Votre question

[résolu] pc infecté ?!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
17 Avril 2009 14:13:05

Bonjour à tous, mon ordinateur rame depuis un moment et je me demande si je n'ai pas chopé un ou des virus. Pourtant lors de mes scans je n'ai rien trouvé. J'ai donc besoin de votre aide.
Est ce à cause d'un virus ou d'un autre problème?

Merci d'avance pour toutes vos réponses

Autres pages sur : resolu infecte

17 Avril 2009 16:24:30

up
17 Avril 2009 16:48:12

up
Contenus similaires
17 Avril 2009 17:27:54

up
17 Avril 2009 21:10:45

personne pour m'aider svp
17 Avril 2009 22:33:09

Bonsoir frederix voici le scan hijackthis,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:39:53, on 18/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emule-paradise.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [WindowsLivePhone] C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe /AutoRun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - ?p=ZNfox000
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch...
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {91D4B4D5-E368-40AB-8F53-A37FA634B471} (Installer9Ctrl Class) - http://www.tellmemorecorporate.com/bin/tol9inst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{418D64AF-96C2-4FF5-A19F-85F966907D23}: NameServer = 84.103.237.140 86.64.145.140
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Groove Installer Service (GrooveInstallerService) - Groove Networks, Inc. - C:\Program Files\Groove Networks\Groove\Bin\GrooveInstallerService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 13823 bytes

18 Avril 2009 14:15:11

Bonjour k-diez,

1) Télécharge :
CCleaner 2.17.853 - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.
Tuto : http://www.infos-du-net.com/telecharger/CCleaner,0301-1...

Malwarebytes' Anti-Malware : http://www.besttechie.net/tools/mbam-setup.exe
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps la 1ère fois).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois et ferme CCleaner

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://www.infos-du-net.com/forum/278396-11-tuto-malwar...

4) Poste le rapport Malwarebytes' Anti-Malware.

A+
18 Avril 2009 19:27:19

Bonsoir frederix voici le rapport,


Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2000
Windows 5.1.2600 Service Pack 3

18/04/2009 19:20:33
mbam-log-2009-04-18 (19-20-33).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 220522
Temps écoulé: 31 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53e0b6e8-a51d-448b-b692-40b67b285543} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Sysvxd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
18 Avril 2009 19:57:28

Re,

* Télécharge ToolBar-S&D (merci Team Idn).

* Double-clique sur ToolBar-SD afin de lancer l' installation, un raccourci sera ajouté sur le Bureau
* Double-clique dessus pour démarrer l' outil et choisis la langue.
* Tape 1 puis sur la touche [Entrée] afin de lancer la recherche.
* Patiente jusqu' à la fin de celle-ci.
* A la fin du scan, le rapport s' ouvrira dans le Bloc-notes
* Poste ce rapport (par copier/coller) dans ta prochaine réponse.
* Le rapport se trouve également ici : C:\TB.txt
* Aide en images : http://toolbarsd.googlepages.com/aideenimages

A+
18 Avril 2009 20:54:53

Re,


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 6.0 6.0.0.303 (Not Activated)
Firewall : Kaspersky Internet Security 6.0 6.0.0.299 (Not Activated)
C:\ (Local Disk) - NTFS - Total:179 Go (Free:38 Go)
D:\ (Local Disk) - FAT32 - Total:7 Go (Free:4 Go)
E:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)
F:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 18/04/2009|20:45 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128\temp
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128\temp\ws-14324.log
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128\temp\ws-14325.log
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128\temp\ws-14326.log
C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128\temp\ws-14327.log
C:\WINDOWS\iun6002.exe

-----------\\ Extensions

(HP_Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Administrateur) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer
(HP_Administrateur) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(HP_Administrateur) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Administrateur) - {7E77F5DF-8022-40e3-9122-F03DEBEFC43B} => psicotsi


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="http://google.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Adobe Photoshop CS3+crack-MasterUploader.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\fallout 3 crack nodvd et lanceur anglais.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Fmkeygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\LimeWire\.AppSpecialShare\LimeWire Pro v4.18.3.1 + LimeWire Acceleration Patch v4.8.0.1 + Keygen.torrent.bak
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Eminem-Crack A Bottle.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Fat Joe - The Elephant In The Room (2008) - Rap [www.torrentazos.com]\03-fat_joe-the_crackhouse_(feat._lil_wayne).mp3



1 - "C:\ToolBar SD\TB_1.txt" - 18/04/2009|20:47 - Option : [1]

-----------\\ Fin du rapport a 20:47:09,93

18 Avril 2009 21:25:31

Bonsoir k-diez,

double-clique sur le raccourci de ToolBar-S&D présent sur ton Bureau

* Au menu principal, choisis l' option 2 et valide par la touche [Entrée]

/!\ Ne ferme pas la fenêtre lors de la suppression /!\

* Un rapport sera généré.
* Poste ce rapport.

Note : Si ton bureau ne réapparaît pas, fais CTRL>ALT>SUPP pour ouvrir le Gestionnaire de tâches

* Rends-toi à l' onglet Processus, clique en haut à gauche sur Fichiers et choisis Exécuter
* Tape : explorer et valide. Cela te fera réapparaître ton Bureau


A+
18 Avril 2009 21:47:20


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 6.0 6.0.0.303 (Not Activated)
Firewall : Kaspersky Internet Security 6.0 6.0.0.299 (Not Activated)
C:\ (Local Disk) - NTFS - Total:179 Go (Free:38 Go)
D:\ (Local Disk) - FAT32 - Total:7 Go (Free:4 Go)
E:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go)
F:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 18/04/2009|21:43 )

-----------\\ SUPPRESSION

Supprime! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings\kb128
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\DOCUME~1\HP_ADM~1\APPLIC~1\Search Settings

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(HP_Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Administrateur) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer
(HP_Administrateur) - {c50ca3c4-5656-43c2-a061-13e717f73fc8} => fvd
(HP_Administrateur) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(HP_Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(HP_Administrateur) - {7E77F5DF-8022-40e3-9122-F03DEBEFC43B} => psicotsi


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR"
"SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Start Page"="http://google.com/"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://fr.msn.com/?ocid=iehp"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkID=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkID=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo..."


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Adobe Photoshop CS3+crack-MasterUploader.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\fallout 3 crack nodvd et lanceur anglais.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Fmkeygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\LimeWire\.AppSpecialShare\LimeWire Pro v4.18.3.1 + LimeWire Acceleration Patch v4.8.0.1 + Keygen.torrent.bak
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Eminem-Crack A Bottle.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Fat Joe - The Elephant In The Room (2008) - Rap [www.torrentazos.com]\03-fat_joe-the_crackhouse_(feat._lil_wayne).mp3



1 - "C:\ToolBar SD\TB_1.txt" - 18/04/2009|20:47 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 18/04/2009|21:45 - Option : [2]

-----------\\ Fin du rapport a 21:45:06,09

19 Avril 2009 10:50:55

k-diez a dit :
> --------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Adobe Photoshop CS3+crack-MasterUploader.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\fallout 3 crack nodvd et lanceur anglais.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\BitTorrent\Fmkeygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\LimeWire\.AppSpecialShare\LimeWire Pro v4.18.3.1 + LimeWire Acceleration Patch v4.8.0.1 + Keygen.torrent.bak
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\instru\fresh out the studio(good job)\neil et taha\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Bureau\must\crack.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Eminem-Crack A Bottle.mp3
C:\DOCUME~1\HP_ADM~1\Mes documents\Ma musique\Fat Joe - The Elephant In The Room (2008) - Rap [www.torrentazos.com]\03-fat_joe-the_crackhouse_(feat._lil_wayne).mp3


Bonjour k-diez,

> Supprime toutes les mer*des de ta machine : http://www.infos-du-net.com/forum/273143-7-cracks-risqu...

A+
19 Avril 2009 15:39:28

bonjour frederix, j'ai supprimer les fichiers

A+
20 Avril 2009 11:15:24

Bonjour frederix,

voici le rapport demandé :

ComboFix 09-04-20.05 - HP_Administrateur 20/04/2009 11:06.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.474 [GMT 2:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: Kaspersky Internet Security 6.0 *On-access scanning disabled* (Outdated)
FW: Kaspersky Internet Security 6.0 *disabled*
FW: Norton Internet Worm Protection *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\fxavx.ini
c:\windows\search_res.txt
D:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-20 au 2009-04-20 ))))))))))))))))))))))))))))))))))))
.

2009-04-19 15:02 . 2009-04-19 15:02 -------- d-sh--w c:\documents and settings\LocalService\IETldCache
2009-04-18 18:45 . 2009-04-18 19:45 -------- d-----w C:\ToolBar SD
2009-04-18 16:35 . 2009-04-18 16:35 -------- d-sh--w c:\documents and settings\NetworkService\IETldCache
2009-04-18 12:34 . 2009-04-18 12:34 -------- d-----w c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-04-18 12:34 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-18 12:34 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-18 12:34 . 2009-04-18 12:34 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-18 12:26 . 2009-04-18 12:26 -------- d-sh--w c:\documents and settings\HP_Administrateur\IECompatCache
2009-04-17 22:04 . 2009-04-17 22:04 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-04-17 15:59 . 2009-04-17 15:59 -------- d-sh--w c:\documents and settings\HP_Administrateur\PrivacIE
2009-04-17 15:53 . 2009-04-17 15:53 -------- d-sh--w c:\documents and settings\HP_Administrateur\IETldCache
2009-04-17 15:43 . 2009-04-17 15:43 -------- d-----w c:\windows\ie8updates
2009-04-17 15:42 . 2009-04-17 15:43 -------- dc-h--w c:\windows\ie8
2009-04-17 15:39 . 2009-02-28 04:55 105984 ------w c:\windows\system32\dllcache\iecompat.dll
2009-04-17 13:20 . 2009-04-17 14:43 -------- d--h--w C:\$AVG8.VAULT$
2009-04-17 12:33 . 2009-04-17 15:20 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-04-15 21:37 . 2009-02-06 10:10 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 21:37 . 2009-03-06 14:20 286720 ------w c:\windows\system32\dllcache\pdh.dll
2009-04-15 21:37 . 2009-02-09 11:23 111104 ------w c:\windows\system32\dllcache\services.exe
2009-04-15 21:37 . 2009-02-09 10:53 685568 ------w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 21:37 . 2009-02-09 10:53 473600 ------w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 21:37 . 2009-02-09 10:53 401408 ------w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 21:37 . 2009-02-09 10:53 735744 ------w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 21:37 . 2009-02-09 10:53 739840 ------w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 21:37 . 2009-02-09 10:53 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 21:19 . 2008-12-16 12:31 354304 ------w c:\windows\system32\dllcache\winhttp.dll
2009-04-15 21:19 . 2008-04-21 21:15 219136 ------w c:\windows\system32\dllcache\wordpad.exe
2009-04-06 17:19 . 2005-11-29 08:43 86016 ----a-w c:\windows\system32\SLIPRT.DLL
2009-04-06 17:16 . 2009-04-06 17:16 -------- d-----w c:\documents and settings\HP_Administrateur\Local Settings\Application Data\ONSPEED
2009-03-23 19:05 . 2009-04-06 18:40 230424 ----a-w C:\img2-001.raw
2009-03-23 18:58 . 2007-04-10 21:46 116072 ----a-w c:\windows\VX3000.dll
2009-03-23 18:58 . 2007-04-10 21:46 709992 ----a-w c:\windows\vVX3000.exe
2009-03-23 18:58 . 2007-04-10 21:46 476520 ----a-w c:\windows\vVX3000.dll
2009-03-23 18:58 . 2007-04-10 21:46 1966696 ----a-w c:\windows\system32\drivers\VX3000.sys
2009-03-23 18:58 . 2007-04-10 21:46 15498 ----a-w c:\windows\VX3000.ini
2009-03-23 18:58 . 2007-04-10 21:46 13023 ----a-w c:\windows\VX3000.src
2009-03-23 18:58 . 2007-04-10 21:46 202088 ----a-w c:\windows\system32\LCCoin14.dll
2009-03-23 18:58 . 2007-04-10 21:46 185704 ----a-w c:\windows\system32\cVX3000.dll
2009-03-21 14:07 . 2009-03-21 14:07 1054720 ------w c:\windows\system32\dllcache\kernel32.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-19 13:36 . 2006-10-11 13:26 -------- d-----w c:\documents and settings\HP_Administrateur\Application Data\BitTorrent
2009-04-18 19:45 . 2009-04-18 18:45 3984 ----a-w C:\TB.txt
2009-04-18 16:40 . 2008-04-16 19:28 -------- d-----w c:\program files\Safari
2009-04-18 15:26 . 2005-10-10 11:39 86276 ----a-w c:\windows\system32\perfc00C.dat
2009-04-18 15:26 . 2005-10-10 11:39 513036 ----a-w c:\windows\system32\perfh00C.dat
2009-04-18 12:34 . 2009-04-18 12:34 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-17 22:13 . 2006-01-02 16:04 -------- d-----w c:\program files\Sonic
2009-04-17 22:04 . 2009-04-17 22:04 -------- d-----w c:\program files\Avira
2009-04-17 22:01 . 2006-12-20 11:51 -------- d-----w c:\program files\Avast4
2009-04-17 21:49 . 2009-03-13 23:24 -------- d-----w c:\program files\Yahoo!
2009-04-17 21:43 . 2008-12-20 17:39 -------- d-----w c:\program files\Bonjour
2009-04-17 21:41 . 2006-01-02 15:45 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-17 20:33 . 2007-06-08 09:33 -------- d-----w c:\program files\Hijackthis Version Française
2009-04-17 13:42 . 2006-10-21 14:11 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-17 12:33 . 2009-04-17 12:33 -------- d-----w c:\program files\AVG
2009-04-17 12:21 . 2009-04-17 12:19 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-16 22:40 . 2006-01-02 16:19 -------- d-----w c:\program files\Google
2009-04-13 11:49 . 2008-12-22 16:27 -------- d-----w c:\program files\Mozilla Thunderbird
2009-04-10 14:24 . 2006-09-30 19:11 -------- d-----w c:\program files\eMule
2009-04-10 14:08 . 2007-03-19 13:55 42708 ----a-w c:\documents and settings\HP_Administrateur\Application Data\wklnhst.dat
2009-04-04 09:46 . 2006-01-02 15:31 -------- d-----w c:\program files\Java
2009-04-02 11:04 . 2006-09-09 17:13 -------- d-----w c:\program files\DivX
2009-04-02 11:04 . 2009-04-02 11:04 -------- d-----w c:\program files\Fichiers communs\DivX Shared
2009-03-23 18:57 . 2009-03-23 18:57 -------- d-----w c:\program files\Microsoft LifeCam
2009-03-19 13:56 . 2009-03-19 13:56 -------- d-----w c:\documents and settings\HP_Administrateur\Application Data\pdfforge
2009-03-19 11:22 . 2009-03-19 11:20 -------- d-----w c:\program files\PDFCreator
2009-03-14 00:58 . 2009-03-13 23:23 -------- d-----w c:\program files\Recuva
2009-03-13 23:24 . 2009-03-13 23:24 -------- d-----w c:\documents and settings\HP_Administrateur\Application Data\Yahoo!
2009-03-13 13:19 . 2007-07-14 10:34 22328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-03-13 13:19 . 2007-07-14 10:34 107832 ----a-w c:\windows\system32\PnkBstrB.exe
2009-03-09 03:19 . 2008-11-22 12:50 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 12:09 . 2004-08-10 11:00 638816 ----a-w c:\windows\system32\dllcache\iexplore.exe
2009-03-08 12:09 . 2004-08-10 11:00 391536 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
2009-03-08 02:41 . 2004-08-10 11:00 5937152 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-03-08 02:39 . 2007-05-09 01:24 11063808 ----a-w c:\windows\system32\dllcache\ieframe.dll
2009-03-08 02:34 . 2004-08-10 11:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2004-08-10 11:00 914944 ----a-w c:\windows\system32\dllcache\wininet.dll
2009-03-08 02:34 . 2004-08-10 11:00 1206784 ----a-w c:\windows\system32\dllcache\urlmon.dll
2009-03-08 02:34 . 2004-08-10 11:00 236544 ----a-w c:\windows\system32\dllcache\webcheck.dll
2009-03-08 02:34 . 2004-08-10 11:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:34 . 2004-08-10 11:00 43008 ----a-w c:\windows\system32\dllcache\licmgr10.dll
2009-03-08 02:34 . 2004-08-10 11:00 105984 ----a-w c:\windows\system32\dllcache\url.dll
2009-03-08 02:34 . 2004-08-10 11:00 193536 ----a-w c:\windows\system32\dllcache\msrating.dll
2009-03-08 02:34 . 2004-08-10 11:00 109568 ----a-w c:\windows\system32\dllcache\occache.dll
2009-03-08 02:33 . 2004-08-10 11:00 759296 ----a-w c:\windows\system32\dllcache\VGX.dll
2009-03-08 02:33 . 2009-03-08 02:33 18944 ------w c:\windows\system32\dllcache\corpol.dll
2009-03-08 02:33 . 2004-08-10 11:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2004-08-10 11:00 25600 ----a-w c:\windows\system32\dllcache\jsproxy.dll
2009-03-08 02:33 . 2008-05-09 10:55 726528 ----a-w c:\windows\system32\dllcache\jscript.dll
2009-03-08 02:33 . 2004-08-10 11:00 229376 ----a-w c:\windows\system32\dllcache\ieaksie.dll
2009-03-08 02:33 . 2008-05-09 10:55 420352 ----a-w c:\windows\system32\dllcache\vbscript.dll
2009-03-08 02:33 . 2004-08-10 11:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:33 . 2004-08-10 11:00 125952 ----a-w c:\windows\system32\dllcache\ieakeng.dll
2009-03-08 02:32 . 2004-08-10 11:00 72704 ----a-w c:\windows\system32\dllcache\admparse.dll
2009-03-08 02:32 . 2004-08-10 11:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2004-08-10 11:00 173056 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2009-03-08 02:32 . 2004-08-10 04:00 163840 ----a-w c:\windows\system32\dllcache\ieakui.dll
2009-03-08 02:32 . 2004-08-10 11:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:32 . 2004-08-10 11:00 71680 ----a-w c:\windows\system32\dllcache\iesetup.dll
2009-03-08 02:32 . 2004-08-10 11:00 55808 ----a-w c:\windows\system32\dllcache\iernonce.dll
2009-03-08 02:32 . 2004-08-10 11:00 128512 ----a-w c:\windows\system32\dllcache\advpack.dll
2009-03-08 02:32 . 2004-08-10 11:00 94720 ----a-w c:\windows\system32\dllcache\inseng.dll
2009-03-08 02:32 . 2007-05-09 01:24 594432 ----a-w c:\windows\system32\dllcache\msfeeds.dll
2009-03-08 02:32 . 2007-05-09 01:24 1985024 ----a-w c:\windows\system32\dllcache\iertutil.dll
2009-03-08 02:32 . 2004-08-10 11:00 611840 ----a-w c:\windows\system32\dllcache\mstime.dll
2009-03-08 02:24 . 2004-08-10 11:00 68608 ----a-w c:\windows\system32\dllcache\hmmapi.dll
2009-03-08 02:22 . 2004-08-10 04:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-08 02:22 . 2004-08-10 04:00 156160 ----a-w c:\windows\system32\dllcache\msls31.dll
2009-03-08 02:11 . 2007-05-09 01:24 445952 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
2009-03-07 17:46 . 2009-03-07 17:46 55040 ---ha-w c:\windows\system32\mlfcache.dat
2009-03-06 14:20 . 2004-08-10 11:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-02-28 11:28 . 2007-10-03 12:14 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-24 19:34 . 2009-02-24 19:34 90112 ----a-w c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34 815104 ----a-w c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34 684032 ----a-w c:\windows\system32\DivX.dll
2009-02-21 11:47 . 2008-03-13 16:27 -------- d-----w c:\program files\Windows Live
2009-02-20 17:10 . 2004-08-10 11:00 133120 ------w c:\windows\system32\dllcache\extmgr.dll
2009-02-20 10:20 . 2007-05-09 01:24 13824 ------w c:\windows\system32\dllcache\ieudinit.exe
2009-02-10 17:06 . 2008-10-15 15:33 2068096 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-09 14:05 . 2008-10-15 15:34 1846912 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-09 14:05 . 2004-08-10 11:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2008-10-15 15:33 2191104 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-09 11:23 . 2008-10-15 15:33 2025984 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-09 11:23 . 2006-10-11 14:30 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2008-10-15 15:33 2147328 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-09 11:23 . 2006-10-11 14:30 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-10 11:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2004-08-10 11:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2004-08-10 11:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2004-08-10 11:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2004-08-10 11:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-06 19:07 . 2007-05-09 01:24 3698584 ----a-w c:\windows\system32\dllcache\ieapfltr.dat
2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2004-08-10 04:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-06 10:39 . 2004-08-10 04:00 35328 ----a-w c:\windows\system32\dllcache\sc.exe
2009-02-03 19:58 . 2009-02-03 19:58 56832 ------w c:\windows\system32\dllcache\secur32.dll
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\libdivx.dll
2006-05-06 16:2006-11-09 17:47 42:04 . c:\program files\mozilla firefox\plugins\libvlc.dll
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-08-30 13:02 . 2008-08-30 13:02 32768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008083020080831\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-03-20 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-12-15 49152]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-01-02 180269]
"%FP%Friendly fts.exe"="c:\program files\Friendly Technologies\BroadbandAccess\fts.exe" [2003-05-06 72192]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\issch.exe" [2004-07-27 81920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 139264]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 734264]
"WindowsLivePhone"="c:\program files\Windows Live\Device Manager\msgrdvmn.exe" [2008-09-16 762912]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"Lexmark X6100 Series"="c:\program files\Lexmark X6100 Series\lxbfbmgr.exe" [2003-09-23 57344]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-03-08 16010240]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-12-14 1519616]

c:\documents and settings\Amine\Menu D‚marrer\Programmes\D‚marrage\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-1-2 27136]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"avg8wd"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58353:TCP"= 58353:TCP:p ando P2P TCP Listening Port
"58353:UDP"= 58353:UDP:p ando P2P UDP Listening Port

R3 Camdrv30;Philips ToUcam XS;c:\windows\system32\Drivers\camdrv30.sys [2001-08-17 171264]
R3 GrooveInstallerService;Groove Installer Service;c:\program files\Groove Networks\Groove\Bin\GrooveInstallerService.exe [2002-09-25 99904]
S0 d343port;d343port;c:\windows\system32\DRIVERS\d343port.sys [2003-12-15 5632]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136]
S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-02-15 2825088]


--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c86437a-3f88-11db-9db6-001731f097da}]
\Shell\AutoRun\command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{811e2de2-9825-11db-98cf-5050506f4531}]
\shell\verb1\command - desktop.exe
.
Contenu du dossier 'Tâches planifiées'

2009-04-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]

2009-04-06 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX3000_exe.job
- c:\windows\vVX3000.exe [2009-03-23 21:46]
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://google.com/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=63&bd=PAVILION&pf=desktop
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.emule-paradise.com/
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
TCP: {418D64AF-96C2-4FF5-A19F-85F966907D23} = 84.103.237.141 86.64.145.141
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\v2xbpb6v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMWA1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMWA2&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-fr&FORM=MIMWA9&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA9&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
user_pref(yahoo.homepage.dontask, true);FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - component: c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\v2xbpb6v.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\v2xbpb6v.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-20 11:10
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\HP_ADM~1\LOCALS~1\Temp\mc22.tmp"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3242101656-793062573-58311654-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:52,4f,48,00,75,60,36,42,33,fa,e1,88,b1,82,88,1f,21,d6,19,f8,2b,4b,4b,
8c,5d,8e,3b,77,f1,31,59,2b,85,be,4e,fa,88,43,81,62,b5,ed,35,3d,b2,08,ea,e8,\
"??"=hex:23,23,86,27,17,3a,a6,d4,27,08,8a,89,2d,cb,fe,2b

[HKEY_USERS\S-1-5-21-3242101656-793062573-58311654-1007\Software\SecuROM\License information*]
"datasecu"=hex:ef,75,23,8f,05,0f,c9,6d,61,8d,c6,62,c3,cf,c9,7b,24,51,90,41,8f,
e4,62,0e,00,eb,32,85,72,0d,28,a1,8a,28,36,13,a4,00,67,30,73,d2,ab,05,95,ec,\
"rkeysecu"=hex:a1,fb,79,8e,18,ca,b0,3b,52,96,21,ab,fe,df,9c,79
.
Heure de fin: 2009-04-20 11:12
ComboFix-quarantined-files.txt 2009-04-20 09:12

Avant-CF: 40 497 016 832 octets libres
Après-CF: 40 585 715 712 octets libres

314 --- E O F --- 2009-04-15 22:39
21 Avril 2009 00:21:49

Bonsoir k-diez,

* Télécharge RavAntivirus (merci evosla) :
http://www.evosla.com/compteur.php?soft=rav_antivirus
* Connecte tes périphériques externes sans les ouvrir.
* Décompresse l' archive sur le Bureau
* Double-clique sur RAV.exe pour le lancer.
* Il scannera automatiquement tous les lecteurs susceptibles d' être infectés.
* S' il y a infection un rapport s' établira (que tu posteras), sinon il affichera ce message : Votre Ordinateur est sain
* Retire tes périphériques externes et redémarre l' ordinateur.

A+
21 Avril 2009 13:48:42

Bonjour frederix,

j'ai fait le scan et il n'y a pas eu de rapport.

A+
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS