Sujet Précédent Sujet Suivant

Virus BV : Autorun-S [Wrm]

Résolu/Fermé
doudi22 - Modifié par doudi22 le 17/06/2011 à 15:04
 Utilisateur anonyme - 23 juin 2011 à 20:10
Bonjour,

J'ai branché mon nouveau lecteur mp3 sur le pc et avast a détecté ce virus. Je l'ai mis en quarantaine ... Que dois je faire maintenant ?
J'ai lancé une recherche Findykill mais je ne sais pas interpréter le rapport.
Merci d'avance
A voir également:

90 réponses

Précédent
Réponse 21 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 18:44
j'ai tout désinstallé .

Pre-script.txt :
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Utilisateur : stéphanie (Administrateurs)
Ordinateur : YOUR-0DC23B925C
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 2.0.0.20 (fr)

Switchs possibles :

processes:: | file:: | folder::
Registry:: | Driver:: | replace::
txt:: | Host:: | DNS:: | NsLook::
Command:: | list:: | attrib::

Script : 18:42:17

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

switchs :


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


explorer.exe -> Processus redémarré

Fin : 18:42:17

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
0
Réponse 22 / 90
Utilisateur anonyme
17 juin 2011 à 18:56
tu l'as raté

copie exactement comme c'est hein ?

n'enleve pas les lignes sautée au milieu et ne prends pas les lignes exterieures
0
Réponse 23 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 19:02
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Utilisateur : stéphanie (Administrateurs)
Ordinateur : YOUR-0DC23B925C
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 2.0.0.20 (fr)

Switchs possibles :

processes:: | file:: | folder::
Registry:: | Driver:: | replace::
txt:: | Host:: | DNS:: | NsLook::
Command:: | list:: | attrib::

Script : 19:02:09

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

switchs :

Host::


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


¤ Hosts

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD

[.......]

¤ Hosts Fix

127.0.0.1 localhost



¤


explorer.exe -> Processus redémarré

Fin : 19:02:09

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
0
Réponse 24 / 90
Utilisateur anonyme
17 juin 2011 à 19:23
et là tu n'as pris que la derniere ligne.....:S
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 19:24
non j'ai tous pris
0
Réponse 26 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 19:27
j'ai recommencé maintenant il me met ça :

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Utilisateur : stéphanie (Administrateurs)
Ordinateur : YOUR-0DC23B925C
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 2.0.0.20 (fr)

Switchs possibles :

processes:: | file:: | folder::
Registry:: | Driver:: | replace::
txt:: | Host:: | DNS:: | NsLook::
Command:: | list:: | attrib::

Script : 19:26:43

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

switchs :

Host::


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


¤ Hosts

127.0.0.1 localhost



¤ Hosts Fix

127.0.0.1 localhost



¤


explorer.exe -> Processus redémarré

Fin : 19:26:43

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
0
Réponse 27 / 90
Utilisateur anonyme
17 juin 2011 à 19:28
impossible
0
Réponse 28 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
Modifié par doudi22 le 17/06/2011 à 19:34
???
j'arrête pas de copier coller sans les 2 lignes exterieurs et en gardant les lignes du milieu (de file:: à Host::) - j'obtiens pas autre chose
0
Réponse 29 / 90
Utilisateur anonyme
17 juin 2011 à 19:37
ouaip dans mon empressement et mon etourderie je t'ai fait faire une chose qui ne change rien

retente comme ceci :

_________________________________________________________________
file::
C:\Documents and Settings\All Users\Application Data\.zreglib

folder::
C:\Documents and Settings\stéphanie\Application Data\math anti pile
C:\Documents and Settings\stéphanie\Application Data\searchqutoolbar
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-
__________________________________________________
0
Réponse 30 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
Modifié par doudi22 le 17/06/2011 à 19:44
ça change pas grand chose - j'obtiens ça :
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤ XP | Vista | Seven - 32/64 bits ¤¤¤¤¤

Utilisateur : stéphanie (Administrateurs)
Ordinateur : YOUR-0DC23B925C
Système d'exploitation : Microsoft Windows XP (32 bits)
Internet Explorer : 8.0.6001.18702
Mozilla Firefox : 2.0.0.20 (fr)

Switchs possibles :

processes:: | file:: | folder::
Registry:: | Driver:: | replace::
txt:: | Host:: | DNS:: | NsLook::
Command:: | list:: | attrib::

Script : 19:41:23

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

switchs :


