Advance xp defender

Résolu
zooljin Messages postés 35 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

voilà j'ais eu un problem avec advance xp defender.

ce faux antivirus s'est installé automatiquement sur l'ordinateur.
je l'ais donc désinstallé puis j'ais fait des recherches avec regedit et j'ais supprimé toutes les correspondances avec
advance xp defender.

j'ais même récupérer wscntfy.exe sur une autre machine pour relancer l'ancien centre de securité qui a mis quelques seconde à redevenir celui de axpdefender.
apres quelques autres tentative infructueuses et la lecture de postes sur le sujet j'ais pas trouvé de solution.

donc je suis avec winxp sp3! sur un portable celeron 1.7GHz 512Mo de chez VAIO
et voici on hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 12:42:56, on 05/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\EasyAntivirus\bin\ClamTray.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\dugot\Bureau\HijackThis(2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [EasyAntivirus] C:\Program Files\EasyAntivirus\bin\ClamTray.exe --logon
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: iSecurity.cpl
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - (no file)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

merci beaucoup j'attend avec impatiente l'heure de la liberation ^^
Configuration: Windows XP
Firefox 2.0.0.14

8 réponses

  1. Utilisateur anonyme
     
    Salut ta version de hijackthis est perimé

    supprime le et refais un scan avec celle ci :

    Télécharge HijackThis ici :

    -> https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

    Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

    -> http://pageperso.aol.fr/balltrap34/Hijenr.gif

    Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

    -> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    Post le rapport généré ici stp...

    0
    1. zooljin Messages postés 35 Statut Membre
       
      voilà le nouveau!

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:00:05, on 05/06/2008
      Platform: Windows XP SP3 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      C:\WINDOWS\system32\spoolsv.exe
      c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Apoint\Apoint.exe
      C:\WINDOWS\system32\ICO.EXE
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
      C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
      C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
      C:\Program Files\Winamp\winampa.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
      C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
      C:\Program Files\EasyAntivirus\bin\ClamTray.exe
      C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
      C:\Program Files\Apoint\Apntex.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
      C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
      C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
      C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
      C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
      C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
      C:\Program Files\Microsoft Windows OneCare Live\winss.exe
      C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
      C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
      C:\WINDOWS\System32\wbem\wmiapsrv.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\dugot\Bureau\HiJackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
      O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
      O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
      O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
      O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
      O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
      O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
      O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
      O4 - HKLM\..\Run: [EasyAntivirus] C:\Program Files\EasyAntivirus\bin\ClamTray.exe --logon
      O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [iSecurity applet] rundll32.exe iSecurity.cpl,SecurityMonitor
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: BlueSoleil.lnk = ?
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
      O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O20 - AppInit_DLLs: iSecurity.cpl
      O21 - SSODL: iSecurity - {A8311E8F-E459-4D22-89B4-CB9DCF10A425} - (no file)
      O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
      O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
      O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
      O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
      O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
      O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
      O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
      O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
      O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
      O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
      O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
      O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
      O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
      O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
      O24 - Desktop Component 0: (no name) - C:\Program Files\Online Services\rtenefsu.html
      0
  2. Utilisateur anonyme
     
    il ne parait pas dans le hijackthis ....

    on va commencer :

    Telecharge malwarebytes

    -> http://www.commentcamarche.net/telecharger/malwarebyte s anti malware 34055379 avis opinions.php3

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

    Copie et colle le rapport stp.
    0
    1. zooljin Messages postés 35 Statut Membre
       
      j'ais deja utilisé malwarebyte qui n'avais rien donné mais je lance quand meme le scan complet pour poster le rapport!
      0
    2. zooljin Messages postés 35 Statut Membre
       
      voilà le rapport

      Malwarebytes' Anti-Malware 1.14
      Version de la base de données: 826

      14:59:17 05/06/2008
      mbam-log-6-5-2008 (14-59-17).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
      Eléments examinés: 130828
      Temps écoulé: 55 minute(s), 34 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 2
      Clé(s) du Registre infectée(s): 11
      Valeur(s) du Registre infectée(s): 2
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 37
      Fichier(s) infecté(s): 31

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      C:\WINDOWS\system32\iSecurity.cpl (Rogue.ISecurity) -> Unloaded module successfully.
      C:\Program Files\iSecurity\v7\iSecurity.cpl (Trojan.FakeAlert) -> Unloaded module successfully.

