Virus Beagle et trojan gen Résolu

Question

Bonjour,
 voila comme le dit le titre, je suis infecté par un virus beagle, et des trojan, qui change de nom assez ouvent, voici le premier rapport de Hijackthis : 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:48:30, on 8/29/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Windows\System32undll32.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MaxiMemo\MaxiMemo.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32undll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\SurfRobot\SurfRobot.exe
C:\Program Files\Eurobarre\eb.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Sébastien\Desktop\ELIBAGLA.%D8A%D8IB%D8%D8H.EXE
C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMBCWriter.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: Shell=
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {59739B01-B925-4607-817E-8082ED922DA5} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [DLBUCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [DSC20Upgrade] "C:\ProgramData\Dell\DSC20Upgrade\DSC20UpgradeJobVista.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-401619127-2922873584-3909917982-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{385ED74B-E8DE-4D0F-9276-97C2BA114968}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{385ED74B-E8DE-4D0F-9276-97C2BA114968}: NameServer = 192.168.1.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: vtqnxfko - {E9E32E4B-943C-43E0-99C0-4ECCF8B78371} - (no file)
O21 - SSODL: tsxngabr - {E3548F21-F74C-4D46-AB3C-B3F6FBFDB601} - (no file)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: dlbu_device -   - C:\Windows\system32\dlbucoms.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

crapoulou · Answer

Salut, 
Rends toi sur ce site : 
http://www.zonavirus.com/datos/descargas/95/elibagla.asp 
tout en bas de cette page tu trouveras un outil 
à télécharger, clique sur "escargar Elibagla" 
(le numéro de version change au fur et à mesure des mises à jour) 
installe ce fichier sur le bureau. 


Etape 1 
ensuite double-clic sur Elibagla.exe 
>laisse la case "eliminar ficheros automaticamente" coché 
>clique sur"explorar" 
>laisse-le travailler 
>poste le rapport final qui sera dans c:\infosat.txt

sebpoint · Answer

est ce normal que le logiciel n'accede pas a certains fichier?

" Acceso denegado a la carpeta "

crapoulou · Answer

Je ne saurais te dire je le gère moyennement.
Il y a beaucoup de fichiers auxquels il n'arrive pas à accéder ?
Si non, envoie moi le nom des fichiers.
Si oui, on verra ...
S'il peut continuer de travailler, laisse le faire et envoie le rapport à la fin du scan.

sebpoint · Answer

bcp bcp, je dois a chaque fois cliquer sur ok, mais des que c'est fini je poste le rapport... une idée du temps que cela prend?

crapoulou · Answer

Non pas d'idée.
S'il y en a trop, essaye de le faire en mode sans échec.
(de toute façon je pense que l'on va le refaire en mode sans échec).

sebpoint · Answer

je n'ai rien dans mon c

crapoulou · Answer

Tu n'as pas de rapport généré ??

sebpoint · Answer

non, rien du tout

sebpoint · Answer

je referai le test en mode sans echec lundi, là, je pars en week end ;)

merci, a lundi :-)

bon week end

crapoulou · Answer

Ok, à lundi alors.
Bon weekend.

sebpoint · Answer

voici en mode sans echec :


	  Tue Sep 02 22:45:18 2008
EliBagle v11.66  (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

	  Tue Sep 02 22:45:45 2008
EliBagle v11.66  (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   46201
Nº Total de Ficheros:      355941
Nº de Ficheros Analizados: 22470
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados:  0

crapoulou · Answer

Telecharge FindyKill :

-->Fais un clic droit sur ce lien, enregistrer sous ....le bureau

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.rar

Dezippe le sur le bureau

Entre dans le dossier FindyKill

double clic sur findyKill.exe

choisi l option 1 (recheche)

---> Un rapport va souvrir, post le sur le forum

Note : Le rapport est suvegardé a la racine du disque

sebpoint · Answer

et voila pour Findykill : 

 
               ** Rapport FindyKill ** 
 
 
+-  Presence des fichiers dans C: 
 
C:\InfoSat.txt Present!! 
 
+-  Presence des fichiers dans C:\Windows\Prefetch 
 
 
+-  Presence des fichiers dans C:\Windows\system32 
 
 
+-  Presence des fichiers dans C:\Windows\system32\drivers 
 
C:\Windows\system32\drivers\downld Present!! 
 
