Sujet Précédent Sujet Suivant

Aider moi svp car mon pc est infecte

Résolu
djearadjou Messages postés 44 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
depuis ce martin mon pc est affecte par un virus est je vous donne le raport de hijackthis puisque vous pouvez savoir plus de mon prob.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:09:04, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\windows\System32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\RTHDCPL.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\windows\system32\frmwrk32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://portail.free.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 189.26.78.248:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Windows Live OneCare Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\DOCUME~1\DJEARA~1\LOCALS~1\Temp\E_S420.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\DJEARADJOU\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: BTTray.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
A voir également:

31 réponses

Précédent
  • 1
  • 2
Réponse 21 / 31
djearadjou Messages postés 44 Statut Membre 1
 
voici le rapport

-------------- UsbFix V2.413.4 ---------------

* User : DJEARADJOU - GG
* Outils mis a jours le 11/12/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 12:13:07 le 16/12/2008
* Windows Xp - Internet Explorer 7.0.5730.13

--------------- [ Processus actifs ] ----------------

C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\WgaTray.exe
C:\DOCUME~1\DJEARA~1\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

--------------- [ Lecteur C ] ----------------

C: - Lecteur fixe

+- Listing des fichiers présents :

[10/11/2008 23:27][--a------] C:\AUTOEXEC.BAT
[11/11/2008 12:47][-rahs----] C:\NTDETECT.COM
[15/12/2008 20:54][--a------] C:\lopR.txt
[15/12/2008 20:54][--a------] C:\UsbFix.txt
[15/12/2008 20:54][--a------] C:\windowsC.txt
[10/11/2008 23:27][--a------] C:\CONFIG.SYS
[10/11/2008 23:27][--a------] C:\hiberfil.sys
[10/11/2008 23:27][--a------] C:\IO.SYS
[10/11/2008 23:27][--a------] C:\MSDOS.SYS
[10/11/2008 23:27][--a------] C:\pagefile.sys

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Secondary Start Pages"=hex(7):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,66,00,\
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\windows\system32\ctfmon.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
Nero PhotoShow Media Manager=C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
EPSON Stylus DX4400 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\DOCUME~1\DJEARA~1\LOCALS~1\Temp\E_S420.tmp" /EF "HKCU"
Nokia.PCSync="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
PC Suite Tray="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
RTHDCPL=RTHDCPL.EXE
Alcmtr=ALCMTR.EXE
ShStatEXE="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
McAfeeUpdaterUI="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
ZSSnp211=C:\WINDOWS\ZSSnp211.exe
Domino=C:\WINDOWS\Domino.exe
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
fssui="C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1

--------------- [ Registre / Mountpoint2 ] ----------------

-> Recherche négative.

--------------- [ Nettoyage des disques ] ----------------

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre interprété par un spécialiste /!\

[10/11/2008 23:27][--a------] C:\AUTOEXEC.BAT
[11/11/2008 12:47][-rahs----] C:\NTDETECT.COM

--------------- ! Fin du rapport ! ----------------
0
Réponse 22 / 31
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Télécharge Combofix de sUBs : aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: http://bibou0007.forumpro.fr/tutos-f45/tutorial-combofix-t12­1.htm

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
0
Réponse 23 / 31
djearadjou Messages postés 44 Statut Membre 1
 
la rapport de cobofix
ComboFix 08-12-15.05 - DJEARADJOU 2008-12-16 14:10:01.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1023.430 [GMT 1:00]
Lancé depuis: c:\documents and settings\DJEARADJOU\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
* Resident AV is active

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\test.ttt
c:\windows\system32\uniq.tll
c:\windows\system32\win32hlp.cnf

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-16 au 2008-12-16 ))))))))))))))))))))))))))))))))))))
.

2008-12-16 13:54 . 2008-12-16 13:54 <REP> d-------- c:\documents and settings\DJEARADJOU\Tracing
2008-12-16 13:19 . 2008-12-16 13:19 <REP> d-------- c:\program files\Microsoft Silverlight
2008-12-16 13:19 . 2008-12-16 13:19 <REP> d-------- c:\program files\Microsoft Office Outlook Connector
2008-12-16 13:17 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-16 13:16 . 2008-12-16 13:16 <REP> d-------- c:\program files\Microsoft Sync Framework
2008-12-16 13:16 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2008-12-16 13:15 . 2008-12-16 13:15 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-12-16 13:14 . 2008-12-16 13:19 <REP> d-------- c:\program files\Microsoft
2008-12-16 13:13 . 2008-12-16 13:13 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-12-16 13:04 . 2008-12-16 13:04 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2008-12-16 11:02 . 2008-12-16 12:14 <REP> d-------- c:\program files\UsbFix
2008-12-15 23:56 . 2008-12-15 23:56 <REP> d-------- C:\_OTMoveIt
2008-12-15 20:29 . 2008-12-15 20:54 <REP> d-------- C:\Lop SD
2008-12-15 17:20 . 2008-12-15 17:20 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-15 17:20 . 2008-12-15 17:20 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\Malwarebytes
2008-12-15 17:20 . 2008-12-15 17:20 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-15 17:20 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-15 17:20 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-15 14:23 . 2008-12-15 14:23 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2008-12-15 14:20 . 2008-12-15 14:20 <REP> d-------- c:\windows\ERUNT
2008-12-15 13:47 . 2008-12-15 15:34 <REP> d-------- C:\SDFix
2008-12-15 09:57 . 2008-12-15 09:57 <REP> d-------- c:\program files\Alwil Software
2008-12-15 09:36 . 2008-12-15 09:48 <REP> d-------- c:\program files\Yahoo!
2008-12-15 09:36 . 2008-12-15 09:36 <REP> d-------- c:\program files\CCleaner
2008-12-15 09:16 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2008-12-15 09:15 . 2008-12-15 09:15 <REP> d-------- c:\program files\Panda Security
2008-12-15 09:07 . 2008-12-15 09:07 <REP> d-------- c:\program files\Trend Micro
2008-12-15 07:27 . 2008-04-13 19:34 26,624 --a--c--- c:\windows\system32\dllcache\userinit.exe
2008-12-15 00:29 . 2008-12-16 00:43 <REP> d-------- c:\program files\SoftLogica
2008-12-14 23:14 . 2008-12-14 23:14 <REP> d-------- c:\program files\PC Inspector File Recovery
2008-12-14 23:14 . 2002-02-18 18:40 6,200 --a------ c:\windows\system32\INT13EXT.VXD
2008-12-14 15:10 . 2008-12-15 23:56 <REP> d-------- c:\program files\WS Script Black
2008-12-14 11:14 . 2008-12-14 11:14 <REP> d-------- c:\program files\Picasa2
2008-12-14 11:14 . 2008-12-14 11:14 <REP> d-------- c:\program files\Google
2008-12-13 19:09 . 2008-12-13 19:30 <REP> d-------- C:\elisa
2008-12-13 19:02 . 2008-12-13 19:34 <REP> d-------- C:\nokia
2008-12-13 18:03 . 2008-12-14 17:12 <REP> d-------- c:\program files\Mindscape
2008-12-13 18:02 . 1998-10-07 13:08 327,168 --a------ c:\windows\IsUn040c.exe
2008-12-13 18:02 . 2008-12-13 18:02 0 --a------ c:\windows\setup32.INI
2008-12-13 14:55 . 2008-12-13 14:55 <REP> d-------- c:\program files\Windows Media Connect 2
2008-12-13 14:54 . 2008-12-13 14:55 <REP> d-------- C:\2f18dbaa71f339b68527893973d7fcbf
2008-12-13 14:52 . 2008-12-13 14:52 <REP> d-------- c:\windows\system32\LogFiles
2008-12-13 14:52 . 2008-12-13 20:01 <REP> d-------- c:\windows\system32\drivers\UMDF
2008-12-13 14:51 . 2008-12-13 14:52 <REP> d-------- C:\b21ada3a4692995e192d78
2008-12-13 06:02 . 2008-12-13 06:02 <REP> d-------- c:\documents and settings\DAMIEN\Application Data\PC Suite
2008-12-12 08:30 . 2008-12-13 13:10 <REP> d-------- c:\program files\Hybrid Client
2008-12-11 21:45 . 2008-08-14 14:23 2,147,328 --a------ c:\windows\system32\LOGOOS.EXE
2008-12-11 20:09 . 2005-01-17 01:12 335,872 --a------ c:\windows\system32\HookMenu.ocx
2008-12-11 20:09 . 2006-08-23 17:52 229,376 --a------ c:\windows\system32\Tab23.ocx
2008-12-11 20:09 . 2003-09-23 08:00 203,976 --a------ c:\windows\system32\RICHTX32.OCX
2008-12-11 20:09 . 2007-04-16 22:28 143,360 --a------ c:\windows\system32\LVbuttons.ocx
2008-12-11 20:09 . 2000-05-22 18:58 140,488 --a------ c:\windows\system32\comdlg32.ocx
2008-12-11 20:09 . 2004-03-09 10:00 124,688 --a------ c:\windows\system32\MSWINSCK.OCX
2008-12-11 20:09 . 2000-05-22 01:00 115,920 --a------ c:\windows\system32\MSINET.OCX
2008-12-11 20:09 . 2004-09-19 21:37 39,936 --a------ c:\windows\system32\fkTray.ocx
2008-12-10 12:47 . 2008-12-10 12:47 <REP> d-------- c:\program files\Conduit
2008-12-10 10:59 . 2008-12-10 10:59 <REP> d-------- c:\program files\ESTsoft
2008-12-10 10:59 . 2008-12-11 17:22 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\ESTsoft
2008-12-10 10:59 . 2008-12-11 17:22 <REP> d-------- c:\documents and settings\All Users\Application Data\ESTsoft
2008-12-09 19:23 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-12-09 19:23 . 2008-12-09 19:23 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-09 19:23 . 2008-12-09 19:23 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-12-09 19:19 . 2008-12-09 19:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Nokia
