Sujet Précédent Sujet Suivant

Your computer is infecteed

Résolu
Cristal-PiX Messages postés 20 Statut Membre -  
Cristal-PiX Messages postés 20 Statut Membre -
Bonjour,

Suite au sujet suivant :
http://www.commentcamarche.net/faq/sujet 2964 virus your computer is infected

Ce que j'ai deja fait :
- De multiple nettoyage avec Spyware terminator & spybot
- j'ai installé Sunbelt personal firewall
- J'ai fait un nettoyage 1 fois avec le logiciel ComboFix
- Toute les etapes demandé même celle du mode sans echec.

Rien ne change toujours ce message donc je viens voir les super hero du PC ^^"
Merci d'avance

Voila le rapport :

SmitFraudFix v2.357

Rapport fait à 8:24:38,31, 10/10/2008
Executé à partir de C:\Documents and Settings\Kevin\Bureau\Logiciel\anti spy\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Documents and Settings\All Users\Application Data\ryfmvwzg\nkxwxsti.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\brastk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rebctgvc.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kevin

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kevin\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Kevin\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: NVIDIA nForce MCP Networking Adapter - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{04A9091C-9DC5-477E-B388-1CC234E1BE2C}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{412733A1-8FB9-4218-AEAC-12E07799C57B}: NameServer=194.117.200.10,194.117.200.15
HKLM\SYSTEM\CS1\Services\Tcpip\..\{04A9091C-9DC5-477E-B388-1CC234E1BE2C}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{412733A1-8FB9-4218-AEAC-12E07799C57B}: NameServer=194.117.200.10,194.117.200.15
HKLM\SYSTEM\CS2\Services\Tcpip\..\{04A9091C-9DC5-477E-B388-1CC234E1BE2C}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{412733A1-8FB9-4218-AEAC-12E07799C57B}: NameServer=194.117.200.10,194.117.200.15
HKLM\SYSTEM\CS3\Services\Tcpip\..\{04A9091C-9DC5-477E-B388-1CC234E1BE2C}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{412733A1-8FB9-4218-AEAC-12E07799C57B}: NameServer=194.117.200.10,194.117.200.15
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Encore merci
A voir également:

8 réponses

Réponse 1 / 8
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
salut

tu peut poster ton rapport combofix qui se trouve ici

C:\Combofix.txt
-1
Réponse 2 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
Voila le rapport combofix

ComboFix 08-10-09.04 - Kevin 2008-10-10 7:43:03.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.377 [GMT 2:00]
Running from: C:\Documents and Settings\Kevin\Bureau\Logiciel\anti spy\ComboFix.exe
* Created a new restore point

[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Francine\Menu Démarrer\Programmes\XP_AntiSpyware
C:\Documents and Settings\Francine\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk
C:\Documents and Settings\Francine\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk
C:\Program Files\XP_AntiSpyware
C:\Program Files\XP_AntiSpyware\comp.dat
C:\Program Files\XP_AntiSpyware\data\daily.cvd
C:\Program Files\XP_AntiSpyware\htmlayout.dll
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\XP_AntiSpyware\pthreadVC2.dll
C:\Program Files\XP_AntiSpyware\Uninstall.exe
C:\Program Files\XP_AntiSpyware\wscui.cpl
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe
C:\WINDOWS\system\smvss.exe
C:\WINDOWS\system32\brastk.exe

.
((((((((((((((((((((((((( Files Created from 2008-09-10 to 2008-10-10 )))))))))))))))))))))))))))))))
.