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤


explorer.exe -> Processus redémarré

Fin : 19:41:23

¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤

J'ai recommencé plusieurs fois j'ai toujours ce résultat
0
Réponse 31 / 90
Utilisateur anonyme
17 juin 2011 à 19:54
▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 32 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 19:58
Il n'a détecté aucune infection

2011/06/17 19:56:51.0343 0292 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/17 19:56:51.0578 0292 ================================================================================
2011/06/17 19:56:51.0578 0292 SystemInfo:
2011/06/17 19:56:51.0578 0292
2011/06/17 19:56:51.0578 0292 OS Version: 5.1.2600 ServicePack: 2.0
2011/06/17 19:56:51.0578 0292 Product type: Workstation
2011/06/17 19:56:51.0578 0292 ComputerName: YOUR-0DC23B925C
2011/06/17 19:56:51.0578 0292 UserName: stéphanie
2011/06/17 19:56:51.0578 0292 Windows directory: C:\WINDOWS
2011/06/17 19:56:51.0578 0292 System windows directory: C:\WINDOWS
2011/06/17 19:56:51.0578 0292 Processor architecture: Intel x86
2011/06/17 19:56:51.0578 0292 Number of processors: 2
2011/06/17 19:56:51.0578 0292 Page size: 0x1000
2011/06/17 19:56:51.0578 0292 Boot type: Normal boot
2011/06/17 19:56:51.0578 0292 ================================================================================
2011/06/17 19:56:52.0265 0292 Initialize success
2011/06/17 19:57:00.0859 3380 ================================================================================
2011/06/17 19:57:00.0859 3380 Scan started
2011/06/17 19:57:00.0859 3380 Mode: Manual;
2011/06/17 19:57:00.0859 3380 ================================================================================
2011/06/17 19:57:01.0875 3380 3xHybrid (56f93517bb4125a154e2a50b71bff469) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
2011/06/17 19:57:01.0921 3380 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/06/17 19:57:01.0984 3380 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/17 19:57:02.0046 3380 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/17 19:57:02.0093 3380 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/06/17 19:57:02.0156 3380 AF9035HB (de1d04df647eb10733516046300198d9) C:\WINDOWS\system32\Drivers\AF9035HB.sys
2011/06/17 19:57:02.0218 3380 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/06/17 19:57:02.0343 3380 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/06/17 19:57:02.0390 3380 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
2011/06/17 19:57:02.0484 3380 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/17 19:57:02.0515 3380 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/17 19:57:02.0625 3380 ati2mtag (956c7ec3a9de96f785b829beb41e3c3e) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/06/17 19:57:02.0671 3380 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/17 19:57:02.0703 3380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/17 19:57:02.0750 3380 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/06/17 19:57:02.0765 3380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/17 19:57:02.0812 3380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/17 19:57:02.0828 3380 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/17 19:57:02.0890 3380 CdaC15BA (08f60f40d1a2a95a1f12eddbd9f25c1c) C:\WINDOWS\system32\drivers\CdaC15BA.SYS
2011/06/17 19:57:02.0921 3380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/17 19:57:02.0953 3380 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/17 19:57:03.0000 3380 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/17 19:57:03.0078 3380 cmudax (d7fcada6833a0e243ca89c03bd559bd9) C:\WINDOWS\system32\drivers\cmudax.sys
2011/06/17 19:57:03.0406 3380 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/17 19:57:03.0468 3380 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/17 19:57:03.0500 3380 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/17 19:57:03.0515 3380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/17 19:57:03.0562 3380 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/17 19:57:03.0609 3380 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/17 19:57:03.0640 3380 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/06/17 19:57:03.0750 3380 ELacpi (a0eca865198a86e54073f211191317c6) C:\WINDOWS\system32\DRIVERS\ELacpi.sys
2011/06/17 19:57:03.0765 3380 ELhid (8c22ccff61fddfe347277e7d58c9449f) C:\WINDOWS\system32\DRIVERS\ELhid.sys
2011/06/17 19:57:03.0781 3380 ELkbd (dee171e25792e39bc97741a33552cbc6) C:\WINDOWS\system32\DRIVERS\ELkbd.sys
2011/06/17 19:57:03.0796 3380 ELmon (a966212b01e4c9cfb2ab4add16de945d) C:\WINDOWS\system32\DRIVERS\ELmon.sys
2011/06/17 19:57:03.0812 3380 ELmou (5473aa5a3a57918bfbb82767e6ef1053) C:\WINDOWS\system32\DRIVERS\ELmou.sys
2011/06/17 19:57:03.0859 3380 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/17 19:57:03.0890 3380 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/17 19:57:03.0906 3380 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/17 19:57:03.0921 3380 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/17 19:57:03.0968 3380 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/06/17 19:57:04.0000 3380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/17 19:57:04.0015 3380 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/17 19:57:04.0046 3380 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/06/17 19:57:04.0078 3380 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/17 19:57:04.0125 3380 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
2011/06/17 19:57:04.0156 3380 HDAudBus (cbbb304dc69e0b56f789852f6455f7ec) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/17 19:57:04.0187 3380 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/17 19:57:04.0250 3380 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/17 19:57:04.0312 3380 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/17 19:57:04.0375 3380 iastor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/06/17 19:57:04.0453 3380 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/17 19:57:04.0531 3380 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/17 19:57:04.0546 3380 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/06/17 19:57:04.0578 3380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/17 19:57:04.0609 3380 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/17 19:57:04.0656 3380 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/17 19:57:04.0703 3380 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/17 19:57:04.0734 3380 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/17 19:57:04.0765 3380 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/17 19:57:04.0796 3380 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/17 19:57:04.0843 3380 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/17 19:57:04.0890 3380 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/17 19:57:04.0937 3380 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/17 19:57:04.0968 3380 L8042Kbd (7c7e894b3f40748e06bb18ce1f66352f) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
2011/06/17 19:57:05.0031 3380 L8042mou (5f9734f12443502e13bc80734afacb20) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
2011/06/17 19:57:05.0093 3380 LHidFilt (f5e165b4e3df145f6e8bf3c0573f94d8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/06/17 19:57:05.0109 3380 LMouFilt (b46e39b8ae439d7ce75a923e7f950040) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/06/17 19:57:05.0140 3380 LMouKE (3e42560b84441323a688f84737b92b97) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
2011/06/17 19:57:05.0187 3380 LUsbFilt (9bbd8674c1d3811b851c8cf8a8e30e2c) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
