J'ai (encore) attrapé un virus :s
Résolu/Fermé
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
-
22 mai 2008 à 21:57
hinoto Messages postés 438 Date d'inscription jeudi 28 juin 2007 Statut Membre Dernière intervention 20 janvier 2013 - 26 mai 2008 à 11:24
hinoto Messages postés 438 Date d'inscription jeudi 28 juin 2007 Statut Membre Dernière intervention 20 janvier 2013 - 26 mai 2008 à 11:24
A voir également:
- J'ai (encore) attrapé un virus :s
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Virus mcafee - Accueil - Piratage
- Tinyurl.com virus - Forum Virus
11 réponses
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
22 mai 2008 à 22:09
22 mai 2008 à 22:09
j'ai trouvé un post avec la liste des actions a affectuer je vais les suivre et je reposte un scan hi-jack apres ok?
nico-81
Messages postés
1612
Date d'inscription
vendredi 18 avril 2008
Statut
Membre
Dernière intervention
27 février 2014
98
22 mai 2008 à 22:11
22 mai 2008 à 22:11
bon déjà change d'ntivirus, prends celui-ci, mets le à jour et poste le rapport :
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
prends ça, mets le à jour et poste le rappor : http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
http://www.commentcamarche.net/telecharger/telecharger 55 antivir
prends ça, mets le à jour et poste le rappor : http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
22 mai 2008 à 23:03
22 mai 2008 à 23:03
ok atta je poste mes rapport et je te suis pour antivir ;)
vundo n'a rien detecté
voila le rapport combofix
ComboFix 08-05-21.3 - valouetptibou 2008-05-22 22:32:25.1 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.372 [GMT 2:00]
Endroit: C:\Documents and Settings\valouetptibou\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\valouetptibou\lsass.exe
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
C:\Program Files\Google\googletoolbar1.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\urqPfGXR.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-22 to 2008-05-22 ))))))))))))))))))))))))))))))))))))
.
2008-05-22 22:16 . 2008-05-22 22:16 <REP> d-------- C:\VundoFix Backups
2008-05-22 07:31 . 2008-05-22 07:31 <REP> d-------- C:\WINDOWS\system32\logXv05
2008-05-22 07:31 . 2008-05-22 07:31 <REP> d-------- C:\temp\dmpxp32
2008-05-20 18:10 . 2008-05-20 18:15 28 --a------ C:\WINDOWS\ODBC.INI
2008-05-20 18:09 . 2008-05-20 18:15 <REP> d-------- C:\RomStation
2008-05-20 09:51 . 2008-05-20 09:51 <REP> d-------- C:\Program Files\JimPossible
2008-05-17 10:10 . 2008-05-17 10:10 <REP> d-------- C:\Program Files\Nouveau dossier
2008-05-16 06:52 . 2008-05-16 06:52 177,196 --a------ C:\Program Files\eMulePlus.exe
2008-05-14 17:05 . 2008-05-15 06:03 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-05-14 17:05 . 2008-05-15 06:03 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-05-13 19:43 . 2006-05-11 18:32 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-05-13 19:43 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-05-13 19:43 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-13 19:42 . 2008-05-13 19:42 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-05-13 19:42 . 2006-12-12 14:15 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-13 19:42 . 2006-11-12 13:44 306,688 --a------ C:\WINDOWS\system32\avisynth.dll
2008-05-13 19:42 . 2005-11-10 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-05-13 19:42 . 2004-01-03 00:08 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-05-13 19:42 . 2004-01-03 00:08 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-05-13 19:42 . 2005-07-11 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-13 19:40 . 2005-02-13 01:00 186,880 -r-hs---- C:\WINDOWS\system32\RLOgg.ax
2008-05-13 19:40 . 2005-01-18 01:26 179,200 -r-hs---- C:\WINDOWS\system32\DiracSplitter.ax
2008-05-13 19:40 . 2005-02-06 01:00 92,672 -r-hs---- C:\WINDOWS\system32\RLVorbisDec.ax
2008-05-13 19:40 . 2005-02-13 01:00 67,584 -r-hs---- C:\WINDOWS\system32\RLTheoraDec.ax
2008-05-13 19:40 . 2005-02-13 01:00 51,712 -r-hs---- C:\WINDOWS\system32\RLSpeexDec.ax
2008-05-13 19:08 . 2008-05-13 19:08 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\TaoUSign
2008-05-13 15:41 . 2008-05-13 15:41 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\ArcSoft
2008-05-13 15:39 . 2004-08-20 01:09 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-05-13 15:39 . 2004-08-20 01:09 54,784 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-05-13 15:39 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\WINDOWS\Philips
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Philips
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
2008-05-13 15:35 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-05-13 15:34 . 2008-05-13 15:34 <REP> d-------- C:\Program Files\Philips SPC 610NC PC Camera
2008-05-13 15:34 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Fichiers communs\SPC610NC
2008-05-02 23:23 . 2008-05-02 23:23 <REP> d-------- C:\Program Files\Fichiers communs\BOONTY Shared
2008-05-02 23:23 . 2008-05-02 23:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BOONTY
2008-04-30 07:17 . 2008-04-30 07:17 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\skypePM
2008-04-30 07:17 . 2008-04-30 07:17 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-04-30 07:14 . 2008-04-30 07:14 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-04-30 07:14 . 2008-05-14 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-22 20:32 --------- d-----w C:\Program Files\Google
2008-05-22 05:34 --------- d-----w C:\Program Files\Incomplete
2008-05-22 05:28 --------- d-----w C:\Program Files\LimeWire
2008-05-22 05:28 --------- d-----w C:\Documents and Settings\valouetptibou\Application Data\LimeWire
2008-05-17 07:50 --------- d-----w C:\Documents and Settings\valouetptibou\Application Data\uTorrent
2008-05-16 04:47 --------- d-----w C:\Program Files\eMule
2008-05-16 04:09 --------- d-----w C:\Program Files\lx_cats
2008-05-14 19:03 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-14 14:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-04 12:13 --------- d-----w C:\Program Files\MSN Messenger
2008-04-04 12:13 --------- d-----w C:\Program Files\Messenger Plus! Live
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 17:54 68856]
"WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 19:48 286720]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 10:11 290816]
"EoWeather"="" []
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"Cmaudio"="cmicnfg.cpl" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-01-31 17:12 1115728]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 13:54 65536]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3acm"= l3codecp.acm
"vidc.yv12"= yv12vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2008-05-02 23:23]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys []
S3 SPC610NC;SPC 610NC Laptop Camera;C:\WINDOWS\system32\DRIVERS\SPC610NC.SYS [2005-09-07 21:39]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-22 22:39:16
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcrcoms.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-22 22:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-22 20:43:12
Pre-Run: 30,750,052,352 octets libres
Post-Run: 32,485,756,928 octets libres
153 --- E O F --- 2008-01-23 10:46:29
le msnfix
MSNFix 1.717
C:\Documents and Settings\valouetptibou\Bureau\MSNFix
Fix exécuté le 22/05/2008 - 22:47:41,31 By valouetptibou
mode sans échec
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
... C:\Install\
************************ Suppression des fichiers
************************ Suppression des dossiers
/!\ ... C:\Install\
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22052008_22484629.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et le hi-jack
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 23:01:31, on 22/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\valouetptibou\Mes documents\Valerick WIART\protection et nettoyage pc\hijack\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - Global Startup: VProperty.lnk = C:\WINDOWS\VPro610.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
vundo n'a rien detecté
voila le rapport combofix
ComboFix 08-05-21.3 - valouetptibou 2008-05-22 22:32:25.1 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.372 [GMT 2:00]
Endroit: C:\Documents and Settings\valouetptibou\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\valouetptibou\lsass.exe
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\valouetptibou\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
C:\Program Files\Google\googletoolbar1.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\urqPfGXR.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-22 to 2008-05-22 ))))))))))))))))))))))))))))))))))))
.
2008-05-22 22:16 . 2008-05-22 22:16 <REP> d-------- C:\VundoFix Backups
2008-05-22 07:31 . 2008-05-22 07:31 <REP> d-------- C:\WINDOWS\system32\logXv05
2008-05-22 07:31 . 2008-05-22 07:31 <REP> d-------- C:\temp\dmpxp32
2008-05-20 18:10 . 2008-05-20 18:15 28 --a------ C:\WINDOWS\ODBC.INI
2008-05-20 18:09 . 2008-05-20 18:15 <REP> d-------- C:\RomStation
2008-05-20 09:51 . 2008-05-20 09:51 <REP> d-------- C:\Program Files\JimPossible
2008-05-17 10:10 . 2008-05-17 10:10 <REP> d-------- C:\Program Files\Nouveau dossier
2008-05-16 06:52 . 2008-05-16 06:52 177,196 --a------ C:\Program Files\eMulePlus.exe
2008-05-14 17:05 . 2008-05-15 06:03 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-05-14 17:05 . 2008-05-15 06:03 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-05-13 19:43 . 2006-05-11 18:32 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-05-13 19:43 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-05-13 19:43 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-05-13 19:42 . 2008-05-13 19:42 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-05-13 19:42 . 2006-12-12 14:15 471,552 --a------ C:\WINDOWS\system32\Smab.dll
2008-05-13 19:42 . 2006-11-12 13:44 306,688 --a------ C:\WINDOWS\system32\avisynth.dll
2008-05-13 19:42 . 2005-11-10 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-05-13 19:42 . 2004-01-03 00:08 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-05-13 19:42 . 2004-01-03 00:08 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-05-13 19:42 . 2005-07-11 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-05-13 19:40 . 2005-02-13 01:00 186,880 -r-hs---- C:\WINDOWS\system32\RLOgg.ax
2008-05-13 19:40 . 2005-01-18 01:26 179,200 -r-hs---- C:\WINDOWS\system32\DiracSplitter.ax
2008-05-13 19:40 . 2005-02-06 01:00 92,672 -r-hs---- C:\WINDOWS\system32\RLVorbisDec.ax
2008-05-13 19:40 . 2005-02-13 01:00 67,584 -r-hs---- C:\WINDOWS\system32\RLTheoraDec.ax
2008-05-13 19:40 . 2005-02-13 01:00 51,712 -r-hs---- C:\WINDOWS\system32\RLSpeexDec.ax
2008-05-13 19:08 . 2008-05-13 19:08 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\TaoUSign
2008-05-13 15:41 . 2008-05-13 15:41 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\ArcSoft
2008-05-13 15:39 . 2004-08-20 01:09 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-05-13 15:39 . 2004-08-20 01:09 54,784 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-05-13 15:39 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\WINDOWS\Philips
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Philips
2008-05-13 15:35 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft
2008-05-13 15:35 . 1995-08-01 04:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-05-13 15:34 . 2008-05-13 15:34 <REP> d-------- C:\Program Files\Philips SPC 610NC PC Camera
2008-05-13 15:34 . 2008-05-13 15:35 <REP> d-------- C:\Program Files\Fichiers communs\SPC610NC
2008-05-02 23:23 . 2008-05-02 23:23 <REP> d-------- C:\Program Files\Fichiers communs\BOONTY Shared
2008-05-02 23:23 . 2008-05-02 23:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BOONTY
2008-04-30 07:17 . 2008-04-30 07:17 <REP> d-------- C:\Documents and Settings\valouetptibou\Application Data\skypePM
2008-04-30 07:17 . 2008-04-30 07:17 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-04-30 07:14 . 2008-04-30 07:14 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-04-30 07:14 . 2008-05-14 17:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-22 20:32 --------- d-----w C:\Program Files\Google
2008-05-22 05:34 --------- d-----w C:\Program Files\Incomplete
2008-05-22 05:28 --------- d-----w C:\Program Files\LimeWire
2008-05-22 05:28 --------- d-----w C:\Documents and Settings\valouetptibou\Application Data\LimeWire
2008-05-17 07:50 --------- d-----w C:\Documents and Settings\valouetptibou\Application Data\uTorrent
2008-05-16 04:47 --------- d-----w C:\Program Files\eMule
2008-05-16 04:09 --------- d-----w C:\Program Files\lx_cats
2008-05-14 19:03 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-14 14:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-04 12:13 --------- d-----w C:\Program Files\MSN Messenger
2008-04-04 12:13 --------- d-----w C:\Program Files\Messenger Plus! Live
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1E96EDC-E0C8-BE98-1F15-C29DBED83B53}]
C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 17:54 68856]
"WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 19:48 286720]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 10:11 290816]
"EoWeather"="" []
"nwiz"="nwiz.exe" [2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe]
"Cmaudio"="cmicnfg.cpl" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2008-01-31 17:12 1115728]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 13:54 65536]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"msacm.l3acm"= l3codecp.acm
"vidc.yv12"= yv12vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\THQ\\Dawn Of War\\W40k.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2008-05-02 23:23]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys []
S3 SPC610NC;SPC 610NC Laptop Camera;C:\WINDOWS\system32\DRIVERS\SPC610NC.SYS [2005-09-07 21:39]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-22 22:39:16
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcrcoms.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-22 22:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-22 20:43:12
Pre-Run: 30,750,052,352 octets libres
Post-Run: 32,485,756,928 octets libres
153 --- E O F --- 2008-01-23 10:46:29
le msnfix
MSNFix 1.717
C:\Documents and Settings\valouetptibou\Bureau\MSNFix
Fix exécuté le 22/05/2008 - 22:47:41,31 By valouetptibou
mode sans échec
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
... C:\Install\
************************ Suppression des fichiers
************************ Suppression des dossiers
/!\ ... C:\Install\
************************ Nettoyage du registre
************************ Fichiers suspects
Aucun Fichier trouvé
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22052008_22484629.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
et le hi-jack
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 23:01:31, on 22/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\valouetptibou\Mes documents\Valerick WIART\protection et nettoyage pc\hijack\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll (file missing)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - Global Startup: VProperty.lnk = C:\WINDOWS\VPro610.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
nico-81
Messages postés
1612
Date d'inscription
vendredi 18 avril 2008
Statut
Membre
Dernière intervention
27 février 2014
98
22 mai 2008 à 23:10
22 mai 2008 à 23:10
et le maleware ?
A demain
A demain
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
22 mai 2008 à 23:14
22 mai 2008 à 23:14
ok je termine de telecharger/mettre a jour et tu me dis quoi deman si il faut je te mp pour te le rappeler^^
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
23 mai 2008 à 00:09
23 mai 2008 à 00:09
Avira AntiVir Personal
Report file date: jeudi 22 mai 2008 23:32
Scanning for 1283461 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: LILI
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 21:16:03
ANTIVIR3.VDF : 7.0.4.79 119296 Bytes 22/05/2008 21:16:05
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 22/05/2008 21:16:23
AESCN.DLL : 8.1.0.18 119156 Bytes 22/05/2008 21:16:22
AERDL.DLL : 8.1.0.20 418165 Bytes 22/05/2008 21:16:21
AEPACK.DLL : 8.1.1.5 364918 Bytes 22/05/2008 21:16:19
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 22/05/2008 21:16:17
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 22/05/2008 21:16:15
AEHELP.DLL : 8.1.0.14 115063 Bytes 22/05/2008 21:16:11
AEGEN.DLL : 8.1.0.21 303477 Bytes 22/05/2008 21:16:09
AEEMU.DLL : 8.1.0.6 430451 Bytes 22/05/2008 21:16:08
AECORE.DLL : 8.1.0.29 168311 Bytes 22/05/2008 21:16:06
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 22 mai 2008 23:32
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'lxcrcoms.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'cpf.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\JimPossible\PCSX2-098EX\PCSX2.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP386\A0092056.exe
[DETECTION] Is the Trojan horse TR/Dldr.ClickMe.A.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP386\A0092057.exe
[DETECTION] Is the Trojan horse TR/Dldr.ClickMe.A.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP397\A0118689.exe
[DETECTION] Is the Trojan horse TR/Spy.VB.aho
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP397\A0118696.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP398\A0118927.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\logXv05\logXv051080.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.enh.4
[NOTE] The file was deleted!
End of the scan: vendredi 23 mai 2008 00:06
Used time: 34:53 min
The scan has been done completely.
3473 Scanning directories
163611 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
7 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
163604 Files not concerned
1608 Archives were scanned
1 Warnings
7 Notes
en voila un je re avec le second
Report file date: jeudi 22 mai 2008 23:32
Scanning for 1283461 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: LILI
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 21:16:03
ANTIVIR3.VDF : 7.0.4.79 119296 Bytes 22/05/2008 21:16:05
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 22/05/2008 21:16:23
AESCN.DLL : 8.1.0.18 119156 Bytes 22/05/2008 21:16:22
AERDL.DLL : 8.1.0.20 418165 Bytes 22/05/2008 21:16:21
AEPACK.DLL : 8.1.1.5 364918 Bytes 22/05/2008 21:16:19
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 22/05/2008 21:16:17
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 22/05/2008 21:16:15
AEHELP.DLL : 8.1.0.14 115063 Bytes 22/05/2008 21:16:11
AEGEN.DLL : 8.1.0.21 303477 Bytes 22/05/2008 21:16:09
AEEMU.DLL : 8.1.0.6 430451 Bytes 22/05/2008 21:16:08
AECORE.DLL : 8.1.0.29 168311 Bytes 22/05/2008 21:16:06
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 22 mai 2008 23:32
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'lxcrcoms.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PAStiSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'cpf.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '24' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\JimPossible\PCSX2-098EX\PCSX2.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP386\A0092056.exe
[DETECTION] Is the Trojan horse TR/Dldr.ClickMe.A.3
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP386\A0092057.exe
[DETECTION] Is the Trojan horse TR/Dldr.ClickMe.A.6
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP397\A0118689.exe
[DETECTION] Is the Trojan horse TR/Spy.VB.aho
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP397\A0118696.dll
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{0041C135-D414-425C-8002-C5A295780ED2}\RP398\A0118927.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[NOTE] The file was deleted!
C:\WINDOWS\system32\logXv05\logXv051080.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.enh.4
[NOTE] The file was deleted!
End of the scan: vendredi 23 mai 2008 00:06
Used time: 34:53 min
The scan has been done completely.
3473 Scanning directories
163611 Files were scanned
7 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
7 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
163604 Files not concerned
1608 Archives were scanned
1 Warnings
7 Notes
en voila un je re avec le second
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
23 mai 2008 à 08:47
23 mai 2008 à 08:47
voila antimalware
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 779
Type de recherche: Examen complet (C:\|)
Eléments examinés: 80841
Temps écoulé: 24 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browsingadvisor.pornpro_bho (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingadvisor.pornpro_bho.1 (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1e96edc-e0c8-be98-1f15-c29dbed83b53} (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1e96edc-e0c8-be98-1f15-c29dbed83b53} (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
voila voila tout ce qui a eté detecté a pu etre viré alors j'ecpere que ca va ^^
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 779
Type de recherche: Examen complet (C:\|)
Eléments examinés: 80841
Temps écoulé: 24 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browsingadvisor.pornpro_bho (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingadvisor.pornpro_bho.1 (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f1e96edc-e0c8-be98-1f15-c29dbed83b53} (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f1e96edc-e0c8-be98-1f15-c29dbed83b53} (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
voila voila tout ce qui a eté detecté a pu etre viré alors j'ecpere que ca va ^^
nico-81
Messages postés
1612
Date d'inscription
vendredi 18 avril 2008
Statut
Membre
Dernière intervention
27 février 2014
98
23 mai 2008 à 16:33
23 mai 2008 à 16:33
Bon voilà tu n'as plus aucune infection normalement. ;)
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
23 mai 2008 à 22:10
23 mai 2008 à 22:10
ok merci merci bcp !
nico-81
Messages postés
1612
Date d'inscription
vendredi 18 avril 2008
Statut
Membre
Dernière intervention
27 février 2014
98
23 mai 2008 à 22:18
23 mai 2008 à 22:18
de rien aide les autre à ton tour, c'est tout ce que je te demande.
hinoto
Messages postés
438
Date d'inscription
jeudi 28 juin 2007
Statut
Membre
Dernière intervention
20 janvier 2013
5
26 mai 2008 à 11:24
26 mai 2008 à 11:24
yep t'inquiete des que c'est dans mes cordes, plutot coté jeux videos(surtout les sims 1),configuration de materiel,mais virus/securite franchement je reconnais que la plupart des probleme j'y comprend rien a par si c'est les memes que les miens lol ^^
a+
a+
