Sujet Précédent Sujet Suivant

Virus qui càche mes dossiers...

pur3.pwnag3 -  
 Utilisateur anonyme -
Bonjour,

j,ài depuis peu un virus qui me bouffe tout mà ràm et càche tout les fichier de mon ordinàteur. j,ài àussi un probleme lorsque je fàit des recherches sur le moteur de recherche google càr lorsque que je clique sur un lien, mon ordinàteur me redirige vers un site màlvàillànt. j,àuràis donc besoin de votre àide pour supprimer ces deux virus ou probleme.

merci d,àvànce,
pur3.pwnàg3

p.s ; désoler pour les fàute comme le à ou les ,... là touche shift et là touche a sont briséés.

A voir également:

11 réponses

Réponse 1 / 11
Utilisateur anonyme
 
salut

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : télécharger la derniere version

▶ relance-le

choisis : lancer le nettoyage

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 2 / 11
pur3.pwnag3
 
merci de tà réponse ràpide.

voilà le ràpport ;

2011/05/03 19:27:55.0626 5260 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/03 19:27:56.0471 5260 ================================================================================
2011/05/03 19:27:56.0471 5260 SystemInfo:
2011/05/03 19:27:56.0471 5260
2011/05/03 19:27:56.0471 5260 OS Version: 6.0.6001 ServicePack: 1.0
2011/05/03 19:27:56.0471 5260 Product type: Workstation
2011/05/03 19:27:56.0471 5260 ComputerName: SHEAN-PC
2011/05/03 19:27:56.0471 5260 UserName: Shean
2011/05/03 19:27:56.0471 5260 Windows directory: C:\Windows
2011/05/03 19:27:56.0471 5260 System windows directory: C:\Windows
2011/05/03 19:27:56.0471 5260 Processor architecture: Intel x86
2011/05/03 19:27:56.0471 5260 Number of processors: 2
2011/05/03 19:27:56.0471 5260 Page size: 0x1000
2011/05/03 19:27:56.0471 5260 Boot type: Normal boot
2011/05/03 19:27:56.0471 5260 ================================================================================
2011/05/03 19:28:17.0472 5260 Initialize success
2011/05/03 19:28:29.0958 4480 ================================================================================
2011/05/03 19:28:29.0958 4480 Scan started
2011/05/03 19:28:29.0958 4480 Mode: Manual;
2011/05/03 19:28:29.0958 4480 ================================================================================
2011/05/03 19:28:44.0861 4480 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/05/03 19:28:45.0081 4480 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/03 19:28:45.0157 4480 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/03 19:28:45.0307 4480 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/03 19:28:45.0351 4480 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/03 19:28:45.0492 4480 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/05/03 19:28:45.0789 4480 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/05/03 19:28:45.0998 4480 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/05/03 19:28:46.0116 4480 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/03 19:28:46.0243 4480 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/05/03 19:28:46.0376 4480 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/05/03 19:28:46.0434 4480 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/05/03 19:28:46.0540 4480 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/03 19:28:46.0792 4480 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/03 19:28:47.0210 4480 ApfiltrService (95116e2bcfaf5a36af0369050e92b9a5) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/03 19:28:47.0841 4480 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/03 19:28:48.0114 4480 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/03 19:28:48.0446 4480 aswex (fe822721c9fbd1876108143c6896556b) C:\Windows\system32\drivers\aswex.sys
2011/05/03 19:28:48.0783 4480 aswFsBlk (9bdb29e81abceb883556df44649696c4) C:\Windows\system32\drivers\aswFsBlk.sys
2011/05/03 19:28:48.0960 4480 aswMonFlt (a80fb17ce4ed7af4a5f24aaa753e4168) C:\Windows\system32\drivers\aswMonFlt.sys
2011/05/03 19:28:49.0244 4480 aswRdr (a90cf680ca7a323913ca3a0810c8e02d) C:\Windows\system32\drivers\aswRdr.sys
2011/05/03 19:28:49.0574 4480 aswSnx (f7969934cca2e566e95df17380a3cb11) C:\Windows\system32\drivers\aswSnx.sys
2011/05/03 19:28:50.0023 4480 aswSP (478d6a0e0630c31bf4a7f5eb0a05b92c) C:\Windows\system32\drivers\aswSP.sys
2011/05/03 19:28:51.0328 4480 aswTdi (e52e45743e27fd6184c55618a10b81ab) C:\Windows\system32\drivers\aswTdi.sys
2011/05/03 19:28:51.0707 4480 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/03 19:28:51.0944 4480 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/05/03 19:28:52.0629 4480 athr (6046a55f79de9c581b8d5e9c1366cc81) C:\Windows\system32\DRIVERS\athr.sys
2011/05/03 19:28:53.0970 4480 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/03 19:28:54.0512 4480 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/03 19:28:54.0769 4480 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/03 19:28:55.0147 4480 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/03 19:28:55.0423 4480 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/03 19:28:55.0546 4480 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/03 19:28:55.0797 4480 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/03 19:28:55.0980 4480 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/03 19:28:56.0411 4480 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/03 19:28:56.0691 4480 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/03 19:28:56.0931 4480 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/03 19:28:57.0014 4480 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/05/03 19:28:57.0472 4480 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/03 19:28:57.0952 4480 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/05/03 19:28:58.0244 4480 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/03 19:28:58.0478 4480 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/03 19:28:58.0606 4480 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/03 19:28:58.0793 4480 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys
2011/05/03 19:28:59.0024 4480 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/05/03 19:28:59.0228 4480 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/05/03 19:28:59.0646 4480 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/03 19:28:59.0791 4480 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/05/03 19:29:00.0087 4480 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/03 19:29:00.0405 4480 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/05/03 19:29:00.0570 4480 dtcdrom (95306f47472c88f492d78a55f1a52485) C:\Windows\system32\drivers\dtcdrom.sys
2011/05/03 19:29:00.0836 4480 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/03 19:29:01.0237 4480 e1express (2269390a8af6e2c1c381cc15afccf0ac) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/05/03 19:29:01.0591 4480 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/03 19:29:02.0047 4480 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/05/03 19:29:02.0315 4480 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/03 19:29:03.0303 4480 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/05/03 19:29:04.0131 4480 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/05/03 19:29:04.0356 4480 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/03 19:29:04.0775 4480 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/05/03 19:29:05.0109 4480 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/05/03 19:29:06.0195 4480 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/03 19:29:06.0811 4480 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/05/03 19:29:07.0113 4480 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/03 19:29:08.0178 4480 fvevol (1400c747e2b73966b100fdce5426b7b2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/03 19:29:08.0959 4480 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/03 19:29:09.0188 4480 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/03 19:29:09.0707 4480 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/05/03 19:29:10.0683 4480 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/03 19:29:11.0318 4480 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/03 19:29:11.0753 4480 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/03 19:29:12.0385 4480 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/03 19:29:12.0759 4480 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/03 19:29:13.0463 4480 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/03 19:29:14.0239 4480 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/05/03 19:29:15.0315 4480 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/03 19:29:16.0206 4480 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/03 19:29:16.0574 4480 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/03 19:29:17.0706 4480 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/03 19:29:18.0659 4480 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/03 19:29:19.0959 4480 IntcAzAudAddService (2cbda4ac3ca4f300830e8650acda1e0b) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/03 19:29:20.0946 4480 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/05/03 19:29:21.0769 4480 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/03 19:29:22.0937 4480 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/03 19:29:23.0582 4480 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/03 19:29:24.0328 4480 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/05/03 19:29:24.0783 4480 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/05/03 19:29:25.0509 4480 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/03 19:29:26.0012 4480 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/03 19:29:26.0154 4480 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/03 19:29:26.0588 4480 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/03 19:29:27.0445 4480 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/03 19:29:28.0509 4480 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/03 19:29:29.0717 4480 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/05/03 19:29:30.0003 4480 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/03 19:29:30.0534 4480 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/05/03 19:29:31.0092 4480 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/03 19:29:31.0553 4480 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/03 19:29:32.0374 4480 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/03 19:29:33.0113 4480 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/05/03 19:29:34.0437 4480 LVUSBSta (f7e15f2fe7790733df86e95a76556389) C:\Windows\system32\DRIVERS\LVUSBSta.sys
2011/05/03 19:29:35.0403 4480 LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/05/03 19:29:36.0469 4480 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/03 19:29:37.0320 4480 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/05/03 19:29:37.0938 4480 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/03 19:29:38.0435 4480 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/03 19:29:38.0913 4480 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/03 19:29:39.0303 4480 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/05/03 19:29:40.0708 4480 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/03 19:29:40.0980 4480 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/03 19:29:41.0365 4480 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/03 19:29:41.0668 4480 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/05/03 19:29:42.0047 4480 mrxnt (b7c0cf2eefc674c296bd9bb0cd44fce5) C:\Windows\system32\drivers\mrxnt.sys