2011/06/17 19:57:05.0234 3380 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/06/17 19:57:05.0296 3380 LVRS (87ecce893d8aec5a9337b917742d339c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/06/17 19:57:05.0343 3380 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2011/06/17 19:57:05.0609 3380 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/06/17 19:57:05.0671 3380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/17 19:57:05.0718 3380 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/17 19:57:05.0750 3380 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/17 19:57:05.0765 3380 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/17 19:57:05.0781 3380 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/17 19:57:05.0828 3380 MPE (55a9a7e6bb297bf0f5b144029dcb79cc) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/06/17 19:57:05.0875 3380 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/17 19:57:05.0937 3380 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/17 19:57:05.0984 3380 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/06/17 19:57:06.0015 3380 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/17 19:57:06.0046 3380 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/17 19:57:06.0078 3380 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/17 19:57:06.0093 3380 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/17 19:57:06.0140 3380 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/17 19:57:06.0171 3380 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/17 19:57:06.0218 3380 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/17 19:57:06.0250 3380 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/17 19:57:06.0296 3380 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/17 19:57:06.0312 3380 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/17 19:57:06.0359 3380 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/17 19:57:06.0390 3380 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/17 19:57:06.0437 3380 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/17 19:57:06.0453 3380 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/17 19:57:06.0484 3380 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/17 19:57:06.0625 3380 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/17 19:57:06.0718 3380 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/06/17 19:57:06.0750 3380 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/17 19:57:06.0812 3380 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/17 19:57:06.0859 3380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/17 19:57:06.0906 3380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/17 19:57:06.0921 3380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/17 19:57:06.0953 3380 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/06/17 19:57:07.0015 3380 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/17 19:57:07.0046 3380 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/17 19:57:07.0078 3380 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/17 19:57:07.0109 3380 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/17 19:57:07.0171 3380 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/17 19:57:07.0218 3380 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/17 19:57:07.0312 3380 pepifilter (b20f958b207e6aaac5f70d04dd2c30d8) C:\WINDOWS\system32\DRIVERS\lv302af.sys
2011/06/17 19:57:07.0468 3380 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
2011/06/17 19:57:07.0531 3380 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/17 19:57:07.0546 3380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/17 19:57:07.0593 3380 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/06/17 19:57:07.0687 3380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/17 19:57:07.0703 3380 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/17 19:57:07.0734 3380 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/17 19:57:07.0750 3380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/17 19:57:07.0796 3380 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/17 19:57:07.0828 3380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/17 19:57:07.0875 3380 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/17 19:57:07.0937 3380 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/17 19:57:07.0968 3380 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/17 19:57:08.0046 3380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/17 19:57:08.0093 3380 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/17 19:57:08.0093 3380 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/17 19:57:08.0125 3380 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/17 19:57:08.0187 3380 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/17 19:57:08.0234 3380 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/17 19:57:08.0296 3380 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/17 19:57:08.0296 3380 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/06/17 19:57:08.0296 3380 sptd - detected LockedFile.Multi.Generic (1)
2011/06/17 19:57:08.0343 3380 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/17 19:57:08.0375 3380 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/17 19:57:08.0406 3380 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/17 19:57:08.0453 3380 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/17 19:57:08.0500 3380 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/17 19:57:08.0578 3380 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/17 19:57:08.0640 3380 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/17 19:57:08.0687 3380 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/17 19:57:08.0703 3380 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/17 19:57:08.0734 3380 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/17 19:57:08.0796 3380 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/17 19:57:08.0859 3380 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/17 19:57:08.0890 3380 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/06/17 19:57:08.0937 3380 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/17 19:57:08.0984 3380 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/17 19:57:09.0000 3380 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/17 19:57:09.0046 3380 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/17 19:57:09.0171 3380 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/17 19:57:09.0203 3380 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/17 19:57:09.0250 3380 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/17 19:57:09.0296 3380 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/06/17 19:57:09.0343 3380 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/17 19:57:09.0390 3380 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/17 19:57:09.0453 3380 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/06/17 19:57:09.0515 3380 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/17 19:57:09.0593 3380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/06/17 19:57:09.0625 3380 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/17 19:57:09.0656 3380 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/17 19:57:09.0687 3380 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/17 19:57:09.0750 3380 X10Hid (81e8da36ce70858898d5eb81e28a47d2) C:\WINDOWS\system32\Drivers\x10hid.sys
2011/06/17 19:57:09.0796 3380 XUIF (41cf36a3cc7786575247ed456918e112) C:\WINDOWS\system32\Drivers\x10ufx2.sys
2011/06/17 19:57:09.0812 3380 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/06/17 19:57:09.0953 3380 MBR (0x1B8) (20c15ef2111b8472bbfe5e65b7c949e6) \Device\Harddisk1\DR4
2011/06/17 19:57:10.0000 3380 ================================================================================
2011/06/17 19:57:10.0000 3380 Scan finished
2011/06/17 19:57:10.0000 3380 ================================================================================
2011/06/17 19:57:10.0015 2892 Detected object count: 1
2011/06/17 19:57:10.0015 2892 Actual detected object count: 1
2011/06/17 19:57:25.0406 2892 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/06/17 19:57:34.0906 1024 Deinitialize success
0
Réponse 33 / 90
Utilisateur anonyme
17 juin 2011 à 20:02
Télécharge ici :OTL

enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.

=> Clique ici pour voir la Configuration

▶Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

▶ Copie ce lien dans ta réponse.

▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
0
Réponse 34 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 20:10
otl.txt :
http://www.cijoint.fr/cjlink.php?file=cj201106/cijoEYl91w.txt

extras.txt :
http://www.cijoint.fr/cjlink.php?file=cj201106/cij5jDdmNb.txt
0
Réponse 35 / 90
Utilisateur anonyme
17 juin 2011 à 20:23
j'ai vu que tu avais deja telechargé avast6 , attends un peu avant de l'installer

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:Services
aswUpdSv

:OTL
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab (Reg Error: Key error.)
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} http://www.inoculer.com/antivirus/Msie/bitdefender.cab (AvxScanOnline Control)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O4 - HKLM\..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk = File not found
O4 - HKLM\..\Run: [SpywareTerminator] File not found
O4 - HKLM\..\Run: [Cmaudio] File not found
O3 - HKLM\..\Toolbar: (no name) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
IE - HKU\S-1-5-21-2138832228-930920648-918630400-1005\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2138832228-930920648-918630400-1005\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - Reg Error: Key error. File not found

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=-
"Adobe Reader Speed Launcher"=-
"QuickTime Task"=-
"SunJavaUpdateSched"=-

