Sujet Précédent Sujet Suivant

TR/Vundo.gen

sportugal Messages postés 16 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour à vous qui me lisez!

Je procède à une désinfection d'un ordinateur d'un proche, mais je recontre un problème pour supprimer ce virus. Après que mette effacer Antivir me redonne une alerte à propos du même virus.

Si vous pouviez me dire alors comment procéder, merci d'avance!

Ps: Déjà plus de 3500 saletés suprimées..

27 réponses

Précédent
  • 1
  • 2
Réponse 21 / 27
Help
 
Et bien Jlpjlp je viens de tout faire je t'envois les rapports

Voici donc pour Combofix :

omboFix 08-06-20.4 - Propriétaire 2008-06-30 20:08:06.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.831 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Propriétaire\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
c:\windows\system32\rwwnw64d.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.

2008-06-30 18:51 . 2008-06-30 18:51 268 --ah----- C:\sqmdata14.sqm
2008-06-30 18:51 . 2008-06-30 18:51 244 --ah----- C:\sqmnoopt14.sqm
2008-06-30 18:43 . 2008-06-30 18:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-06-30 18:43 . 2008-06-30 18:43 268 --ah----- C:\sqmdata13.sqm
2008-06-30 18:43 . 2008-06-30 18:43 244 --ah----- C:\sqmnoopt13.sqm
2008-06-30 18:42 . 2008-06-30 18:42 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-06-30 18:38 . 2006-10-27 15:09 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-06-30 18:33 . 2008-06-30 18:33 268 --ah----- C:\sqmdata12.sqm
2008-06-30 18:33 . 2008-06-30 18:33 244 --ah----- C:\sqmnoopt12.sqm
2008-06-30 17:05 . 2008-06-30 17:05 268 --ah----- C:\sqmdata11.sqm
2008-06-30 17:05 . 2008-06-30 17:05 244 --ah----- C:\sqmnoopt11.sqm
2008-06-30 16:03 . 2008-06-30 16:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-30 16:03 . 2008-06-30 16:03 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2008-06-30 16:03 . 2008-06-30 16:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-30 16:03 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 16:03 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 14:16 . 2008-06-30 14:16 <REP> d-------- C:\VundoFix Backups
2008-06-30 13:59 . 2008-06-30 13:59 268 --ah----- C:\sqmdata10.sqm
2008-06-30 13:59 . 2008-06-30 13:59 244 --ah----- C:\sqmnoopt10.sqm
2008-06-30 12:33 . 2008-06-30 12:33 268 --ah----- C:\sqmdata09.sqm
2008-06-30 12:33 . 2008-06-30 12:33 244 --ah----- C:\sqmnoopt09.sqm
2008-06-30 10:02 . 2008-06-30 12:22 <REP> d-------- C:\WINDOWS\system32\yrt
2008-06-30 10:02 . 2008-06-30 12:22 <REP> d-------- C:\WINDOWS\system32\rov
2008-06-30 10:02 . 2008-06-30 12:22 <REP> d-------- C:\WINDOWS\system32\pRI
2008-06-30 10:01 . 2008-06-30 10:02 <REP> d-------- C:\Temp\syschk3
2008-06-30 10:01 . 2008-06-30 17:04 34,304 --------- C:\WINDOWS\system32\fccbXnOE.dll
2008-06-28 13:39 . 2008-06-28 13:39 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Propellerhead Software
2008-06-28 13:39 . 2008-06-28 13:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-06-28 13:39 . 2008-06-28 13:39 368,640 --a------ C:\WINDOWS\system32\ReWire.dll
2008-06-28 13:39 . 2008-06-28 13:39 233,472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
2008-06-28 13:16 . 2008-06-28 13:16 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Sony
2008-06-28 12:49 . 2008-06-28 12:49 <REP> d-------- C:\Program Files\Propellerhead
2008-06-23 12:45 . 2008-06-23 12:45 <REP> dr-h----- C:\Documents and Settings\Propriétaire\Application Data\SecuROM
2008-06-15 21:16 . 2008-06-15 21:16 244 --ah----- C:\sqmnoopt08.sqm
2008-06-15 21:16 . 2008-06-15 21:16 232 --ah----- C:\sqmdata08.sqm
2008-06-11 19:38 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-07 11:19 . 2004-08-20 00:09 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-06-07 11:19 . 2004-08-20 00:09 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-06-07 11:19 . 2004-08-20 00:00 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-06-07 11:19 . 2004-08-20 00:00 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-06-07 11:18 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-07 11:18 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-04 21:47 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-06-04 21:47 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-06-04 21:47 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-06-04 21:46 . 2008-06-04 21:46 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-06-04 21:44 . 2008-06-04 21:44 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-06-04 21:44 . 2008-06-04 21:44 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-02 23:45 . 2008-06-02 23:45 <REP> d-------- C:\Program Files\Veoh Networks
2008-06-02 23:45 . 2008-06-02 23:45 <REP> d-------- C:\Documents and Settings\Propriétaire\Mes documents
2008-06-02 23:45 . 2008-06-02 23:45 <REP> d-------- C:\Documents and Settings\Propriétaire