2011/05/03 19:29:42.0242 4480 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/03 19:29:42.0466 4480 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/03 19:29:42.0820 4480 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/03 19:29:43.0044 4480 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/05/03 19:29:43.0180 4480 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/03 19:29:43.0263 4480 msdsm2k (b5921b2c2dfa25048b089d42b9ddba46) C:\Windows\system32\drivers\msdsm2k.sys
2011/05/03 19:29:43.0515 4480 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/05/03 19:29:43.0766 4480 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/05/03 19:29:43.0917 4480 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/03 19:29:44.0101 4480 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/03 19:29:44.0279 4480 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/05/03 19:29:44.0372 4480 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/05/03 19:29:44.0537 4480 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/03 19:29:44.0709 4480 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/05/03 19:29:44.0884 4480 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/05/03 19:29:45.0139 4480 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/03 19:29:45.0460 4480 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/05/03 19:29:46.0288 4480 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/03 19:29:46.0722 4480 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/03 19:29:46.0936 4480 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/03 19:29:47.0115 4480 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/05/03 19:29:47.0347 4480 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/03 19:29:47.0504 4480 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/03 19:29:48.0027 4480 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/05/03 19:29:48.0350 4480 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/03 19:29:48.0454 4480 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/05/03 19:29:48.0695 4480 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/03 19:29:49.0212 4480 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/05/03 19:29:49.0511 4480 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/03 19:29:49.0610 4480 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/05/03 19:29:49.0706 4480 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/03 19:29:49.0860 4480 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/03 19:29:49.0935 4480 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/05/03 19:29:50.0390 4480 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/05/03 19:29:51.0031 4480 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/03 19:29:51.0203 4480 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/05/03 19:29:51.0334 4480 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/03 19:29:51.0439 4480 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/05/03 19:29:51.0517 4480 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/05/03 19:29:51.0886 4480 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/03 19:29:52.0216 4480 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/03 19:29:52.0490 4480 PortTalk (7d5a2d755b6c6579f63657b527d6ff1b) C:\Windows\system32\Drivers\PortTalk.sys
2011/05/03 19:29:52.0572 4480 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/03 19:29:52.0659 4480 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/03 19:29:52.0755 4480 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/03 19:29:52.0986 4480 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/03 19:29:53.0077 4480 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/03 19:29:53.0259 4480 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/03 19:29:53.0357 4480 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/03 19:29:53.0449 4480 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/03 19:29:53.0578 4480 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/03 19:29:53.0718 4480 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/03 19:29:53.0907 4480 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/03 19:29:54.0158 4480 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/03 19:29:54.0326 4480 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/03 19:29:54.0466 4480 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/05/03 19:29:54.0894 4480 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/03 19:29:55.0316 4480 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/05/03 19:29:56.0087 4480 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/03 19:29:56.0453 4480 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/03 19:29:56.0613 4480 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/03 19:29:56.0780 4480 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/03 19:29:56.0981 4480 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/03 19:29:57.0366 4480 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/05/03 19:29:57.0884 4480 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/05/03 19:29:58.0372 4480 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/03 19:29:58.0882 4480 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/03 19:29:59.0460 4480 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/03 19:29:59.0984 4480 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/05/03 19:30:00.0371 4480 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/05/03 19:30:00.0461 4480 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/03 19:30:00.0599 4480 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/03 19:30:01.0176 4480 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/05/03 19:30:01.0801 4480 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/05/03 19:30:02.0348 4480 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/05/03 19:30:02.0348 4480 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/05/03 19:30:02.0358 4480 sptd - detected LockedFile.Multi.Generic (1)
2011/05/03 19:30:02.0779 4480 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
2011/05/03 19:30:02.0878 4480 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/03 19:30:02.0942 4480 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/03 19:30:03.0310 4480 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/03 19:30:03.0781 4480 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/03 19:30:04.0336 4480 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/03 19:30:04.0857 4480 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/03 19:30:06.0002 4480 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/05/03 19:30:07.0069 4480 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/03 19:30:07.0339 4480 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/03 19:30:07.0721 4480 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/05/03 19:30:07.0934 4480 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/05/03 19:30:08.0704 4480 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/03 19:30:09.0577 4480 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\Windows\system32\DRIVERS\teamviewervpn.sys
2011/05/03 19:30:10.0434 4480 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/03 19:30:10.0836 4480 Thpevm (ee6fe4f18657c6afed533a5d8fd4af5c) C:\Windows\system32\DRIVERS\Thpevm.SYS
2011/05/03 19:30:11.0109 4480 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
2011/05/03 19:30:12.0003 4480 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/03 19:30:12.0526 4480 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys
2011/05/03 19:30:13.0211 4480 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/03 19:30:13.0759 4480 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/03 19:30:14.0618 4480 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/03 19:30:15.0372 4480 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/03 19:30:15.0646 4480 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/03 19:30:16.0160 4480 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/03 19:30:17.0519 4480 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/03 19:30:17.0898 4480 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/03 19:30:18.0324 4480 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/03 19:30:19.0050 4480 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/03 19:30:19.0697 4480 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/03 19:30:20.0757 4480 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/03 19:30:21.0019 4480 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/03 19:30:22.0447 4480 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/03 19:30:23.0029 4480 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/03 19:30:23.0968 4480 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/05/03 19:30:24.0498 4480 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/03 19:30:25.0133 4480 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/03 19:30:25.0825 4480 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/03 19:30:26.0071 4480 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/03 19:30:26.0427 4480 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/03 19:30:26.0745 4480 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/05/03 19:30:27.0478 4480 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/05/03 19:30:28.0345 4480 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/03 19:30:29.0049 4480 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/05/03 19:30:29.0699 4480 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/05/03 19:30:30.0039 4480 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/05/03 19:30:30.0832 4480 volsnap (0b91f93264b06ee3fceba84ef4676995) C:\Windows\system32\drivers\volsnap.sys
2011/05/03 19:30:30.0840 4480 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: 0b91f93264b06ee3fceba84ef4676995, Fake md5: d8b4a53dd2769f226b3eb374374987c9
2011/05/03 19:30:30.0857 4480 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
2011/05/03 19:30:31.0804 4480 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/03 19:30:32.0640 4480 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/03 19:30:33.0112 4480 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 19:30:33.0139 4480 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 19:30:33.0731 4480 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/03 19:30:34.0980 4480 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/03 19:30:35.0962 4480 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/03 19:30:36.0711 4480 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/03 19:30:37.0435 4480 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/03 19:30:38.0355 4480 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/03 19:30:39.0742 4480 ================================================================================
2011/05/03 19:30:39.0742 4480 Scan finished
2011/05/03 19:30:39.0742 4480 ================================================================================
2011/05/03 19:30:39.0759 5716 Detected object count: 2
2011/05/03 19:31:26.0502 5716 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/03 19:31:26.0890 5716 volsnap (0b91f93264b06ee3fceba84ef4676995) C:\Windows\system32\drivers\volsnap.sys
2011/05/03 19:31:26.0893 5716 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: 0b91f93264b06ee3fceba84ef4676995, Fake md5: d8b4a53dd2769f226b3eb374374987c9
2011/05/03 19:32:07.0421 5716 Backup copy found, using it..
2011/05/03 19:32:21.0489 5716 C:\Windows\system32\drivers\volsnap.sys - will be cured after reboot
2011/05/03 19:32:21.0490 5716 Rootkit.Win32.TDSS.tdl3(volsnap) - User select action: Cure
2011/05/03 19:36:01.0231 4308 Deinitialize success
0
Réponse 3 / 11
Utilisateur anonyme
 