:files
C:\WINDOWS\aucfg.ini
C:\WINDOWS\d3dx.dat
C:\WINDOWS\eReg.dat
C:\logfile
C:\WINDOWS\System32\bandoolmx.dll
C:\Documents and Settings\All Users\Application Data\.zreglib
C:\Documents and Settings\stéphanie\Application Data\math anti pile
C:\Documents and Settings\stéphanie\Application Data\searchqutoolbar
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\stéphanie\Bureau\Pre_scan.exe:SummaryInformation
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1A15C498
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FC9D9C0
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5A27D490
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90E3641D
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:59BDDCD5
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B894C266
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:580E04D8
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CD562B4
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3214A283
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90E60569
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3C75E5BE
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A696643D
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10B7A752
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C1CCF2C1
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9B52F176
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:861A898F
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6BD304B9
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CE7C61DF
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2ABEB9EB
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F66BF58
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3B3A35EC
@Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F65733F1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DD874E14
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:857F3067
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0A73A758
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

:commands
[CLEARALLRESTOREPOINTS]
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur "Correction" pour lancer la suppression.


▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 36 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 20:43
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== SERVICES/DRIVERS ==========
Service aswUpdSv stopped successfully!
Service aswUpdSv deleted successfully!
========== OTL ==========
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {87AF076E-D86D-4E87-ADDD-F05804E1F150}
C:\WINDOWS\Downloaded Program Files\setup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{87AF076E-D86D-4E87-ADDD-F05804E1F150}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87AF076E-D86D-4E87-ADDD-F05804E1F150}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{87AF076E-D86D-4E87-ADDD-F05804E1F150}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87AF076E-D86D-4E87-ADDD-F05804E1F150}\ not found.
Starting removal of ActiveX control {80DD2229-B8E4-4C77-B72F-F22972D723EA}
C:\WINDOWS\Downloaded Program Files\bitdefender.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
C:\WINDOWS\Downloaded Program Files\oscan8.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\RunOnceEx not found.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Registry value HKEY_USERS\S-1-5-21-2138832228-930920648-918630400-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found.
Registry value HKEY_USERS\S-1-5-21-2138832228-930920648-918630400-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ef79f67a-6ad7-4715-a0f8-932fca442023} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef79f67a-6ad7-4715-a0f8-932fca442023}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\WINDOWS\aucfg.ini moved successfully.
C:\WINDOWS\d3dx.dat moved successfully.
C:\WINDOWS\eReg.dat moved successfully.
C:\logfile moved successfully.
C:\WINDOWS\System32\bandoolmx.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\.zreglib moved successfully.
C:\Documents and Settings\stéphanie\Application Data\math anti pile folder moved successfully.
C:\Documents and Settings\stéphanie\Application Data\searchqutoolbar folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy folder moved successfully.
ADS C:\Documents and Settings\stéphanie\Bureau\Pre_scan.exe:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1A15C498 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1D6686D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2FC9D9C0 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5A27D490 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:90E3641D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:59BDDCD5 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:B894C266 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:580E04D8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3CD562B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3214A283 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:90E60569 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3C75E5BE deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A696643D deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0D31DA45 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:10B7A752 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:C1CCF2C1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:9B52F176 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:861A898F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:4D066AD2 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:6BD304B9 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:CE7C61DF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:2ABEB9EB deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:7F66BF58 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:3B3A35EC deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:8AB6C1D7 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:F65733F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DD874E14 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:857F3067 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0A73A758 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
Restore points cleared and new OTL Restore Point set!

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 300 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 300 bytes

User: LocalService
->Temp folder emptied: 480 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1567283 bytes

User: stéphanie
->Temp folder emptied: 935540 bytes
->Temporary Internet Files folder emptied: 125333849 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6521569 bytes
->Apple Safari cache emptied: 1025024 bytes
->Flash cache emptied: 3131412 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2037740 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23930776 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 1545 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 157,00 mb


OTL by OldTimer - Version 3.2.24.0 log created on 06172011_203809

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 37 / 90
Utilisateur anonyme
17 juin 2011 à 21:12
installe avast6 maintenant , mets-le à jour et fais un scan complet
0
Réponse 38 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 21:22
ok c'est fait il scan
0
Réponse 39 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
17 juin 2011 à 21:33
si il finit trop tard je donnerai le résultat du scan demain matin
merci de m'avoir accorder tous ce temps
0
Réponse 40 / 90
doudi22 Messages postés 25 Date d'inscription vendredi 17 juin 2011 Statut Membre Dernière intervention 28 juin 2011 1
Modifié par doudi22 le 17/06/2011 à 22:49
avast a détecté un virus : Win32 : Rootkit-gen[Rtk]
apparemment dans le fichier de quarantaine du logiciel UsbFix
Je l'ai mis en quarantaine
(la suite demain)
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses