Infection tazebama.dl_ Aidez moi svp

Réponse 21 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Je te laisse poster le rapport log.txt aussi :D

Réponse 22 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Logfile of random's system information tool 1.07 (written by random/random)
Run by HP_Administrator at 2010-05-16 12:13:43
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 98 GB (68%) free of 143 GB
Total RAM: 1015 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:49, on 16/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\H3OIDLQQ\RSIT[1].exe
C:\Program Files\trend micro\HP_Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

Réponse 23 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

--
End of file - 11357 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-17 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-04-17 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-17 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-10-26 57344]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe /reg []
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2010-04-17 126976]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-10-26 166424]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-10-26 141848]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-10-26 137752]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-26 17021440]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-09-24 210216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe /background []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2010-05-14 5410983]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-04-06 26102056]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-10-26 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsl TV (EXE)"
"C:\Program Files\adslTV\VLC\vlc.exe"="C:\Program Files\adslTV\VLC\vlc.exe:*:Enabled:adsl TV (VLC)"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2010-05-16 12:13:44 ----D---- C:\Program Files\trend micro
2010-05-16 12:13:43 ----D---- C:\rsit
2010-05-16 10:16:17 ----RSH---- C:\zPharaoh.exe
2010-05-16 10:16:16 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\tazebama
2010-05-16 00:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-05-16 00:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-05-16 00:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-05-16 00:44:16 ----A---- C:\WINDOWS\imsins.BAK
2010-05-16 00:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-05-15 18:07:58 ----RSHD---- C:\autorun.inf
2010-05-15 17:30:34 ----A---- C:\UsbFix.txt
2010-05-15 15:22:31 ----D---- C:\UsbFix
2010-05-15 14:33:52 ----A---- C:\WINDOWS\OEWABLog.txt
2010-05-15 13:24:16 ----D---- C:\Program Files\Windows Live Safety Center
2010-05-15 12:28:41 ----D---- C:\Program Files\CCleaner
2010-05-14 20:16:11 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-05-14 20:16:05 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-05-14 20:15:00 ----D---- C:\Program Files\Windows Media Connect 2
2010-05-14 20:14:45 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-05-14 20:14:00 ----D---- C:\6f2f4d09a70e45926bbf14e5ce76fcff
2010-05-14 20:13:27 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-05-14 20:12:36 ----D---- C:\WINDOWS\system32\LogFiles
2010-05-14 20:12:20 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-05-12 08:44:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-05 06:34:20 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Facebook
2010-05-01 19:39:51 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Apple Computer
2010-05-01 19:39:27 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2010-05-01 19:38:44 ----D---- C:\Program Files\iPod
2010-05-01 19:38:40 ----D---- C:\Program Files\iTunes
2010-05-01 19:38:40 ----D---- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-01 19:37:42 ----D---- C:\Program Files\QuickTime
2010-05-01 19:37:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-05-01 19:37:18 ----D---- C:\Program Files\Apple Software Update
2010-05-01 19:36:56 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2010-05-01 19:36:23 ----D---- C:\Program Files\Bonjour
2010-05-01 19:36:09 ----D---- C:\Program Files\Fichiers communs\Apple
2010-05-01 19:36:09 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-05-01 18:37:06 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-05-01 18:37:05 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-05-01 09:07:10 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\dvdcss
2010-04-30 18:55:07 ----D---- C:\Program Files\eMule
2010-04-30 13:21:02 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2010-04-30 13:20:59 ----D---- C:\Program Files\Free FLV Converter
2010-04-30 13:20:59 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\FreeFLVConverter
2010-04-30 13:20:59 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-04-30 13:19:15 ----D---- C:\Program Files\Free Video Converter