      Clé(s) du Registre infectée(s):
      HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\isecurity.mgr (Rouge.ISecurity) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\isecurity.mgr.1 (Rouge.ISecurity) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\iSecurity (Rouge.ISecurity) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Carlson (Dialer) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Words (Adware.Rond) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\iSecurity (Rouge.ISecurity) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iSecurity applet (Rouge.ISecurity) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\Program Files\Words (Adware.Rond) -> Quarantined and deleted successfully.
      C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
      C:\Program Files\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully.
      C:\Program Files\Fichiers communs\Carlson (Dialer) -> Quarantined and deleted successfully.
      C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\XP Antivirus (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity (Rouge.ISecurity) -> Delete on reboot.
      C:\Program Files\ISecurity\v7 (Rouge.ISecurity) -> Delete on reboot.
      C:\iSecurity (Rogue.ISecurity) -> Quarantined and deleted successfully.
      C:\iSecurity\v7 (Rogue.ISecurity) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\905757 (Trojan.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\818646 (Trojan.BHO) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\WinTouch (Adware.WinPop) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\BrowserObjects (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Packages (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuAllUsers (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuCurrentUser (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU\RunOnce (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM\RunOnce (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\BrowserObjects (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Packages (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\HKCU (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\HKLM (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\StartMenuAllUsers (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\StartMenuCurrentUser (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\HKCU\RunOnce (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\AXPFixer\AXPFixer\Quarantine\Autorun\HKLM\RunOnce (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\iSecurity.cpl (Rogue.ISecurity) -> Delete on reboot.
      C:\Program Files\iSecurity\v7\iSecurity.cpl (Trojan.FakeAlert) -> Delete on reboot.
      C:\Documents and Settings\dugot\Local Settings\Temp\outerinfo.ico (Malware.Trace) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008674.exe (Rogue.Installer) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008675.exe (Rogue.Installer) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008679.exe (Rogue.Installer) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008682.exe (Adware.ClickSpring) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008688.dll (Trojan.BHO) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP3\A0008689.dll (Trojan.BHO) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP6\A0009230.exe (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Program Files\Words\list.txt (Adware.Rond) -> Quarantined and deleted successfully.
      C:\Program Files\Words\script.txt (Adware.Rond) -> Quarantined and deleted successfully.
      C:\Program Files\XP Antivirus\xpa.exe.tmp (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpdefender.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpdefender.ico (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpdefenderi.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpfixer.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpfixer.ico (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\axpfixeri.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\iSecurity.dat (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\iSecurity.html (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\systemdefender.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\systemdefender.ico (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\Program Files\ISecurity\systemdefenderi.bmp (Rouge.ISecurity) -> Quarantined and deleted successfully.
      C:\WINDOWS\Resources\DriveKernel.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Menu Démarrer\carlton (Dialer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Bureau\Advanced XP Fixer.lnk (Rogue.AdvancedXPFixer) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Application Data\Microsoft\Internet Explorer\Quick Launch\AXPDefender.lnk (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Bureau\Advanced XP Defender.lnk (Rogue.AdvancedXPDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Bureau\SystemDefender.lnk (Rogue.SystemDefender) -> Quarantined and deleted successfully.
      C:\Documents and Settings\dugot\Bureau\rundll32.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
      0
  3. Utilisateur anonyme
     
    ok met le a jours avant
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Utilisateur anonyme
     
    on l a pas passé pour rien !!