▶ Télécharge ici : USBFIX sur ton bureau

branche tous tes periphériques sans les ouvrir

/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :

▶ choisi l option Suppression

▶ UsbFix scannera ton pc , laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

0
Réponse 4 / 11
pur3.pwnag3
 
############################## | UsbFix 7.044 | [Deletion]

User: Shean (Administrator) # SHEAN-PC [TOSHIBA TECRA A9]
Updated 25/04/2011 by TeamXscript
Started at 20:24:52 | 03/05/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact:

CPU: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz
Microsoft® Windows Vista(TM) Ultimate (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 7.0.6001.18000

Windows Firewall: Disabled /!\
Antivirus: avast! Antivirus 5.0.83952505 [Enabled | Updated]
RAM -> 3062 Mb
C:\ (%systemdrive%) -> Fixed drive # 109 Gb (16 Mb free - 14%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Fixed drive # 233 Gb (51 Mb free - 22%) [Expansion Drive] # NTFS
J:\ -> CD-ROM
K:\ -> Removable drive # 14 Mb (0 Mb free - 2%) [HP_M440] # FAT
L:\ -> CD-ROM
M:\ -> Removable drive # 7 Gb (7 Mb free - 100%) [PUR3-PWNAG3] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-18
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-367221321-1266210883-2301966275-1000
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-367221321-1266210883-2301966275-1002
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-51003140-4199384537-3980697693-500

################## | Registry |

Deleted ! HKCU\Software\NtWqIVLZEWZU
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|google update