2008-10-10 07:39 . 2008-10-10 07:39 <REP> d-------- C:\WINDOWS\LastGood
2008-10-10 07:38 . 2008-10-10 07:38 <REP> d-------- C:\Program Files\Sunbelt Software
2008-10-10 07:38 . 2008-07-16 09:57 269,736 -ra------ C:\WINDOWS\system32\drivers\SbFw.sys
2008-10-10 07:38 . 2008-06-21 04:54 65,576 --a------ C:\WINDOWS\system32\drivers\SbFwIm.sys
2008-10-10 07:27 . 2008-10-10 07:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-10 07:27 . 2008-10-10 07:27 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Malwarebytes
2008-10-10 07:27 . 2008-10-10 07:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-10 07:27 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-10 07:27 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-09 22:10 . 2008-10-09 22:10 77,824 --a------ C:\WINDOWS\system32\rghwbyzy.exe
2008-10-09 16:53 . 2008-10-09 22:11 150 --a------ C:\Documents and Settings\Kevin\delself.bat
2008-10-09 11:00 . 2008-10-04 21:40 196,823 --a------ C:\WINDOWS\system32\_scui.cpl
2008-10-09 10:57 . 2008-10-09 10:57 65,428 --a------ C:\WINDOWS\system32\wini104552502.exe
2008-10-09 10:54 . 2008-10-09 10:54 156 --a------ C:\Documents and Settings\Francine\delself.bat
2008-10-09 10:53 . 2008-10-09 10:53 118,784 --a------ C:\WINDOWS\system32\votstevu.exe
2008-10-09 06:46 . 2008-10-09 06:46 <REP> d-------- C:\Program Files\dhahmac
2008-10-09 06:45 . 2008-10-09 06:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ryfmvwzg
2008-10-09 06:45 . 2008-10-09 06:45 118,784 --a------ C:\WINDOWS\system32\rebctgvc.exe
2008-10-08 20:58 . 2008-10-08 20:58 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Samsung
2008-10-08 20:05 . 2005-06-18 00:15 1,338,368 --a------ C:\WINDOWS\system32\cSHDOCVW.DLL
2008-10-08 20:05 . 2005-09-20 18:52 203,976 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-10-08 06:29 . 2008-10-08 06:29 <REP> d-------- C:\Program Files\UnFREEz
2008-10-06 20:16 . 2008-10-06 20:16 <REP> d-------- C:\Documents and Settings\Kevin\.jpi_cache
2008-10-06 20:16 . 2008-10-06 20:16 <REP> d-------- C:\Documents and Settings\Kevin\.java
2008-10-05 21:34 . 2008-10-05 21:50 <REP> d-------- C:\Program Files\PhotoFiltre
2008-10-01 18:30 . 2008-10-01 18:31 <REP> d-------- C:\Program Files\eToro
2008-09-29 20:06 . 2008-10-03 18:04 <REP> d-------- C:\Casino
2008-09-29 06:33 . 2008-09-29 06:33 <REP> d-------- C:\Program Files\MSBuild
2008-09-29 06:16 . 2008-09-29 06:16 <REP> d-------- C:\Program Files\Microsoft.NET
2008-09-29 06:11 . 2008-09-29 06:11 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-09-29 06:09 . 2008-09-30 06:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-29 06:06 . 2008-09-29 06:06 <REP> dr-h----- C:\MSOCache
2008-09-28 12:15 . 2008-09-28 12:15 268 --ah----- C:\sqmdata02.sqm
2008-09-28 12:15 . 2008-09-28 12:15 244 --ah----- C:\sqmnoopt02.sqm
2008-09-27 22:52 . 2008-09-27 22:52 552 --a------ C:\WINDOWS\system32\d3d8caps.tmp
2008-09-27 19:16 . 2006-03-17 15:37 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-09-27 19:15 . 2008-09-27 19:15 <REP> d-------- C:\Program Files\ATI Technologies
2008-09-27 10:54 . 2008-09-27 10:59 <REP> d-------- C:\Program Files\Debugging Tools for Windows (x86)
2008-09-27 10:31 . 2008-09-27 10:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-09-27 10:11 . 2008-09-27 10:11 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-09-26 19:21 . 2008-09-26 19:21 <REP> d-------- C:\Program Files\NVIDIA Corporation
2008-09-26 19:21 . 2008-09-26 19:21 <REP> d-------- C:\Program Files\Fichiers communs\NVIDIA Shared
2008-09-26 19:21 . 2008-01-10 14:30 442,368 --a------ C:\WINDOWS\system32\nvusmb.exe
2008-09-26 19:21 . 2004-06-24 18:57 172,032 --a------ C:\WINDOWS\system32\nvumctl.exe
2008-09-26 19:21 . 2004-05-20 10:11 172,032 --a------ C:\WINDOWS\system32\nvuaudio.exe
2008-09-26 19:21 . 2004-01-29 02:22 159,744 --a------ C:\WINDOWS\system32\nvuenet.exe
2008-09-26 19:21 . 2004-04-23 01:30 3,787 --a------ C:\WINDOWS\system32\nvaudio.nvu
2008-09-26 19:21 . 2007-12-07 14:34 2,016 --a------ C:\WINDOWS\system32\nvsmb.nvu
2008-09-26 19:21 . 2004-01-12 21:08 1,556 --a------ C:\WINDOWS\system32\nvenet.nvu
2008-09-26 19:21 . 2004-06-18 02:30 1,217 --a------ C:\WINDOWS\system32\nvmctl.nvu
2008-09-26 19:20 . 2004-04-27 15:22 172,032 --a------ C:\WINDOWS\system32\nvugart.exe
2008-09-26 19:20 . 2004-04-27 15:22 2,124 --a------ C:\WINDOWS\system32\nvgart.nvu
2008-09-26 18:02 . 2008-09-26 18:03 <REP> d-------- C:\Program Files\ma-config.com
2008-09-26 18:02 . 2008-09-26 18:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-09-15 23:35 . 2008-09-15 23:35 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Media Player Classic
2008-09-15 23:35 . 2008-09-15 23:35 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\DivX
2008-09-14 01:42 . 2008-09-14 01:42 <REP> d-------- C:\Documents and Settings\Francine\Application Data\Thunderbird
2008-09-13 12:43 . 2008-09-13 12:43 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Thunderbird
2008-09-13 12:42 . 2008-09-14 21:32 <REP> d-------- C:\Program Files\Mozilla Thunderbird
2008-09-13 12:14 . 2008-09-13 12:14 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Search Settings
2008-09-13 12:13 . 2008-09-13 12:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IM
2008-09-13 12:12 . 2008-09-13 12:12 <REP> d-------- C:\Program Files\IncrediMail
2008-09-13 12:12 . 2008-09-13 12:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\IncrediMail
2008-09-13 12:08 . 2008-09-13 20:08 <REP> d-------- C:\Documents and Settings\Kevin\Contacts
2008-09-12 14:37 . 2008-10-07 19:58 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Spyware Terminator
2008-09-12 14:37 . 2008-09-12 14:37 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\ATI
2008-09-12 14:36 . 2002-01-01 18:17 <REP> d-------- C:\Documents and Settings\Kevin\WINDOWS
2008-09-12 14:36 . 2002-01-02 03:34 <REP> d--h----- C:\Documents and Settings\Kevin\Voisinage réseau
2008-09-12 14:36 . 2002-01-02 03:34 <REP> d--h----- C:\Documents and Settings\Kevin\Voisinage d'impression
2008-09-12 14:36 . 2007-04-10 02:44 <REP> d--h----- C:\Documents and Settings\Kevin\Modèles
2008-09-12 14:36 . 2008-10-08 20:58 <REP> d---s---- C:\Documents and Settings\Kevin\Mes documents
2008-09-12 14:36 . 2007-04-10 02:44 <REP> dr------- C:\Documents and Settings\Kevin\Menu Démarrer
2008-09-12 14:36 . 2008-09-12 14:37 <REP> d---s---- C:\Documents and Settings\Kevin\Favoris
2008-09-12 14:36 . 2008-10-08 20:58 <REP> d-------- C:\Documents and Settings\Kevin\Bureau
2008-09-12 14:36 . 2008-10-07 05:56 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\VERITAS
2008-09-12 14:36 . 2002-01-01 23:24 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\Symantec
2008-09-12 14:36 . 2002-01-01 18:06 <REP> d-------- C:\Documents and Settings\Kevin\Application Data\InterTrust
2008-09-12 14:36 . 2008-10-09 17:14 <REP> d-------- C:\Documents and Settings\Kevin
2008-09-12 13:33 . 2008-09-12 13:33 0 --a------ C:\WINDOWS\system32\drivers\SETE.tmp
2008-09-10 11:46 . 2008-10-09 18:16 <REP> d-------- C:\Program Files\WinClamAVShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-10 05:42 --------- d-----w C:\Program Files\lx_cats
2008-10-10 05:37 --------- d-----w C:\Program Files\Crawler
2008-10-09 17:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-09 16:31 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Spyware Terminator
2008-10-09 16:16 --------- d-----w C:\Program Files\Spyware Terminator
2008-10-09 14:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-10-09 09:04 --------- d-----w C:\Documents and Settings\Francine\Application Data\Spyware Terminator
2008-09-29 04:33 --------- d-----w C:\Program Files\Microsoft Works
2008-09-27 09:13 --------- d-----w C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-09-27 08:13 --------- d-----w C:\Program Files\Yahoo!
2008-09-26 17:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-26 14:27 --------- d-----w C:\Program Files\eMule
2008-09-10 13:23 --------- d-----w C:\Program Files\MP3 Player Utilities 4.00
2008-08-29 13:57 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-26 20:17 --------- d-----w C:\Program Files\AutoClick
2008-08-16 14:01 141,312 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-08-16 11:47 --------- d-----w C:\Program Files\Circle Developement
2008-08-14 17:10 --------- d-----w C:\Program Files\FlashGet
2008-08-12 23:35 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Bike delete mode
2008-07-31 09:18 675 ----a-w C:\WINDOWS\Fonts\INSTRUCTION.txt
2008-07-31 09:18 268 ----a-w C:\WINDOWS\Fonts\LICENSE.txt
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 15360]
"MsgInfo"="C:\WINDOWS\system32\rebctgvc.exe" [2008-10-09 118784]
"cmden"="C:\WINDOWS\system32\rghwbyzy.exe" [2008-10-09 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2002-05-15 155648]
"KBD"="C:\HP\KBD\KBD.EXE" [2001-07-06 61440]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [2002-05-09 155648]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2002-07-16 106549]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2001-12-19 212992]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-06-14 81920]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-08-30 286720]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"Motive SmartBridge"="C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-19 266497]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 286720]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-02-07 98304]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 65536]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2007-12-06 1069920]
"WARN POP TRUST LIES"="C:\Documents and Settings\All Users\Application Data\Camp Mess Warn Pop\Sect blue.exe" [2008-09-12 6672896]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-09-10 1783808]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Suite"="regedit -s" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"9BXMb7eufH"="C:\Documents and Settings\All Users\Application Data\ryfmvwzg\nkxwxsti.exe" [2008-10-09 77824]