    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    --Télécharge clean.zip, de Malekal
    http://www.malekal.com/download/clean.zip

    (1) Dézippe-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.

    (2) Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd

    une fenêtre noire va apparaître pendant un instant, laisse la ouverte.

    (3) Choisis l'option 1 puis patiente
    Poste le rapport obtenu

    pour retrouver le rapport : double clique sur > C > double clique sur " rapport_clean txt.
    et copie/colle le sur ta prochaine réponse .

    Ne passe pas à l'option 2 sans notre avis !
    A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute
    0
    1. zooljin Messages postés 35 Statut Membre
       
      le rapport est vide ^^

      05/06/2008 a 15:16:37,85

      *** Recherche des fichiers dans C:

      *** Recherche des fichiers dans C:\WINDOWS\

      *** Recherche des fichiers dans C:\WINDOWS\system32

      *** Recherche des fichiers dans C:\Program Files
      0
    2. zooljin Messages postés 35 Statut Membre
       
      et j'ais envoyé upload_moi_DUGOTYVES.tar.gz a malekal.com.

      voilà!
      advanced xp defendeur semble parti , plus de bandeau sous mozilla, plus de raccourcis bureaux et plus de faut centre de securité! en fait plus de centre de securité tout court !
      0
  6. Utilisateur anonyme
     
    ok

    on va verifier pour axp defender :

    Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    -> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    0
    1. zooljin Messages postés 35 Statut Membre
       
      et voilà le compte rendue de combofix

      ComboFix 08-06-04.5 - dugot 2008-06-05 15:35:19.1 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.137 [GMT 2:00]
      Endroit: C:\Documents and Settings\dugot\Bureau\ComboFix.exe
      * Création d'un nouveau point de restauration

      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Documents and Settings\dugot\Menu Démarrer\Programmes\Outerinfo
      C:\Documents and Settings\dugot\ResErrors.log
      C:\Program Files\Online Services\rtenefsu.html
      C:\WINDOWS\system32\mbols~1
      C:\WINDOWS\system32\urlmsnlink.dat
      C:\WINDOWS\system32\wnscpicomsv32.exe

      .
      ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-05 to 2008-06-05 ))))))))))))))))))))))))))))))))))))
      .

