Ctfmon, phime2002a, nvcpldeamon et autres...

Fadoz Messages postés 6 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

Bon voila, mon pc (portable) est vieux et rame pas mal, j'ai essayé de le booster un peu et je suis tombée sur ces petites choses (ctfmon, phime2002a, nvcpldeamon) dans mes démarrage. Qu'est ce que c'est ? des virus? des log microsoft?

Je pense que la lenteur vient de son "age" car mon antivirus (AVG) n'a rien détecté de suspect depuis un moment. Mais j'ai parfois des 'beug' : page internet qui se ferme sans raison, dossiers ou fichier que je ne peux suppr., ou logiciel qui bloque.
Je me demande si je n'ai pas un virus.

On m'a conseillé de poster ici un logefile de hijackthis pour obtenir de l'aide.
Savoir ce que sont les log nommés plus haut.
Savoir si oui ou il y a un virus sur mon pc, et sinon/sioui comment le booster un peu.

Merci de votre aide

Logfile of HijackThis v1.99.1
Scan saved at 03:17:13, on 08/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\ozeray\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\ozeray\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

10 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt colle un rapport de recherche avec le logiciel malwarebyte antimalware après l'avoir mis à jour

    a plus
    0
  2. Fadoz Messages postés 6 Statut Membre
     
    Voila le rapport de recherche :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5072

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    08/11/2010 12:33:03
    mbam-log-2010-11-08 (12-33-03).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 141569
    Temps écoulé: 13 minute(s), 32 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 10
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.74.0 (Adware.Zango) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\awbeta\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken.

    Dossier(s) infecté(s):
    C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.

    Fichier(s) infecté(s):
    C:\Program Files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll (Adware.Seekmo) -> No action taken.

    Merci encore!
    0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    il faut supprimer ce qui est trouvé

    puis

    Télécharge OTL de OLDTimer ici :

    http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

    et enregistre le sur ton Bureau.

    Double clic sur OTL.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant "scan all users"

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    Pour me le transmettre clique sur ce lien :

    http://www.cijoint.fr/

    Clique sur Parcourir et cherche le fichier ci-dessus.

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.
    0
  4. Fadoz Messages postés 6 Statut Membre
     
    VOila le lien du fichier OTL.txt

    http://www.cijoint.fr/cjlink.php?file=cj201011/cij1s9Wfny.txt

    Par contre OTL a ouvert un 2ème fichier bloc note nommé extra.txt, dois-je le poster aussi?
    Merci!
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok

    branche tes supports externes et colle un rapport de nettoyage avec le logiciel usbfix
    http://www.teamxscript.org/usbfix.html

    puis colle un rapport de nettoyage avec ad remover
    http://www.teamxscript.org/tools.html

    puis

    Mettre a jour java:
    https://javara.fr.malavida.com/

    Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
    Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
    Double-clique sur le répertoire JavaRa obtenu.
    Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
    Clique sur Search For Updates.
    Sélectionne Update Using jucheck.exe puis clique sur Search.
    Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
    Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
    Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
    Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
    (c:\JavaRa.log)
    Ferme l'application.

    si cela ne fonctionne pas

    https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80

    tu peux désinstaller les vieilles versions.

    ________________

    puis mettre la dernière version d'AVG antivirus: la version 10 !!!

    a plus
    0
  7. Fadoz Messages postés 6 Statut Membre
     
    Déjà pour ce qui est de nettoyage d'usb fix et ad remover
    usbfix:
    ############################## | UsbFix 7.034 | [Recherche]

    Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
    Mis à jour le 25/10/10 par El Desaparecido / C_XX
    Lancé à 18:45:01 | 08/11/2010
    Site Web: http://www.teamxscript.org
    Contact: eldesaparecido@teamxscript.org

    CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
    CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702

    Pare-feu Windows: Activé
    Antivirus: AVG Anti-Virus Free 9.0 [(!) Disabled | Updated]
    RAM -> 1022 Mo
    C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 35%) [ACER] # FAT32
    D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
    E:\ -> CD-ROM
    F:\ -> CD-ROM
    H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS

    ################## | Éléments infectieux |

    Présent! C:\DOCUME~1\ozeray\LOCALS~1\Temp\IXP000.TMP

    ################## | Registre |

    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDesktop
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFind
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun
    Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoViewContextMenu

    ################## | Mountpoints2 |

    HKCU\.\.\.\.\Explorer\MountPoints2\{746c0ec2-53d1-11dc-b73f-0013021868bb}
    Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL OzERAY.EXE

    HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}
    Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NdKol.EXe

    HKCU\.\.\.\.\Explorer\MountPoints2\{a669bb1c-55d8-11de-b9af-0013021868bb}
    Shell\AutoRun\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
    Shell\OpEN\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe

    HKCU\.\.\.\.\Explorer\MountPoints2\{fb120a2e-95ef-11dd-b82c-0013021868bb}
    Shell\AutoRun\Command = F:\WD_Windows_Tools\Setup.exe

    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné!

    ################## | E.O.F |

    ad remover :

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 07/11/10 à 01:00
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:52:20 le 08/11/2010, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    ozeray@FANNYOZERAY ( )

    ============== ACTION(S) ==============

    Fichier supprimé: C:\Program Files\Mozilla FireFox\regxpcom.exe

    (!) -- Fichiers temporaires supprimés.

    -- Fichier ouvert: C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
    Ligne supprimée:
    Ligne supprimée:
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&Sea...
    -- Fichier Fermé --

    Clé supprimée: HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788E535-897B-463d-B6D6-FEE5B86EC144}
    Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
    Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
    Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
    Clé supprimée: HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
    Clé supprimée: HKLM\Software\Classes\Interface\{1B8DF249-91E2-4179-A57A-F8A11F9ABB3C}
    Clé supprimée: HKLM\Software\Classes\Interface\{49B68757-5EFE-4C09-A528-F481F70D7A4A}
    Clé supprimée: HKLM\Software\Classes\Interface\{6FE1ECBE-6690-4728-B66A-45424A4F59DA}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings

    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.12 (fr)] **

    -- C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
    browser.download.lastDir, C:\\Documents and Settings\\ozeray\\Bureau\\Nouveau dossier\\hp7\\Sosie
    browser.search.defaultenginename, Yahoo! Search
    browser.startup.homepage, www.google.fr
    browser.startup.homepage_override.mstone, rv:1.9.2.12
    keyword.URL, hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=

    ========================================

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Custom Search URL: 1
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 08/11/2010 (3830 Octet(s))
    C:\Ad-Report-CLEAN[1].txt - 08/11/2010 (867 Octet(s))

    Fin à: 18:53:33, 08/11/2010

    ============== E.O.F ==============
    0
  8. Fadoz Messages postés 6 Statut Membre
     
    et le rapport de java :

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Nov 08 19:19:06 2010

    Found and removed: C:\Program Files\Java\jre1.5.0_10

    Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_11

    Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_13

    Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_15

    Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_16

    Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_17

    Found and removed: Software\JavaSoft\Java2D\1.5.0_06

    Found and removed: Software\JavaSoft\Java2D\1.5.0_09

    Found and removed: Software\JavaSoft\Java2D\1.5.0_10

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

    JavaRa 1.16 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Mon Nov 08 19:19:25 2010

    ------------------------------------

    Finished reporting.
    0
  9. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    pour usbfix tu as fais une recherche et non un nettoyage ...

    a plus

    puis mets à jour avg

    puis dis nous comment va ton pc et si avg trouve des infections (si il en trouve colle nous le rapport)

    a plus
    0
  10. Fadoz Messages postés 6 Statut Membre
     
    Voila le rapport de nettoyage d'usbfix
    ############################## | UsbFix 7.034 | [Suppression]

    Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
    Mis à jour le 25/10/10 par El Desaparecido / C_XX
    Lancé à 10:27:50 | 13/11/2010
    Site Web: http://www.teamxscript.org
    Contact: eldesaparecido@teamxscript.org

    CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
    CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702

    Pare-feu Windows: Activé
    Antivirus: AVG Anti-Virus Free Edition 2011 10.0 [(!) Disabled | Updated]
    RAM -> 1022 Mo
    C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 34%) [ACER] # FAT32
    D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
    E:\ -> CD-ROM
    F:\ -> CD-ROM
    H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS

    ################## | Éléments infectieux |

    Supprimé! H:\$RECYCLE.BIN\S-1-5-21-1597008263-1911753700-599847662-1000
    Supprimé! H:\$RECYCLE.BIN\S-1-5-21-344904952-3433875832-3459217552-1000
    Supprimé! H:\Recycler\S-1-5-21-868838754-2457959687-1053659783-1006

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}

    ################## | Listing |

    [15/10/2004 - 11:33:18 | D ] C:\I386
    [15/10/2004 - 11:36:38 | D ] C:\DOCS
    [15/10/2004 - 11:36:38 | D ] C:\DOTNETFX
    [15/10/2004 - 11:36:48 | D ] C:\SUPPORT
    [15/10/2004 - 11:36:52 | D ] C:\VALUEADD
    [02/02/2009 - 11:52:04 | D ] C:\FOUND.000
    [15/10/2004 - 11:37:00 | D ] C:\ELEMENTS
    [15/10/2004 - 11:47:16 | D ] C:\WINDOWS
    [15/10/2004 - 11:51:22 | D ] C:\Documents and Settings
    [15/10/2004 - 11:59:30 | D ] C:\Program Files
    [14/04/2006 - 15:58:10 | D ] C:\BOOK
    [14/04/2006 - 18:58:10 | D ] C:\sysinfo
    [15/10/2004 - 11:41:16 | N | 512] C:\BOOTSECT.DOS
    [05/08/2004 - 05:00:00 | N | 4952] C:\Bootfont.bin
    [18/04/2009 - 23:40:54 | N | 252240] C:\ntldr
    [05/08/2004 - 05:00:00 | N | 47564] C:\NTDETECT.COM
    [18/04/2009 - 23:22:20 | N | 216] C:\boot.ini
    [15/10/2004 - 12:01:06 | N | 0] C:\IO.SYS
    [15/10/2004 - 12:01:06 | N | 0] C:\MSDOS.SYS
    [14/04/2006 - 15:59:44 | N | 4] C:\wps.dat
    [14/04/2006 - 18:57:12 | N | 65] C:\Preload.rev
    [14/04/2006 - 18:57:12 | N | 65] C:\preload.aaa
    [18/02/2009 - 15:30:10 | D ] C:\FOUND.001
    [21/04/2006 - 15:51:14 | N | 1210] C:\Patch.rev
    [13/11/2010 - 09:55:32 | ASH | 1610612736] C:\pagefile.sys
    [24/07/2006 - 23:25:20 | SHD ] C:\System Volume Information
    [12/11/2008 - 13:42:36 | N | 115343872] C:\eDS_PSD_drive.vmdf
    [05/03/2009 - 23:34:52 | D ] C:\FOUND.002
    [07/03/2009 - 02:37:22 | D ] C:\FOUND.003
    [24/07/2009 - 19:17:40 | D ] C:\FOUND.004
    [24/07/2006 - 23:31:54 | D ] C:\Acer
    [13/04/2010 - 17:25:48 | D ] C:\FOUND.007
    [22/04/2010 - 11:30:26 | D ] C:\FOUND.008
    [30/12/2007 - 21:43:26 | D ] C:\FOUND.010
    [11/02/2008 - 12:30:14 | D ] C:\FOUND.011
    [01/10/2009 - 10:35:56 | D ] C:\FOUND.005
    [17/01/2010 - 11:53:56 | D ] C:\FOUND.006
    [13/11/2010 - 09:55:34 | ASH | 1071828992] C:\hiberfil.sys
    [06/04/2010 - 23:02:14 | D ] C:\$AVG
    [30/04/2010 - 00:10:22 | D ] C:\FOUND.009
    [08/11/2010 - 18:41:24 | D ] C:\UsbFix
    [08/11/2010 - 19:19:28 | N | 8150] C:\JavaRa.log
    [08/11/2010 - 21:04:00 | RASHD ] C:\Autorun.inf
    [13/11/2010 - 10:26:22 | N | 1162] C:\UsbFix.txt
    [08/11/2010 - 21:04:02 | N | 119815] C:\UsbFix_Upload_Me_FANNYOZERAY.zip
    [24/07/2006 - 19:39:22 | SHD ] C:\Recycled
    [22/05/2008 - 10:35:04 | N | 244] C:\sqmnoopt00.sqm
    [22/05/2008 - 10:35:04 | N | 232] C:\sqmdata00.sqm
    [22/05/2008 - 10:46:00 | N | 244] C:\sqmnoopt01.sqm
    [22/05/2008 - 10:46:00 | N | 232] C:\sqmdata01.sqm
    [22/05/2008 - 11:54:26 | N | 244] C:\sqmnoopt02.sqm
    [22/05/2008 - 11:54:26 | N | 232] C:\sqmdata02.sqm
    [23/05/2008 - 19:22:02 | N | 244] C:\sqmnoopt03.sqm
    [23/05/2008 - 19:22:02 | N | 232] C:\sqmdata03.sqm
    [23/05/2008 - 19:23:02 | N | 244] C:\sqmnoopt04.sqm
    [23/05/2008 - 19:23:02 | N | 232] C:\sqmdata04.sqm
    [23/05/2008 - 19:26:04 | N | 244] C:\sqmnoopt05.sqm
    [23/05/2008 - 19:26:04 | N | 232] C:\sqmdata05.sqm
    [23/05/2008 - 19:27:32 | N | 244] C:\sqmnoopt06.sqm
    [23/05/2008 - 19:27:32 | N | 232] C:\sqmdata06.sqm
    [30/06/2008 - 20:03:12 | N | 244] C:\sqmnoopt07.sqm
    [30/06/2008 - 20:03:12 | N | 268] C:\sqmdata07.sqm
    [15/07/2008 - 20:22:12 | N | 244] C:\sqmnoopt08.sqm
    [15/07/2008 - 20:22:12 | N | 268] C:\sqmdata08.sqm
    [15/07/2008 - 20:24:36 | N | 244] C:\sqmnoopt09.sqm
    [15/07/2008 - 20:24:36 | N | 232] C:\sqmdata09.sqm
    [20/01/2009 - 11:25:12 | N | 244] C:\sqmnoopt10.sqm
    [20/01/2009 - 11:25:12 | N | 268] C:\sqmdata10.sqm
    [20/05/2008 - 21:03:50 | N | 244] C:\sqmnoopt11.sqm
    [20/05/2008 - 21:03:50 | N | 232] C:\sqmdata11.sqm
    [21/05/2008 - 15:15:46 | N | 244] C:\sqmnoopt12.sqm
    [21/05/2008 - 15:15:46 | N | 232] C:\sqmdata12.sqm
    [21/05/2008 - 15:24:28 | N | 244] C:\sqmnoopt13.sqm
    [21/05/2008 - 15:24:28 | N | 232] C:\sqmdata13.sqm
    [21/05/2008 - 15:24:42 | N | 244] C:\sqmnoopt14.sqm
    [21/05/2008 - 15:24:42 | N | 232] C:\sqmdata14.sqm
    [21/05/2008 - 15:42:34 | N | 244] C:\sqmnoopt15.sqm
    [21/05/2008 - 15:42:34 | N | 232] C:\sqmdata15.sqm
    [21/05/2008 - 18:10:56 | N | 244] C:\sqmnoopt16.sqm
    [21/05/2008 - 18:10:56 | N | 232] C:\sqmdata16.sqm
    [21/05/2008 - 19:09:26 | N | 244] C:\sqmnoopt17.sqm
    [21/05/2008 - 19:09:26 | N | 232] C:\sqmdata17.sqm
    [21/05/2008 - 19:09:34 | N | 244] C:\sqmnoopt18.sqm
    [21/05/2008 - 19:09:34 | N | 232] C:\sqmdata18.sqm
    [03/09/2006 - 20:03:58 | N | 0] C:\adorage-protocol.txt
    [22/05/2008 - 10:29:20 | N | 244] C:\sqmnoopt19.sqm
    [22/05/2008 - 10:29:20 | N | 232] C:\sqmdata19.sqm
    [01/09/2006 - 11:11:22 | D ] C:\Config.Msi
    [24/05/2001 - 12:59:30 | N | 162304] C:\UNWISE.EXE
    [08/10/2006 - 16:56:02 | N | 1120] C:\INSTALL.LOG
    [08/11/2010 - 17:50:06 | D ] D:\ZIP
    [24/07/2006 - 23:27:30 | SHD ] D:\System Volume Information
    [08/11/2010 - 21:04:00 | RASHD ] D:\Autorun.inf
    [17/10/2009 - 11:06:22 | D ] D:\KompoZer-0.8b1
    [08/08/2010 - 14:08:40 | N | 3027] D:\Français.lng
    [06/03/2010 - 21:56:10 | D ] D:\Notepad++
    [06/04/2010 - 23:02:14 | D ] D:\$AVG
    [09/01/2010 - 19:08:38 | D ] D:\BSplayer
    [21/03/2010 - 19:20:12 | D ] D:\FileZilla-3.3.2.1
    [14/10/2010 - 17:59:40 | N | 351259] D:\JavaRa.def
    [09/08/2010 - 19:02:06 | N | 641473] D:\JavaRa.exe
    [07/11/2010 - 21:13:18 | D ] D:\Rapid CSS 2010
    [08/11/2010 - 12:12:04 | D ] D:\Malwarebytes' Anti-Malware
    [24/07/2006 - 19:30:44 | RHD ] D:\MSOCache
    [08/11/2010 - 02:21:02 | D ] D:\Ccleaner
    [24/07/2006 - 19:40:48 | SHD ] D:\Recycled
    [07/11/2008 - 00:18:42 | D ] D:\Daemon Tool
    [04/12/2008 - 17:48:44 | D ] D:\Open Office
    [18/02/2009 - 15:07:56 | D ] D:\PDFCreator
    [13/11/2010 - 10:29:44 | SHD ] H:\$RECYCLE.BIN
    [07/11/2010 - 21:35:15 | D ] H:\Bibliothèque
    [08/12/2008 - 16:56:26 | D ] H:\C.G.U
    [16/06/2009 - 21:45:19 | D ] H:\CV
    [15/10/2008 - 16:07:25 | D ] H:\donjon-saison1
    [18/02/2009 - 21:51:50 | D ] H:\DVix
    [22/09/2009 - 12:23:20 | D ] H:\Ecrits
    [27/10/2010 - 23:12:36 | D ] H:\en vrac
    [11/06/2009 - 17:36:17 | D ] H:\How I Met Your Mother
    [05/10/2010 - 22:04:41 | D ] H:\Musique
    [07/11/2010 - 21:45:02 | D ] H:\Nouveau dossier
    [08/12/2008 - 16:56:08 | D ] H:\numérisation des albums
    [05/10/2010 - 21:29:14 | D ] H:\Photos
    [27/10/2010 - 23:12:14 | D ] H:\PLURIELLE
    [30/01/2009 - 01:10:41 | D ] H:\Recorded TV
    [13/11/2010 - 10:29:44 | SHD ] H:\RECYCLER
    [15/10/2008 - 16:39:31 | D ] H:\SPREV
    [30/10/2008 - 21:10:53 | SHD ] H:\System Volume Information
    [27/10/2010 - 23:10:49 | D ] H:\Vidéo

    ################## | Vaccin |

    C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
    D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
    H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

    ################## | Upload |

    Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_FANNYOZERAY.zip
    http://www.teamxscript.org/Sample/Upload.php
    Merci de votre contribution.

    ################## | E.O.F |

    Bon pc semble allez mieux!!! Il s'allume plus vite, et je n'ai, pour l'instant, pas eu de pb genre fermeture de page, ou logiviel bloqué!!!
    J'ai pas encore pris le tps de réinstaller un de mes jeux pour voir si il tourne mieux! Mais je pense que oui!

    Merci encore pour ton aide!!!

    Ps : pour avg j'ai pas pensé à sauvgarder le rapport qd j'ai lancé l'anlyse T_T tanpis!!!
    0
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok
    AVG trouvait des infections?

    si oui repasse le

    pour supprimer ce qui a été désinstallé:
    http://www.commentcamarche.net/faq/24877-supprimer-les-logiciels-de-desinfection
    0