################## | Mountpoints2 |

################## | Listing |

[06/07/2010 - 18:20:18 | D ] C:\$AVG
[03/05/2011 - 20:26:40 | SHD ] C:\$Recycle.Bin
[13/01/2011 - 04:04:30 | D ] C:\16719acbdad582c178d4a142810349
[15/09/2010 - 03:05:22 | D ] C:\1ec789ded18eb1fd2be3dc51d82023
[13/10/2010 - 03:14:38 | D ] C:\1fd4e3ce467ad425bd32aafe55941385
[31/01/2011 - 16:25:07 | D ] C:\2c29df526c37eea38881ffcb94
[29/01/2011 - 12:38:54 | D ] C:\373228118b870683531952ed5b1fbbd4
[15/12/2010 - 04:05:24 | D ] C:\8d966aea5383b2fccc298eae59c8
[19/04/2011 - 21:45:23 | N | 0] C:\AdobeDebug.txt
[18/09/2006 - 17:43:36 | N | 24] C:\autoexec.bat
[29/01/2011 - 14:43:15 | SHD ] C:\Boot
[11/04/2009 - 02:36:36 | RASH | 333257] C:\bootmgr
[21/08/2010 - 22:30:27 | RAS | 8192] C:\BOOTSECT.BAK
[26/04/2011 - 20:30:43 | HD ] C:\Config.Msi
[18/09/2006 - 17:43:37 | N | 10] C:\config.sys
[24/10/2010 - 09:36:25 | N | 580] C:\DelFixSuppr.txt
[27/12/2010 - 01:26:52 | D ] C:\DFU
[02/11/2006 - 09:00:38 | SHD ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[19/09/2010 - 09:24:50 | D ] C:\Fraps
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[17/09/2010 - 17:03:18 | N | 171136] C:\grldr
[12/03/2011 - 21:16:01 | D ] C:\HammerAutosave
[03/05/2011 - 19:37:17 | ASH | 3211567104] C:\hiberfil.sys
[20/03/2011 - 14:38:04 | D ] C:\IDE
[07/11/2007 - 08:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll
[16/07/2010 - 11:35:22 | D ] C:\Intel
[24/01/2011 - 20:30:21 | N | 0] C:\IO.SYS
[24/01/2011 - 20:30:21 | N | 0] C:\MSDOS.SYS
[20/03/2011 - 14:29:12 | RHD ] C:\MSOCache
[04/08/2010 - 02:16:43 | D ] C:\Nexon
[03/05/2011 - 19:37:16 | ASH | 3525382144] C:\pagefile.sys
[20/07/2010 - 06:45:13 | D ] C:\PerfLogs
[03/05/2011 - 08:00:51 | D ] C:\Program Files
[03/05/2011 - 19:22:21 | HD ] C:\ProgramData
[24/01/2011 - 00:54:39 | D ] C:\Python26
[12/03/2011 - 23:55:07 | D ] C:\Riot Games
[05/04/2011 - 09:52:07 | SHD ] C:\System Volume Information
[26/03/2011 - 10:50:38 | D ] C:\temp
[03/05/2011 - 20:26:41 | D ] C:\UsbFix
[03/05/2011 - 20:25:01 | A | 4914] C:\UsbFix.txt
[06/04/2011 - 16:52:51 | D ] C:\Users
[20/02/2011 - 09:46:38 | D ] C:\UT2003Demo
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI
[26/01/2011 - 20:42:08 | D ] C:\wamp
[23/04/2011 - 08:59:22 | D ] C:\Windows
[15/09/2010 - 12:08:31 | D ] F:\Adobe Dreamweaver CS5 Multilingual
[20/03/2011 - 04:46:07 | D ] F:\Adobe.Premiere.Elements.v9.0.Multilingual.ESD.ISO-CORE
[23/08/2010 - 11:10:19 | D ] F:\Photoshop Brush Ron's Flame & traditionnal flames
[15/10/2010 - 15:42:42 | D ] F:\Photoshop Elements 9.0 +Crack.MDZELLE
[16/11/2010 - 20:01:12 | R | 3922566] F:\adobe acrobat pro x v10 0.bmp
[19/03/2011 - 17:34:19 | R | 3309206] F:\adobe premiere elements v9 0 iso fr.bmp
[10/03/2011 - 13:39:29 | R | 3315190] F:\photoshop 7 fr + no serie.bmp
[24/10/2010 - 18:42:45 | R | 6947478] F:\photoshop cs5 fr portable.bmp
[15/10/2010 - 11:18:01 | R | 4760326] F:\photoshop elements 9 0 +crack.bmp
[16/04/2011 - 15:36:38 | D ] K:\DCIM
[16/04/2011 - 15:36:38 | D ] K:\MISC

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
K:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_SHEAN-PC.zip
http://www.teamxscript.org/Upload.php
Thank you for your contribution.

################## | E.O.F |
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Utilisateur anonyme
 
▶ Télécharge ici : Ad-remover sur ton bureau :

▶ Déconnecte toi et ferme toutes applications en cours !

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

0
Réponse 6 / 11
pur3.pwnag3
 
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:49:43 on 03/05/2011, Normal boot

Microsoft® Windows Vista(TM) Ultimate Service Pack 1 (X86)
Shean SHEAN-PC (TOSHIBA TECRA A9)

============== ACTION(S) ==============

File deleted: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\searchplugins\alot-search.xml
Folder deleting error: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\extensions\toolbarask.com
File deleted: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\prefs.js.ask.bak
File deleted: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\searchplugins\ask.uk.xml
Folder deleting error: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\conduit
Folder deleted: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\ConduitEngine
Folder deleted: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\extensions\engineconduit.com
Folder deleted: C:\Users\Shean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
Folder deleted: C:\Program Files\Ask Search Assistant
Folder deleted: C:\Program Files\Ask.com
Folder deleted: C:\Users\Shean\AppData\LocalLow\AskToolbar

(!) -- Temporary files deleted.

-- File opened: C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default\Prefs.js --
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CA", "\"0\"")...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Line deleted: user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line deleted: user_pref("CommunityToolbar.EngineOwnerGuid", "engineconduit.com");
Line deleted: user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line deleted: user_pref("CommunityToolbar.IsEngineShown", true);
Line deleted: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2832594");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{6cba65db-3377-4af1-b6d8-2d57106ad569}");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "innogames_france");
Line deleted: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Line deleted: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 30 2011 08:13:02 GMT-04...
Line deleted: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line deleted: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 30 2011 07:39:40 GMT-0400 (Easte...
Line deleted: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.locale", "en");
Line deleted: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line deleted: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue May 03 2011 07:45:11 GMT-0400 (Eastern D...
Line deleted: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Line deleted: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line deleted: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line deleted: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line deleted: user_pref("CommunityToolbar.alert.userId", "596b84e4-d834-487d-8424-78d861c97ef7");
Line deleted: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line deleted: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line deleted: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon May 02 2011 07:45:12 GMT-0400 (Eastern Dayl...
Line deleted: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue May 03 2011 18:16:27 GMT-0400 (Eastern Da...
Line deleted: user_pref("ConduitEngine.FirstServerDate", "04/30/2011 15");
Line deleted: user_pref("ConduitEngine.FirstTime", true);
Line deleted: user_pref("ConduitEngine.FirstTimeFF3", true);
Line deleted: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line deleted: user_pref("ConduitEngine.HideEngineAfterRestart", false);
Line deleted: user_pref("ConduitEngine.Initialize", true);
Line deleted: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line deleted: user_pref("ConduitEngine.InstalledDate", "Mon Dec 13 2010 22:12:04 GMT-0500 (Eastern Standard Time)"...
Line deleted: user_pref("ConduitEngine.IsMulticommunity", false);
Line deleted: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line deleted: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line deleted: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue May 03 2011 07:45:12 GMT-0400 (Eastern Day...
Line deleted: user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Dec 13 2010 22:12:01 GMT-0500 (Eastern Standard Ti...
Line deleted: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue May 03 2011 18:16:26 GMT-0400 (Eastern Daylight Ti...
Line deleted: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line deleted: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line deleted: user_pref("ConduitEngine.SettingsLastCheckTime", "Tue May 03 2011 18:16:27 GMT-0400 (Eastern Dayligh...
Line deleted: user_pref("ConduitEngine.UserID", "UN61498619961249689");
Line deleted: user_pref("ConduitEngine.engineLocale", "fr");
Line deleted: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue May 03 2011 07:45:12 GMT-0400 (Easte...
Line deleted: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue May 03 2011 18:16:27 GMT-0400 (East...
Line deleted: user_pref("ConduitEngine.initDone", true);
Line deleted: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line deleted: user_pref("ConduitEngine.usagesFlag", 1);
Line deleted: user_pref("extensions.asktb.cbid", "RV");
Line deleted: user_pref("extensions.asktb.crumb", "2011.02.20+11.13.10-toolbar003iad-CA-U3QtSHViZXJ0LENhbmFkYQ%3D%...
Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...
Line deleted: user_pref("extensions.asktb.dtid", "YYYYYYYYCA");
Line deleted: user_pref("extensions.asktb.fresh-install", false);
Line deleted: user_pref("extensions.asktb.l", "dis");
Line deleted: user_pref("extensions.asktb.last-config-req", "1304423445247");
Line deleted: user_pref("extensions.asktb.locale", "en_US");
Line deleted: user_pref("extensions.asktb.o", "15863");
Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line deleted: user_pref("extensions.asktb.qsrc", "2871");
Line deleted: user_pref("extensions.asktb.r", "3");
Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);
Line deleted: user_pref("extensions.enabledAddons", "battlefieldplay4freeea.com:1.0.53.2,{a0d7ccb3-214d-498b-b4aa...
Line deleted: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{d10d0bf8-f5b5-c8...
Line deleted: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-...
-- File closed --

Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key deleted: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key deleted: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key deleted: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key deleted: HKCU\Software\Ask.com
Key deleted: HKCU\Software\AskSearchAsst
Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
Key deleted: HKLM\Software\GMABooster\OpenCandy
Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant
Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

Plugins\npijjiautoinstallpluginff.dll (NHN USA Inc.)
Plugins\npijjiFFPlugin1.dll (NHN USA Inc.)
HKLM_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