+-  Presence des fichiers dans C:\Users\S‚bastien\AppData\Roaming 
 


+-  Registre :


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Defender    REG_EXPAND_SZ    %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    SunJavaUpdateSched    REG_SZ    "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    UpdReg    REG_SZ    C:\Windows\UpdReg.EXE
    ISUSScheduler    REG_SZ    "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    NMSSupport    REG_SZ    "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
    DLBUCATS    REG_SZ    rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16
    dscactivate    REG_SZ    "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    NeroFilterCheck    REG_SZ    C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    NvSvc    REG_SZ    RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
    NvCplDaemon    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    NvMediaCenter    REG_SZ    RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    Start WingMan Profiler    REG_SZ    C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    Windows Mobile Device Center    REG_EXPAND_SZ    %windir%\WindowsMobile\wmdc.exe
    AppleSyncNotifier    REG_SZ    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    avast!    REG_SZ    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    DellSupportCenter    REG_SZ    "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    TrojanScanner    REG_SZ    C:\Program Files\Trojan Remover\Trjscan.exe /boot
    iTunesHelper    REG_SZ    "C:\Program Files\iTunes\iTunesHelper.exe"


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    ehTray.exe    REG_SZ    C:\Windows\ehome\ehTray.exe
    Sidebar    REG_SZ    C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    WMPNSCFG    REG_SZ    C:\Program Files\Windows Media Player\WMPNSCFG.exe

 
 
     ! Recherche realisée avec success ! 
 
 
+-  FindyKill par Chiquitine29 
 
+-  Recherche executée le mer. 09/03/2008 a 11:55:31.88

crapoulou · Answer

Ok, maintenant fais l'option 2.

sebpoint · Answer

le rapport en suivant

Utilisateur anonyme · Answer

Salut,

pour voir le rapport merci

sebpoint · Answer

pkoi mon rapport n'apparait pas?

Utilisateur anonyme · Answer

il va arriver j ai alerté les personnes concernées patience

^^Marie^^ · Answer

Coucou

** Rapport FindyKill **



/!\..... Suppression ...../!\




+- Suppression des fichiers dans C:\Windows\system32


+- Suppression des fichiers dans C:\Windows\system32\drivers

Supprime ! de C:\Windows\system32\drivers\downld

+- Suppression des fichiers dans C:\Users\S‚bastien\AppData\Roaming


/!\..... Second passage ...../!\




+- Suppression des fichiers dans C:

Supprime ! de C:\InfoSat.txt

+- Suppression des fichiers dans C:\Windows\Prefetch


+- Suppression des fichiers dans C:\Windows\system32


+- Suppression des fichiers dans C:\Windows\system32\drivers


+- Suppression des fichiers dans C:\Users\S‚bastien\AppData\Roaming



/!\..... Verification...../!\




+- Presence des fichiers dans C:


+- Presence des fichiers dans C:\Windows\Prefetch


+- Presence des fichiers dans C:\Windows\system32


+- Presence des fichiers dans C:\Windows\system32\drivers


+- Presence des fichiers dans C:\Users\S‚bastien\AppData\Roaming



+- Suppression des clefs du registre..


"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Hardware Profiles\0001\System\CurrentControlSet\Enum\ROOT\LEGACY_SROSA " - Supprime !


+- Suppression des clefs du registre effectuée !


+- Affichage des fichiers caches réparé !


+- Services de securité Windows redemarré !


+- Autres suppressions :



! Nettoyage realisé avec succès !


+- FindyKill par Chiquitine29


+- Suppression executée le mer. 09/03/2008 a 13:44:03.83


+- Recherche d autres infections :


C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Adobe Premiere Pro Cs3 Multi Language Incl Crack - (((- SeedPeer.Com -))).torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Adobe+Acrobat+8+Professional+FULL+DVD+Incl+CRACK.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Adobe.Acrobat.8.Pro.Crack.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Adobe.Acrobat.v8.0.Professional.FULL.DVD.CRACK.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Antivirus_Nod32__2_7_French___Crack_Zip_-_[-_www.Meganova.org_-][1].torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Avast+Anti+Virus+PRO+v4.8.1201%5Badded+multiple+keygens%5D.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Beijing_2008_CRACK_ONLY.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Colin McRae DiRT Crack Only-STOLEN [www.Fulldls.com].torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Football_Manager_2008_Including_Crack_And_Language_Pack_Fisk.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Office_Pro_2007_FR___Keygen.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Pinnacle_Studio_Plus_v11_MultiLanguage_Bonus_DVD_Incl_Keygen.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Power DVD powerdvd Ultra v8.0.1730 (Cyberlink) (Multi Language Version) + Keygen [mininova].torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\Super.Anti.Spyware.Pro.v3.9.1008+Crack-Prof.rar.torrent
C:\Users\SBASTI~1\AppData\Roaming\Azureus	orrents\White.Chicks.Licking.Black.Crack.6.XXX.DVDRip.REPACK.1CD.XV

Utilisateur anonyme · Answer

merci ^^Marie^^

@++

PS: je laisse la suite a crapoulou

crapoulou · Answer

Restez pas loin Chiquitine et Marie, je suis pas très expérimenté comme vous ...

sebpoint · Answer

alors, ça donne quoi?

Utilisateur anonyme · Answer

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe 




-> Double clique sur combofix.exe. 
-> Tape sur la touche 1 (Yes) pour démarrer le scan. 
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt 

Avant d'utiliser ComboFix : 

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours. 

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil. 