2010-04-30 13:19:15 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\FreeVideoConverter
2010-04-30 12:55:04 ----A---- C:\Program Files\Fichiers communs\AskToolbarInstaller.exe
2010-04-30 12:55:02 ----D---- C:\Program Files\VDownloader 1.13
2010-04-30 12:46:30 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\ImTOO Software Studio
2010-04-30 12:46:00 ----D---- C:\Program Files\ImTOO
2010-04-27 11:44:26 ----D---- C:\Program Files\Miniphoto
2010-04-27 11:37:17 ----SHD---- C:\WINDOWS\Installer
2010-04-27 11:07:21 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\CyberLink
2010-04-27 11:07:21 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-04-27 10:29:35 ----D---- C:\WINDOWS\Sun
2010-04-25 19:06:48 ----D---- C:\Program Files\Fichiers communs\Skype
2010-04-19 09:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-04-19 09:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-04-19 09:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-04-19 09:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-04-18 14:30:23 ----D---- C:\Program Files\adslTV
2010-04-18 13:03:39 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-18 13:03:38 ----D---- C:\Program Files\Fichiers communs\Java
2010-04-18 13:03:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-18 13:03:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-18 13:03:23 ----A---- C:\WINDOWS\system32\java.exe
2010-04-18 13:03:23 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-18 12:57:27 ----D---- C:\WINDOWS\PixArt
2010-04-18 12:57:25 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-04-18 12:53:32 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-04-18 12:52:54 ----A---- C:\WINDOWS\system32\CoInst_070629.dll
2010-04-18 12:52:53 ----D---- C:\Program Files\Webcam 1200
2010-04-18 12:52:53 ----A---- C:\WINDOWS\system32\SP207.INI
2010-04-18 12:52:53 ----A---- C:\WINDOWS\AMCap.exe
2010-04-18 12:52:41 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\InstallShield
2010-04-18 12:20:22 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\skypePM
2010-04-18 12:15:10 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Skype
2010-04-18 12:14:45 ----RD---- C:\Program Files\Skype
2010-04-18 12:14:41 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-04-18 12:11:11 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Convivea
2010-04-18 12:11:10 ----D---- C:\Program Files\Bit Che
2010-04-18 12:08:38 ----D---- C:\Program Files\uTorrent
2010-04-18 12:07:52 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\uTorrent
2010-04-18 12:07:43 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2010-04-18 12:07:30 ----D---- C:\Program Files\LimeWire
2010-04-18 12:04:14 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
2010-04-18 12:00:58 ----D---- C:\Program Files\Java
2010-04-18 12:00:23 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Sun
2010-04-18 11:44:25 ----A---- C:\WINDOWS\Radio_Fr.ini
2010-04-18 11:43:43 ----D---- C:\Program Files\Radio Fr Solo
2010-04-18 11:22:09 ----D---- C:\d05e71d3000bb012d4
2010-04-18 11:21:55 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-18 11:13:56 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\vlc
2010-04-18 11:13:47 ----D---- C:\Program Files\Adobe
2010-04-18 11:13:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-04-18 11:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-18 11:13:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-18 11:12:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-04-18 11:12:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-18 11:12:25 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-18 11:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-04-18 11:12:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-04-18 11:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-04-18 11:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-04-18 11:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-18 11:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-18 11:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-18 11:10:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-04-18 11:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-04-18 11:10:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-04-18 11:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-18 11:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-04-18 11:09:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-04-18 11:09:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-18 11:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-18 11:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-18 11:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-18 11:08:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-04-18 11:08:46 ----D---- C:\Program Files\VideoLAN