-- C:\Users\Shean\AppData\Roaming\Mozilla\FireFox\Profiles\tzmmvugg.default --
Extensions\battlefieldplay4freeea.com (Battlefield Play4Free)
Extensions\foxyproxyeric.h.jung (FoxyProxy Standard)
Extensions\toolbarask.com (?)
Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} (Flagfox)
Prefs.js - browser.download.lastDir, C:\\Users\\Shean\\Desktop
Prefs.js - browser.search.defaultenginename, Search the web (Babylon)
Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17240
Prefs.js - browser.search.selectedEngine, Search the web (Babylon)
Prefs.js - browser.startup.homepage, hxxp://www.google.ca/
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=adbartrp&AF=17240&q=

========================================

**** Google Chrome Version [11.0.696.60] ****

Extension\dhkplhfnhceodhffomolpfigojocbpcb (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx) (?)
Extension\fnjbmmemklcjgepojigaapkoodmkgbae (C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx) (?)
Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)
Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?)
Extension\nneajnkjbffgblleaoojgaacokifdkhm (C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx) (?)

-- C:\Users\Shean\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Live Search" (Enabled: true) (hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?})
Preferences - homepage: hxxp://search.babylon.com/home?AF=17240
Preferences - homepage_is_newtabpage: false
Plugin - Skype Toolbars (Enabled: true) (C:\Users\Shean\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6778_0\npSkypeChromePlugin.dll)
Plugin - RealJukebox NS Plugin (Enabled: true) (C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll)
Plugin - "Skype Toolbars" (Enabled: true)
Plugin - "ijji Web Launching Plugin for FF" (Enabled: true)
Plugin - "ijji Auto Install Plugin for Mozilla" (Enabled: true)
Plugin - "RealJukebox NS Plugin" (Enabled: true)

========================================

**** Internet Explorer Version [7.0.6001.18000] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll)
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\{08E8D305-8D6D-49fe-8603-03A926E46AE0} - C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe (x)
HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files\DivX\DivX Plus Web Player\dwpBroker.exe (DivX, LLC)
HKLM_ElevationPolicy\{7F561EBE-828D-4CC8-BA3A-3372AB318BB0} - C:\Windows\system32\spool\DRIVERS\W32X86\3\novaclk7.exe (Softland)
HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)
HKLM_Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - "Translate this web page with Babylon" (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll,202)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll)
BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - "Babylon IE plugin" (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 298 File(s)
C:\Program Files\Ad-Remover\Backup: 16 File(s)

C:\Ad-Report-CLEAN[1].txt - 03/05/2011 20:50:53 (16989 Byte(s))

End at: 20:52:07, 03/05/2011

============== E.O.F ==============
0
Réponse 7 / 11
Utilisateur anonyme
 
desactive tes protections puis enregistre ceci sur ton bureau

Pre_Scan

Avertissement: Il y aura une extinction courte du bureau --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné clique plusieurs fois très rapidement dessus ou renomme-le winlogon , ou change son extension en .com ou .scr

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus(Pre_Scan.txt).

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

▶ Copie ce lien dans ta réponse.
0
Réponse 8 / 11
pur3.pwnag3
 
sàlut et bon màtin à toi.

voilà le lien de ràpport ;

http://www.cijoint.fr/cjlink.php?file=cj201105/cij5bsDRlj.txt
0
Réponse 9 / 11
Utilisateur anonyme
 
tu m'as mis que la fin
0
Réponse 10 / 11
pur3.pwnag3
 
je croit que yà eu un légé probleme lors de l,uploàd ^^

voilà le nouveàu lien.

http://www.cijoint.fr/cjlink.php?file=cj201105/cijK8GC88c.txt
0
Réponse 11 / 11
Utilisateur anonyme
 
fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

▶ Potasses le Tuto pour te familiariser avec le prg :

( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0

Discussions similaires

question pix mot caché
aorum10 -
astrid-g85 -

6 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Changer la couleur de fond d'un en-tête
Adamantine -
Karine -

5 réponses
menu caché
laurent -
ChariduP -

7 réponses