2008-06-01 12:58 . 2008-06-01 12:58 268 --ah----- C:\sqmdata06.sqm
2008-06-01 12:58 . 2008-06-01 12:58 244 --ah----- C:\sqmnoopt06.sqm
2008-06-01 12:58 . 2008-06-01 12:58 172 --ah----- C:\sqmnoopt07.sqm
2008-06-01 12:58 . 2008-06-01 12:58 172 --ah----- C:\sqmdata07.sqm
2008-05-31 23:46 . 2008-05-31 23:46 244 --ah----- C:\sqmnoopt05.sqm
2008-05-31 23:46 . 2008-05-31 23:46 232 --ah----- C:\sqmdata05.sqm
2008-05-31 23:45 . 2008-05-31 23:45 244 --ah----- C:\sqmnoopt04.sqm
2008-05-31 23:45 . 2008-05-31 23:45 232 --ah----- C:\sqmdata04.sqm
2008-05-18 13:23 . 2007-04-24 11:33 108,680 -ra------ C:\WINDOWS\system32\drivers\s125mdm.sys
2008-05-18 13:23 . 2007-04-24 11:33 100,488 -ra------ C:\WINDOWS\system32\drivers\s125mgmt.sys
2008-05-18 13:23 . 2007-04-24 11:33 98,696 -ra------ C:\WINDOWS\system32\drivers\s125obex.sys
2008-05-18 13:23 . 2007-04-24 11:33 15,112 -ra------ C:\WINDOWS\system32\drivers\s125mdfl.sys
2008-05-18 13:23 . 2007-04-24 11:33 12,424 -ra------ C:\WINDOWS\system32\drivers\s125cmnt.sys
2008-05-18 13:23 . 2007-04-24 11:33 12,424 -ra------ C:\WINDOWS\system32\drivers\s125cm.sys
2008-05-18 13:21 . 2007-04-24 11:33 83,336 -ra------ C:\WINDOWS\system32\drivers\s125bus.sys
2008-05-18 13:21 . 2007-04-24 11:33 12,424 -ra------ C:\WINDOWS\system32\drivers\s125whnt.sys
2008-05-18 13:21 . 2007-04-24 11:33 12,424 -ra------ C:\WINDOWS\system32\drivers\s125wh.sys
2008-05-15 08:14 . 2008-05-18 13:27 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Teleca
2008-05-14 19:45 . 2008-06-30 11:11 <REP> d-------- C:\Program Files\Sony
2008-05-14 12:24 . 2008-06-28 13:15 <REP> d-------- C:\Program Files\Sony Setup
2008-05-14 12:24 . 2008-05-14 12:24 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Sony Setup
2008-05-14 12:21 . 2008-05-14 12:21 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Sony Ericsson
2008-05-14 12:20 . 2008-06-02 23:45 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-05-14 12:20 . 2008-05-14 12:20 <REP> d-------- C:\Program Files\Sony Ericsson
2008-05-14 12:20 . 2008-05-14 12:22 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-05-14 12:20 . 2008-05-14 12:21 <REP> d-------- C:\Program Files\Fichiers communs\Sony Ericsson Shared
2008-05-14 12:17 . 2008-05-14 12:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-05-14 12:17 . 2008-05-14 12:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-05-14 12:15 . 2004-08-04 07:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-05-14 12:15 . 2004-08-04 07:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-05-13 22:34 . 2008-05-13 22:34 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\ArcSoft
2008-05-09 22:46 . 2008-05-09 22:46 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-05-09 22:38 . 2008-05-09 22:38 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Media Player Classic
2008-05-03 13:30 . 2008-05-03 13:30 268 --ah----- C:\sqmdata03.sqm
2008-05-03 13:30 . 2008-05-03 13:30 244 --ah----- C:\sqmnoopt03.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-30 16:53 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
2008-06-30 16:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-06-29 14:19 --------- d-----w C:\Program Files\FlashGet
2008-06-28 10:44 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2008-06-25 11:58 --------- d-----w C:\Program Files\EA GAMES
2008-06-23 10:45 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-06-16 21:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 18:41 --------- d-----w C:\Program Files\Easy Internet signup
2008-06-02 21:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-24 20:50 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2008-05-20 21:10 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Canon
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\divx.dll
2008-03-28 17:41 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-14 17:38 68856]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-05-15 16:11 3644464]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736]
"HPHUPD05"="c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 04:23 49152]
"HPHmon05"="C:\WINDOWS\System32\hphmon05.exe" [2003-08-21 04:16 483328]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 20:02 61440]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 09:01 110592]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2003-11-03 17:50 221184]
"VTTimer"="VTTimer.exe" []
"PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-12-05 20:50 3022848]
"nwiz"="nwiz.exe" [2003-12-05 20:50 753664 C:\WINDOWS\system32\nwiz.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-03 21:35 50176 C:\WINDOWS\ALCXMNTR.EXE]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-18 00:31 118784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-26 11:07 262401]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 13:00 49152]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384]

C:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 22:57:56 393216]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 13:19:24 237568]
Sagem - Utilitaire r‚seau pour Cl‚ USB Wi-Fi 802.11g.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2008-03-05 19:03:01 667648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\BitTornado\\btdownloadgui.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10000:TCP"= 10000:TCP:bit

R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\DRIVERS\avgntmgr.sys [2008-04-26 11:07]
R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys [2008-04-26 11:07]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-08-13 18:15]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 11:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 11:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 11:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 11:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 11:33]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]

*Newly Created Service* - PCANDIS5
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-06-30 18:10:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 20:08:52
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-30 20:11:06
ComboFix-quarantined-files.txt 2008-06-30 18:10:33
ComboFix2.txt 2008-06-30 17:31:57
ComboFix3.txt 2008-06-30 17:03:03

Pre-Run: 54,854,397,952 octets libres
Post-Run: 54,843,068,416 octets libres

201 --- E O F --- 2008-06-20 23:42:26
0
Réponse 22 / 27
Help
 
Ici le rapport avec hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:46, on 30/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Propriétaire\Bureau\Skim.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qfr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
0
Réponse 23 / 27
Help
 
Et en dernier avec antivir qui a détécté 7 fichiers infectés ( je perds espoir )

Avira AntiVir Personal
Report file date: lundi 30 juin 2008 20:13

Scanning for 1368333 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NOM-OKL2XDJJQAE

Version information:
BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 26/04/2008 09:07:28
AVSCAN.DLL : 8.1.1.0 53505 Bytes 26/04/2008 09:07:28
LUKE.DLL : 8.1.2.9 151809 Bytes 26/04/2008 09:07:29
LUKERES.DLL : 8.1.2.1 12033 Bytes 26/04/2008 09:07:29
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 20:11:54
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 20:11:55
ANTIVIR3.VDF : 7.0.5.19 139264 Bytes 29/06/2008 20:09:02
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 26/04/2008 09:07:30
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 20/06/2008 20:10:42
AESCN.DLL : 8.1.0.22 119157 Bytes 20/06/2008 20:10:32
AERDL.DLL : 8.1.0.20 418165 Bytes 26/04/2008 09:07:30
AEPACK.DLL : 8.1.1.6 364918 Bytes 20/06/2008 20:10:13
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 20/06/2008 20:10:01
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 20/06/2008 20:09:56
AEHELP.DLL : 8.1.0.15 115063 Bytes 29/05/2008 19:51:27
AEGEN.DLL : 8.1.0.29 307573 Bytes 20/06/2008 20:09:33
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 19:21:30
AECORE.DLL : 8.1.0.31 168310 Bytes 06/06/2008 20:07:26
AVWINLL.DLL : 1.0.0.7 14593 Bytes 26/04/2008 09:07:28
AVPREF.DLL : 8.0.0.1 25857 Bytes 26/04/2008 09:07:28
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 26/04/2008 09:07:28
AVARKT.DLL : 1.0.0.23 307457 Bytes 26/04/2008 09:07:27
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 26/04/2008 09:07:28
SQLITE3.DLL : 3.3.17.1 339968 Bytes 26/04/2008 09:07:30
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 26/04/2008 09:07:30
NETNT.DLL : 8.0.0.1 7937 Bytes 26/04/2008 09:07:29
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 26/04/2008 09:07:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 26/04/2008 09:07:25

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 30 juin 2008 20:13

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'opwareSE2.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '34' files ).

Starting the file scan:

Begin scan in 'C:\' <PRESARIO>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqQgFVm.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48da29e0.qua'!
C:\System Volume Information\_restore{AA3F8F0A-60AD-4079-B11F-59E3B100AF75}\RP222\A0025196.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[NOTE] The file was moved to '48992a5e.qua'!
C:\System Volume Information\_restore{AA3F8F0A-60AD-4079-B11F-59E3B100AF75}\RP222\A0025208.exe
[DETECTION] Is the Trojan horse TR/Drop.Softomat.AN
[NOTE] The file was moved to '48992a65.qua'!
C:\System Volume Information\_restore{AA3F8F0A-60AD-4079-B11F-59E3B100AF75}\RP222\A0025210.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48992a6a.qua'!
C:\System Volume Information\_restore{AA3F8F0A-60AD-4079-B11F-59E3B100AF75}\RP222\A0025262.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48992a71.qua'!
C:\System Volume Information\_restore{AA3F8F0A-60AD-4079-B11F-59E3B100AF75}\RP228\A0025707.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48992a87.qua'!
C:\WINDOWS\system32\fccbXnOE.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48cc2d85.qua'!
Begin scan in 'D:\' <PRESARIO_RP>

End of the scan: lundi 30 juin 2008 21:05
Used time: 52:13 min

The scan has been done completely.

7009 Scanning directories
457652 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
7 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
457645 Files not concerned
13896 Archives were scanned
1 Warnings
7 Notes
0
Réponse 24 / 27
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire ce qui est dans le dossier quarantine en allant dans poste de travail puis

C:\QooBox\Quarantine

________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans
puis redemarre ton ordi
puis réactive là : https://www.informatruc.com

________________
vire ce qui est en quarantaine dans antivir

________________

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qfr10.hpwis.com/

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

_______________________

pour virer ce que je t'ai fais utiliser :

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

ps : pas besoin de m´envoyer le rapport si tout a ete supprimer ;-)

voilà cela devrait être bon!

encore des soucis?????,

pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall

https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 27
Help
 
Merci beaucoup jlpjlp !
Je crois que je ne te remercierai jamais assez ^^
J'ai fait tout ce que tu m'as dit sans rencontrer de problème et j'espère m'être débarrassé de ce truc une fois pour toute ( grâce à toi ). Je te donne quand même le petit rapport de Ccleaner au cas où !
Merci encore ( je saurai à qui demander de l'aide la prochaine fois que je choppe un virus ).

-->- Recherche:

C:\Vundofix backups: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\Default User\Recent\MSNFix.lnk: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\vundoFix.exe: trouvé !
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe: trouvé !
C:\WINDOWS\system32\config\systemprofile\Recent\MSNFix.lnk: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Default User\Recent\MSNFix.lnk: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\vundoFix.exe: supprimé !
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe: supprimé !
C:\WINDOWS\system32\config\systemprofile\Recent\MSNFix.lnk: supprimé !
C:\Vundofix backups: supprimé !
C:\Qoobox: supprimé !
0
Réponse 26 / 27
Help
 
Je voulais parler de Toolscleaner et non de Ccleaner ( petite erreur d'inatention)
Merci ^^
0
Réponse 27 / 27
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
bonne continuation
0

Discussions similaires

Signification "TR"
andromeid -
matrix4422 -

3 réponses
Signification des abréviations RE: et TR:
La Salamandre -
Iolose -

19 réponses
Sa veux dire koi??Subject: FW: Tr :FW: TR: TR
france22 -
ghano0666545160 -

12 réponses
casque sans fil Sennheiser TR 4200 ne fonctionne plus
jcb83400 -
DIY -

3 réponses
Problème casque sennheiser 4200
barbie35 -
Beenaxa -

1 réponse