Une fois fait, sur ton bureau double-clic sur Combofix.exe. 

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc. 

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes. 

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire. 

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt) 

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

sebpoint · Answer

Rapport de " Combofix " : ComboFix 08-09-03.03 - Sébastien 2008-09-06 18:02:28.1 - NTFSx86 Endroit: C:\Users\Sébastien\Desktop\ComboFix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\Sébastien\AppData\Local\luwrkegl_navfx.dat C:\Windows\system32\dao350.dll C:\Windows\system32\drivers\downld C:\Windows\System32\IOpqtCdd.ini C:\Windows\System32\IOpqtCdd.ini2 C:\Windows\System32\ivcrkipj.ini C:\Windows\System32\pkrhxoha.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))))))) . 2008-09-06 18:16 . 2008-09-06 18:16 d-------- C:\Windows\System32\drivers\downld 2008-09-05 14:03 . 2005-01-18 16:33 381,312 --a------ C:\Windows\System32\drivers\WlanUIG.sys 2008-09-01 00:07 . 2008-09-01 00:07 d-------- C:\Program Files\Neuf 2008-08-29 10:35 . 2008-09-02 21:16 d-a------ C:\Users\All Users\TEMP 2008-08-29 10:35 . 2008-09-02 21:16 d-a------ C:\ProgramData\TEMP 2008-08-29 10:33 . 2008-08-29 10:33 d-------- C:\Users\All Users\Simply Super Software 2008-08-29 10:33 . 2008-08-29 10:33 d-------- C:\ProgramData\Simply Super Software 2008-08-29 10:33 . 2008-08-29 10:34 d-------- C:\Program Files\Trojan Remover 2008-08-29 10:33 . 2006-05-25 15:52 162,304 --a------ C:\Windows\System32\ztvunrar36.dll 2008-08-29 10:33 . 2003-02-02 20:06 153,088 --a------ C:\Windows\System32\UNRAR3.dll 2008-08-29 10:33 . 2005-08-26 01:50 77,312 --a------ C:\Windows\System32\ztvunace26.dll 2008-08-29 10:33 . 2002-03-06 01:00 75,264 --a------ C:\Windows\System32\unacev2.dll 2008-08-29 10:33 . 2006-06-19 13:01 69,632 --a------ C:\Windows\System32\ztvcabinet.dll 2008-08-28 17:47 . 2008-09-02 21:22 343,165,501 --a------ C:\Windows\MEMORY.DMP 2008-08-28 00:19 . 2008-08-28 00:19 d-------- C:\Program Files\Movkit 2008-08-27 00:34 . 2008-08-27 00:34 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2008-08-26 00:12 . 2008-08-26 00:12 0 --ah----- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf 2008-08-26 00:09 . 2008-08-26 00:12 d-------- C:\Users\All Users\PC Suite 2008-08-26 00:09 . 2008-08-26 00:12 d-------- C:\ProgramData\PC Suite 2008-08-26 00:04 . 2008-08-26 00:04 d-------- C:\Program Files\PC Connectivity Solution 2008-08-25 23:55 . 2008-08-25 23:55 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-08-24 20:06 . 2008-08-24 20:06 d-------- C:\VundoFix Backups 2008-08-23 18:48 . 2008-08-23 18:48 d-------- C:\Program Files\Alwil Software 2008-08-23 18:48 . 2008-07-19 16:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys 2008-08-23 00:12 . 2008-08-24 20:02 d-------- C:\Program Files\Trend Micro 2008-08-21 19:59 . 2008-08-21 19:59 d-------- C:\Program Files\Apple Software Update 2008-08-21 19:57 . 2008-08-21 19:57 d-------- C:\Program Files\iTunes 2008-08-21 19:57 . 2008-08-21 19:57 d-------- C:\Program Files\iPod 2008-08-21 19:55 . 2008-08-21 19:55 d-------- C:\Program Files\Common Files\Apple 2008-08-20 17:51 . 2008-08-20 17:51 d-------- C:\Program Files\SEGA 2008-08-19 22:29 . 2008-08-19 22:29 202,928 --ah----- C:\Windows\System32\mlfcache.dat 2008-08-19 00:30 . 2008-08-19 00:30 d-------- C:\Program Files\Safari 2008-08-19 00:29 . 2008-08-19 00:29 d-------- C:\Users\All Users\Apple 2008-08-19 00:29 . 2008-08-19 00:29 d-------- C:\ProgramData\Apple 2008-08-19 00:29 . 2008-08-19 00:29 d-------- C:\Program Files\Bonjour 2008-08-18 23:30 . 2008-08-18 23:31 d-------- C:\Program Files\Motherboard Monitor 5 2008-08-18 23:23 . 2008-08-18 23:31 d-------- C:\Program Files\SpeedFan 2008-08-18 23:23 . 2008-08-18 23:23 45 --a------ C:\Windows\System32\initdebug.nfo 2008-08-16 21:36 . 2008-08-16 21:36 d-------- C:\Program Files\7-Zip 2008-08-13 03:05 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32 zres.dll 2008-08-13 02:07 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb 2008-08-13 02:07 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll 2008-08-13 02:07 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll 2008-08-13 02:07 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL 2008-08-13 02:07 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll 2008-08-10 14:54 . 2008-08-10 14:54 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf 2008-08-10 13:03 . 2008-08-10 13:03 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf 2008-08-10 01:16 . 2008-08-10 01:16 d-------- C:\Program Files\CFWebAdvancedU 2008-08-09 21:37 . 2008-08-22 19:30 d-------- C:\Program Files\T‚l‚chargeur de Beijing 2008 2008-08-07 20:08 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-08-07 20:08 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-08-07 20:08 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-08-07 20:08 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll 2008-08-07 20:07 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-08-07 20:07 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-08-07 20:07 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-08-07 20:07 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll 2008-08-07 20:07 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-08-07 00:18 . 2008-08-07 00:18 d-------- C:\Program Files\Common Files\Logitech 2008-08-06 11:24 . 2008-08-11 01:32 54,156 --ah----- C:\Windows\QTFont.qfn 2008-08-06 11:24 . 2008-08-06 11:24 1,409 --a------ C:\Windows\QTFont.for . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-06 16:16 --------- d-----w C:\Program Files\dl_Cats 2008-09-02 21:34 --------- d-----w C:\Program Files\SUPERAntiSpyware 2008-08-31 22:07 --------- d-----w C:\Program Files euf telecom 2008-08-29 10:37 --------- d-----w C:\Program Files\SweetIM 2008-08-28 16:45 --------- d-----w C:\Program Files\eMule 2008-08-25 07:09 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-08-22 18:02 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-08-22 17:30 --------- d-----w C:\Program Files\Téléchargeur de Beijing 2008 2008-08-22 17:30 --------- d-----w C:\Program Files\IrfanView 2008-08-21 17:57 --------- d-----w C:\ProgramData\Apple Computer 2008-08-20 15:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-17 13:09 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-08-13 01:13 --------- d-----w C:\Program Files\Windows Mail 2008-08-13 01:06 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-09 19:37 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll 2008-08-06 22:18 --------- d-----w C:\Program Files\Logitech 2008-07-22 18:32 32,000 ----a-w C:\Windows\system32\drivers\usbaapl.sys 2008-07-18 20:08 205,000 ----a-w C:\Windows\System32\wuweb.dll 2008-07-11 12:46 --------- d-----w C:\ProgramData\Messenger Plus! 2008-07-11 10:35 --------- d-----w C:\Program Files\MB Softs 2008-07-07 12:49 --------- d-----w C:\Program Files\Azureus 2008-06-26 17:33 174 --sha-w C:\Program Files\desktop.ini 2008-06-26 07:13 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-06-26 07:13 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-29 77824] "UpdReg"="C:\Windows\UpdReg.EXE" [2000-05-11 90112] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920] "NMSSupport"="C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-04-06 439768] "DLBUCATS"="C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll" [2007-02-12 73728] "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2006-03-06 675848] "NvSvc"="C:\Windows\system32 vsvc.dll" [2007-09-17 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-17 8497696] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-17 81920] "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584] "Windows Mobile Device Center"="C:\Windows\WindowsMobile\wmdc.exe" [2007-05-31 648072] "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-19 914512] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "DSC20Upgrade"="C:\ProgramData\Dell\DSC20Upgrade\DSC20UpgradeJobVista.exe" [2007-11-19 30634330] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ MaxiMemo.lnk - C:\Program Files\MaxiMemo\MaxiMemo.exe [2007-10-15 828928] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "EnableLUA"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "TaskbarNoNotification"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\!SASWinLogon] 2007-04-19 14:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.avis"= ff_acm.acm "VIDC.MJPG"= Pvmjpg30.dll "vidc.yv12"= yv12vfw.dll [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 "SuperCopier2.exe"=C:\apps_portables\SuperCopier2beta1-9\SuperCopier2.exe "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un-] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE "RtHDVCpl"=RtHDVCpl.exe "VolPanel"="C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r "QuickTime Task"="C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-401619127-2922873584-3909917982-1001] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{26780352-8166-49D1-A2D4-69ED15C34356}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent "{97E476B1-686E-46D8-8C9D-E62F2450D6A4}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent "{5DD28851-F5C5-44BF-B44D-E26A1C446BD1}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{A3E28905-B19B-4E66-B8A4-F25036579EE7}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM "{621E3FA7-B2FC-42DC-BA73-CB6ACC39DF32}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service "{844F9EB4-C412-44C8-8650-21CE8397776A}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service "{33183F63-D068-41D4-8827-AA7994E6881C}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server "{14E7B48C-EB6B-47F8-A701-41D2923737F2}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server "{72D933E3-ABF5-4A7A-8688-3CE1DB884001}"= TCP:Profile=Private|Profile=Public|9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery "{25B25FDB-43AE-45F9-8200-B1415E16CE25}"= TCP:Profile=Private|Profile=Public|1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery "{609D2B19-7EF2-4422-8F57-880145F7E11F}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{D868AEE6-FD88-4B92-9FBF-6C965E5F4B49}"= UDP:15925:azureus "{17C2E135-F3E3-4D61-8C11-6CF705267659}"= UDP:C:\Windows\System32\dlbucoms.exe:Lexmark Communications System "{1E2303FF-BBB0-4EB9-B8FC-995DCC8CDB1C}"= TCP:C:\Windows\System32\dlbucoms.exe:Lexmark Communications System "{F4477E0D-1C87-467A-8E9F-BFE3079C25F6}"= UDP:C:\Program Files\Azureus\Azureus.exe:Azureus "{69EE53F5-78F7-40AE-AFF5-F4F6083545B0}"= TCP:C:\Program Files\Azureus\Azureus.exe:Azureus "TCP Query User{9C69E74E-E54D-4410-A9FC-64A8DC70AEB0}C:\program files\flashget\flashget.exe"= UDP:C:\program files\flashget\flashget.exe:FlashGet "UDP Query User{F7AC201E-9BFE-471A-9800-02C3D33B68F2}C:\program files\flashget\flashget.exe"= TCP:C:\program files\flashget\flashget.exe:FlashGet "TCP Query User{7D459AEC-9445-48DE-ADE2-8F3B54180AAA}C:\program files\sierra\fearcombat\fpupdate.exe"= UDP:C:\program files\sierra\fearcombat\fpupdate.exe:fpupdate "UDP Query User{CDD99503-01BE-4307-8C3F-5A9797FB49EC}C:\program files\sierra\fearcombat\fpupdate.exe"= TCP:C:\program files\sierra\fearcombat\fpupdate.exe:fpupdate "{948D8D4D-A4A5-43F1-93AA-4E3F73A92FA9}"= UDP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat "{2303BD2D-015F-4613-A5B7-5A8B4E1D1309}"= TCP:C:\Program Files\Sierra\FEARCombat\FEARMP.exe:FEAR Combat "TCP Query User{CD5E604C-B229-4F2B-857D-ECC720BA0A17}C:\program files\sierra\fearcombat\fearserver.exe"= UDP:C:\program files\sierra\fearcombat\fearserver.exe:F.E.A.R. - Stand-Alone Server "UDP Query User{40F205B1-26E6-4349-B0A1-9FBC28AA8D76}C:\program files\sierra\fearcombat\fearserver.exe"= TCP:C:\program files\sierra\fearcombat\fearserver.exe:F.E.A.R. - Stand-Alone Server "{4D4EA83A-9B1A-4E07-BA4B-D4FB8153BABC}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{C2634085-43B6-444C-9C98-1C0B085F49DE}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:Render Manager "{E6B4F0C5-C6E5-4A53-A908-698A934236DD}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{27C9AF77-1887-4ABD-83D9-5B7473B90299}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:Studio "{90B3B71B-184E-4760-B472-30618DC44BBD}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{DA4CBD1A-E245-4A08-AE4E-DD3C2FC65068}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile "{434A35E2-4737-413A-9C2F-67451E4CCEF2}"= UDP:C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:umi "{32224BC7-60F9-48F5-A41E-F09DFD87C6C1}"= TCP:C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:umi "{550C3049-8840-4ACB-B91D-F617475711DA}"= UDP:7561:TCP emule "{8F66B9D0-5396-4D6C-8844-380DEA602DAE}"= TCP:7571:udp emule "TCP Query User{87ECDE65-CB8B-4F8A-9602-438F119A981D}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{428D32DA-C361-44DE-A868-27F86CD3D5BE}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "TCP Query User{2B28BBCE-12BA-46DB-AB1F-E6FB9247A0F4}C:\windows\explorer.exe"= UDP:C:\windows\explorer.exe:Explorateur Windows "UDP Query User{E4EDA878-5985-4278-8871-C643C1394FBE}C:\windows\explorer.exe"= TCP:C:\windows\explorer.exe:Explorateur Windows "TCP Query User{49C17D27-27A3-49B1-BCD9-780E3B194D38}C:\program files\mozilla firefox\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{33032029-2A92-4D56-B955-31DA0423F7DD}C:\program files\mozilla firefox\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{59AC81C6-8490-4482-90AB-1D66F8A9C98F}C:\program files\konami\pro evolution soccer 2008\pes2008.exe"= UDP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008 "UDP Query User{8C0E9751-F8E8-4E87-9180-133EC4EF0F80}C:\program files\konami\pro evolution soccer 2008\pes2008.exe"= TCP:C:\program files\konami\pro evolution soccer 2008\pes2008.exe:Pro Evolution Soccer 2008 "TCP Query User{5EBCBED9-3D90-468C-8C82-B798A19CD9FE}C:\program files\filezilla client\filezilla.exe"= UDP:C:\program files\filezilla client\filezilla.exe:FileZilla FTP Client "UDP Query User{599EC2AB-5661-45A9-B999-74445122806B}C:\program files\filezilla client\filezilla.exe"= TCP:C:\program files\filezilla client\filezilla.exe:FileZilla FTP Client "TCP Query User{733B9E27-E278-4C6C-B8B2-16F60EA763FC}C:\program files\codemasters\dirt\dirt.exe"= UDP:C:\program files\codemasters\dirt\dirt.exe:DiRT Executable "UDP Query User{CE40996B-0DB0-4DB6-94B9-BD28E2073CD8}C:\program files\codemasters\dirt\dirt.exe"= TCP:C:\program files\codemasters\dirt\dirt.exe:DiRT Executable "TCP Query User{1FA2D014-26D4-40E7-AEBF-03048830F8FC}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application "UDP Query User{C559EAA0-7255-4CED-9EA2-8DECEA0EDE23}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application "{553F49CE-3039-476D-A04E-8036E8CE2108}"= UDP:C:\Program Files\PPLive\PPLive.exe:PPLive "{1E5F6A37-6B32-46FC-BBEF-C3EF708AD2CE}"= TCP:C:\Program Files\PPLive\PPLive.exe:PPLive "TCP Query User{202BEE1D-F78E-4560-A97F-671D4D230049}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{87DD5E0F-494A-4BEA-8774-B34F59B61700}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{C0ADECCC-DBBC-427C-8F4B-60F68B2587C6}C:\program files\tvants\tvants.exe"= UDP:C:\program files vants vants.exe:TVAnts "UDP Query User{70DF8747-A7B4-4B0C-8FEF-3B098147B9CC}C:\program files\tvants\tvants.exe"= TCP:C:\program files vants vants.exe:TVAnts "{1CFC6CD7-EBC5-41A0-A003-8EC4176819C1}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{04D3A7F8-5EA5-4991-A35C-080DC8F88829}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32 "{4264945F-832F-4E69-AFC8-9E6C6C154625}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "{890773AC-DF8E-43E4-B019-1A61408D4202}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32 "TCP Query User{E0D7FBCC-607E-4A65-B677-9C05CBD90CFF}C:\program files\maïdo production\izispot 4\izispot.exe"= UDP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot "UDP Query User{9C01A97A-61CC-48D6-B052-47A870777290}C:\program files\maïdo production\izispot 4\izispot.exe"= TCP:C:\program files\maïdo production\izispot 4\izispot.exe:IziSpot "{A77222CF-0B4E-4CCA-99FC-3DA315D8FE0D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{FED6C1A9-91DC-4770-852B-9950E5A92E77}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{573A50EC-2CB9-4969-8811-2D6242A877C7}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "TCP Query User{3016B2E7-176F-47B2-988D-4732D870AE50}C:\program files\graphisoft\archicad 11 rc1\archicad.exe"= UDP:C:\program files\graphisoft\archicad 11 rc1\archicad.exe:ArchiCAD 11.0.0 Component "UDP Query User{36A644BA-8CB7-4352-A993-6F1416B4258B}C:\program files\graphisoft\archicad 11 rc1\archicad.exe"= TCP:C:\program files\graphisoft\archicad 11 rc1\archicad.exe:ArchiCAD 11.0.0 Component "{53F2D3AA-2168-4ACD-BDD3-A34B189D0A80}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "{636F7D6E-2BEF-44C1-B6BE-AE137A78CEDE}"= UDP:C:\Program Files\Codemasters\GRID\GRID.exe:GRID "{5665EE5D-2F81-4F32-B421-CEC85ADE2A9C}"= TCP:C:\Program Files\Codemasters\GRID\GRID.exe:GRID "{3D4AD5C7-9F44-49B0-B4C9-D4253541BDA7}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3077A7BF-04F4-46B3-9B6B-BB3EC038DB00}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008 "{1BD64839-38DD-4E6B-A394-17E76B651417}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008 "TCP Query User{B9B75D6F-C3CE-4F8F-B79D-D2636211033B}C:\program files\videolan\vlc\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player "UDP Query User{F65C7FC7-1FF3-4E53-A41E-BD6ED5087C61}C:\program files\videolan\vlc\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player "{94529033-FFC7-49E9-A390-877F77BF3859}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{A44F0592-27D4-4E34-9080-1B23C1C6DB65}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{8B046156-3CC5-41A4-9927-4CE8E628BACF}"= UDP:C:\Program Files\SEGA\Beijing 2008\Beijing.exe:Beijing 2008™ "{172075BF-0371-4296-955F-D33A465CC06C}"= TCP:C:\Program Files\SEGA\Beijing 2008\Beijing.exe:Beijing 2008™ "{8AEF454C-DC1D-4478-993E-80C5D92D20B5}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{09C0BEBE-BD99-4074-B40E-22997EBB231F}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{2AF4FD17-2872-4D56-9D9D-087C0F9AE927}"= TCP:5730:PES RESEAU "TCP Query User{640D41E8-5567-449A-858F-7B7DE4ADDD3D}C:\program files\neuf telecom\mp9\vlc\vlc.exe"= UDP:C:\program files euf telecom\mp9\vlc\vlc.exe:VLC media player "UDP Query User{540F6533-4C53-4981-8C2C-8E9FB0C6EEC1}C:\program files\neuf telecom\mp9\vlc\vlc.exe"= TCP:C:\program files euf telecom\mp9\vlc\vlc.exe:VLC media player "{72896E48-D1B0-4868-89BD-DEEA7C701978}"= UDP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) "{2FB606E7-0A94-4FD5-B2CE-A2DAAC0E1380}"= TCP:C:\Program Files\Neuf\Media Center\httpd\httpd.exe:Serveur de partage Media Center (Player Neuf Cegetel) R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);C:\Windows\system32\drivers\pe3ah4nc.sys [2007-05-18 64880] R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\Windows\system32\drivers\ps6ah4nc.sys [2007-05-18 55160] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280] R2 nmsunidr;UniDriver for NMS;C:\Windows\system32\DRIVERS msunidr.sys [2007-02-18 5376] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-14 809296] R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2008-01-19 21504] R3 AVMNgBasM779;AVerMedia M779 Base Driver;C:\Windows\system32\DRIVERS\AVerBas.sys [2007-02-13 49280] R3 AVMNgCapM779;AVerMedia M779 Audio/Video Capture Driver;C:\Windows\system32\DRIVERS\AVerCap.sys [2007-02-13 219648] R3 AVMNgTunM779;AVerMedia M779 TVTuner Driver;C:\Windows\system32\DRIVERS\AVerTun.sys [2007-02-13 147584] R3 IntelDH;IntelDH Driver;C:\Windows\system32\Drivers\IntelDH.sys [2007-08-29 5504] R3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\Windows\system32\DRIVERS\WlanUIG.sys [2005-01-18 381312] S2 IntelDHSvcConf;Intel DH Service;C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2007-04-06 36312] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\Windows\system32\pr2ah4nc.exe svc [ ] S3 DHTRACE;Intel(R) DHTrace Controller;C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-04-06 39896] S3 DQLWinService;DQLWinService;C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896] S3 NAL;Nal Service ;C:\Windows\system32\Drivers\iqvw32.sys [2007-09-10 30816] S3 NMSCore;Intel(R) NMSCore;C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-04-06 313816] S3 QualityManager;Intel(R) Quality Manager;C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-04-06 272856] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2007-12-24 306432] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d67ab564-566f-11dc-b75d-806e6f6e6963}] \shell\AutoRun\command - F:\.\fscommande eufbox_guide\basic_user_guide.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Sébastien\AppData\Roaming\Mozilla\Firefox\Profiles\6rhwz7tj.default\ . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 18:16:46 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... C:\Users\SBASTI~1\AppData\Local\Temp\wmplog00.sqm 1504 bytes ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe C:\Windows\System32\audiodg.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\Windows\System32\CTSVCCDA.EXE C:\Windows\System32\dlbucoms.exe C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Windows\System32\conime.exe C:\Windows\System32\msiexec.exe C:\Windows\System32\msiexec.exe C:\Windows\System32 undll32.exe C:\Windows\System32\msiexec.exe C:\Windows\System32 undll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\wbem\unsecapp.exe C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Temps d'accomplissement: 2008-09-06 18:34:58 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-06 16:33:45 Pre-Run: 79,579,942,912 octets libres Post-Run: 79,484,792,832 octets libres 348 --- E O F --- 2008-09-05 12:18:52

Utilisateur anonyme · Answer

comment va le pc ??


télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. 
double-clique sur OTMoveIt.exe pour le lancer. 
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée 
copie la liste qui se trouve en gras ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 

C:\Windows\System32\drivers\downld 


clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

sebpoint · Answer

et bien, il a l'air d'aller bien, j'espere que tout est parti :-)

voici le rapport : 

C:\Windows\System32\drivers\downld moved successfully.
 
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09072008_104555


je te remercie bcp, c'est vraiment super super sympa, encore merci...

seb

Utilisateur anonyme · Answer

Telecharge malwarebytes 

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe 

Tu l´instale; le programme va se mettre automatiquement a jour. 

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression". 

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet". 

Puis click sur "rechercher". 

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection. 

si il t´es demandé de redemarrer > click sur "yes". 

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum. 

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log

sebpoint · Answer

Voici le rapport : 

Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1131
Windows 6.0.6001 Service Pack 1

9/9/2008 22:44:18
mbam-log-2008-09-09 (22-44-18).txt

Type de recherche: Examen complet (C:\|D:\|E:\|Q:\|)
Eléments examinés: 689577
Temps écoulé: 3 hour(s), 26 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\rafbsvnx.bxlb (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Windows\System32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
Q:\Logiciels\IBM\Adobe.Acrobat.v8.0.Professional.Multilanguage.Keymaker.ZWT.rar\zwt\keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Utilisateur anonyme · Answer

regarde ceci concernant avast : 

antivir vs avast : 

-> http://forum.malekal.com/ftopic3528.php 


alors je te conseille de le desinstaller et d´installer antivir a la place 

Telecharge et instales l'antivirus Antivir Personal Edition Classic : 

->http://dl1.avgate.net/down/windows/antivir_workstation_winu_fr_h.exe


tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59 

Pour désinstaller Avast telecharge cet outil

https://www.avast.com/fr-fr/uninstall-utility



Ensuite refais un scan hijackthis, post le rapport et on termine

sebpoint · Answer

et voila le rapport final :

c clair qu'il a l'air bcp mieux antivir que avast, plus compréhensible...
merci mille fois...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:58, on 9/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Trend Micro\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [DLBUCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [DSC20Upgrade] "C:\ProgramData\Dell\DSC20Upgrade\DSC20UpgradeJobVista.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-401619127-2922873584-3909917982-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - Global Startup: MaxiMemo.lnk = C:\Program Files\MaxiMemo\MaxiMemo.exe
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix: 
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.2.20/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{385ED74B-E8DE-4D0F-9276-97C2BA114968}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F703062-CFFA-4622-B31A-53457E7199E9}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{385ED74B-E8DE-4D0F-9276-97C2BA114968}: NameServer = 192.168.1.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: dlbu_device -   - C:\Windows\system32\dlbucoms.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

Utilisateur anonyme · Answer

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo): 


http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/


* pour supprimer les outils/fix utilisés : 

Télécharge ToolsCleaner sur ton bureau. 
--> 
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/ 
# Fais un clic droit sur toolcleaner
# Choisi executer en tant qu administrateur
# Clique sur Recherche et laisse le scan agir ... 
# Clique sur Suppression pour finaliser. 
# Tu peux, si tu le souhaites, te servir des Options facultatives. 
# Clique sur Quitter pour obtenir le rapport. 
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\). 

Et fais ceci :

https://forum.malekal.com/viewtopic.php?f=59&t=5385

sebpoint · Answer

et voiciiiiii : 

[ Rapport ToolsCleaner version 2.2.3 (par A.Rothstein & dj QUIOU) ]

-->- Recherche: 

C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\Combofix: trouvé !
C:\Vundofix backups: trouvé !
C:\Qoobox: trouvé !
C:\Downloads\Driver\Navilog1.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\fichiers perso de jack\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\hijackthis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\hijackthis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\IUSR_NMPR\Desktop\HijackThis.lnk: trouvé !
C:\Users\Public\Desktop\VBG.txt: trouvé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: trouvé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\fichiers perso de jack\hijackthis.log: trouvé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\hijackthis\hijackthis.log: trouvé !
C:\Users\Sébastien\Desktop\ComboFix.exe: trouvé !
C:\Users\Sébastien\Desktop\hijackthis.log: trouvé !
C:\Users\Sébastien\Desktop\Nettoyage PC\HijackThis.lnk: trouvé !

---------------------------------
-->- Suppression: 

C:\Downloads\Driver\Navilog1.exe: supprimé !
C:\Program Files\Trend Micro\fichiers perso de jack\HijackThis.exe: supprimé !
C:\Program Files\Trend Micro\hijackthis\HijackThis.exe: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: supprimé !
C:\Users\IUSR_NMPR\Desktop\HijackThis.lnk: supprimé !
C:\Users\Sébastien\Desktop\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Users\Sébastien\Desktop\Nettoyage PC\HijackThis.lnk: supprimé !
C:\Combofix.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\Program Files\Trend Micro\hijackthis\hijackthis.log: supprimé !
C:\Users\Public\Desktop\VBG.txt: supprimé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\fichiers perso de jack\hijackthis.log: supprimé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\hijackthis\hijackthis.log: supprimé !
C:\Users\Sébastien\Desktop\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\Vundofix backups: supprimé !
C:\Qoobox: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: ERREUR DE SUPPRESSION !!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: supprimé !
C:\Users\Sébastien\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: supprimé !

Utilisateur anonyme · Answer

Supprime combofix sur ton bureau


si tu n as pas d autres soucis change le statut du sujet en resolu stp

http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu

sebpoint · Answer

Je te remercie bcp pour ce que tu as fait pour moi, c'est vraiment super sympa...

bon, et bien j'espere pas a une prochaine fois ;)

je veux plus de virus !!!

A ciao ciao et encore merciiii

c RESOLU !!!!

Utilisateur anonyme · Answer

-;)

@+++

Virus Beagle et trojan gen

35 réponses

Votre réponse

Discussions similaires

Newsletters