C:\Documents and Settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
ddrive.js [2002-08-16 1611]

C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
ddrive.js [2002-08-16 1611]

C:\Documents and Settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
ddrive.js [2002-08-16 1611]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-05-05 962663]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"ActWebApi"= {08AA84D9-CBF4-F2DD-3E1A-01F02C470590} - C:\Program Files\dhahmac\ActWebApi.dll [2008-10-09 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= pvmjpg20.dll
"VIDC.DVSD"= miroDV2avi.DLL
"VIDC.PIM1"= pclepim1.dll
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^AutoClick.lnk]
path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\AutoClick.lnk
backup=C:\WINDOWS\pss\AutoClick.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--------- 2008-08-18 18:41 1832272 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.321\\French\\setup.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6881:TCP"= 6881:TCP:Blizard down
"6999:TCP"= 6999:TCP:Bliz down

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-08-16 141312]
R2 ousbehci;NEC PCI to USB Enhanced Host Controller;C:\WINDOWS\system32\Drivers\ousbehci.sys [2005-08-20 41600]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2005-08-20 55552]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 snpstd2;Trust WB-3400T Webcam;C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-10-14 347264]
S1 SbFw;SbFw;C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
S2 SbPF.Launcher;SbPF.Launcher;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
S2 SPF4;Sunbelt Personal Firewall 4;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 npkycryp;npkycryp;C:\Program Files\SMTown-Online\npkycryp.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder

2008-10-09 C:\WINDOWS\Tasks\AC142C139197DEF7.job
- c:\docume~1\propri~1\applic~1\bikede~1\Moveremotepoll.exe []

2002-01-01 C:\WINDOWS\Tasks\Symantec NetDetect.job
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2001-11-22 19:22]

2008-10-09 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-brastk - C:\WINDOWS\system32\brastk.exe
HKLM-Run-XP Antispyware 2009 - C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe
HKLM-Run-StandardInstall - (no file)
Notify-WgaLogon - (no file)

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\5pv6cnan.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF -: plugin - C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\5pv6cnan.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPJPI140_03.dll
FF -: plugin - C:\Program Files\Java\j2re1.4.0_03\bin\NPOJI610.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npicdclient.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJava11.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJava12.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJava13.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJava32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPJPI140_03.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPOJI610.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npunagi2.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-10 07:49:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCRCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-10 7:53:55
ComboFix-quarantined-files.txt 2008-10-10 05:53:26

Pre-Run: 26 189 242 368 octets libres
Post-Run: 26,436,591,616 octets libres

304 --- E O F --- 2008-09-30 04:33:23
-1
Réponse 3 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
je viens d'effectuer un scan avec Malwarebytes' Anti-Malware

Voici le raport :

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1248
Windows 5.1.2600 Service Pack 2

10/10/2008 09:49:36
mbam-log-2008-10-10 (09-49-36).txt

Type de recherche: Examen rapide
Eléments examinés: 59862
Temps écoulé: 10 minute(s), 1 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 35
Fichier(s) infecté(s): 161

Processus mémoire infecté(s):
C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msginfo (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmdshsmart (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\9bxmb7eufh (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_progressive\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\blackjack_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\blackjack_progressive\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\tablegames (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\tablegames\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\blackjack_progressive (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\blackjack_progressive\silver_bright (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\casinowar (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby\animation (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby\gameicon (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_3card (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_letthemride (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\rebctgvc.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\system32\ryxenixw.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\ryfmvwzg\nkxwxsti.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\Casino\Casino Tropez\data\cards.swf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\aroundtheworld.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\baccarat_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\balls.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_duel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_pontoon.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_surrender.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_switch.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\blackjack_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\bonusbowling.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\craps.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\darts.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\dicetwister.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\gameicon-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\genieshilo_jackpot.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\headsortails.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\horseracing.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\keno_x.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\mahjong_pro.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_asian.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_cardgames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_favourites.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_live.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_novel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_progressive.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_specials.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_tablegames.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videopoker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\menu_videoslots.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\pachinko.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\penaltyshootout.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_caribbean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_holdem.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_paigow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\poker_tequila.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\popbingo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\reddog.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rockpaperscissors.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\rollercoasterdice.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette00.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_mini.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\roulette_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\sicbo_video.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_8ball.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alchemist.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_alien25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_amigos.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_beachlife20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bermuda.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_bonusbears25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_captain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_chinese8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_cinerama.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_crazy.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom3reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_custom5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_desert20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_diamond5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_farmersmarket20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_footballrules25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_forestofwonders25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fountain.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_fruitmania5reel.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_globaltraveler20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_goblin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_gold.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_golf.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_haunted.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_highway.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_jungle.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lotto20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_lovemore20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_magic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_millionaireslane20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_monkey.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_neptune.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_nightout20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ocean.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_party.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_profits.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_pyramids9line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_rock.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_safe.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_silentsamurai9line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_silver.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_sultan.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_thrillseekers50line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_tropic.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_uggabugga.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_ultimate8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_vacation8line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wall.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wanted25line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_whatscooking30line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\slots_wildspirit20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\spinawin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\stravaganza.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_10orbetter.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_25aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_4jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_50jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_aces.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_deuceswild.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_highlow.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_jacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_joker.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\videopoker_megajacks.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\lobby\gameicon2\wildviking.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Casino Tropez\data\poker_paigow\texture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_progressive\gold_dark\coinhole.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\baccarat_progressive\gold_dark\paytable_buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\blackjack_progressive\gold_dark\coinhole.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\poker_paigow\texture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\20line-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\20line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\9line-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\9line.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\linewin-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\linewin.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\linewin_frame-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\linewin_frame.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\slots\lines\symbol_anim-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\tablegames\gold_dark\coinhole.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\tablegames\gold_dark\paytable_buttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\shared\tablegames\gold_dark\progressive_back.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\adjust.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\betlinebuttons.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\betlines-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\betlines.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation\10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation\11.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation\9.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation\wheel1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\cards.swf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\casinowar\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\casinowar\casinowar.lws (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby\animation\anim1-alpha.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\lobby\animation\anim1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_3card\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_letthemride\back.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Joyland Casino\data\poker_paigow\texture.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Francine\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kevin\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Francine\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.

PS : le message window a disparu, je vais redémaré pour voiir s'il y est encore
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
ok

la c'est un scan rapide fait un complet c'est beaucoup plus efficace

déjà il supprimer quelque ligne du script que je préparer

-1
Réponse 4 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
Pour l'instant il n'y est plus : Ouf.
Mais d'autre message vienne s'affiché quelque fois ( toujours les même ) dans ce genre la
https://www.hiboox.fr/

je fait le scan actuellement j'en suis a 40 minutes.
je posterai le rapport si necessaire

PS: merci benurrr pour ton aide.
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
Voila, Scan complet :

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1248
Windows 5.1.2600 Service Pack 2

10/10/2008 12:39:47
mbam-log-2008-10-10 (12-39-47).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 166424
Temps écoulé: 2 hour(s), 11 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

J'ai toujours le message que je montre en image, et je ne sais plus quoi faire >.<
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
1) Télécharge SDFix d' AndyManchesta

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe sur ton Bureau.

Double clique sur SDFix.exe et choisis Install. L'outil sera extrait à la racine du lecteur système (généralement le C:\)
N y touche pas pour l instant.

2) Redémarre en mode sans échec

3) SDFix
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
* Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
· Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
-1
Réponse 6 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
désolé j'été absent. je fait sa et je te colle mon rapport merci beaucoup.
-1
Réponse 7 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
[b]SDFix: Version 1.234 [/b]
Run by Kevin on 10/10/2008 at 18:20

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found

Voila le rapport
-1
benurrr Messages postés 9766 Statut Contributeur sécurité 107
 
ok fait ceci maintenant

/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)

Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )


File::

C:\WINDOWS\system32\votstevu.exe

C:\Documents and Settings\Kevin\delself.bat

C:\WINDOWS\system32\wini104552502.exe

C:\Documents and Settings\Francine\delself.bat

C:\sqmdata02.sqm

C:\sqmnoopt02.sqm

C:\WINDOWS\system32\d3d8caps.tmp

C:\WINDOWS\system32\d3d8caps.dat

Folder::

C:\Program Files\dhahmac


Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.



Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.
-1
Réponse 8 / 8
Cristal-PiX Messages postés 20 Statut Membre
 
ya eu un update de combo fix c'est normal ? sa va rien changé?

sa vien de me dire failed to download update copi

jfai le scan et je poste le rapport
merci encore
-1

Discussions similaires

Spam SMS : your messenger vérification code is ***
Metheor -
Radinoz -

1 réponse
Page bleue : your PC ran into a problem and needs to restart
pitchalou -
Malekal_morte- -

2 réponses
Comment résoudre "The requested URL was rejected"
Cguya -
jeannets -

3 réponses
Sms étranges "... is your instagram code"
Anon_4067 -
lablg23 -

5 réponses
Rtc battery low
Laeti28 -
Laeti28 -

15 réponses