2010-04-18 11:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-04-18 11:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-04-18 11:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-18 11:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-18 11:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-18 11:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-18 11:05:03 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2010-04-18 11:04:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-04-18 11:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-04-18 11:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-04-18 11:03:02 ----D---- C:\Program Files\Messenger Plus! Live
2010-04-18 10:59:05 ----D---- C:\Program Files\Microsoft
2010-04-18 10:58:48 ----D---- C:\Program Files\Windows Live SkyDrive
2010-04-18 10:58:25 ----D---- C:\Program Files\Windows Live
2010-04-18 10:55:40 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
2010-04-18 10:55:40 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2010-04-18 10:51:34 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Google
2010-04-18 10:39:21 ----A---- C:\WINDOWS\system32\muweb.dll
2010-04-18 10:39:21 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-04-18 10:39:21 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-04-17 16:50:50 ----HDC---- C:\WINDOWS\ie8
2010-04-17 16:50:05 ----HD---- C:\WINDOWS\msdownld.tmp
2010-04-17 16:45:52 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Bitdefender
2010-04-17 16:32:26 ----D---- C:\Program Files\Fichiers communs\Windows Live
2010-04-17 16:30:10 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-04-17 16:28:31 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-04-17 16:28:29 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2010-04-17 16:28:28 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Yahoo!
2010-04-17 16:27:46 ----D---- C:\Program Files\Yahoo!
2010-04-17 16:25:01 ----D---- C:\Program Files\Google
2010-04-17 16:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-04-17 16:13:16 ----D---- C:\Program Files\Softwin
2010-04-17 16:13:16 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2010-04-17 16:12:53 ----D---- C:\Program Files\Fichiers communs\Softwin
2010-04-17 16:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-04-17 16:08:36 ----D---- C:\WINDOWS\ie8updates
2010-04-17 16:08:18 ----D---- C:\WINDOWS\WBEM
2010-04-17 16:06:15 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-17 16:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-04-17 16:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-04-17 16:04:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-04-17 16:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-04-17 16:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-17 16:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-04-17 16:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-04-17 16:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-04-17 16:04:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-04-17 16:03:55 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-04-17 16:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-04-17 16:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-04-17 16:03:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-04-17 16:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-04-17 16:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-17 16:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-04-17 16:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-04-17 16:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-04-17 16:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-04-17 16:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-04-17 16:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-17 16:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-17 16:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-17 16:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-04-17 16:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-04-17 16:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-04-17 16:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-17 16:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-04-17 16:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-04-17 16:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-04-17 16:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-17 16:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-04-17 15:53:08 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-17 15:06:49 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-04-17 15:06:40 ----D---- C:\WINDOWS\system32\PreInstall
2010-04-17 15:06:39 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-04-17 15:06:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-17 15:01:49 ----ASH---- C:\Documents and Settings\HP_Administrator\Application Data\desktop.ini
2010-04-17 15:01:48 ----SD---- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
2010-04-17 15:01:48 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Identities
2010-04-17 14:58:32 ----D---- C:\WINDOWS\system32\SoftwareDistribution

Réponse 24 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

======List of files/folders modified in the last 1 months======

2010-05-16 12:13:44 ----RD---- C:\Program Files
2010-05-16 12:06:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-16 12:06:29 ----D---- C:\WINDOWS\Temp
2010-05-16 12:06:23 ----D---- C:\WINDOWS\system32
2010-05-16 12:06:22 ----D---- C:\Program Files\Internet Explorer
2010-05-16 12:06:04 ----D---- C:\Program Files\Movie Maker
2010-05-16 12:05:57 ----D---- C:\Program Files\Windows Media Player
2010-05-16 12:05:46 ----D---- C:\Program Files\Windows NT
2010-05-16 12:05:44 ----D---- C:\Program Files\NetMeeting
2010-05-16 12:05:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-16 12:05:07 ----SD---- C:\WINDOWS\Tasks
2010-05-16 10:26:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-16 10:17:14 ----D---- C:\WINDOWS
2010-05-16 10:16:15 ----D---- C:\Documents and Settings
2010-05-16 00:59:38 ----D---- C:\WINDOWS\Prefetch
2010-05-16 00:48:33 ----HD---- C:\WINDOWS\inf
2010-05-15 18:07:54 ----SHD---- C:\RECYCLER
2010-05-15 18:05:34 ----D---- C:\Program Files\Messenger
2010-05-15 14:31:17 ----D---- C:\WINDOWS\system32\Restore
2010-05-15 13:24:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-05-15 13:02:11 ----D---- C:\WINDOWS\system32\CatRoot
2010-05-15 12:29:23 ----D---- C:\WINDOWS\Debug
2010-05-14 21:32:49 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-05-14 20:15:17 ----A---- C:\WINDOWS\win.ini
2010-05-14 20:14:56 ----D---- C:\WINDOWS\Help
2010-05-14 20:13:40 ----D---- C:\WINDOWS\system32\drivers
2010-05-14 19:12:17 ----D---- C:\Program Files\Outlook Express
2010-05-01 19:39:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-01 19:36:14 ----D---- C:\WINDOWS\WinSxS
2010-05-01 19:36:09 ----D---- C:\Program Files\Fichiers communs
2010-04-24 01:08:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-04-19 13:24:50 ----RSD---- C:\WINDOWS\assembly
2010-04-19 13:18:31 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-19 10:12:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-18 12:57:27 ----D---- C:\WINDOWS\twain_32
2010-04-18 12:52:52 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-18 11:22:49 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-18 11:22:46 ----D---- C:\WINDOWS\system32\en-us
2010-04-18 11:22:42 ----RSD---- C:\WINDOWS\Fonts
2010-04-18 11:16:00 ----D---- C:\WINDOWS\AppPatch
2010-04-18 11:12:09 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-04-18 10:58:54 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-04-17 16:53:22 ----D---- C:\WINDOWS\system32\fr-fr
2010-04-17 16:51:33 ----D---- C:\WINDOWS\Media
2010-04-17 16:09:49 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-04-17 16:09:48 ----SHD---- C:\System Volume Information
2010-04-17 16:09:48 ----D---- C:\WINDOWS\system32\wbem
2010-04-17 16:08:23 ----D---- C:\WINDOWS\system32\config
2010-04-17 15:05:05 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-17 15:03:47 ----D---- C:\WINDOWS\security
2010-04-17 15:01:30 ----RASH---- C:\boot.ini
2010-04-17 14:58:16 ----D---- C:\WINDOWS\Registration
2010-04-17 14:46:01 ----D---- C:\WINDOWS\repair

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-10-26 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-26 4881920]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 PAC207;Webcam 1200; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2008-09-10 985728]
S3 HSFHWBS3;HSFHWBS3; C:\WINDOWS\system32\DRIVERS\HSFHWBS3.sys [2008-09-10 207872]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-16 41472]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-09-10 731264]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-07-11 278528]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-17 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-17 194104]
S2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Réponse 25 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Au lieu que tu le poste en 15 morceaux car il est long, héberge le sur cijoint :

http://cijoint.fr/

Aide en images :
http://sd-1.archive-host.com/membres/up/68979205412808752/CCM/cijoint.htm

Réponse 26 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Merci

Refais l'option de Recherche d'USBFix pour vérification stp.

Réponse 27 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

ok je vais le faire,sinon je te passe pour (log - blog - notes) : http://www.cijoint.fr/cjlink.php?file=cj201005/cijID3c02g.txt

Réponse 28 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

je suis entrain de faire UsbFix là,mais je veux te poser une question? ce matin quand j'ai allumer mon ordinateur j'ai toujours le même message d'erreur et j'ai plus msn j'arrive même pas à installé et quand je clique sur le volume sons ça sort une petite page noir et après le volume ne sort même pas,pareil quand je clique restaurer le système une petite page noir après plus rien,ça excecute même pas.Est ce que c'est normale?

Réponse 29 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

############################## | UsbFix V6.113 |

User : HP_Administrator (Administrateurs) # FLO
Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 13:12:23 | 16/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Atom(TM) CPU 230 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 139,25 Go (95,25 Go free) [COMPAQ] # NTFS
D:\ -> Disque fixe local # 9,78 Go (6,22 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible # 1,86 Go (262,4 Mo free) # FAT32
H:\ -> Disque amovible

################## | Elements infectieux |

C:\zPharaoh.exe
C:\1.taz
C:\zPharaoh.exe
D:\zPharaoh.exe
D:\1.taz
D:\zPharaoh.exe

################## | Mabezat |

C:\Documents and Settings\hook.dl_
C:\Documents and Settings\tazebama.dl_
C:\Documents and Settings\tazebama.dll
C:\DOCUME~1\HP_ADM~1\APPLIC~1\tazebama\zPharaoh.dat
C:\DOCUME~1\HP_ADM~1\APPLIC~1\tazebama
C:\zPharaoh.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009186.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009187.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009188.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009189.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009190.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009191.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009192.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009193.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009194.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009195.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009196.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009197.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009198.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009199.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009200.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009201.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009202.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009203.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009204.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009205.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009206.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009207.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009208.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009209.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009210.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009211.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009212.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009213.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009214.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009215.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009216.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009217.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009218.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009219.exe
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009220.exe
D:\zPharaoh.exe
D:\autorun.inf\autorun.inf .exe
D:\autorun.inf\WinrRarSerialInstall.exe
D:\Documents and Settings\Documents and Settings .exe
D:\Documents and Settings\NokiaN73Tools.exe
D:\Image\Image .exe
D:\Image\Make Windows Original.exe
D:\Minint\Minint .exe
D:\Minint\Office2003 CD-Key.doc.exe
D:\Minint\FONTS\Crack_GoogleEarthPro.exe
D:\Minint\FONTS\FONTS .exe
D:\Minint\HELP\AmericanOnLine.exe
D:\Minint\HELP\HELP .exe
D:\Minint\INF\INF .exe
D:\Minint\INF\msjavx86.exe
D:\Minint\MSAGENT\FloppyDiskPartion.exe
D:\Minint\MSAGENT\MSAGENT .exe
D:\Minint\MSAGENT\INTL\Adjust Time.exe
D:\Minint\MSAGENT\INTL\INTL .exe
D:\Minint\SYSTEM32\HP_LaserJetAllInOneConfig.exe
D:\Minint\SYSTEM32\SYSTEM32 .exe
D:\Minint\SYSTEM32\CONFIG\CONFIG .exe
D:\Minint\SYSTEM32\CONFIG\Recycle Bin.exe
D:\Minint\SYSTEM32\DRIVERS\DRIVERS .exe
D:\Minint\SYSTEM32\DRIVERS\WindowsXp StartMenu Settings.exe
D:\Minint\WINSXS\Microsoft Windows Network.exe
D:\Minint\WINSXS\WINSXS .exe
D:\PCDOCTOR\Office2007 Serial.txt.exe
D:\PCDOCTOR\PCDOCTOR .exe
D:\Recovery\KasperSky6.0 Key.doc.exe
D:\Recovery\Recovery .exe
D:\RECYCLER\JetAudio dump.exe
D:\RECYCLER\RECYCLER .exe
D:\RM\InstallMSN11Ar.exe
D:\RM\RM .exe
D:\swsetup\InstallMSN11En.exe
D:\swsetup\swsetup .exe
D:\System Volume Information\Lock Folder.exe
D:\System Volume Information\System Volume Information .exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009221.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009222.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009223.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009224.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009225.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009226.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009227.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009228.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009229.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009230.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009231.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009232.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009233.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009234.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009235.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009236.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009237.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009238.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009239.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009240.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009241.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009242.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009243.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009244.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009245.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009246.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009247.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009248.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009249.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009250.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009251.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009252.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009253.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009254.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009255.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009256.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009257.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009258.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009259.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009260.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009261.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009262.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009263.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009264.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009265.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009266.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009267.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009268.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009269.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009270.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009271.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009272.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009273.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009274.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009275.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009276.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009277.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009278.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009279.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009280.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009281.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009282.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009283.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009284.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009285.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009286.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009287.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009288.EXE
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009289.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009290.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009291.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009292.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009293.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009294.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009295.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009296.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009297.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009298.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009299.exe
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009300.exe
D:\autorun.inf\WinrRarSerialInstall.exe
D:\Documents and Settings\NokiaN73Tools.exe
D:\Image\Make Windows Original.exe
D:\Minint\FONTS\Crack_GoogleEarthPro.exe
D:\Minint\HELP\AmericanOnLine.exe
D:\Minint\INF\msjavx86.exe
D:\Minint\MSAGENT\FloppyDiskPartion.exe
D:\Minint\MSAGENT\INTL\Adjust Time.exe
D:\Minint\SYSTEM32\HP_LaserJetAllInOneConfig.exe
D:\Minint\SYSTEM32\CONFIG\Recycle Bin.exe
D:\Minint\SYSTEM32\DRIVERS\WindowsXp StartMenu Settings.exe
D:\RECYCLER\JetAudio dump.exe
D:\RM\InstallMSN11Ar.exe
D:\swsetup\InstallMSN11En.exe
D:\System Volume Information\Lock Folder.exe

################## | Registre |

################## | Mountpoints2 |

################## | Vaccin |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | ! Fin du rapport # UsbFix V6.113 ! |

Réponse 30 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Repasse l'option de suppression d'USBFix.
Enchaine ensuite avec MBAM.
Il va te trouver certainement beaucoup d'infections, ne t'en fait pas, c'est normal :D

*********

Télécharge Malwarebytes' Anti-Malware
= = = = >>> En cliquant ici <<< = = = =

- Enregistre le sur le bureau
- Double clique sur le fichier téléchargé pour lancer le processus d'installation
- Lorsqu'il te le sera demandé, mets à jour Malwarebytes anti malware
- Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, ferme Malwarebytes
- Double-clique sur l'icône de malwarebytes pour le relancer
- Dans l'onglet, Recherche, probablement ouvert par défaut,
- Sélectionne Exécuter un examen complet
- Clique sur Rechercher
- Le scan démarre
- A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur `Afficher les résultats' pour afficher tous les objets trouvés.
- Clique sur Ok pour poursuivre.
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
- Rends toi dans l'onglet rapport/log
- Tu clique dessus pour l'afficher.
- Une fois affiché, cliques sur édition en haut du bloc notes, et puis sur sélectionner tout
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu clique droit dans le cadre de la réponse et coller

Si tu as besoin d'aide regarde ce tutorial https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

Réponse 31 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Y'à 2 suppression dans Usbfix,y'à déjà le 2 suppression et le 4 suppression MSE donc je fais le quel?

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Suppression en mode normal.

Réponse 32 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Ok

Réponse 33 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

############################## | UsbFix V6.113 |

User : HP_Administrator (Administrateurs) # FLO
Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 15:02:05 | 16/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Atom(TM) CPU 230 @ 1.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ]

C:\ -> Disque fixe local # 139,25 Go (95,33 Go free) [COMPAQ] # NTFS
D:\ -> Disque fixe local # 9,78 Go (6,22 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible # 1,86 Go (262,4 Mo free) # FAT32
H:\ -> Disque amovible

################## | Elements infectieux |

Supprimé ! C:\zPharaoh.exe
Supprimé ! C:\1.taz
Supprimé ! C:\Recycler\S-1-5-21-233982008-3859552600-1057094845-1006
Supprimé ! D:\zPharaoh.exe
Supprimé ! D:\1.taz
Supprimé ! D:\Recycler\S-1-5-21-233982008-3859552600-1057094845-1006

################## | Mabezat |

Supprimé ! C:\Documents and Settings\hook.dl_
Supprimé ! C:\Documents and Settings\tazebama.dl_
Supprimé ! C:\Documents and Settings\tazebama.dll
Supprimé ! C:\DOCUME~1\HP_ADM~1\APPLIC~1\tazebama\zPharaoh.dat
Supprimé ! C:\DOCUME~1\HP_ADM~1\APPLIC~1\tazebama
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009186.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009187.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009188.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009189.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009190.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009191.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009192.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009193.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009194.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009195.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009196.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009197.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009198.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009199.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009200.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009201.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009202.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009203.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009204.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009205.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009206.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009207.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009208.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009209.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009210.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009211.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009212.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009213.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009214.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009215.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009216.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009217.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009218.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009219.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009220.exe
Supprimé ! C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP40\A0009459.exe
Supprimé ! D:\autorun.inf\autorun.inf .exe
Supprimé ! D:\autorun.inf\WinrRarSerialInstall.exe
Supprimé ! D:\Documents and Settings\Documents and Settings .exe
Supprimé ! D:\Documents and Settings\NokiaN73Tools.exe
Supprimé ! D:\Image\Image .exe
Supprimé ! D:\Image\Make Windows Original.exe
Supprimé ! D:\Minint\Minint .exe
Supprimé ! D:\Minint\Office2003 CD-Key.doc.exe
Supprimé ! D:\Minint\FONTS\Crack_GoogleEarthPro.exe
Supprimé ! D:\Minint\FONTS\FONTS .exe
Supprimé ! D:\Minint\HELP\AmericanOnLine.exe
Supprimé ! D:\Minint\HELP\HELP .exe
Supprimé ! D:\Minint\INF\INF .exe
Supprimé ! D:\Minint\INF\msjavx86.exe
Supprimé ! D:\Minint\MSAGENT\FloppyDiskPartion.exe
Supprimé ! D:\Minint\MSAGENT\MSAGENT .exe
Supprimé ! D:\Minint\MSAGENT\INTL\Adjust Time.exe
Supprimé ! D:\Minint\MSAGENT\INTL\INTL .exe
Supprimé ! D:\Minint\SYSTEM32\HP_LaserJetAllInOneConfig.exe
Supprimé ! D:\Minint\SYSTEM32\SYSTEM32 .exe
Supprimé ! D:\Minint\SYSTEM32\CONFIG\CONFIG .exe
Supprimé ! D:\Minint\SYSTEM32\CONFIG\Recycle Bin.exe
Supprimé ! D:\Minint\SYSTEM32\DRIVERS\DRIVERS .exe
Supprimé ! D:\Minint\SYSTEM32\DRIVERS\WindowsXp StartMenu Settings.exe
Supprimé ! D:\Minint\WINSXS\Microsoft Windows Network.exe
Supprimé ! D:\Minint\WINSXS\WINSXS .exe
Supprimé ! D:\PCDOCTOR\Office2007 Serial.txt.exe
Supprimé ! D:\PCDOCTOR\PCDOCTOR .exe
Supprimé ! D:\Recovery\KasperSky6.0 Key.doc.exe
Supprimé ! D:\Recovery\Recovery .exe
Supprimé ! D:\RECYCLER\JetAudio dump.exe
Supprimé ! D:\RECYCLER\RECYCLER .exe
Supprimé ! D:\RM\InstallMSN11Ar.exe
Supprimé ! D:\RM\RM .exe
Supprimé ! D:\swsetup\InstallMSN11En.exe
Supprimé ! D:\swsetup\swsetup .exe
Supprimé ! D:\System Volume Information\Lock Folder.exe
Supprimé ! D:\System Volume Information\System Volume Information .exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009221.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009222.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009223.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009224.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009225.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009226.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009227.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009228.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009229.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009230.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009231.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009232.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009233.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009234.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009235.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009236.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009237.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009238.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009239.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009240.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009241.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009242.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009243.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009244.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009245.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009246.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009247.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009248.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009249.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009250.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009251.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009252.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009253.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009254.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009255.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009256.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009257.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009258.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009259.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009260.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009261.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009262.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009263.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009264.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009265.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009266.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009267.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009268.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009269.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009270.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009271.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009272.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009273.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009274.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009275.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009276.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009277.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009278.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009279.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009280.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009281.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009282.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009283.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009284.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009285.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009286.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009287.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009288.EXE
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009289.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009290.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009291.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009292.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009293.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009294.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009295.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009296.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009297.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009298.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009299.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009300.exe
Supprimé ! D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP40\A0009460.exe

################## | Registre |

################## | Mountpoints2 |

################## | Listing des fichiers présent |

[08/12/2008 11:03|--a------|0] C:\AUTOEXEC.BAT
[17/04/2010 15:01|-rahs----|216] C:\boot.ini
[14/04/2008 14:00|-rahs----|4952] C:\Bootfont.bin
[08/12/2008 11:03|--a------|0] C:\CONFIG.SYS
[08/12/2008 11:03|-rahs----|0] C:\IO.SYS
[08/12/2008 11:03|-rahs----|0] C:\MSDOS.SYS
[14/04/2008 14:00|-rahs----|47564] C:\NTDETECT.COM
[14/04/2008 14:00|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[16/05/2010 15:36|--a------|17599] C:\UsbFix.txt
[20/10/2008 14:10|--ah-----|69] D:\Desktop.ini
[28/11/2008 08:33|-rah-----|20] D:\language.ini
[14/04/2008 06:00|-rah-----|47564] D:\ntdetect.com
[14/04/2008 06:00|-rah-----|263504] D:\ntldr
[17/09/2008 05:41|-rah-----|422] D:\pcdr.ini

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# G:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | ! Fin du rapport # UsbFix V6.113 ! |

Réponse 34 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Très bien.
Je te laisse poursuivre.

Réponse 35 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Ok

Réponse 36 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4105

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16/05/2010 16:41:46
mbam-log-2010-05-16 (16-41-46).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 170108
Temps écoulé: 34 minute(s), 31 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 22

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\UsbFix\Quarantine\C\Documents and Settings\HP_Administrator\Mes documents\LimeWire\Incomplete\T-14070808-Lime Wire Pro 4.18.8.exe.UsbFix (Adware.Agent) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP36\A0008251.EXE (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\D\Minint\SYSTEM32\SVCHOST.EXE.UsbFix (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\UsbFix\Quarantine\D\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009259.EXE.UsbFix (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP32\A0006800.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP33\A0007815.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP36\A0008083.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP36\A0008117.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP36\A0008166.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008745.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008792.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008841.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008891.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009009.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008984.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009018.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0009185.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP40\A0009387.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP36\A0008287.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP37\A0008503.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008552.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{490C91B5-BD98-4260-8479-C80CD2F9C461}\RP38\A0008624.dll (Worm.Mabezat) -> Quarantined and deleted successfully.

Réponse 37 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Très bien.
Tout ce qui a été trouvé se situait dans la quarantaine ou dans la restauration système.

*********

Génère un nouveau rapport RSIT et envoie-le.

Réponse 38 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Stp explique moi ce que je dois faire? Et je voulais aussi te dire que quand l'ordi s'est redemarer j'ai ça comme message qui veut pas partir: Exception Processing c0000013 Parameters 75 afbf7 4 75 afbf7c 75 afbf7c

Réponse 39 / 125

crapoulou Messages postés 28195 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention 8 013

Pour le message d'erreur, on verra plus tard s'il persiste.
Fais ceci :
https://forums.commentcamarche.net/forum/affich-17738811-infection-tazebama-dl-aidez-moi-svp?full#16

Réponse 40 / 125

naiseby Messages postés 91 Date d'inscription Statut Membre Dernière intervention

Pour le rapport RSIT

http://www.cijoint.fr/cjlink.php?file=cj201005/cijwM7bLNl.txt

Infection tazebama.dl_ Aidez moi svp

125 réponses

Votre réponse

Discussions similaires