResponder.exe REG_SZ C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
C:\Program Files\microsoft office\Office12\OUTLOOK.EXE REG_SZ C:\Program Files\microsoft office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
C:\Program Files\BitTorrent\bittorrent.exe REG_SZ C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
C:\Program Files\iTunes\iTunes.exe REG_SZ C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
%windir%\Network Diagnostic\xpnetdiag.exe REG_SZ %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
C:\Program Files\Windows Live\Messenger\wlcsdk.exe REG_SZ C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call
C:\Program Files\Windows Live\Messenger\msnmsgr.exe REG_SZ C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe REG_SZ C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare

===============
ActivX controls
===============
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\Microsoft XML Parser for Java]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{00000055-9980-0010-8000-00AA00389B71}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{17492023-C23A-453E-A040-C7C580BBF700}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8100D56A-5661-482C-BEE8-AFECE305D968}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{B79A53C0-1DAC-4636-BACE-FD086A7A79BF}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{D27CDB6E-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6}]

===============
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{166B1BCA-3F9C-11CF-8075-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{233C1507-6A77-46A4-9443-F871F945D258}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2A202491-F00D-11cf-87CC-0020AFEECF20}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3af36230-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4278c270-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{4F977AA2-805F-BC0C-5132-74005EFEF149}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72AD53CC-CCC0-3757-8480-9EE176866A7C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9A394342-4A68-4EBA-85A6-55B559F4E700}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B508B3F1-A24A-32C0-B310-85786919EF28}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C02E9BA6-F236-FED1-C613-2EB0EBED7F5C}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C9E9A340-D1F1-11D0-821E-444553540600}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CD214A03-179D-65FB-EED0-5F092896C4B5}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]

==============
BHO :
======
[<NO NAME> REG_SZ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0347C33E-8762-4905-BF09-768834316C61}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{CE000992-A58C-4441-8938-744CD72AB27F}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

===
DNS
===

HKLM\SYSTEM\CCS\Services\Tcpip\..\{C7423273-CA8A-4C31-99B8-3B9B26033170}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C7423273-CA8A-4C31-99B8-3B9B26033170}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C7423273-CA8A-4C31-99B8-3B9B26033170}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

================
Internet Explorer :
================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Default_Search_URL REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.com/?gws_rd=ssl
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3 ( OK = 3 )
SharedAccess : 0x2 ( OK = 2 )
wuauserv : 0x2 ( OK = 2 )

=========
Atapi.sys
=========

%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Program Files\List_Kill'em
## C:\> hashdeep.exe C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\atapi.sys
##
96512,9f3a2f5aa6875c72bf062c712cfa2674,b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9,C:\WINDOWS\SoftwareDistribution\Download\23ec66f2314a80d718b5483ab6e865af\atapi.sys
%%%% HASHDEEP-1.0
%%%% size,md5,sha256,filename
## Invoked from: C:\Program Files\List_Kill'em
## C:\> hashdeep.exe C:\WINDOWS\system32\drivers\atapi.sys
##
95360,cdfe4411a69c224bd1d11b2da92dac51,0e6b23a80f171550575bebc56f7500cd87a5cf03b2b9fdc49bc3de96282cd69d,C:\WINDOWS\system32\drivers\atapi.sys

Référence :
==========

Win 2000_SP2 : ff953a8f08ca3f822127654375786bbe
Win 2000_SP4 : 8c718aa8c77041b3285d55a0ce980867
Win XP_32b : a64013e98426e1877cb653685c5c0009
Win XP_SP2_32b : CDFE4411A69C224BD1D11B2DA92DAC51
Win XP_SP3_32b : 9F3A2F5AA6875C72BF062C712CFA2674
Vista_32b : e03e8c99d15d0381e02743c36afc7c6f
Vista_SP1_32b : 2d9c903dc76a66813d350a562de40ed9
Vista_SP2_32b : 1F05B78AB91C9075565A9D8A4B880BC4
Vista_SP2_64b : 1898FAE8E07D97F2F6C2D5326C633FAC
Windows 7_32b : 80C40F7FDFC376E4C5FEEC28B41C119E
Windows 7_64b : 02062C0B390B7729EDC9E69C680A6F3C
Windows 7_32b_Ultimate : 338c86357871c167a96ab976519bf59e

=======
Drive :
=======

Défragmenteur de disque Windows
Copyright (c) 2001 Microsoft Corp. et Executive Software International Inc.