      2008-06-05 15:24 . 2008-06-05 15:24 9,766,585 --a------ C:\upload_moi_DUGOTYVES.tar.gz
      2008-06-05 13:12 . 2008-05-30 01:06 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
      2008-06-05 13:12 . 2008-05-30 01:06 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
      2008-06-05 13:11 . 2008-06-05 13:12 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-06-04 16:11 . 2008-06-05 12:15 <REP> d-------- C:\Program Files\Navilog1
      2008-06-04 14:20 . 2008-06-04 14:20 <REP> d-------- C:\Documents and Settings\LocalService\Menu D‚marrer
      2008-06-04 12:06 . 2008-06-04 12:06 <REP> d-------- C:\Documents and Settings\dugot\Application Data\Malwarebytes
      2008-06-04 12:06 . 2008-06-04 12:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-06-03 17:23 . 2005-06-29 07:33 147,456 --a------ C:\WINDOWS\system32\igfxres.dll
      2008-06-03 16:39 . 2008-06-03 17:21 <REP> d-------- C:\WINDOWS\BDOSCAN8
      2008-06-03 16:27 . 2001-08-28 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
      2008-06-03 16:26 . 2008-04-13 19:31 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
      2008-06-03 16:25 . 2001-08-23 17:47 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\EXCH_smtpsnap.dll
      2008-06-03 16:23 . 2008-06-03 16:23 299,552 --a------ C:\WINDOWS\WMSysPrx.prx
      2008-06-03 16:23 . 2008-04-13 11:46 85,248 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
      2008-06-03 16:23 . 2008-06-03 16:23 25,065 --a------ C:\WINDOWS\system32\wmpscheme.xml
      2008-06-03 16:23 . 2008-04-13 11:46 19,200 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
      2008-06-03 16:23 . 2008-04-13 11:46 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
      2008-06-03 16:23 . 2008-04-13 11:39 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
      2008-06-03 16:19 . 2008-06-03 16:19 488 --ah----- C:\WINDOWS\system32\logonui.exe.manifest
      2008-06-03 16:17 . 2008-06-03 16:17 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-06-03 16:17 . 2008-06-03 16:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-06-03 16:17 . 2008-04-13 19:33 282,624 --a------ C:\WINDOWS\system32\inetcfg.dll
      2008-06-03 16:17 . 2008-04-13 19:33 86,016 --a------ C:\WINDOWS\system32\isign32.dll
      2008-06-03 16:17 . 2008-04-13 19:33 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
      2008-06-03 16:17 . 2001-08-28 14:00 73,728 --a--c--- C:\WINDOWS\system32\dllcache\icwtutor.exe
      2008-06-03 16:17 . 2008-04-13 19:33 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
      2008-06-03 16:17 . 2001-08-28 14:00 65,536 --a--c--- C:\WINDOWS\system32\dllcache\icwres.dll
      2008-06-03 16:17 . 2008-04-13 19:02 50,688 --a------ C:\WINDOWS\system32\inetres.dll
      2008-06-03 16:17 . 2001-08-28 14:00 40,960 --a--c--- C:\WINDOWS\system32\dllcache\trialoc.dll
      2008-06-03 16:17 . 2001-08-28 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
      2008-06-03 16:12 . 2008-04-13 18:57 58,752 --a------ C:\WINDOWS\system32\drivers\redbook.sys
      2008-06-03 16:12 . 2008-04-13 11:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
      2008-06-03 16:09 . 2008-04-13 19:34 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
      2008-06-03 16:05 . 2008-04-13 19:34 146,944 --a------ C:\WINDOWS\system\winspool.drv
      2008-06-03 16:05 . 2001-08-28 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
      2008-06-03 16:05 . 2001-08-28 14:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
      2008-06-03 16:05 . 2001-08-28 14:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
      2008-06-03 16:05 . 2001-08-28 14:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
      2008-06-03 16:04 . 2001-08-28 14:00 1,085,938 -ra------ C:\WINDOWS\SET50.tmp
      2008-06-03 16:04 . 2001-08-28 14:00 13,923 -ra------ C:\WINDOWS\SET5C.tmp
      2008-06-03 15:55 . 2008-06-03 15:55 <REP> d-------- C:\WINDOWS\system32\fr
      2008-06-03 15:46 . 2008-04-13 11:23 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
      2008-06-03 15:44 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\004379_.tmp
      2008-06-03 15:32 . 2008-04-13 11:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
      2008-06-03 15:29 . 2008-04-13 19:34 129,536 --a------ C:\WINDOWS\system32\ksproxy.ax
      2008-06-03 15:29 . 2008-04-13 19:33 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
      2008-06-03 15:20 . 2008-04-13 11:54 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
      2008-06-03 15:19 . 2003-04-24 14:00 1,086,182 -ra------ C:\WINDOWS\SETED.tmp
      2008-06-03 15:19 . 2001-08-28 14:00 809,394 --a--c--- C:\WINDOWS\system32\dllcache\NT5IIS.CAT
      2008-06-03 15:19 . 2001-08-28 14:00 399,670 --a--c--- C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
      2008-06-03 15:19 . 2001-08-28 14:00 37,509 --a--c--- C:\WINDOWS\system32\dllcache\MW770.CAT
      2008-06-03 15:19 . 2003-04-24 14:00 13,923 -ra------ C:\WINDOWS\SETF9.tmp
      2008-06-03 15:19 . 2001-08-28 14:00 13,497 --a--c--- C:\WINDOWS\system32\dllcache\HPCRDP.CAT
      2008-06-03 15:19 . 2001-08-28 14:00 8,599 --a--c--- C:\WINDOWS\system32\dllcache\IASNT4.CAT
      2008-06-03 15:19 . 2001-08-28 14:00 7,407 --a--c--- C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
      2008-06-03 14:38 . 2008-06-04 10:35 1,138 --a------ C:\WINDOWS\imsins.BAK
      2008-06-03 14:37 . 2008-04-13 18:54 103,936 --a------ C:\WINDOWS\system32\dpcdll.dll
      2008-06-03 14:33 . 2008-04-13 19:34 1,298,432 --a------ C:\WINDOWS\system32\dxdiag.exe
      2008-06-03 14:30 . 2008-04-13 19:33 1,135,616 --a------ C:\WINDOWS\system32\wuaueng.dll
      2008-06-03 14:26 . 2002-06-14 18:46 19,274 --a------ C:\WINDOWS\001281_.tmp
      2008-06-03 13:41 . 2008-06-03 13:41 <REP> d-------- C:\Program Files\CCleaner
      2008-06-03 13:40 . 2008-06-03 13:40 11,954 --a------ C:\WINDOWS\system32\wpa.bak

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-06-04 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
      2008-06-04 08:44 --------- d-----w C:\Program Files\YesMessenger
      2008-06-04 08:43 --------- d-----w C:\Program Files\Yahoo!
      2008-06-04 08:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-06-04 08:21 --------- d-----w C:\Program Files\Sony
      2008-06-03 14:16 --------- d-----w C:\Program Files\Services en ligne
      2008-06-03 12:47 --------- d-----w C:\Program Files\MSN Messenger
      2008-06-01 17:08 --------- d-----w C:\Documents and Settings\dugot\Application Data\ArcSoft
      2008-05-04 21:51 --------- d-----w C:\Program Files\eMule
      2008-04-30 22:01 --------- d-----w C:\Program Files\Microsoft Windows OneCare Live
      2008-04-21 20:03 --------- d-----w C:\Program Files\ESET
      2008-04-13 17:34 70,656 ----a-w C:\WINDOWS\notepad.exe
      2008-04-13 17:34 32,866 ------w C:\WINDOWS\slrundll.exe
      2008-04-13 17:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
      2008-04-13 17:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
      2008-04-13 17:34 153,088 ----a-w C:\WINDOWS\regedit.exe
      2008-04-13 17:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
      2008-04-13 17:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
      2008-04-13 17:34 10,752 ----a-w C:\WINDOWS\hh.exe
      2008-04-13 17:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
      2008-04-13 17:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
      2008-04-13 17:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
      2008-04-13 17:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
      2008-04-13 17:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
      2008-04-13 17:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
      2008-04-13 17:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
      2008-04-13 17:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
      2008-04-13 17:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
      2008-04-13 17:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
      2008-04-13 17:03 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
      2008-04-13 17:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
      2008-04-13 17:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
      2008-04-13 17:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
      2008-04-13 17:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
      2008-04-13 16:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
      2008-04-13 16:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
      2008-04-13 16:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
      2008-04-13 16:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
      2008-04-13 16:55 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
      2008-04-13 16:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
      2008-04-13 16:55 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
      2008-04-13 16:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
      2008-04-13 16:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
      2008-04-13 16:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
      2008-04-13 16:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
      2008-04-13 16:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
      2008-04-13 10:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
      2008-04-13 10:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
      2008-04-13 10:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
      2008-04-13 10:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
      2008-04-13 10:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
      2008-04-13 10:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
      2008-04-13 10:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
      2008-04-13 10:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
      2008-04-13 10:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
      2008-04-13 10:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
      2008-04-13 10:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
      2008-04-13 10:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
      2008-04-13 10:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
      2008-04-13 10:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
      2008-04-13 10:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
      2008-04-13 10:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
      2008-04-13 10:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
      2008-04-13 10:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
      2008-04-13 10:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
      2008-04-13 10:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
      2008-04-13 10:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
      2008-04-13 10:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
      2008-04-13 09:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
      2008-04-13 09:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
      2008-04-13 09:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
      2008-04-13 09:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
      2008-04-13 09:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
      2008-04-13 09:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
      2008-04-13 09:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
      2008-04-13 09:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
      2008-04-13 09:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
      2008-04-13 09:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
      2008-04-13 09:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
      2008-04-13 09:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
      2008-04-13 09:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
      2008-04-13 09:56 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
      2008-04-13 09:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
      2008-04-13 09:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
      2008-04-13 09:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
      2008-04-13 09:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
      2008-04-13 09:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
      2008-04-13 09:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
      2008-04-13 09:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
      2008-04-13 09:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
      2008-04-13 09:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
      2008-04-13 09:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
      2008-04-13 09:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
      2008-04-13 09:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
      2008-04-13 09:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
      2008-04-13 09:46 61,696 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
      2008-04-13 09:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
      2008-04-13 09:46 53,376 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
      2008-04-13 09:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
      2008-04-13 09:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
      .

      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360]
      "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\ypager.exe" [2004-08-06 16:33 2502656]
      "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-20 16:45 68856]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2003-11-07 10:21 114688]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-06-09 09:56 6746112]
      "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-04-29 07:56 45056]
      "Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 17:46 45056 C:\WINDOWS\system32\ico.exe]
      "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-29 07:33 94208]
      "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-29 07:33 77824]
      "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-29 07:33 114688]
      "SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 23:07 184320]
      "ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 15:12 32768]
      "VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 22:36 151552]
      "PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 15:15 40960]
      "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14 35328]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
      "LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-06-26 11:33 243248]
      "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-09-27 07:59 81920]
      "EasyAntivirus"="C:\Program Files\EasyAntivirus\bin\ClamTray.exe" [2005-11-24 18:49 53248]
      "OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-01-22 20:43 67112]
      "RTHDCPL"="RTHDCPL.EXE" [2005-06-29 06:25 14720000 C:\WINDOWS\RTHDCPL.EXE]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
      VESWinlogon.dll 2005-05-20 18:42 73728 C:\WINDOWS\system32\VESWinlogon.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "VIDC.dvsd"= C:\PROGRA~1\FICHIE~1\SONYSH~1\VideoLib\sonydv.dll

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
      @="Service"

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
      "EnableFirewall"= 0 (0x0)

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=

      R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 15:07]
      R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe [2002-12-17 18:55]
      S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 20:10]
      S3 ProcMonitor;Process Monitor;C:\Program Files\EasyAntivirus\bin\ProcObsrv.sys [2005-10-05 13:37]
      S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE [2002-12-17 18:23]
      S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 11:45]
      S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 11:45]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f1aca7b-91e9-11dc-8b38-101111111111}]
      \Shell\Auto\command - cmd /C launch.bat
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat

      .
      Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
      "2008-06-05 13:43:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
      0
      1. zooljin Messages postés 35 Statut Membre > zooljin Messages postés 35 Statut Membre
         
        c bon le probleme est réglé merci beaucoup pour cette aide precieuse!
        0
  7. Utilisateur anonyme
     
    OK une derniere chose :

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe
    http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    -i-
    A découvrir : Estopa, Rosario Flores, La oreja de van gogh.. Bonne écoute
    0
    1. zooljin Messages postés 35 Statut Membre
       
      merci beaucoup pour toolcleaner il a l'air bien sympa a utiliser et bien pratique mais là j'ai plus l'ordinateur entre les mains donc pour le rapport ça va pas être facile :-) .

      a une prochaine foi pour de nouvelles aventures ;-)
      0
  8. Utilisateur anonyme
     
    de rien ciao et bon surf
    0