Affichage et fond d'écran defectueuxRésolu/Fermé

Question

Bonjour,

Je crois que j'ai un virus.....

Quand je demare windows mon fond d'ecran a disparue et je vois un screen blanc quand je vais pour le changer dans affichage je ne peu meme pas parce que l'onglet bureau n'est pas la....

Merci de m'aider

http://www.noelshack.com/uploads/Virus2090308.bmp

http://www.noelshack.com/uploads/Virus087792.bmp

InfernO.vir · Answer

Bonsoir,

*Telecharge HiJackThis.exe

*Clique sur le .exe puis sur "Do a system scan and save a logfile"

*Cela va generer un rapport

*Poste ce rapport.

benou123 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:57, on 13-09-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Nexon\Mabinogi
pkcmsvc.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\lphcas1j0e5b7.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - (no file)
O2 - BHO: (no name) - {05CEEFB4-77C4-4C6E-ADC9-1E1C266DA4CA} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayerpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: (no name) - {F2047E6A-F71E-4EC2-B3CE-522128CF3FA3} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [lphcas1j0e5b7] C:\WINDOWS\system32\lphcas1j0e5b7.exe
O4 - HKLM\..\Run: [in3] C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttA6.tmp.exe /CR=5F8C0875B49BA02BB503A8EC828A17BC0311B3CA8C6C81611A714025F812A01BED1AC8BDD3B5D45A85434F50F5E8C42D80C3AEB4F5A6D3245E8C17C22418300045F5AF4AC7546A6BFD2720FB65724ED964
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU)
O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU)
O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\PROGRA~1\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} (YYGInstantPlay Control) - http://www.yoyogames.com/downloads/activex/YoYo.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - C:\Nexon\Mabinogi
pkcmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/PROPRI~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/PROPRI~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

InfernO.vir · Answer

Re,

--->O4 - HKLM\..\Run: [in3] C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttA6.tmp.exe /CR=5F8C0875B49BA02BB503A8EC828A17BC0311B3CA8C6C81611A714025F812A01BED1AC8BDD3B5D45A85434F50F5E8C42D80C3AEB4F5A6D3245E8C17C22418300045F5AF4AC7546A6BFD2720FB65724ED964 <--- infection !

-Telecharge Mbam-setup.exe

-Suis ce tuto--> https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

-Execute un scan complet en mode sans echec

-Supprime tout ce qu'il te trouve (liste en rouge)

-Poste moi le rapport.

benou123 · Answer

j'ai un probleme....
a la fin de l'analyse du logiciel malware un ecran bleu apparait

benou123 · Answer

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1134
Windows 5.1.2600 Service Pack 3

13-09-08 16:54:35
mbam-log-2008-09-13 (16-54-35).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 140084
Temps écoulé: 51 minute(s), 32 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 8
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 51

Processus mémoire infecté(s):
C:\WINDOWS\system32\lphcas1j0e5b7.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\blphcas1j0e5b7.scr (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{125e9d24-2428-38d2-8e23-804e3275209c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{217486c6-012a-4671-adc1-b1d64a2fd2ff} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f2579e9-ec37-3112-9bde-d2db14e95c32} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e12688ce-9384-28e3-a041-4e1a9ce14506} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5abbd91b-0215-2fe1-7a7e-753f05b40cb8} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{96fdc0f6-929e-e96c-597f-386cd3c7d7aa} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b056fd59-0c72-3878-da81-4c5239908200} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{02715e47-5a8e-495b-8f63-0d30470b8e72} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{98d555cc-a569-43fb-2f43-3a98ccda4b50} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{fa58f18b-00c8-4041-a9a1-834950032800} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{cf9146db-16f1-4b79-8da1-ee14c55d5b06} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02715e47-5a8e-495b-8f63-0d30470b8e72} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BrowsingEnhancer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER	ypelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphcas1j0e5b7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\backupwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\phcas1j0e5b7.bmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32
etode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32
ewsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32egm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32	aack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32	aack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32	emp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blphcas1j0e5b7.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lphcas1j0e5b7.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Web\def.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt15.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt6.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt8.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttA.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

InfernO.vir · Answer

bonjour,

Il y avait du monde ! (pas de MP pour de l'aide ! tu n'est pas le seul !)

Comment va le pc a present ?

benou123 · Answer

Je peu changer le fond d'écran mais je n'ai pu de son mon ordi ne detecte plus mes speaker brancher...

InfernO.vir · Answer

Re, Ah!

*Telecharge combofix--> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

*Suis ce tuto a la lettre--> https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

*Desactive toutes tes protections residentes avant de lancer combofix et ferme tous les programmes

*Poste moi le rapport

benou123 · Answer

ComboFix 08-09-14.01 - Propriétaire 2008-09-14 17:21:22.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.1610 [GMT -4:00] Lancé depuis: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe * Un nouveau point de restauration a été créé [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color] . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Antivirus XP 2008.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\License Agreement.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Register Antivirus XP 2008.lnk C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Uninstall.lnk C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk C:\Documents and Settings\Propriétaire\Application Data hces1j0e5b7 C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[1].txt C:\Documents and Settings\Propriétaire\Cookies\propriétaire@marocool[1].txt C:\WINDOWS\system32\a.exe C:\WINDOWS\system32\mSYIQXbc.ini C:\WINDOWS\system32\mSYIQXbc.ini2 C:\WINDOWS\system32\psYcfMoq.ini C:\WINDOWS\system32\psYcfMoq.ini2 . ((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-14 au 2008-09-14 )))))))))))))))))))))))))))))))))))) . 2008-09-14 02:03 . 2008-01-05 17:21 d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau 2008-09-14 02:03 . 2008-01-05 17:21 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2008-09-14 02:03 . 2008-01-05 22:42 d--h----- C:\Documents and Settings\Administrateur\ModŠles 2008-09-14 02:03 . 2008-01-05 17:21 d-------- C:\Documents and Settings\Administrateur\Mes documents 2008-09-14 02:03 . 2008-01-05 17:21 dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer 2008-09-14 02:03 . 2008-01-05 17:21 d-------- C:\Documents and Settings\Administrateur\Favoris 2008-09-14 02:03 . 2008-01-05 17:21 d-------- C:\Documents and Settings\Administrateur\Bureau 2008-09-14 02:03 . 2008-09-14 02:03 d-------- C:\Documents and Settings\Administrateur 2008-09-13 22:33 . 2008-09-13 22:33 d-------- C:\Program Files\Alwil Software 2008-09-13 22:20 . 2008-09-13 22:21 d-------- C:\Program Files\RogueRemover FREE 2008-09-13 14:24 . 2008-09-13 14:24 268 --ah----- C:\sqmdata06.sqm 2008-09-13 14:24 . 2008-09-13 14:24 244 --ah----- C:\sqmnoopt06.sqm 2008-09-13 14:22 . 2008-09-13 14:22 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-09-13 14:22 . 2008-09-13 14:22 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-09-13 14:22 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-09-13 14:22 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-09-13 14:08 . 2008-09-13 14:08 268 --ah----- C:\sqmdata05.sqm 2008-09-13 14:08 . 2008-09-13 14:08 244 --ah----- C:\sqmnoopt05.sqm 2008-09-13 13:58 . 2008-09-13 13:58 d-------- C:\Documents and Settings\All Users\Application Data\Sony 2008-09-13 13:25 . 2008-09-13 13:25 23,392 --a------ C:\WINDOWS\system32 scompat.tlb 2008-09-13 13:25 . 2008-09-13 13:25 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-09-13 12:33 . 2008-09-13 12:33 d-------- C:\Program Files\PremiumSoft 2008-09-13 12:33 . 2006-04-13 11:30 1,073,152 --a------ C:\WINDOWS\system32\libmysql_c.dll 2008-09-13 11:45 . 2008-09-13 11:45 d-------- C:\VideoOutput 2008-09-13 10:13 . 2008-09-13 10:13 d-------- C:\Program Files\iTunes 2008-09-13 10:13 . 2008-09-13 10:13 d-------- C:\Program Files\iPod 2008-09-13 10:13 . 2008-09-13 10:13 d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-09-11 13:16 . 2008-09-11 13:16 142 --a------ C:\WINDOWS\WinInit.Ini 2008-09-10 15:27 . 2008-09-10 15:27 d--hs---- C:\found.000 2008-09-10 15:13 . 2008-09-10 17:45 d-------- C:\Program Files\Spyware Doctor 2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-09-06 13:41 . 2008-09-06 13:41 d-------- C:\Program Files\Real 2008-09-06 13:41 . 2008-09-06 13:41 d-------- C:\Program Files\Fichiers communs\xing shared 2008-09-06 13:41 . 2008-09-06 13:41 d-------- C:\Program Files\Fichiers communs\Real 2008-09-06 13:32 . 2008-09-06 13:32 d-------- C:\Program Files\VideoLAN 2008-09-04 19:04 . 2008-09-04 19:25 d-------- C:\Simpsons saison 15 2008-09-04 17:35 . 2008-09-04 17:35 d-------- C:\Program Files\Sony Setup 2008-08-31 12:16 . 2004-08-05 08:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-08-31 11:07 . 2008-08-31 11:07 d-------- C:\WINDOWS\system32\fr 2008-08-31 11:07 . 2008-08-31 11:07 d-------- C:\WINDOWS\system32\bits 2008-08-31 11:07 . 2008-08-31 11:07 d-------- C:\WINDOWS\l2schemas 2008-08-31 11:05 . 2008-08-31 11:05 d-------- C:\WINDOWS\ServicePackFiles 2008-08-31 11:02 . 2008-08-31 11:02 d-------- C:\WINDOWS\EHome 2008-08-29 15:11 . 2008-08-29 15:25 3,963,494 --a------ C:\1_VeohSetup-3.9.8.1077.exe 2008-08-29 14:11 . 2008-08-29 14:24 16,405,851 --a------ C:\VeohSetup-3.9.8.1077.exe 2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe 2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll 2008-08-23 11:48 . 2008-08-23 11:49 d-------- C:\Program Files\Hamachi 2008-08-23 11:48 . 2008-08-23 11:48 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2008-08-23 11:47 . 2008-09-13 13:53 d-------- C:\Program Files\Microsoft Visual Studio 9.0 2008-08-23 11:47 . 2008-08-23 11:47 d-------- C:\Program Files\Microsoft SDKs 2008-08-23 11:47 . 2008-09-13 13:53 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-23 11:45 . 2008-08-23 11:45 d-------- C:\Program Files\Reference Assemblies 2008-08-23 11:45 . 2008-08-23 11:45 d-------- C:\Program Files\MSBuild 2008-08-23 11:42 . 2008-09-13 14:04 d-------- C:\wamp 2008-08-23 11:41 . 2008-08-23 11:41 d-------- C:\Program Files\MSXML 6.0 2008-08-23 09:52 . 2008-08-31 12:26 56,320 --a------ C:\AC053A3B4A384D84845660BC6185B617.db 2008-08-14 14:35 . 2008-04-11 15:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-14 01:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-14 01:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8 2008-09-13 17:48 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-13 17:21 --------- d-----w C:\Program Files\VstPlugins 2008-09-13 17:20 --------- d-----w C:\Program Files\Image-Line 2008-09-13 17:19 --------- d-----w C:\Program Files\Bonjour 2008-09-13 17:19 --------- d-----w C:\Program Files\BannedStory 2008-09-13 17:18 --------- d-----w C:\Program Files\AviSynth 2.5 2008-09-13 15:42 --------- d-----w C:\Program Files\Common Files 2008-09-13 14:12 --------- d-----w C:\Program Files\QuickTime 2008-09-13 14:12 --------- d-----w C:\Program Files\Fichiers communs\Apple 2008-09-11 17:33 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-11 17:20 --------- d-----w C:\Program Files\LimeWire 2008-08-31 18:10 --------- d-----w C:\Program Files\Guitar Pro 5 2008-08-26 01:06 --------- d-----w C:\Program Files\DivX 2008-08-20 13:10 --------- d-----w C:\Program Files\Apple Software Update 2008-08-20 00:23 --------- d-----w C:\Program Files\PSP Video Converter 3 2008-07-31 14:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\YoYoGames 2008-07-18 18:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe AIR 2008-07-15 21:06 --------- d-----w C:\Program Files\WinAVI MP4 Converter 2008-04-30 00:22 100,256 ---ha-w C:\Program Files\hpothb07.tif 2008-04-30 00:22 1,236 ---ha-w C:\Program Files\hpothb07.dat 2008-04-22 23:52 7,708,774 ----a-w C:\Program Files\p.52.bmp 2008-04-21 22:34 2,651,662 ----a-w C:\Program Files\bananainstrumental.mp3 2008-04-18 00:24 2,579,746 ----a-w C:\Program Files\putabananainyourear.mp3 2008-04-17 01:37 43,951,794 ----a-w C:\Program Files\s19e14.avi 2008-04-16 21:58 110,030,059 ----a-w C:\Program Files\Greatest19TwinkVideo.mp4 2008-04-10 23:50 3,550,061 ----a-w C:\Program Files\117342_Day_of_War.mp3 2008-04-08 23:10 3,467,933 ----a-w C:\Program Files\19183_newgrounds_projec.mp3 2008-04-03 22:10 844,717 ----a-w C:\Program Files\66944_newgrounds_sean_s.mp3 2008-03-25 23:55 8,133,981 ----a-w C:\Program Files\PictView.zip . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "Gestionnaire Antidote.exe"="C:\PROGRA~1\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-23 533944] "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 81920] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB ealsched.exe" [2008-09-06 185896] "AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576] "nwiz"="nwiz.exe" [2007-12-05 C:\WINDOWS\system32 wiz.exe] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancer l'utilitaire d'enregistrement.lnk] [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^FreeClip.lnk] backup=C:\WINDOWS\pss\FreeClip.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] --a------ 2008-09-03 20:12 111936 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 05:39 486856 C:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-09-10 17:40 289576 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] --a------ 2006-12-05 23:55 54832 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] --a------ 2008-03-14 19:50 233472 C:\Program Files\PowerISO\PWRISOVM.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --------- 2006-11-23 16:10 56928 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2008-04-12 19:17 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-09-06 13:41 185896 C:\Program Files\Fichiers communs\Real\Update_OB ealsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "FLEXnet Licensing Service"=3 (0x3) "Bonjour Service"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe"= "C:\Program Files\Messenger\msmsgs.exe"= "C:\WINDOWS\system32\dpvsetup.exe"= "C:\Program Files\LimeWire\LimeWire.exe"= "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"= "C:\Nexon\Combat Arms\CombatArms.exe"= C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms\Engine.exe"= C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"= "C:\Nexon\Combat Arms\NMService.exe"= "%windir%\Network Diagnostic\xpnetdiag.exe"= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"= "C:\Program Files\Windows Live\Messenger\livecall.exe"= "C:\Program Files\Bonjour\mDNSResponder.exe"= "C:\Program Files\iTunes\iTunes.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 npkcmsvc;npkcmsvc;C:\Nexon\Mabinogi pkcmsvc.exe [2007-08-02 80528] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{916110a3-cc4f-11dc-b617-001a92d6cf71}] \Shell\AutoRun\command - H:\Launch.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b30dacf-bbd2-11dc-aa61-806d6172696f}] \Shell\AutoRun\command - D:\Setup.exe . Contenu du dossier 'Tƒches planifi‚es' . - - - - ORPHELINS SUPPRIMES - - - - BHO-{05CEEFB4-77C4-4C6E-ADC9-1E1C266DA4CA} - (no file) BHO-{F2047E6A-F71E-4EC2-B3CE-522128CF3FA3} - (no file) WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file) HKLM-Run-in3 - C:\Documents and Settings\Propriétaire\Local Settings\Temp\.ttA6.tmp.exe HKLM-Run-SMrhces1j0e5b7 - C:\Program Files hces1j0e5b7 hces1j0e5b7.exe MSConfigStartUp-Google Update - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe MSConfigStartUp-igndlm - C:\Program Files\Download Manager\DLM.exe . ------- Examen suppl‚mentaire ------- . FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyr4mrij.default\ . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-14 17:28:41 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cach‚s ... Recherche d'‚l‚ments en d‚marrage automatique cach‚s ... Recherche de fichiers cach‚s ... Scan termin‚ avec succŠs Fichiers cach‚s: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32 vsvc32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32 undll32.exe C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2008-09-14 17:40:41 - La machine a red‚marr‚ [Propri‚taire] ComboFix-quarantined-files.txt 2008-09-14 21:40:36 Avant-CF: 104,952,614,912 octets libres AprŠs-CF: 105,314,799,616 octets libres 236 --- E O F --- 2008-09-11 17:39:43

benou123 · Answer

C'es bon j'ai resolu mon probleme de son seul merci quand meme pour l'aide

Affichage et fond d'écran defectueux

10 réponses

Discussions similaires

Newsletters