2008-12-09 19:16 . 2008-09-15 08:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2008-12-09 19:16 . 2008-09-15 08:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-12-09 19:16 . 2008-02-01 16:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys
2008-12-09 19:16 . 2008-09-15 08:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2008-12-09 19:16 . 2008-09-15 08:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-12-09 19:16 . 2008-02-01 16:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys
2008-12-09 19:16 . 2008-09-15 08:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2008-12-09 19:16 . 2008-09-15 08:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2008-12-09 19:15 . 2008-12-09 19:15 <REP> d-------- c:\program files\MSXML 6.0
2008-12-09 18:51 . 2008-04-13 11:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2008-12-09 18:51 . 2008-04-13 11:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2008-12-09 18:51 . 2008-12-09 18:51 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-09 18:51 . 2008-12-09 18:51 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-09 18:47 . 2008-12-13 19:39 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\PC Suite
2008-12-09 18:47 . 2008-12-09 18:54 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\Nokia
2008-12-09 18:47 . 2008-12-13 19:39 <REP> d-------- c:\documents and settings\All Users\Application Data\PC Suite
2008-12-09 18:44 . 2008-12-09 18:44 <REP> d-------- c:\program files\Fichiers communs\PCSuite
2008-12-09 18:44 . 2008-12-09 18:44 <REP> d-------- c:\program files\Fichiers communs\Nokia
2008-12-09 18:43 . 2008-12-09 18:43 <REP> d-------- c:\program files\PC Connectivity Solution
2008-12-09 18:43 . 2008-12-09 19:16 <REP> d-------- c:\program files\Nokia
2008-12-09 18:43 . 2008-12-09 18:43 <REP> d-------- c:\program files\DIFX
2008-12-09 18:43 . 2008-09-15 08:56 91,136 --a------ c:\windows\system32\nmwcdcls.dll
2008-12-09 18:43 . 2007-09-17 15:53 21,632 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2008-12-09 18:38 . 2008-12-09 19:13 <REP> d-------- c:\documents and settings\All Users\Application Data\Installations
2008-12-08 14:19 . 2008-12-14 21:55 <REP> d-------- c:\program files\iHabbix Ltd
2008-12-06 20:37 . 2008-12-15 07:38 <REP> d-------- c:\program files\iHabbix V3
2008-12-06 14:48 . 2008-12-16 14:10 <REP> d-------- C:\QUARANTINE
2008-12-05 00:11 . 2008-12-05 00:11 308,584 --a------ c:\windows\WLXPGSS.SCR
2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\system32\sirenacm.dll
2008-11-30 18:35 . 2008-11-30 18:35 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\dvdcss
2008-11-29 12:58 . 2008-11-29 12:58 <REP> d-------- c:\windows\system32\windows media
2008-11-29 12:58 . 2008-11-29 12:58 <REP> d--h----- c:\windows\msdownld.tmp
2008-11-29 12:58 . 2008-11-29 12:58 <REP> d-------- c:\program files\Windows Media Components
2008-11-29 12:55 . 2008-11-29 12:55 <REP> d-------- c:\program files\NRJ
2008-11-28 23:41 . 2008-11-28 23:41 21,035 --a------ c:\windows\system32\drivers\AegisP.sys
2008-11-28 17:54 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll
2008-11-28 17:54 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys
2008-11-28 17:53 . 2008-11-28 17:54 <REP> d-------- c:\program files\iTunes
2008-11-28 17:53 . 2008-11-28 17:53 <REP> d-------- c:\program files\iPod
2008-11-28 17:53 . 2008-11-28 17:54 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-28 17:52 . 2008-11-28 17:53 <REP> d-------- c:\program files\QuickTime
2008-11-28 17:42 . 2008-11-28 17:51 <REP> d-------- c:\program files\Fichiers communs\Apple
2008-11-28 17:42 . 2008-11-28 17:53 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-27 06:40 . 2008-12-14 22:41 <REP> d-------- c:\program files\Alice
2008-11-24 12:04 . 2008-11-24 12:04 <REP> d-------- c:\documents and settings\DAMIEN\Application Data\Nero
2008-11-23 19:42 . 2008-12-14 21:54 <REP> d-------- c:\program files\ArtMoney
2008-11-22 22:26 . 2008-11-22 22:26 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\EPSON
2008-11-22 22:26 . 2008-11-22 22:26 29 --a------ c:\windows\DEBUGSM.INI
2008-11-22 16:01 . 2008-11-25 18:18 <REP> d-------- c:\program files\McDonaldsFairies
2008-11-22 16:00 . 2008-11-22 16:00 <REP> d--hs---- c:\windows\ftpcache
2008-11-21 13:07 . 2008-11-21 14:02 <REP> d-------- C:\divx
2008-11-21 13:02 . 2008-11-21 15:10 <REP> d-------- c:\program files\DivX
2008-11-21 12:00 . 2008-11-21 12:00 0 --a------ c:\windows\Irremote.ini
2008-11-21 10:56 . 2008-11-21 10:56 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\vlc
2008-11-21 10:55 . 2008-11-21 10:55 <REP> d-------- c:\program files\VideoLAN
2008-11-21 09:52 . 2007-04-05 20:53 335,872 --a------ c:\windows\Nero PhotoShow.scr
2008-11-21 09:52 . 2007-03-29 00:56 245,408 --a------ c:\windows\system32\unicows.dll
2008-11-21 09:49 . 2008-11-21 09:52 <REP> d-------- c:\program files\Fichiers communs\Simple Star Shared
2008-11-21 09:49 . 2008-11-21 09:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Simple Star Shared
2008-11-21 09:48 . 2008-11-21 09:48 <REP> d-------- c:\documents and settings\DJEARADJOU\Application Data\Simple Star
2008-11-21 09:34 . 2008-11-21 09:49 <REP> d-------- c:\program files\Nero
2008-11-21 09:34 . 2008-11-21 12:36 <REP> d-------- c:\program files\Fichiers communs\Nero

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-15 20:06 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-15 16:57 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-15 16:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-14 10:37 --------- d-----w c:\documents and settings\DJEARADJOU\Application Data\Nero
2008-11-21 14:11 --------- d-----w c:\documents and settings\DJEARADJOU\Application Data\DivX
2008-11-18 09:11 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-11-17 20:29 90,112 ----a-w c:\windows\DUMP349c.tmp
2008-11-13 18:46 --------- d-----w c:\program files\Microsoft.NET
2008-11-11 15:37 --------- d-----w c:\program files\Western Digital
2008-11-11 15:02 --------- d-----w c:\program files\MSBuild
2008-11-11 14:58 --------- d-----w c:\program files\Reference Assemblies
2008-11-11 14:18 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2008-11-11 14:17 --------- d-----w c:\program files\McAfee
2008-11-11 14:17 --------- d-----w c:\program files\Fichiers communs\McAfee
2008-11-11 14:17 --------- d-----w c:\program files\Fichiers communs\Cisco Systems
2008-11-11 11:27 --------- d-----w c:\program files\Realtek
2008-11-11 09:49 --------- d-----w c:\program files\Intel
2008-11-10 22:27 --------- d-----w c:\program files\microsoft frontpage
2008-11-10 22:25 --------- d-----w c:\program files\Services en ligne
2008-10-31 10:38 4,942,336 ----a-w c:\windows\system32\drivers\RtkHDAud.sys
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll
2008-10-28 16:18 17,331,200 ----a-w c:\windows\RTHDCPL.EXE
2008-10-27 17:12 34,816 ----a-w c:\windows\system32\RtkCoInstXP.dll
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:18 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 15:38 2,168,320 ----a-w c:\windows\MicCal.exe
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:57 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-19 21:57 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-19 21:57 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-19 16:48 1,200,128 ----a-w c:\windows\RtlUpd.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2008-06-24 132392]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-11-18 342336]
"Nero PhotoShow Media Manager"="c:\progra~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe" [2007-04-27 312848]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2008-09-17 86016]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-30 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"ZSSnp211"="c:\windows\ZSSnp211.exe" [2006-08-08 49152]
"Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-28 c:\windows\RTHDCPL.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"nwiz"=nwiz.exe /install

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\epson\\escndv\\setup\\setup.exe"=
"c:\\Program Files\\epson\\escndv\\escndv.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Hybrid Client\\Hybrid Client.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-15 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-15 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-15 20560]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-16 55136]
R2 fsssvc;Windows Live Contrôle parental;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-12-08 533344]
R2 SeaPort;SeaPort;"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [2008-12-04 226640]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-12-09 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-12-09 8320]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{C0350ECF-5E90-4D54-A401-9EFFF47D7FDE} - (no file)

.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 189.26.78.248:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\DJEARADJOU\Application Data\Mozilla\Firefox\Profiles\gvrei3vc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\program files\DNA\plugins\npbtdna.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\program files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 14:13:08
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-12-16 14:15:16
ComboFix-quarantined-files.txt 2008-12-16 13:14:12

Avant-CF: 81ÿ070ÿ288ÿ896 octets libres
AprÞs-CF: 81,353,084,928 octets libres

307 --- E O F --- 2008-12-16 06:40:03
0
Réponse 24 / 31
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok remets un rapport hijakchits
et dis tes soucis actuels
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 31
djearadjou Messages postés 44 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:47:13, on 16/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\windows\System32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\System32\svchost.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Fichiers communs\Nokia\MPAPI\MPAPI3s.exe
C:\windows\system32\wuauclt.exe
C:\windows\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMDllHost.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 189.26.78.248:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\windows\inf\unregmp2.exe /Fixups
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\DJEARADJOU\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 26 / 31
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok tu as deux antivirus mac afee et avast? vire avast comme ceci

https://www.avast.com/fr-fr/uninstall-utility

___________________

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

sinon c'est bon!!!

pour virer ce qui a été utilisé:

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
0
Réponse 27 / 31
djearadjou Messages postés 44 Statut Membre 1
 
[ Rapport ToolsCleaner version 2.2.7 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Recent\MSNFix.lnk: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\UsbFix\UsbFix.exe: trouvé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\NIRCMD.exe: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\DJEARADJOU\Recent\MSNFix.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\UsbFix\UsbFix.exe: supprimé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\WINDOWS\NIRCMD.exe: supprimé !
C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Point de restauration crée !
Corbeille vidée!
0
Réponse 28 / 31
djearadjou Messages postés 44 Statut Membre 1
 
[ Rapport ToolsCleaner version 2.2.7 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\DJEARADJOU\Recent\MSNFix.lnk: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\UsbFix\UsbFix.exe: trouvé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\WINDOWS\NIRCMD.exe: trouvé !
C:\WINDOWS\system32\*.msnfix: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\DJEARADJOU\Recent\MSNFix.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\DJEARADJOU\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\UsbFix\UsbFix.exe: supprimé !
C:\Program Files\UsbFix\Tools\NIRCMD.exe: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\WINDOWS\NIRCMD.exe: supprimé !
C:\WINDOWS\system32\*.msnfix: ERREUR DE SUPPRESSION !!
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\DJEARADJOU\Menu Démarrer\Programmes\UsbFix: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Point de restauration crée !
Corbeille vidée!
0
Réponse 29 / 31
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire le ficheir msnfix

C:\WINDOWS\system32\*.msnfix

encore des soucis???
0
Réponse 30 / 31
djearadjou Messages postés 44 Statut Membre 1
 
c'est fait.et le ordi marche un merveille
0
Réponse 31 / 31
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok bonne suite
0