Rapport d'analyse
144 Go total, 2,79 Go libre (1%), 27% fragmenté (fragmentation du fichier 52%)

Vous devriez défragmenter ce volume.

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Present !! : C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\SuggestedSites.dat

¤¤¤¤¤¤¤¤¤¤ Keys :

============

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-10 12:33:20
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x82FD71F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\atapi -> 0x82fd71f8
Warning: possible MBR rootkit infection !
user & kernel MBR OK
Use "Recovery Console" command "fixmbr" to clear infection !

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled REG_DWORD 1 (0x1)
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 1 (0x1)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

End of scan : 12:33:23,09
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 25
jojorisman Messages postés 83 Statut Membre
 
Kill'em by g3n-h@ckm@n 1.7.0.4

User : jeremy (Administrateurs)
Update on 09/04/2010 by g3n-h@ckm@n ::::: 15.30
Start at: 12:40:29 | 10/04/2010

AMD Athlon(tm) XP 3000+
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1229 [VPS 090831-0] 4.8.1229 [ Enabled | (!) Outdated ]

C:\ -> Disque fixe local | 144,04 Go (2,78 Go free) [HDD] | NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\List_Kill'em\ERUNT.EXE
C:\Program Files\List_Kill'em\pv.exe

Detections :
==========

¤¤¤¤¤¤¤¤¤¤ Files/folders :

Quarantined & Deleted !! : C:\Documents and Settings\jeremy\Local Settings\Temporary Internet Files\SuggestedSites.dat

==============
host file OK !
==============

========
Registry
========

=================
Internet Explorer
=================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Default_Search_URL REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
Default_Page_URL REG_SZ https://www.msn.com/fr-fr/?ocid=iehp
Search Page REG_SZ https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
Start Page REG_SZ https://www.google.com/?gws_rd=ssl
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Search Page REG_SZ http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

===============
Security Center
===============

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
FirstRunDisabled REG_DWORD 1 (0x1)
AntiVirusDisableNotify REG_DWORD 0 (0x0)
FirewallDisableNotify REG_DWORD 0 (0x0)
UpdatesDisableNotify REG_DWORD 0 (0x0)
AntiVirusOverride REG_DWORD 1 (0x1)
FirewallOverride REG_DWORD 1 (0x1)
========
Services
=========

Ndisuio : Start = 3
Ip6Fw : Start = 2
SharedAccess : Start = 2
wuauserv : Start = 2
wscsvc : Start = 2

============
Disk Cleaned
============

=================
anti-ver blaster : OK !!
=================

================
Prefetch cleaned
================

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 618
 
bon , maintenant il faudra penser à faire les mise à jour pour ton pc sinon tu as des failles de sécurité et les malwares risque de s'y inflitrer !!

donc tu installeras le SP3 de xp : https://www.commentcamarche.net/telecharger/systemes-d-exploitation/20759-sp3-windows-xp/

et puis désinstalles java depuis ajout suppression des programmes et installes la derniére version : https://www.commentcamarche.net/telecharger/developpement/12917-java-runtime-environment/

et puis tu as avast 4 , qui n'est pas donné comme le plus performant des anti-virus gratuit , perso je te conseillerais de passer à antivir beaucoup plus performant !!
Mais si tiens à conserver avast il faudrait désinstaller la version 4 et installer la dernière la 5

bon pour désinstaller avast aide toi de cette page : https://www.commentcamarche.net/telecharger/securite/22859-utilitaire-de-desinstallation-de-avast/

après soit tu passes à antivir : https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal

soit tu installes la dernière version de avast : http://www.commentcamarche.net/telecharger/telecharger-151-avast
et si besoin un tuto pour t'aider à le configurer le mieux possible : https://forums.cnetfrance.fr/tutoriels-securite-informatique/265269-avast-5-nouveau-tutoriel-avast
0
Précédent
  • 1
  • 2

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Site pour regarder animé sans virus
ShaylahScarlet -
bendrop -

1 réponse