Se connecter / S'enregistrer
Votre question

Infection live sécurité platinium

Tags :
  • live security platinium
  • ZAccess
  • Sirefef
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Septembre 2012 00:22:48

Bonsoir ayant fais deux ,trois recherche je suis infecté par Live sécurité platinium est ce que quelqu'un peut m,aider

Autres pages sur : infection live securite platinium

a c 940 8 Sécurité
3 Septembre 2012 10:39:00

Bonjour,

Normalement tu devrais pouvoir démarrer en Mode sans échec avec prise en charge du réseau

Nous allons établir un 1er diagnostic avec cet outil pour déterminer la variante qui a infecté ton système, suis bien les instructions indiquées :

OTL :

  • Télécharge OTL de OldTimer et enregistre le sur le Bureau
  • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
    /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
  • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées
  • Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit
    netsvcs
    msconfig
    activex
    drivers32
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\Tasks\*.* /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\assembly\GAC_32\*.ini
    %systemroot%\assembly\GAC_64\*.ini
    %systemdrive%\$Recycle.Bin|@;true;true;true
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    nslookup http://www.google.fr /c
    CREATERESTOREPOINT

  • Clique ensuite sur Analyse et patiente le temps du scan

  • A la fin de l'analyse, les rapports OTL.txt et Extras.txt s'affichent.
  • Les rapports étant trop longs pour le forum, héberge-les sur pjjoint.fr et indique les liens fournis dans ta réponse.
    Aide en images : Héberger son rapport d'analyse
    Les rapports sont sauvegardés sur le Bureau.


  • /!\ Par précaution, change tous tes mots de passe FTP/Réseaux sociaux/Web ......

    @+
    m
    0
    l
    Contenus similaires
    3 Septembre 2012 12:08:40

    bonjour voila j'ai posté les liens demandé merci de ton aide
    m
    0
    l
    3 Septembre 2012 14:35:19

    re bonjour besoin d'aide svp
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 14:43:58

    Re,

    OK pour les rapports OTL.

    Tu peux démarrer en mode normal apparemment.

    Par contre, tu as utilisé Malwarebytes et RogueKiller.
    Merci de me communiquer les rapports s'il te plaît
    • pour Malwarebytes, ouvre l'application, puis l'onglet Rapports/Logs, double-clique sur le rapport pour l'ouvrir et copie-colle son contenu dans ta prochaine réponse
    • pour RogueKiller, les rapports sont sur le Bureau


  • Tu peux me préciser quel est l'antivirus installé sur ce système ?

    ---------------------------------------------------------------------------------------------

    Recommandations pour la désinfection :

    • La procédure de désinfection nécessite parfois l'utilisation d'une succession d'outils puissants avec des procédures spécifiques.
      Les indications sont détaillées pour chaque procédure, n'hésite pas à demander des précisions en cas de doute et à signaler tout problème rencontré.

    • Tant que la désinfection n'est pas terminée, n'utilise ton PC que pour un strict minimum, juste pour appliquer les procédures indiquées, évite de surfer sur le net et n'installe aucun autre programme (hormis les outils indiqués)

    • Suis bien les instructions dans l'ordre où elles sont indiquées et n'utilise aucun outil de désinfection de ta propre initiative

    • Signale si tu as ouvert le même sujet dans un autre forum, cela peut s'avérer fort dangereux pour ton système

    • Selon l'infection, un blocage est toujours possible pendant la procédure de désinfection, sauvegarde toutes tes données personnelles dès que c'est possible (il est, de toutes façons, recommandé de sauvegarder régulièrement ses données personnelles)

    • Il faut aller jusqu'au bout de la désinfection.
      Que les symptomes ne se manifestent plus ne signifie pas que le système soit totalement désinfecté. Il y a d'autre part des mises à jour à faire pour éviter la ré-infection.
      Un système qui n'est pas à jour présente des failles de sécurité importantes et est une cible de choix pour les malwares.


  • ---------------------------------------------------------------------------------------------

    OTL :

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Copie l'intégralité de ce script ci-dessous (y compris la 1ère ligne OTL)
      :OTL
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://allssearch.com/
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=108988&tt=120812_bandext_3312_8&babsrc=HP_ss&mntrId=0e8aadad000000000000386077e3eb45
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://allssearch.com/
      IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
      IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=108988&tt=120812_bandext_3312_8&babsrc=SP_ss&mntrId=0e8aadad000000000000386077e3eb45
      IE - HKCU\..\SearchScopes\{898AECA5-312C-46E3-8CDB-DF69220562B8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYFR&apn_uid=07ED8A6A-AB45-475A-9F6E-F0ACEF57C7C2&apn_sauid=AA758731-AEFC-4527-8C00-8FE1AB9639A9
      FF - prefs.js..browser.search.order.1: "Ask.com"
      FF - prefs.js..browser.startup.homepage: "http://allssearch.com/"
      FF - user.js..browser.startup.homepage: "http://allssearch.com/"user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108988&tt=120812_bandext_3312_8");
      [2012/08/18 23:04:08 | 000,002,396 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\searchplugins\askcom.xml
      [2012/08/14 23:37:59 | 000,002,227 | ---- | M] () -- C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\searchplugins\BabylonMngr.xml
      [2012/08/14 23:30:37 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      CHR - homepage: http://search.babylon.com/?affID=108988&tt=120812_bandext_3312_8&babsrc=HP_ss&mntrId=0e8aadad000000000000386077e3eb45
      O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
      [2012/09/02 22:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CCA9337E79A31130B8E3F875F002
      [2012/08/17 00:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
      [2012/08/14 23:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\allsearch
      [2012/08/12 20:50:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
      [2012/08/12 20:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
      [2012/09/03 10:20:21 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\vtscheduletask.job
      [2012/08/03 22:57:46 | 000,000,000 | ---D | M] -- C:\Users\jonathan\AppData\Roaming\Babylon

      :files
      C:\Windows\assembly\GAC_32\Desktop.ini
      C:\Windows\assembly\GAC_64\Desktop.ini
      C:\Users\jonathan\AppData\Local\{*}
      ipconfig /flushdns /c

