Problème avec pc sous xp

skd -
jlpjlp Messages postés 52399 Statut Contributeur sécurité - 25 nov. 2008 à 22:46

Bonjour,

depuis cette pares midi j' ai les mise a jour automatique qui m'indique qu'elles ne sont plus actives et impossible de les réactivées, de plus il m'ont bouffé tout mes points de restauration, pouvez vous m'aide a remettre mon poste en ordre, voici le rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:10, on 24/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\apps\ABoard\AOSD.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Fifi.Philippe\Mes documents\Codecs\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://http//:www.telecharger.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [98e73933] rundll32.exe "C:\WINDOWS\system32\ukkftisp.dll",b
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O20 - AppInit_DLLs: lulcvx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Afficher la suite

A voir également:

Problème avec pc sous xp
Reinitialiser pc - Guide
Pc lent - Guide
Cle windows xp - Guide
Downloader for pc - Télécharger - Téléchargement & Transfert
Double ecran pc - Guide

8 réponses

Réponse 1 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

slt,

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

skd

voic le log

ComboFix 08-11-24.01 - Fifi 2008-11-25 11:19:01.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.444 [GMT 1:00]
Lancé depuis: d:\documents and settings\Fifi.Philippe\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\IOVCcfii.ini
c:\windows\system32\IOVCcfii.ini2
c:\windows\system32\psitfkku.ini
d:\documents and settings\Fifi.Philippe\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-25 au 2008-11-25 ))))))))))))))))))))))))))))))))))))
.

2008-11-24 23:11 . 2008-11-25 03:38 <REP> d-------- C:\ToolBar SD
2008-11-24 22:37 . 2008-11-25 00:49 <REP> d--h----- C:\$AVG8.VAULT$
2008-11-24 22:34 . 2008-11-24 22:34 <REP> d-------- d:\documents and settings\All Users\Application Data\avg8
2008-11-24 22:34 . 2008-11-24 22:35 <REP> d-------- c:\windows\system32\drivers\Avg
2008-11-24 22:34 . 2008-11-24 22:34 <REP> d-------- c:\program files\AVG
2008-11-24 22:34 . 2008-11-24 22:34 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-11-24 22:34 . 2008-11-24 22:34 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-11-24 22:09 . 2008-11-24 22:28 <REP> d-------- c:\program files\AskBarDis
2008-11-24 15:38 . 2008-11-24 15:38 <REP> d-------- d:\documents and settings\LocalService.AUTORITE NT\Application Data\X10 Commander
2008-11-24 15:26 . 2008-11-24 15:26 <REP> d--hs---- d:\documents and settings\NetworkService.AUTORITE NT
2008-11-24 15:26 . 2008-11-24 15:26 <REP> d--hs---- d:\documents and settings\LocalService.AUTORITE NT
2008-11-24 10:36 . 2008-11-24 10:36 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\The Bat!
2008-11-24 07:00 . 2008-11-24 07:00 16,574 --a------ c:\windows\EPISMF00.SWB
2008-11-23 20:39 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\system32\D3DX9_38.dll
2008-11-23 20:34 . 2008-11-23 20:34 <REP> d-------- c:\windows\Logs
2008-11-23 13:51 . 2008-11-23 13:51 234 --a------ c:\windows\Infos6.is
2008-11-22 18:45 . 2008-11-24 15:08 <REP> d-------- c:\program files\Bit Che
2008-11-22 18:45 . 2004-03-09 00:00 152,848 --a------ c:\windows\system32\comdlg32.OCX
2008-11-22 18:45 . 2004-03-09 00:00 124,688 --a------ c:\windows\system32\mswinsck.ocx
2008-11-21 20:22 . 2008-11-21 20:22 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\Ulead Systems
2008-11-19 20:37 . 1995-11-08 11:06 151,552 --------- c:\windows\crllyrnt.dll
2008-11-19 20:37 . 1995-05-19 14:49 133,904 --------- c:\windows\system32\mfcans32.dll
2008-11-19 20:37 . 1995-05-22 14:05 108,032 --------- c:\windows\system32\mfcuia32.dll
2008-11-19 20:37 . 1995-11-07 08:57 6,144 --------- c:\windows\system32\drivers\crlscsi.sys
2008-11-19 20:36 . 2008-11-19 20:37 <REP> d-------- c:\windows\COREL
2008-11-19 20:36 . 2008-11-19 20:37 <REP> d-------- C:\PrintHse
2008-11-19 20:36 . 1995-05-19 13:49 133,904 --a------ c:\windows\system\MFCANS32.DLL
2008-11-19 20:36 . 1993-11-23 05:53 28,672 --a------ c:\windows\system\CTL3D32.DLL
2008-11-19 20:33 . 2008-11-19 20:33 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\GlarySoft
2008-11-19 20:23 . 2008-11-24 22:09 <REP> d-------- c:\program files\Glary Utilities
2008-11-19 18:33 . 2008-11-19 18:33 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\AdobeUM
2008-11-15 20:07 . 2008-11-15 20:07 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\VadeRetro
2008-11-15 15:11 . 2008-11-15 15:11 <REP> d-------- c:\program files\ViaMichelin
2008-11-15 15:10 . 2006-04-10 18:05 104,576 --a------ c:\windows\system32\drivers\wceusbsh.sys
2008-11-15 15:10 . 2006-04-10 18:05 104,576 --a------ c:\windows\system32\dllcache\wceusbsh.sys
2008-11-15 15:08 . 2008-11-15 15:08 <REP> d-------- c:\windows\Downloaded Installations
2008-11-15 15:08 . 2008-11-15 15:08 <REP> d-------- c:\program files\Microsoft ActiveSync
2008-11-13 16:35 . 2008-11-13 16:35 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\OD2
2008-11-13 10:14 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-13 05:34 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-11-13 05:34 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-13 03:31 . 2008-11-13 03:31 <REP> d-------- c:\windows\Sun
2008-11-12 21:20 . 2008-11-12 21:20 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\Gearbox Software
2008-11-12 21:14 . 2008-11-12 21:16 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-12 21:14 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-12 21:14 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-12 21:13 . 2008-11-12 21:14 <REP> d-------- c:\program files\CCleaner
2008-11-12 21:12 . 2008-11-12 21:12 <REP> d-------- c:\program files\Ubisoft
2008-11-12 21:08 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2008-11-12 21:08 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys
2008-11-12 21:08 . 2008-11-12 21:08 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-12 21:08 . 2008-11-12 21:08 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-11-12 21:07 . 2008-11-12 21:08 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\PC Suite
2008-11-12 21:07 . 2008-11-12 21:08 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\Nokia
2008-11-12 21:04 . 2008-11-12 21:04 <REP> d-------- c:\program files\Fichiers communs\PCSuite
2008-11-12 21:04 . 2008-11-12 21:04 <REP> d-------- c:\program files\Fichiers communs\Nokia
2008-11-12 21:04 . 2008-11-12 21:04 <REP> d-------- c:\program files\DIFX
2008-11-12 21:03 . 2008-11-12 21:03 <REP> d-------- c:\program files\PC Connectivity Solution
2008-11-12 21:03 . 2008-11-12 21:04 <REP> d-------- c:\program files\Nokia
2008-11-12 21:03 . 2008-05-07 07:39 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2008-11-12 21:03 . 2008-05-07 07:38 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-11-12 21:03 . 2008-05-07 07:38 90,624 --a------ c:\windows\system32\nmwcdcls.dll
2008-11-12 21:03 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2008-11-12 21:03 . 2008-05-07 07:38 20,864 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-11-12 21:03 . 2008-05-07 07:38 17,536 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-11-12 21:03 . 2008-05-07 07:38 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-11-12 21:03 . 2008-06-06 09:24 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-11-12 20:49 . 2008-11-12 20:49 <REP> d-------- d:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-12 20:41 . 2008-10-03 18:12 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2008-11-12 20:41 . 2007-04-17 10:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-12 20:41 . 2007-03-08 06:10 1,048,576 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-12 20:41 . 2008-08-26 09:11 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2008-11-12 20:41 . 2008-08-26 09:11 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-12 20:41 . 2008-08-26 09:11 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2008-11-12 20:41 . 2008-08-26 09:11 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2008-11-12 20:41 . 2008-08-26 09:11 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-12 20:41 . 2008-08-25 09:38 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2008-11-12 20:30 . 2008-11-12 20:30 <REP> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-12 19:37 . 2008-11-12 19:37 <REP> d-------- c:\program files\Windows Media Connect 2
2008-11-12 19:36 . 2008-11-12 19:36 <REP> d-------- c:\windows\system32\LogFiles
2008-11-12 19:36 . 2008-11-12 21:09 <REP> d-------- c:\windows\system32\drivers\UMDF
2008-11-12 19:02 . 2008-11-12 20:23 <REP> d-------- c:\program files\Messenger Plus! Live
2008-11-12 18:59 . 2008-11-12 18:59 <REP> d-------- c:\program files\Magentic
2008-11-12 18:59 . 2008-08-04 09:51 750,984 --a------ c:\windows\system32\Magentic Screensaver.scr
2008-11-12 18:56 . 2008-11-12 18:56 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\TuneUp Software
2008-11-12 18:56 . 2008-11-12 18:57 <REP> d-------- c:\program files\TuneUp Utilities 2008
2008-11-12 18:56 . 2008-11-12 18:56 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-11-12 18:56 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-11-12 18:37 . 2008-11-12 18:37 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\Malwarebytes
2008-11-12 18:36 . 2008-11-12 19:02 <REP> d-------- d:\documents and settings\Fifi.Philippe\Contacts
2008-11-12 13:27 . 2008-11-12 21:04 <REP> d----c--- c:\windows\system32\DRVSTORE
2008-11-12 13:23 . 2008-11-12 13:30 <REP> d-------- c:\program files\Windows Live
2008-11-12 13:23 . 2008-11-12 13:26 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
2008-11-12 13:20 . 2008-11-25 03:43 69 --a------ c:\windows\NeroDigital.ini
2008-11-12 13:11 . 2008-11-12 20:41 <REP> d-------- c:\windows\system32\fr-fr
2008-11-12 13:11 . 2008-11-12 13:11 <REP> d-------- c:\windows\system32\fr
2008-11-12 13:11 . 2008-11-12 13:11 <REP> d-------- c:\windows\system32\bits
2008-11-12 13:11 . 2008-11-12 13:11 <REP> d-------- c:\windows\l2schemas
2008-11-12 13:10 . 2008-11-12 13:12 <REP> d-------- c:\windows\ServicePackFiles
2008-11-12 13:02 . 2008-04-14 03:33 1,888,992 --a------ c:\windows\system32\ati3duag.dll
2008-11-12 12:25 . 2008-11-12 12:25 <REP> d--hs---- d:\documents and settings\Fifi.Philippe\UserData
2008-11-12 12:24 . 2008-11-25 03:44 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\uTorrent
2008-11-12 12:24 . 2008-11-12 12:24 <REP> d-------- c:\program files\uTorrent
2008-11-12 12:21 . 2008-11-24 10:30 <REP> d-------- c:\program files\eMule
2008-11-12 12:19 . 2008-11-12 12:19 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\vlc
2008-11-12 12:18 . 2008-11-12 12:18 <REP> d-------- c:\program files\VideoLAN
2008-11-12 12:17 . 2008-11-12 12:18 <REP> d-------- c:\program files\Freeplayer
2008-11-12 12:11 . 2008-11-22 18:35 <REP> d-------- d:\documents and settings\Fifi.Philippe\Application Data\Ahead
2008-11-12 12:08 . 2008-11-12 12:08 <REP> d-------- c:\program files\Nero
2008-11-12 12:08 . 2008-11-12 12:11 <REP> d-------- c:\program files\Fichiers communs\Ahead
2008-11-12 10:05 . 2003-09-19 15:45 21,248 --a------ c:\windows\system32\drivers\pfc.sys
2008-11-12 10:04 . 2008-11-12 10:04 <REP> d-------- c:\program files\ArcSoft
2008-11-12 10:04 . 1995-08-01 04:44 212,480 --a------ c:\windows\PCDLIB32.DLL
2008-11-12 10:02 . 2008-11-12 10:06 <REP> d-------- c:\program files\epson
2008-11-12 10:02 . 2005-02-25 00:00 46,080 --a------ c:\windows\system32\escimgd.dll
2008-11-12 10:02 . 2005-02-25 00:00 29,696 --a------ c:\windows\system32\escwiad.dll
2008-11-12 10:02 . 2005-02-25 00:00 22,016 --a------ c:\windows\system32\esccmd.dll
2008-11-12 10:02 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2008-11-12 10:02 . 2008-11-12 10:02 25 --a------ c:\windows\CDE RX520FI.ini
2008-11-12 09:54 . 2008-06-14 18:33 272,768 --a------ c:\windows\system32\drivers\bthport.sys
2008-11-12 09:54 . 2008-06-14 18:33 272,768 --a------ c:\windows\system32\dllcache\bthport.sys
2008-11-12 09:54 . 2008-08-14 11:04 138,496 --a------ c:\windows\system32\dllcache\afd.sys
2008-11-12 09:53 . 2008-09-15 16:26 1,846,528 --a------ c:\windows\system32\dllcache\win32k.sys
2008-11-12 09:53 . 2008-09-08 11:41 333,824 --a------ c:\windows\system32\dllcache\srv.sys
2008-11-12 09:50 . 2008-08-14 14:23 2,191,232 --a------ c:\windows\system32\dllcache\ntoskrnl.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-12 20:04 --------- d-----w d:\documents and settings\All Users\Application Data\Installations
2008-11-12 12:23 --------- d-----w d:\documents and settings\All Users\Application Data\WLInstaller
2008-11-12 09:06 --------- d-----w d:\documents and settings\All Users\Application Data\UDL
2008-11-12 00:31 --------- d-----w d:\documents and settings\All Users\Application Data\Symantec
2008-11-11 21:29 --------- d-----w d:\documents and settings\All Users\Application Data\VadeRetro
2008-11-11 21:28 8,552 ----a-w c:\windows\system32\drivers\asctrm.sys
2008-11-11 21:28 --------- d-----w d:\documents and settings\All Users\Application Data\AOL
2008-11-11 21:27 --------- d-----w d:\documents and settings\All Users\Application Data\OD2
2008-11-09 15:00 --------- d-----w d:\documents and settings\All Users\Application Data\PC Suite
2008-11-06 23:00 --------- d-----w d:\documents and settings\Fifi\Application Data\uTorrent
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 07:50 --------- d-----w d:\documents and settings\Fifi\Application Data\Media Player Classic
2008-10-22 19:07 --------- d-----w d:\documents and settings\Fifi\Application Data\AdobeUM
2008-10-20 16:17 --------- d-----w d:\documents and settings\Fifi\Application Data\Gearbox Software
2008-10-19 18:11 --------- d-----w d:\documents and settings\Fifi\Application Data\Symantec
2008-10-19 17:55 --------- d-----w d:\documents and settings\Fifi\Application Data\VadeRetro
2008-10-19 11:49 --------- d-----w d:\documents and settings\Fifi\Application Data\PC Suite
2008-10-19 11:49 --------- d-----w d:\documents and settings\Fifi\Application Data\Nokia
2008-10-18 21:21 --------- d-----w d:\documents and settings\Fifi\Application Data\Convivea
2008-10-18 21:10 --------- d-----w d:\documents and settings\Fifi\Application Data\Ahead
2008-10-17 20:46 --------- d-----w d:\documents and settings\Fifi\Application Data\InstallShield
2008-10-17 20:27 --------- d-----w d:\documents and settings\All Users\Application Data\ma-config.com
2008-10-17 19:22 --------- d-----w d:\documents and settings\Fifi\Application Data\OD2
2008-10-17 18:56 --------- d-----w d:\documents and settings\Fifi\Application Data\vlc
2008-10-17 14:42 --------- d-----w d:\documents and settings\Fifi\Application Data\ArcSoft
2008-10-17 14:28 --------- d-----w d:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-10-17 13:57 --------- d-----w d:\documents and settings\Fifi\Application Data\TuneUp Software
2008-10-17 13:57 --------- d-----w d:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-17 13:53 --------- d-----w d:\documents and settings\All Users\Application Data\TEMP
2008-10-17 13:49 --------- d-----w d:\documents and settings\Fifi\Application Data\Malwarebytes
2008-10-17 13:49 --------- d-----w d:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-17 13:45 --------- d-----w d:\documents and settings\All Users\Application Data\Lavasoft
2008-10-17 12:56 --------- d-----w d:\documents and settings\All Users\Application Data\CyberLink
2008-10-17 12:52 --------- d-----w d:\documents and settings\All Users\Application Data\Ulead Systems
2008-10-17 12:48 --------- d-----w d:\documents and settings\Administrateur\Application Data\Symantec
2008-10-17 12:46 --------- d-----w d:\documents and settings\Fifi\Application Data\You've Got Pictures Screensaver
2008-10-17 12:46 --------- d-----w d:\documents and settings\All Users\Application Data\Viewpoint
2008-10-17 12:46 --------- d-----w d:\documents and settings\All Users\Application Data\QuickTime
2008-10-17 12:46 --------- d-----w d:\documents and settings\Administrateur\Application Data\You've Got Pictures Screensaver
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 17:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Magentic"="c:\progra~1\Magentic\bin\Magentic.exe" [2008-08-04 488808]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1211176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 139264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-05 7323648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-05 86016]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-08 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Vade Retro Outlook Express"="c:\progra~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 310272]
"Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 24576]
"EPSON Stylus Photo RX520 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE" [2005-04-07 98304]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-11 98304]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-24 1234712]
"nwiz"="nwiz.exe" [2006-01-05 c:\windows\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 c:\windows\RTHDCPL.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
RaConfig2500.lnk - c:\program files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe [2008-11-12 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=lulcvx.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm "= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"c:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"c:\\Program Files\\Magentic\\bin\\MgApp.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-11-24 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-24 231704]
R2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe -k netsvcs [2004-09-23 14336]
R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2008-11-11 799744]
R3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2008-11-11 7040]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-11-12 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2008-11-25 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-10-29 17:58]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{0E2CD22F-7800-4A90-9C5D-804FD784B99A} - c:\windows\system32\iifcCVOI.dll
BHO-{7c567164-3c8b-4127-99fd-3f87f7ee3f87} - c:\windows\system32\lulcvx.dll
BHO-{7FC793E3-2599-4E31-9806-1E7BFF68F894} - c:\windows\system32\qoMEwwWQ.dll
HKLM-Run-98e73933 - c:\windows\system32\ukkftisp.dll
ShellExecuteHooks-{7FC793E3-2599-4E31-9806-1E7BFF68F894} - c:\windows\system32\qoMEwwWQ.dll
Notify-qoMEwwWQ - qoMEwwWQ.dll

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 11:22:06
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\a-squared Free\a2service.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\COMMON~1\X10\Common\X10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
c:\windows\system32\rundll32.exe
c:\apps\ABOARD\AOSD.EXE
c:\program files\AVG\AVG8\avgtray.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\progra~1\Magentic\bin\MgApp.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\system32\dllhost.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wscntfy.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Heure de fin: 2008-11-25 11:24:09 - La machine a redémarré [Fifi]
ComboFix-quarantined-files.txt 2008-11-25 10:24:05

Avant-CF: 181 783 703 552 octets libres
Après-CF: 181,695,221,760 octets libres

323 --- E O F --- 2008-11-12 21:21:29

merci pour ton aide

cordialement

skd

Réponse 2 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

remets un rapport hijakchits

puis

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

skd

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:54, on 25/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\microsoft office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Documents and Settings\Fifi.Philippe\Mes documents\Codecs\HiJackThis.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://http//:www.telecharger.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX520 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAGE.EXE /P31 "EPSON Stylus Photo RX520 Series" /O6 "USB001" /M "Stylus Photo RX520"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: RaConfig2500.lnk = C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: lulcvx.dll,avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Réponse 3 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

ceci a virer:

D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast Antivirus Pro v4.7.827 Fr Incl-Keygen.rar.torrent
D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast.Antivirus.Pro.v4.7.892.FR+Spa+Ita.Incl-Keygen.torrent

__________________

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

skd

-----------\\ ToolBar S&D 1.2.5 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : Fifi ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:169 Go)
D:\ (Local Disk) - NTFS - Total:149 Go (Free:115 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB) - FAT32 - Total:243 Mo (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 20-11-2008|20:25 )
Option : [2] ( 25/11/2008|12:19 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.free.fr/freebox/index.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast Antivirus Pro v4.7.827 Fr Incl-Keygen.rar.torrent
D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast.Antivirus.Pro.v4.7.892.FR+Spa+Ita.Incl-Keygen.torrent

1 - "C:\ToolBar SD\TB_1.txt" - 24/11/2008|23:13 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 25/11/2008| 3:38 - Option : [1]
3 - "C:\ToolBar SD\TB_3.txt" - 25/11/2008|12:13 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 25/11/2008|12:20 - Option : [2]

-----------\\ Fin du rapport a 12:20:27,23

Réponse 4 / 8

skd

escuse moi de mon ignorance mais c'est sur mon 2ème disque dur et je sais pas y acceder, peux tu m'aider
merci

skd

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

télécharge OTMoveIt

http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

:files
D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast Antivirus Pro v4.7.827 Fr Incl-Keygen.rar.torrent
D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast.Antivirus.Pro.v4.7.892.FR+Spa+Ita.Incl-Keygen.torrent

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

skd

voici ce qu'il me met dans la fenetre

Error: Unable to interpret <files > in the current context!
Error: Unable to interpret <D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast Antivirus Pro v4.7.827 Fr Incl-Keygen.rar.torrent > in the current context!
Error: Unable to interpret <D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast.Antivirus.Pro.v4.7.892.FR+Spa+Ita.Incl-Keygen.torrent > in the current context!

skd > skd

j'ai rééssayé et voici

File/Folder D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast Antivirus Pro v4.7.827 Fr Incl-Keygen.rar.torrent not found.
File/Folder D:\DOCUME~1\FIFI~1.PHI\Application Data\uTorrent\Avast.Antivirus.Pro.v4.7.892.FR+Spa+Ita.Incl-Keygen.torrent not found.

Réponse 6 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

ok encore des soucis???

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

skd

salut,

nickel plus un virus avec panda en ligne et avg ne detecte plus rien, merci pour tout, super sympa de m'avoir aider, heureusement qu'il y a encore des gens géniaux pour aider des truffes comme nous

skd

Réponse 7 / 8

skd

je fais le scan en ligne avec panda et je te di quoi apres

Réponse 8 / 8

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

ok

________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là : https://www.informatruc.com

________________

pour virer ce qui a été utilisé:

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

ps : pas besoin de m´envoyer le rapport si tout a ete supprimé

Problème avec pc sous xp

8 réponses

Votre réponse

Newsletters