      :Commands
      [EMPTYTEMP]
      [CREATERESTOREPOINT]

    • Colle l'intégralité du script dans le cadre Personnalisation
    • Clique ensuite sur le bouton Correction

    • L'outil lance la suppression, ne pas l'interrompre
    • Si l'outil te demande de redémarrer le PC, tu acceptes
    • Poste le contenu du rapport situé dans C:\_OTL\MovedFiles\********_******.log dans ta prochaine réponse
      les *** sont des chiffres représentant la date [MoisJourAnnée] et l'heure


  • /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\

    ----------------------------------------------------------------------------------------------

    ComboFix :

    /!\ComboFix est un outil puissant qui ne doit pas être employé à la légère. Cette procédure a été créée spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, ne la lancez pas au risque d'endommager sérieusement votre installation de Windows /!\

    • Télécharge ComboFix de sUBs et enregistre-le sur ton Bureau (et nulle part ailleurs, impérativement sur le Bureau)
    • /!\ Ferme toutes les applications en cours et désactive toute protection résidente (antivirus, suite de sécurité)
    • Prends connaissance de ce tutoriel et imprime-le au besoin
    • Sauvegarde tes données importantes
    • Clique sur ComboFix.exe pour lancer l'application
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Accepte la licence d'utilisation et laisse toi guider par le programme
    • Autorise ComboFix à se connecter à internet pour les mises à jour si le programme le demande
    • /!\ Sous XP, ComboFix va vérifier si la Console de récupération est installée. Si cette Console n'est pas installée, accepte par Oui afin de permettre à ComboFix de l'installer
    • Surtout, laisse l'outil travailler sans rien toucher
    • Le système va redémarrer, puis le rapport Combofix.txt va s'afficher. Poste le contenu de ce rapport dans ta prochaine réponse
      Le rapport est sauvegardé sous :C:\Combofix.txt


  • ---------------------------------------------------------------------------------------------

    Sont attendus les rapports :
    • mbam-log[date-heure].txt
    • RogueKiller
    • C:\_OTL\MovedFiles\********_******.log
    • Combofix.txt


  • @+
    m
    0
    l
    3 Septembre 2012 14:52:33

    l'antivirus est mac affee merci de ton aide Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Version de la base de données: v2012.09.03.05

    Windows 7 Service Pack 1 x64 NTFS (Mode sans échec/Réseau)
    Internet Explorer 9.0.8112.16421
    jonathan :: JONATHAN-PC [administrateur]

    03/09/2012 13:31:34
    mbam-log-2012-09-03 (13-31-34).txt

    Type d'examen: Examen complet (C:\|D:\|E:\|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 330824
    Temps écoulé: 22 minute(s), 49 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)
    m
    0
    l
    3 Septembre 2012 14:53:25

    puis roguekiller RogueKiller V8.0.2 [31/08/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Demarrage : Mode normal
    Utilisateur : jonathan [Droits d'admin]
    Mode : Recherche -- Date : 03/09/2012 14:14:49

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE] ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 ATA Device +++++
    --- User ---
    [MBR] 0d22041b2c8b0a96151869673209dff1
    [BSP] 2ac565e7af7184e5c8405d1c55137f0a : Windows 7 MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16384 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33556480 | Size: 100 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33761280 | Size: 468691 Mo
    3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 993640448 | Size: 468692 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[15].txt >>
    RKreport[11].txt ; RKreport[12].txt ; RKreport[13].txt ; RKreport[14].txt ; RKreport[15].txt



    m
    0
    l
    3 Septembre 2012 14:55:14

    est ce que je fais un combofix aussi et est ce normal que mon antivirus et mon parefeu ne marche plus merci
    m
    0
    l
    3 Septembre 2012 15:03:31

    voila j'ai refais otl l'ordinateur a du redemarer et ca ma laisser un bloc note ceci All processes killed
    ========== OTL ==========
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page| /E : value set successfully!
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{898AECA5-312C-46E3-8CDB-DF69220562B8}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898AECA5-312C-46E3-8CDB-DF69220562B8}\ not found.
    Prefs.js: "Ask.com" removed from browser.search.order.1
    Prefs.js: "http://allssearch.com/" removed from browser.startup.homepage
    C:\Users\jonathan\AppData\Roaming\Mozilla\FireFox\Profiles\8leio70k.default\user.js moved successfully.
    C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\searchplugins\askcom.xml moved successfully.
    C:\Users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\searchplugins\BabylonMngr.xml moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
    Use Chrome's Settings page to change the HomePage.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel deleted successfully.
    Folder C:\ProgramData\7531CCA9337E79A31130B8E3F875F002\ not found.
    C:\ProgramData\Ask\APN-Stub folder moved successfully.
    C:\ProgramData\Ask folder moved successfully.
    C:\Program Files (x86)\allsearch folder moved successfully.
    C:\Program Files (x86)\DealPly folder moved successfully.
    C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\Cache folder moved successfully.
    C:\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D} folder moved successfully.
    C:\ProgramData\Tarma Installer folder moved successfully.
    C:\Windows\Tasks\vtscheduletask.job moved successfully.
    C:\Users\jonathan\AppData\Roaming\Babylon folder moved successfully.
    ========== FILES ==========
    File\Folder C:\Windows\assembly\GAC_32\Desktop.ini not found.
    File\Folder C:\Windows\assembly\GAC_64\Desktop.ini not found.
    C:\Users\jonathan\AppData\Local\{0164EE0A-50AE-4BD3-9F08-E26A82DCF135} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{02133F0E-75D5-47A3-8902-EE82DEAB9F7D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{0378F200-77C3-4299-BA94-86688423A36F} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{03CC4534-2FC2-4403-A64B-B9C7387F23E9} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{03F3BBA2-3268-4489-9EB8-5B6C3D696EBD} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{048FD69A-CAF9-4A24-864A-B607E350606E} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{04A4ADA0-EC00-4E31-BD6E-EEE7C558098D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{05F8691C-A671-42C0-8D9D-639AB2AC6561} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{0B9F5C70-26BD-47E8-9239-4F8EEC7DA95E} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{0E4B819D-DB54-407D-8206-5668D69D1A70} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{0E8603F5-9B12-4F50-B741-9A684CD7D7B0} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{10054262-328F-4BC1-95D5-5537135162F4} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{14C86026-EC19-4BC3-AFEF-5D84781B7CAB} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{16D30D40-3B91-44F6-AD3E-B91FD85F0DB4} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{1712DBC8-BE72-4C5D-815E-89E21F7C2714} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{183C0481-2CE0-42D0-8D4B-6664AD239D7F} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{185BC8FF-1792-4C49-85D2-8BDC53F0EADD} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{191C6794-7D1E-4F51-89F5-63A4BDA9B142} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{198A5AA1-E7D5-43C2-A55F-E94D88D0C254} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{1A225957-84F8-4316-B0B1-02C1B690761B} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{1FF6A66E-D1C9-4C97-95C0-6838F57F0D6D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2448ACA4-7824-4178-B05E-F565938D2F98} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{28A10066-B2D8-4696-8371-8F9FB4E7C10D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{29FC90FB-B42F-476A-B0A2-51F3540765E0} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2A1B98B0-C316-4282-B2E5-8A4C40766018} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2A1E290A-D75C-44C0-BDFC-A30FFA1C6392} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2AB2E144-F5CE-4595-88AE-DECD3A257085} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2B7C5510-8D36-4ED9-8B26-616A5CB64CAE} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2D177A5A-5EF4-43AF-9B76-4B65F689F380} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2D23155C-B673-437C-A4F7-D7EE38EB168D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{2F230E82-2260-4004-A7D4-318CE48CE103} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{306CA34C-7C99-4385-A6FF-BA86CB31DE27} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{3250B6F0-97AF-4B62-9AB2-BFC84E54E103} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{32E271E7-8419-4B3A-9387-0F63F4235B15} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{335D51DC-AFD3-46E8-B283-2296FA5AEAA7} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{33AF28DB-71D3-4B21-B252-00E432130FCF} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{347A9F04-7253-4D6B-82AE-6FC56AC868B5} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{360DA10D-05D0-47D0-B65D-3845A33001F8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{3BDAC760-4EE9-4A0E-A58D-E335F1607EB7} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{3DBAB1D1-957A-44CA-8AD2-3DC6D18C6D86} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{41AB309E-25C5-4D70-A991-B6D4A95457BC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{41C949CD-278B-48F8-AD2A-6DFD81862D38} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{42C2539C-DAA2-46F3-8D7E-BD95FC7F7D61} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4527D776-76B4-4B89-8C91-A24227A6AE20} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{45A802A4-06B6-4053-975D-4817406BD3F4} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{46A65487-82B5-49E3-B274-178E162721FE} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{47E292D9-E094-421E-8C9F-DD6819BB9BB3} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{484C36FC-ACF2-4F5F-9301-9AF2A1CECB36} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{49356584-5634-4197-AEA5-B568F0BDB9D8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4C8383B0-796A-43BA-8F84-8F480E41AD92} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4D0F47C6-C545-493F-A425-783406E6AAFD} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4E15FEB0-3466-4E2D-B1AA-FCBED9D2A15C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4E263872-1E7B-481A-9700-B89C4922B5DF} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{4F50874B-140B-499F-870B-E94607C7CF95} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{50B2E332-D696-44EA-A1E6-2E5158749F3F} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{52371252-F366-454A-AF96-D4D92A835CE2} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{54A919A4-2780-4080-9909-70F43F8BDE33} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{555A0960-FCFF-450F-B254-969600047A39} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{5870F2C7-E465-4226-B354-F89A5DEFC449} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{5AC6220A-AAA0-4CF2-B254-E2657FB994FC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{5E5DBC17-354D-42A0-8BB0-F464A1E84789} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{5E71E93E-E571-4DFA-98D7-8DA9179A7A9A} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{61295402-3C2D-4755-9EA4-5EE13359ED05} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{615C6BB7-F578-4C18-97A3-B941D0581978} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{658911DB-B3FA-4D28-AD23-2AC5DDD2A5A5} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{661DFD75-36A2-40F8-A2D8-C473C9F5A2E6} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{68A7693A-6B81-47E3-803E-AF049401C0DB} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{693A170D-38AE-4D2A-B9EB-59E2AB9B3CD8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{6E36EF69-3DB6-413D-A45D-6A6A3D898270} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{6F818E87-DB23-4A24-95AF-D060B706D38A} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{72F9EB2D-C9C4-46FD-8773-0C5D055A1105} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{738A274E-3A21-4F4C-BA4F-EDE854BC808C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{73B550FE-83EE-4585-B967-64F460BBC4B3} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{75289658-948A-4A96-A068-4C2DFABA108B} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{75F767AA-CA62-465C-B710-52638CDB249B} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{77C99041-E878-4607-BA83-C01BD2EDA248} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{7A74EEB1-2936-45EB-9E1B-3D8B1E69E710} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{7E31B88C-1052-4F95-B6CD-B52580C2C017} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{81B9CE3F-6871-4851-B3E7-19C832EC5386} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{81E5B183-EEC5-4F34-A1F7-CC8B1A29FA68} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{82612A2A-9705-47C0-A02B-055B9B606AE2} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{8270C91C-0F7C-429A-87A8-4215D574ECAA} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{84B732AD-EBF4-4D51-9134-BFEC7EFC21A1} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{86C23E53-DF19-4788-BB30-45FAD4AF6A0F} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{88147B15-66EC-4069-B6EE-9D704EABD6A3} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{8C8FFC9F-A806-45B8-8E25-C7BEF67379A7} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{8E42BDA1-DD9F-4272-95E8-CE7BCF9A7E43} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{8F0AD915-7699-4D45-BCA9-FB20B6B0E442} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{8F7D683D-4333-4353-A41E-9BC05010FE91} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{90EA5E1A-C22E-49C7-AE9D-E675B26A894D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{924C8EC7-7A3D-48F0-8D7C-2C90DF0726C0} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{92BBA4E5-2907-445E-815D-EBFEF41212B3} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{94517D1F-11AB-4AA3-ABCF-BB775EE83B32} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{94A0DE50-8391-4706-87BA-6EEAE241C5E5} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{952D46F6-BA0F-49F0-BA91-2BDC5D629428} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{965872EB-5FFD-4F73-9017-66D120DD76BA} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{992F013F-CE11-4C38-AE9B-D0D091A96180} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{9A547E35-27CD-4B75-B54F-EE9F7361FACB} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{9BC4D079-A903-4375-887E-C09FFC55DEDE} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{9C973E9D-7BEC-4386-A5F3-904E2354DFDE} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{9D644D91-FF2A-41C1-A68B-F5CA8E3217EC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{9E0BB1CE-54BE-4331-A6A1-01BA73DBC739} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A049AFD5-9FD0-4AC6-BB37-AF51556DD41D} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A0F0F50E-7E52-49AA-99A4-FAE15F455D8C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A22CE5D0-684D-496A-BF2B-9302980ED0F6} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A29337AD-36D6-4F6E-8356-B7CC2CED798E} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A3DCB860-2DC1-44FF-9D54-79B864ACFE37} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A5AF97C9-3D65-4562-8365-82081D81811A} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A5D59C8D-E089-44F7-9ACF-12DCF39204ED} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A63463BF-17D1-4AD3-8F6B-417D72FDB332} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{A9C27D60-7274-44B7-866F-AC24ABEBA2F8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{ACD6E791-CDE7-43A7-9240-5091814073EF} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{AEF36EB2-1550-4827-B9AD-F3E07CD7A5E6} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{AFA694C2-CDBD-469E-A4F2-A5656B5C8565} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{AFFB8D26-9363-4AFC-8D2A-F9FECA49B824} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B069CE75-E348-4D0A-8D33-755162AC7233} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B3153DFE-ACCE-423F-9DF6-B76DB2F319EC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B53ED1F2-8F3E-483D-8EA8-BCEFCE48CB2C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B7723E70-21F0-436D-8205-BAFDAB4DE1A0} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B9820604-6F62-4D4B-BF90-CA500F526C52} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{B9F8C524-4257-473C-8F8F-275A6FDB96D2} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{BA0C17F4-2DDA-403E-B662-929211ECCA02} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{BBC4D047-FCA9-4048-866D-B692052039B7} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{BDEE8C18-C2E6-4593-BF19-C0E6F6F936B5} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{BDFD875F-3F50-4012-9D3C-0C8DA2BF0A67} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{BFB1EA60-6D1C-4428-A368-2B3E7210E68C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C0A5EA09-160B-42DC-B84B-6304C595240C} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C3C19E4D-A5DC-4576-ABF1-0E927F052F3B} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C7A91054-E2BE-4604-96CC-CD0D77B263AE} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C86F18D0-B7A9-4345-BED8-9C197BC142C9} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C9237F4D-804D-4D21-AFB8-146D17EB9DE8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{C9F8A291-8E30-4E94-98E2-1ECC41FF4A41} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CBE58F97-DCFC-4E51-9CC4-CF209C1CE511} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CC326C02-1585-465C-A0E5-22FD3B7B8709} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CC93DFA0-0C75-4F58-B5F1-4948AE456043} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CD69A238-F40B-4D7F-91C3-0C5F361D29D8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CEDD8F28-BA64-49AE-ABC7-079B463C31B5} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{CF6F9FCE-A186-4B9D-A6D0-D53D969C6201} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{D0D9D164-9A52-4003-B1B7-F4461FB321D1} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{D1BC5327-545C-46C6-BC06-C300A149479B} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{D2EF7533-2DD4-4674-AEF9-4D29C2A94015} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{D3FEC5F4-FBA2-4478-AA55-914B79617BE9} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{DB444D23-F5FE-4C56-831A-DB89C3C50EE4} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{DD24F3D5-DA8A-4383-A46A-C8D300EE7F73} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{DF50CF50-587B-4993-AC29-0C9D0F9B7AA8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E224BA36-C4C5-4D3F-8F67-A4CF5BA5C9F0} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E2798121-03EC-4B01-A9BD-4365DDF79C05} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E29DC8D0-DC3B-4276-9245-B794A6E35907} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E3216EF9-1076-45A6-8ADB-6ECB7EC8B020} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E38E7394-6DAA-4AB5-9EE3-C0B9F5CB73D8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E3BD0CEB-3AFC-4840-BB92-3F894FD4DFC6} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E556FBF3-4CA1-4B5C-B403-68F4B5FF7D47} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E5ABD829-F66D-4075-8B95-1FFB889CBA21} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E614712A-E9EE-444E-8534-D237C922496F} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E62F1EB4-A0A5-4B38-99A6-333770AC0DF3} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E9A5D013-F16F-4A91-91F7-B2597DD2DED4} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{E9CF4AE1-4C5D-4876-8D0F-AB2D9D4408E7} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{ED46399E-27F8-4C83-AB10-F98E6B0C2F2A} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{EDB3BAF4-48F4-463A-8EB3-A2407A6577C1} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{EDCEEC7D-61AE-46F1-92AA-1241B61AE3C8} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{EECC7FE3-B75E-447E-9282-28B907E088F2} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{F14204AB-FF0D-46A4-9844-59F19052BA91} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{F1917001-C9E7-4234-B3CE-97B0E08C2E90} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{F29D5F32-E5A2-47D7-8A8B-2B39B068C108} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{F744A353-9A0E-45A8-8A83-D858239E4D83} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{F9600D1C-EAFA-47D6-863D-413D7A5D1519} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{FB7147EE-1ACD-4DB9-9FC8-BE89A75A07DC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{FC4D05E6-9488-49F7-BE91-92F56BF358AC} folder moved successfully.
    C:\Users\jonathan\AppData\Local\{FE7C7507-AAB7-47A6-AC41-ECFDBC8D5B81} folder moved successfully.
    < ipconfig /flushdns /c >
    Configuration IP de Windows
    Cache de r‚solution DNS vid‚.
    C:\Users\jonathan\Desktop\cmd.bat deleted successfully.
    C:\Users\jonathan\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 56468 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: jonathan
    ->Temp folder emptied: 61432466 bytes
    ->Temporary Internet Files folder emptied: 995085 bytes
    ->Java cache emptied: 249155 bytes
    ->FireFox cache emptied: 91483655 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 56974 bytes

    User: Public

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 8152402 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 155,00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.59.1 log created on 09032012_145335

    Files\Folders moved on Reboot...
    C:\Users\jonathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 16:20:44

    Re,

    En fait tu as relancé Malwarebytes et RogueKiller maintenant.
    Ce n'était pas ce que je demandais.
    Je te demandais les rapports obtenus quand tu as utilisé ces applications pour tenter de venir à bout, tout seul, de ce rogue Live Security Platinium.
    Cela fait la 15ème fois que tu utilises RogueKiller !
    Ce sont les 1er rapports de suppression qui m'intéressent.

    Citation :
    est ce normal que mon antivirus et mon parefeu ne marche plus

    Non, ce n'est pas normal, mais c'est le rootkit ZeroAccess/Sirefef qui les a neutralisé.
    C'est pour cela que je te posais la question pour ton Antivirus.

    Citation :
    est ce que je fais un combofix aussi

    Oui, c'est cet outil qui viendra à bout de l'infection normalement.
    Suis bien les instructions indiquées, c'est un outil puissant qui nécessite quelques précautions.

    Poste ensuite le rapport ComboFix.

    @+

    m
    0
    l
    3 Septembre 2012 16:42:36

    j'ai du supprimé mac affee sinon j'arrivais pas a le desactiver et mon pare feu ne marche pas code erreur 0x80070424 alors je sais pas si il est desactivé ca craint pas que je lance combofix sinon est ce que je peux le lancer en mode sans echec avec prise en charge reseau merci
    m
    0
    l
    3 Septembre 2012 17:20:55

    voila j'ai lancer combofix mais maintenant j'ai plus internet il est limité plus d'adresse ip valid voici le rapport j'ecris d'un autre ordi ComboFix 12-09-03.06 - jonathan 03/09/2012 16:46:20.1.4 - x64
    Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4000.2362 [GMT 2:00]
    Lancé depuis: c:\users\jonathan\Desktop\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\jonathan\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
    c:\users\jonathan\GoToAssistDownloadHelper.exe
    c:\windows\SysWow64\muzapp.exe
    c:\windows\SysWow64\pt
    c:\windows\SysWow64\pt\Lagoon.resources.dll
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2012-08-03 au 2012-09-03 ))))))))))))))))))))))))))))))))))))
    .
    .
    2012-09-03 12:53 . 2012-09-03 12:53 -------- d-----w- C:\_OTL
    2012-09-03 11:23 . 2012-09-03 11:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-09-03 11:23 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-03 11:03 . 2012-09-03 11:03 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-09-03 10:48 . 2012-06-22 05:38 177144 ----a-w- c:\windows\system32\mfevtps.exe
    2012-09-03 09:04 . 2012-09-03 09:04 -------- d-----w- c:\users\jonathan\AppData\Local\Citrix
    2012-09-02 23:49 . 2012-09-02 23:49 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
    2012-09-02 23:49 . 2012-09-02 23:49 -------- d-----w- c:\programdata\Malwarebytes
    2012-09-02 23:45 . 2012-09-02 23:45 -------- d-----w- c:\users\jonathan\AppData\Roaming\McAfee
    2012-09-02 23:43 . 2012-09-03 08:20 -------- d-----w- c:\program files\Common Files\McAfee
    2012-09-02 23:43 . 2012-09-02 23:43 -------- d-----w- c:\program files\McAfee
    2012-09-02 23:43 . 2012-09-03 14:23 -------- d-----w- c:\program files (x86)\McAfee
    2012-09-02 20:34 . 2012-09-02 20:36 -------- d-----w- c:\programdata\7531CCA9337E79A31130B8E3F875F002
    2012-09-01 16:01 . 2012-09-01 16:01 -------- d-----w- c:\windows\Sun
    2012-09-01 12:56 . 2012-09-01 12:56 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
    2012-08-16 22:15 . 2012-08-16 22:15 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-08-16 22:15 . 2012-08-16 22:15 -------- d-----w- c:\program files (x86)\Oracle
    2012-08-16 22:15 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-08-16 22:15 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-08-16 22:14 . 2012-08-16 22:14 -------- d-----w- c:\program files (x86)\Java
    2012-08-15 22:38 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
    2012-08-15 22:38 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
    2012-08-15 22:38 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
    2012-08-15 22:38 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
    2012-08-15 22:38 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
    2012-08-15 22:38 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
    2012-08-15 22:23 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
    2012-08-15 22:23 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
    2012-08-15 22:23 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
    2012-08-15 22:23 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
    2012-08-15 22:23 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
    2012-08-15 22:22 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
    2012-08-14 22:03 . 2012-09-02 23:41 -------- d-----w- c:\programdata\Yahoo!
    2012-08-14 22:03 . 2012-09-02 23:41 -------- d-----w- c:\program files (x86)\Yahoo!
    2012-08-14 21:55 . 2012-08-14 22:09 -------- d-----w- c:\users\jonathan\AppData\Local\adslTV
    2012-08-14 21:54 . 2012-09-02 23:23 -------- d-----w- c:\program files (x86)\adslTV
    2012-08-14 21:46 . 2012-08-14 21:46 -------- d-----w- c:\users\jonathan\AppData\Local\Cooliris
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-15 22:46 . 2012-05-10 16:37 62134624 ----a-w- c:\windows\system32\MRT.exe
    2012-08-15 17:09 . 2012-04-23 11:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-08-15 17:09 . 2011-08-26 08:24 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-03 19:05 . 2012-04-27 17:43 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2012-07-03 19:05 . 2012-04-27 17:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2012-07-03 19:05 . 2012-04-27 17:32 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-06-22 05:38 . 2012-06-22 05:38 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-06-22 05:36 . 2012-06-22 05:36 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-06-22 05:34 . 2012-06-22 05:34 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-06-09 05:43 . 2012-07-11 17:47 14172672 ----a-w- c:\windows\system32\shell32.dll
    2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2012-06-06 06:06 . 2012-07-11 17:47 2004480 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-06 06:06 . 2012-07-11 17:47 1881600 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-06 06:02 . 2012-07-11 17:47 1133568 ----a-w- c:\windows\system32\cdosys.dll
    2012-06-06 05:05 . 2012-07-11 17:47 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:05 . 2012-07-11 17:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-06 05:03 . 2012-07-11 17:47 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
    2011-06-10 06:24 165256 ----a-w- c:\program files (x86)\SFR\Kit\SFRNavErrorHelper.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Connexion SFR 9props.exe"="c:\program files (x86)\SFR\Kit\9props.exe" [2011-06-10 959880]
    "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-03-31 954256]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-31 21392]
    "Facebook Update"="c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "YouCam Mirage"="c:\program files (x86)\Acer\Acer TouchPortal\YouCam\YCMMirage.exe" [2011-05-11 136488]
    "YouCam Tray"="c:\program files (x86)\Acer\Acer TouchPortal\YouCam\YouCamTray.exe" [2011-05-11 162912]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
    "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-23 430696]
    "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
    "Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-05 626792]
    "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
    "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-03-31 3521424]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 136176]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-07-14 2214504]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
    R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
    R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 136176]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-01 114144]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
    R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
    R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-07-14 27240]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-26 22648]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-26 20520]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-26 62776]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
    S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
    S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
    S3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;c:\windows\system32\Drivers\AVerIT13x_x64.sys [2011-07-11 192768]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-05-11 31216]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
    S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
    S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2010-07-13 69736]
    S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
    S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    .
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2012-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 17:09]
    .
    2012-09-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-851267610-909515726-1884366478-1001Core.job
    - c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-06 19:42]
    .
    2012-09-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-851267610-909515726-1884366478-1001UA.job
    - c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-06 19:42]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 07:52]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 07:52]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2010-05-06 153416]
    "TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-23 430696]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-19 12858984]
    "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ------- Examen supplémentaire -------
    .
    uStart Page =
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page =
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Envoyer à OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    SafeBoot-82194226.sys
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    .
    **************************************************************************
    .
    Heure de fin: 2012-09-03 16:53:12 - La machine a redémarré
    ComboFix-quarantined-files.txt 2012-09-03 14:53
    .
    Avant-CF: 323 403 046 912 octets libres
    Après-CF: 323 181 555 712 octets libres
    .
    - - End Of File - - 3F3FBE95E39537630E3C5E6F9CE11D11
    m
    0
    l
    3 Septembre 2012 17:24:36

    que faire maintenant le parefeu ne marche tjours pas windows defender code erreur ox80070005 et remettre l'ordi a un point de restauration ne marcherais pas
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 17:57:34

    Re,

    Pour ta connexion internet, il te faut redémarrer le PC.
    Si toujours pas de connexion, il te faut appliquer les consignes indiquées dans le tutoriel Combofix que je t'ai indiqué (en fin de page)
    clic-droit sur ton icône réseau dans la zone de notification -> Réparer ou Résoudre les problèmes

    Tu as utilisé TDSSKiller très récemment, je ne te l'ai pourtant pas demandé !
    Poste le rapport.
    Je ne sais si tu as pris la peine de lire les recommandations en début de désinfection, mais il y est spécifiquement demandé de ne pas utiliser d'outils de ta propre initiative.
    Serais-tu aussi suivi sur un autre forum ?

    Je suis toujours dans l'attente des rapports de suppression Malwarebytes et RogueKiller.

    Pour ta suite McAfee, des fichiers ont du être endommagés, tu devrais désinstaller totalement, télécharger la dernière version et le réinstaller.

    Tu relanceras OTL comme indiqué ici -> http://www.infos-du-net.com/forum/id-2156689/infection-...
    pour générer un nouveau rapport OTL que tu héberges sur pjjoint et tu me communiques le lien.

    @+
    m
    0
    l
    3 Septembre 2012 18:00:17

    n
    m
    0
    l
    3 Septembre 2012 18:01:40

    non je ne suis pas suivi autre part pour internet il ne trouve pas le serveur proxy
    m
    0
    l
    3 Septembre 2012 18:22:46

    voici les rapport le 1er malware anti ComboFix 12-09-03.06 - jonathan 03/09/2012 16:46:20.1.4 - x64
    Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4000.2362 [GMT 2:00]
    Lancé depuis: c:\users\jonathan\Desktop\ComboFix.exe
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\jonathan\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
    c:\users\jonathan\GoToAssistDownloadHelper.exe
    c:\windows\SysWow64\muzapp.exe
    c:\windows\SysWow64\pt
    c:\windows\SysWow64\pt\Lagoon.resources.dll
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2012-08-03 au 2012-09-03 ))))))))))))))))))))))))))))))))))))
    .
    .
    2012-09-03 12:53 . 2012-09-03 12:53 -------- d-----w- C:\_OTL
    2012-09-03 11:23 . 2012-09-03 11:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-09-03 11:23 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-09-03 11:03 . 2012-09-03 11:03 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-09-03 10:48 . 2012-06-22 05:38 177144 ----a-w- c:\windows\system32\mfevtps.exe
    2012-09-03 09:04 . 2012-09-03 09:04 -------- d-----w- c:\users\jonathan\AppData\Local\Citrix
    2012-09-02 23:49 . 2012-09-02 23:49 -------- d-----w- c:\users\jonathan\AppData\Roaming\Malwarebytes
    2012-09-02 23:49 . 2012-09-02 23:49 -------- d-----w- c:\programdata\Malwarebytes
    2012-09-02 23:45 . 2012-09-02 23:45 -------- d-----w- c:\users\jonathan\AppData\Roaming\McAfee
    2012-09-02 23:43 . 2012-09-03 08:20 -------- d-----w- c:\program files\Common Files\McAfee
    2012-09-02 23:43 . 2012-09-02 23:43 -------- d-----w- c:\program files\McAfee
    2012-09-02 23:43 . 2012-09-03 14:23 -------- d-----w- c:\program files (x86)\McAfee
    2012-09-02 20:34 . 2012-09-02 20:36 -------- d-----w- c:\programdata\7531CCA9337E79A31130B8E3F875F002
    2012-09-01 16:01 . 2012-09-01 16:01 -------- d-----w- c:\windows\Sun
    2012-09-01 12:56 . 2012-09-01 12:56 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
    2012-08-16 22:15 . 2012-08-16 22:15 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-08-16 22:15 . 2012-08-16 22:15 -------- d-----w- c:\program files (x86)\Oracle
    2012-08-16 22:15 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-08-16 22:15 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-08-16 22:14 . 2012-08-16 22:14 -------- d-----w- c:\program files (x86)\Java
    2012-08-15 22:38 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
    2012-08-15 22:38 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
    2012-08-15 22:38 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
    2012-08-15 22:38 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
    2012-08-15 22:38 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
    2012-08-15 22:38 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
    2012-08-15 22:23 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
    2012-08-15 22:23 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
    2012-08-15 22:23 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
    2012-08-15 22:23 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
    2012-08-15 22:23 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
    2012-08-15 22:22 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
    2012-08-14 22:03 . 2012-09-02 23:41 -------- d-----w- c:\programdata\Yahoo!
    2012-08-14 22:03 . 2012-09-02 23:41 -------- d-----w- c:\program files (x86)\Yahoo!
    2012-08-14 21:55 . 2012-08-14 22:09 -------- d-----w- c:\users\jonathan\AppData\Local\adslTV
    2012-08-14 21:54 . 2012-09-02 23:23 -------- d-----w- c:\program files (x86)\adslTV
    2012-08-14 21:46 . 2012-08-14 21:46 -------- d-----w- c:\users\jonathan\AppData\Local\Cooliris
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-15 22:46 . 2012-05-10 16:37 62134624 ----a-w- c:\windows\system32\MRT.exe
    2012-08-15 17:09 . 2012-04-23 11:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-08-15 17:09 . 2011-08-26 08:24 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-07-03 19:05 . 2012-04-27 17:43 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2012-07-03 19:05 . 2012-04-27 17:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2012-07-03 19:05 . 2012-04-27 17:32 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-06-22 05:38 . 2012-06-22 05:38 335784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-06-22 05:36 . 2012-06-22 05:36 752672 ----a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-06-22 05:34 . 2012-06-22 05:34 169320 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-06-09 05:43 . 2012-07-11 17:47 14172672 ----a-w- c:\windows\system32\shell32.dll
    2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
    2012-06-06 06:06 . 2012-07-11 17:47 2004480 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-06 06:06 . 2012-07-11 17:47 1881600 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-06 06:02 . 2012-07-11 17:47 1133568 ----a-w- c:\windows\system32\cdosys.dll
    2012-06-06 05:05 . 2012-07-11 17:47 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:05 . 2012-07-11 17:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-06 05:03 . 2012-07-11 17:47 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
    2011-06-10 06:24 165256 ----a-w- c:\program files (x86)\SFR\Kit\SFRNavErrorHelper.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Connexion SFR 9props.exe"="c:\program files (x86)\SFR\Kit\9props.exe" [2011-06-10 959880]
    "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-03-31 954256]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-31 21392]
    "Facebook Update"="c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "YouCam Mirage"="c:\program files (x86)\Acer\Acer TouchPortal\YouCam\YCMMirage.exe" [2011-05-11 136488]
    "YouCam Tray"="c:\program files (x86)\Acer\Acer TouchPortal\YouCam\YouCamTray.exe" [2011-05-11 162912]
    "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
    "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-23 430696]
    "ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-08-31 185640]
    "Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-08-05 626792]
    "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
    "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-03-31 3521424]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 136176]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-07-14 2214504]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
    R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
    R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 136176]
    R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-01 114144]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
    R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
    R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
    R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
    R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-07-14 27240]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-08-26 22648]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-08-26 20520]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-26 62776]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
    S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
    S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
    S3 AVerIT13x;AVerMedia A373 MiniCard Dual DVB-T;c:\windows\system32\Drivers\AVerIT13x_x64.sys [2011-07-11 192768]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-05-11 31216]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-06-30 54784]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-06-30 77696]
    S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
    S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2010-07-13 69736]
    S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
    S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2011-07-05 8204904]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    .
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2012-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 17:09]
    .
    2012-09-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-851267610-909515726-1884366478-1001Core.job
    - c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-06 19:42]
    .
    2012-09-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-851267610-909515726-1884366478-1001UA.job
    - c:\users\jonathan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-06 19:42]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 07:52]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-22 07:52]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TouchORB"="c:\program files (x86)\TouchSettings\TouchPortalOBR.exe" [2010-05-06 153416]
    "TouchPortalV3Launcher"="c:\program files (x86)\Acer\Acer TouchPortal\TouchPortalLauncher.exe" [2011-08-23 430696]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-09-19 12858984]
    "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-09-19 2278504]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x1
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ------- Examen supplémentaire -------
    .
    uStart Page =
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page =
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: &Envoyer à OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\8leio70k.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=mcafee&p=
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    SafeBoot-82194226.sys
    Toolbar-Locked - (no file)
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    .
    **************************************************************************
    .
    Heure de fin: 2012-09-03 16:53:12 - La machine a redémarré
    ComboFix-quarantined-files.txt 2012-09-03 14:53
    .
    Avant-CF: 323 403 046 912 octets libres
    Après-CF: 323 181 555 712 octets libres
    .
    - - End Of File - - 3F3FBE95E39537630E3C5E6F9CE11D11


    le ddernier Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Version de la base de données: v2012.09.03.05

    Windows 7 Service Pack 1 x64 NTFS (Mode sans échec/Réseau)
    Internet Explorer 9.0.8112.16421
    jonathan :: JONATHAN-PC [administrateur]

    03/09/2012 13:31:34
    mbam-log-2012-09-03 (13-31-34).txt

    Type d'examen: Examen complet (C:\|D:\|E:\|)
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 330824
    Temps écoulé: 22 minute(s), 49 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)


    rogue killer le dernier

    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Demarrage : Mode normal
    Utilisateur : jonathan [Droits d'admin]
    Mode : Recherche -- Date : 03/09/2012 17:48:08

    ¤¤¤ Processus malicieux : 1 ¤¤¤
    [SUSP PATH] McItInfo.exe -- C:\Users\jonathan\AppData\Local\Temp\McInstrumentationTemp\McItInfo.exe -> TUÉ [TermProc]

    ¤¤¤ Entrees de registre : 4 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : McAfee McItInfo (C:\Users\jonathan\AppData\Local\Temp\mcitinfo_1346686121.exe /itinsfin:C:\Users\jonathan\AppData\Local\Temp\mcininfo_1346686121.ini ) -> TROUVÉ
    [RUN][SUSP PATH] HKUS\S-1-5-21-851267610-909515726-1884366478-1001[...]\Run : McAfee McItInfo (C:\Users\jonathan\AppData\Local\Temp\mcitinfo_1346686121.exe /itinsfin:C:\Users\jonathan\AppData\Local\Temp\mcininfo_1346686121.ini ) -> TROUVÉ
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ
    [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> TROUVÉ

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE] ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 ATA Device +++++
    --- User ---
    [MBR] 0d22041b2c8b0a96151869673209dff1
    [BSP] 2ac565e7af7184e5c8405d1c55137f0a : Windows 7 MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16384 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 33556480 | Size: 100 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 33761280 | Size: 468691 Mo
    3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 993640448 | Size: 468692 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[18].txt >>
    RKreport[11].txt ; RKreport[12].txt ; RKreport[13].txt ; RKreport[14].txt ; RKreport[15].txt ;
    RKreport[16].txt ; RKreport[17].txt ; RKreport[18].txt




    m
    0
    l
    3 Septembre 2012 18:35:09

    non j'ai posté mais personne m'a repondu alors du coup j'ai essayé par moi meme en regardant les discusion du coup pour le proxy je fais comment je peu plus aller sur internet avec mon autre ordi
    m
    0
    l
    3 Septembre 2012 18:39:23

    j'ai fais ce qu il y a dans le tuto pour le proxy
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 18:42:25

    Re

    Y avait-il un proxy paramétré ?

    Tu as redémarré le PC ?
    m
    0
    l
    3 Septembre 2012 18:55:51

    du coup je fais comment pour recuperer internet j'ai fais encore plus de connerie qui y avais cest la cata merci de m'aider kan meme
    m
    0
    l
    3 Septembre 2012 19:00:06

    je peu pas faire une restauration systeme a une date anterieure
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 19:10:04

    Re,

    Tu n'as pas posté le rapport TDSSKiller demandé.

    Pour ta connexion Internet, tente cette procédure :

    CAT :

    • Télécharge CAT de Team Rocket Ops et enregistre le fichier sur ton Bureau
    • Double-clique sur CAT.exe pour lancer l'application
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Coche les options suivantes :
      Reset All Networking Interfaces
      Flush DNS resolver cache
      Repair Internet Explorer
      Repair SSL/HTTPS/cryptographics services
    • Puis clique sur Apply Checked Fixes et laisse l'outil travailler.
    • Redémarre le PC


  • ---------------------------------------------------------------------------------------------

    OTL :

    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Copie l'intégralité de ce script ci-dessous (y compris la 1ère ligne)
      :files
      C:\ProgramData\7531CCA9337E79A31130B8E3F875F002

      :Commands
      [EMPTYTEMP]

    • Colle l'intégralité du script dans le cadre Personnalisation
    • Clique ensuite sur le bouton Correction

    • L'outil lance la suppression, ne pas l'interrompre
    • Si l'outil te demande de redémarrer le PC, tu acceptes
    • Poste le contenu du rapport situé dans C:\_OTL\MovedFiles\********_******.log dans ta prochaine réponse
      les *** sont des chiffres représentant la date [MoisJourAnnée] et l'heure


  • /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\

    @+
    m
    0
    l
    3 Septembre 2012 19:27:58

    internet ne marche tjour pas je t'envoi le rapport otl
    m
    0
    l
    3 Septembre 2012 19:29:17

    pour tdss j'arrive pas a prendre le rapport
    m
    0
    l
    3 Septembre 2012 19:32:43

    voici le rapport de correction avec otl All processes killed
    ========== FILES ==========
    C:\ProgramData\7531CCA9337E79A31130B8E3F875F002 folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: jonathan
    ->Temp folder emptied: 4066718 bytes
    ->Temporary Internet Files folder emptied: 38449 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 63295317 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 763 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 64,00 mb


    OTL by OldTimer - Version 3.2.59.1 log created on 09032012_192239

    Files\Folders moved on Reboot...
    C:\Users\jonathan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    m
    0
    l
    3 Septembre 2012 19:36:38

    pour la connexion ca me marque ca aussi connexion sans fil n'a pas de configuration ip valid
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 19:58:49

    Re,

    Le rapport TDSSKiller est sous C, sous cette forme C:\TDSSKiller.Version_Date_Heure_log.txt
    Héberge-le sur pjjoint.

    Citation :
    pour la connexion ca me marque ca aussi connexion sans fil n'a pas de configuration ip valid

    Est-ce que tu as la connexion si tu te connectes en Ethernet ?

    ---------------------------------------------------------------------------------------------

    Farbar Service Scanner :

    • Télécharge Farbar Service Scanner et enregistre le fichier sur ton Bureau
    • Double-clique sur l'icône FSS.exe pour lancer l'application
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Vérifie que toutes les options soient cochées
    • Clique sur Scan
    • Poste le rapport FSS.txt dans ta prochaine réponse.


  • @+
    m
    0
    l
    3 Septembre 2012 20:31:46

    je part travailler je bosse de nuit je t'enverrai le rapport demain en esperant que tu sera la pour m'aider ,et oui j'ai tester avec cable ethernet ca ne marche pas encore merci de ton aide et a demain j'espere
    m
    0
    l
    a c 940 8 Sécurité
    3 Septembre 2012 20:49:08

    Re,

    OK à demain.

    Bonne soirée :) 
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS