virus de noël
Hors ligneRafiti Le 27/12/2009 à 23:36 Profil de Rafiti Configuration de Rafiti

Mince alors, j'espère qu'il n'y aura pas trop de casse... c'est bien un window original ke je possède, c'est celui que j'avais quand j'ai acheté l'ordinateur, c'est un portable... bref...
Bon voilà le fameux rapport:

ComboFix 09-12-26.05 - savitri de koumac 27/12/2009  23:06:58.3.1 - x86
Microsoft Windows XP Édition familiale  5.1.2600.2.1252.33.1036.18.1023.679 [GMT 1:00]
Lancé depuis: c:\documents and settings\savitri de koumac\Bureau\CombFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Mozilla Firefox\extensions\{C3045457-08F6-42AB-BA2B-388593D8E671}
c:\program files\Mozilla Firefox\extensions\{C3045457-08F6-42AB-BA2B-388593D8E671}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{C3045457-08F6-42AB-BA2B-388593D8E671}\chrome\content\overlay.xul
c:\program files\Mozilla Firefox\extensions\{C3045457-08F6-42AB-BA2B-388593D8E671}\install.rdf
c:\windows\system32\drivers\H8SRTadsqqicbtd.sys
c:\windows\system32\drivers\ovfsthwbvxbsxnakbglrnsbxvjnsimgydpbcpj.sys
c:\windows\system32\H8SRTbtrfifajns.dll
c:\windows\system32\H8SRTsdushwuude.dat
c:\windows\system32\H8SRTwtkslrgabo.dll
c:\windows\system32\krl32mainweq.dll
c:\windows\system32\ovfsthaaoiwsfxbdvfsuudhgrvcpgvdaybbhqw.dat
c:\windows\system32\ovfsthajdytsurmnkinrklmaugwxgsnugpjbno.dat
c:\windows\system32\ovfsthlmmxeukqexaaktmnninsnhswvmhdcbco.dll
c:\windows\system32\ovfsthlvrbtpjmdetytrpyiypwfqjpnkpurawq.db
c:\windows\system32\ovfsthnqwiyocewoxtimljsefqraowdvahnanu.dll
c:\windows\system32\ovfsthpdcfnvgajrrihcuxmcobndsrrcnoralo.dll
c:\windows\system32\ovfsthugoxrqsvppmxuovqlphogfmksrnfnfbl.dll
c:\windows\system32\pic.jpg
c:\windows\system32\srcr.dat
c:\windows\system32\uniq.tll

Une copie infectée de c:\windows\system32\DRIVERS\atapi.sys a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\system32\dllcache\atapi.sys

.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_H8SRTd.sys
-------\Legacy_H8SRTd.sys
-------\Service_ovfsthsdqiarmbbownedurfixooivffoacbalv
-------\Legacy_ovfsthsdqiarmbbownedurfixooivffoacbalv


(((((((((((((((((((((((((((((   Fichiers créés du 2009-11-27 au 2009-12-27  ))))))))))))))))))))))))))))))))))))
.

2009-12-27 13:51 . 2009-12-03 15:14     38224     ----a-w-     c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-27 13:51 . 2009-12-27 13:51     --------     d-----w-     c:\program files\Malwarebytes' Anti-Malware
2009-12-27 13:51 . 2009-12-03 15:13     19160     ----a-w-     c:\windows\system32\drivers\mbam.sys
2009-12-27 12:22 . 2009-12-27 12:23     --------     d-----w-     C:\rsit
2009-12-27 11:18 . 2009-12-27 11:18     --------     d-----w-     c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-12-22 23:21 . 2009-12-27 21:59     --------     d-----w-     c:\documents and settings\savitri de koumac\Local Settings\Application Data\AskToolbar
2009-12-14 13:21 . 2009-12-14 13:22     --------     d-----w-     c:\program files\Ask.com
2009-12-14 13:20 . 2009-12-14 13:20     --------     d-----w-     c:\program files\uTorrent
2009-12-14 13:18 . 2009-12-27 22:04     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\uTorrent
2009-11-29 21:35 . 2009-11-29 21:38     --------     d-----w-     c:\program files\Windows Live Safety Center

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-27 22:21 . 2008-03-04 21:14     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\Skype
2009-12-27 11:20 . 2008-03-04 21:17     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\skypePM
2009-12-22 23:16 . 2005-12-27 20:43     73988     ----a-w-     c:\windows\system32\perfc00C.dat
2009-12-22 23:16 . 2005-12-27 20:43     463788     ----a-w-     c:\windows\system32\perfh00C.dat
2009-12-22 16:46 . 2006-03-22 16:30     --------     d-----w-     c:\program files\3Dsmax7
2009-12-21 17:31 . 2008-05-15 09:39     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\Azureus
2009-12-19 08:25 . 2008-05-15 09:34     --------     d-----w-     c:\program files\Azureus
2009-12-19 07:32 . 2008-02-07 00:28     --------     d-----w-     c:\program files\Google
2009-11-25 13:20 . 2008-03-05 21:48     --------     d-----w-     c:\program files\Fichiers communs\Real
2009-11-25 13:19 . 2009-11-25 13:19     --------     d-----w-     c:\program files\Fichiers communs\xing shared
2009-11-25 13:19 . 2003-03-18 21:14     499712     ----a-w-     c:\windows\system32\msvcp71.dll
2009-11-25 13:19 . 2003-02-21 03:42     348160     ----a-w-     c:\windows\system32\msvcr71.dll
2009-11-24 16:41 . 2009-05-19 14:48     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\Free Download Manager
2009-11-24 12:26 . 2009-10-03 16:11     --------     d-----w-     c:\program files\Konvertor
2009-11-24 12:24 . 2009-11-23 19:46     --------     d-----w-     c:\program files\AskBarDis
2009-11-19 16:08 . 2008-04-12 11:57     --------     d-----w-     c:\documents and settings\savitri de koumac\Application Data\Lasersoft Imaging
2009-11-18 13:54 . 2008-04-12 11:53     --------     d-----w-     c:\program files\LaserSoft
2009-11-07 14:05 . 2009-11-07 14:05     --------     d-----w-     c:\program files\Kolor
2009-10-30 16:14 . 2006-03-24 21:45     --------     d-----w-     c:\documents and settings\All Users\Application Data\DVD Shrink
2009-09-29 20:20 . 2009-09-29 20:20     73837     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\uninstall.exe
2009-09-29 20:20 . 2009-09-29 20:20     74688     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\NetscapePlugin1.0.2.9\RegisterVSNP.exe
2009-09-29 20:20 . 2009-09-29 20:20     170432     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\NetscapePlugin1.0.2.9\npVuzeStream.dll
2009-09-29 20:20 . 2009-09-29 20:20     293312     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\VuzeATL1.0.2.0.dll
2009-09-29 20:20 . 2009-09-29 20:20     176608     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\UpdateLauncher.exe
2009-09-29 20:20 . 2009-09-29 20:20     62400     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\RegisterVSAX.exe
2009-09-29 20:20 . 2009-09-29 20:20     174560     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\VuzeStream\VuzeStream.exe
2009-09-29 09:52 . 2009-03-01 22:12     10686001     ----a-w-     c:\documents and settings\savitri de koumac\Application Data\Azureus\plugins\azump\mplayer.exe
2009-08-02 21:32 . 2006-12-21 11:14     21208     ----a-w-     c:\program files\uninstal.log
1998-01-22 15:12 . 2009-05-03 08:11     29824     ----a-w-     c:\program files\Readme.wri
.

------- Sigcheck -------

[7] 2004-08-05 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 21:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 13:56     1175944     ----a-w-     c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-04-23 22058792]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-14 289584]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcWzrd"="ALCWZRD.EXE" [2005-03-10 2803712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-24 7122944]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2004-09-21 73728]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-11-25 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKLM\~\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^lancement rapide d'adobe reader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^photofunstudio -viewer-.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PHOTOfunSTUDIO -viewer-.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO -viewer-.lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^quickscan (opticfilm 7200i).lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\QuickScan (OpticFilm 7200i).lnk
backup=c:\windows\pss\QuickScan (OpticFilm 7200i).lnkCommon Startup

[HKLM\~\startupfolder\c:^documents and settings^savitri de koumac^menu démarrer^programmes^démarrage^registration-studio 8.lnk]
path=c:\documents and settings\savitri de koumac\Menu Démarrer\Programmes\Démarrage\Registration-Studio 8.lnk
backup=c:\windows\pss\Registration-Studio 8.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2007-10-11 07:45     31232     ----a-w-     c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\instanton]
2005-05-11 16:28     93640     ------w-     c:\program files\CyberLink\PowerCinema Linux\ion_install.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechsoftwareupdate]
2005-01-18 15:07     196608     ----a-w-     c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideorepair]
2005-01-18 15:47     458752     ----a-w-     c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideotray]
2005-01-18 15:37     217088     ----a-w-     c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2004-10-08 09:52     221184     ----a-w-     c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
2001-07-09 09:50     155648     ----a-w-     c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2005-11-24 07:26     1519616     ----a-w-     c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pinnacledrivercheck]
2004-03-10 23:26     406016     ----a-w-     c:\windows\system32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
2009-10-04 14:00     155648     ----a-w-     c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
2005-01-07 16:07     61952     ----a-w-     c:\windows\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\remotecontrol]
2005-04-15 15:13     45056     ----a-w-     c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
2005-03-10 07:46     90112     ----a-w-     c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched]
2008-02-22 02:25     144784     ----a-w-     c:\program files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
2005-06-29 18:10     143360     ----a-w-     c:\program files\Trust_CR-1200_16-in-1_USB2_CARD_READER\shwicon2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-03-18 13:34     688217     ----a-w-     c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2005-03-18 13:35     98393     ----a-w-     c:\program files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tkbellexe]
2009-11-25 13:19     198160     ----a-w-     c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\usbtooltip]
2005-06-13 00:30     192512     ----a-w-     c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\3Dsmax7\\3dsmax.exe"=
"c:\\Program Files\\backburner 2\\monitor.exe"=
"c:\\Program Files\\backburner 2\\manager.exe"=
"c:\\Program Files\\backburner 2\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3dsMax8\\3dsmax.exe"=
"c:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eChanblard\\emule.exe"=
"c:\\Program Files\\Pinnacle Systems\\Commotion Pro 4.1\\CommotionPro.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\savitri de koumac\\Application Data\\VuzeStream\\VuzeStream.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\FileZilla\\FileZilla.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:TCP port 443 ooVoo
"443:UDP"= 443:UDP:*:Disabled:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:*:Disabled:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:*:Disabled:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:*:Disabled:UDP port 37675 ooVoo

R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [10/11/2008 20:08 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [10/11/2008 20:08 5248]
R0 IABFilt;Iomega Snapshot Volume Filter;c:\windows\system32\drivers\IABFilt.sys [02/06/2008 23:27 25344]
S0 yuuccrv;yuuccrv;c:\windows\system32\drivers\mxuzhvam.sys --> c:\windows\system32\drivers\mxuzhvam.sys [?]
S1 5aa59e59;5aa59e59;c:\windows\system32\drivers\5aa59e59.sys --> c:\windows\system32\drivers\5aa59e59.sys [?]
S1 6d1b4134;6d1b4134;c:\windows\system32\drivers\6d1b4134.sys [03/04/2009 13:20 0]
S2 gupdate1c985f7cf654ba;Google Update Service (gupdate1c985f7cf654ba);c:\program files\Google\Update\GoogleUpdate.exe [03/02/2009 13:00 133104]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/05/2009 13:37 234864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\npf.sys [?]
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/fuji/defaults/su/*http://www.yahoo.com
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: tout télécharger avec free download manager - file://c:\program files\Free Download Manager\dlall.htm
IE: télécharger avec free download manager - file://c:\program files\Free Download Manager\dllink.htm
IE: télécharger la sélection avec free download manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: télécharger la vidéo avec free download manager - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: {52E30893-15CC-433D-BA2A-ED0D1BA96A11} = 212.27.53.252,212.27.54.252
FF - ProfilePath - c:\documents and settings\savitri de koumac\Application Data\Mozilla\Firefox\Profiles\7cql5ala.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\savitri de koumac\Application Data\VuzeStream\NetscapePlugin1.0.2.9\npVuzeStream.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-fsm - (no file)
MSConfigStartUp-adobecs4servicemanager - c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-27 23:20
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|ù•Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(260)
c:\windows\system32\msls31.dll
c:\windows\system32\msi.dll
c:\windows\system32\shdoclc.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\DCPFLICS\DCPFLICS.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Heure de fin: 2009-12-27  23:27:55 - La machine a redémarré
ComboFix-quarantined-files.txt  2009-12-27 22:27
ComboFix2.txt  2008-08-15 21:37
ComboFix3.txt  2008-08-15 18:37

Avant-CF: 13 966 340 096 octets libres
Après-CF: 14 131 724 288 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

- - End Of File - - 0972F19253C0FF6A7B83B861BB0A6DF9
Hors ligneMister_masque Le 27/12/2009 à 23:40 Profil de Mister_masque Configuration de Mister_masque

Bonsoir,

Je vais me coucher, je lirais ton rapport demain ;)
Reposte un rapport RSIT (il 'y en aura qu'un, c'est normal).

@+
--
Hors ligneRafiti Le 27/12/2009 à 23:55 Profil de Rafiti Configuration de Rafiti

Bonne nuit et merci pour ton aide, ça a pris la journée...
Je pose donc le dernier rapport et à demain:

Logfile of random's system information tool 1.06 (written by random/random)
Run by savitri de koumac at 2009-12-27 23:51:31
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 14 GB (18%) free of 76 GB
Total RAM: 1023 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:51:41, on 27/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DCPFLICS\DCPFLICS.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\savitri de koumac\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\savitri de koumac.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/fuji/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: tout télécharger avec free download manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: télécharger avec free download manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: télécharger la sélection avec free download manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: télécharger la vidéo avec free download manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {edfcb7cb-942c-4822-af14-f0b687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52E30893-15CC-433D-BA2A-ED0D1BA96A11}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DCPFLICS - Unknown owner - C:\Program Files\DCPFLICS\DCPFLICS.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c985f7cf654ba) (gupdate1c985f7cf654ba) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 8039 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ca58bedfc671a.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-11-25 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-03-10 2803712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-11-24 7122944]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-03-12 81920]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2004-09-21 73728]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-11-25 198160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-04-23 22058792]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-12-14 289584]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-10-11 31232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\instanton]
C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe [2005-05-11 93640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechsoftwareupdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideorepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\logitechvideotray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nerofiltercheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pinnacledrivercheck]
C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-11 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
C:\Program Files\QuickTime\qttask.exe [2009-10-04 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raccourci vers la page des propriétés de High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\remotecontrol]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-04-15 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\soundman]
C:\WINDOWS\SOUNDMAN.EXE [2005-03-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sunjavaupdatesched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
C:\Program Files\Trust_CR-1200_16-in-1_USB2_CARD_READER\shwicon2k.exe [2005-06-29 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-18 688217]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-18 98393]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tkbellexe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-11-25 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\usbtooltip]
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2005-06-13 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^lancement rapide d'adobe reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^microsoft office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^photofunstudio -viewer-.lnk]
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE [2008-05-27 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^menu démarrer^programmes^démarrage^quickscan (opticfilm 7200i).lnk]
C:\PROGRA~1\Plustek\OPTICF~1\QUICKS~1.EXE [2005-06-09 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^savitri de koumac^menu démarrer^programmes^démarrage^registration-studio 8.lnk]
C:\Program Files\Pinnacle\Studio 8\Register\RegTool.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\3Dsmax7\3dsmax.exe"="C:\Program Files\3Dsmax7\3dsmax.exe:*:Enabled:3ds max 7"
"C:\Program Files\backburner 2\monitor.exe"="C:\Program Files\backburner 2\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\backburner 2\manager.exe"="C:\Program Files\backburner 2\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\backburner 2\server.exe"="C:\Program Files\backburner 2\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\Autodesk\3dsMax8\3dsmax.exe"="C:\Program Files\Autodesk\3dsMax8\3dsmax.exe:*:Enabled:Autodesk 3ds Max 8"
"C:\Program Files\Next Limit\RealFlow4\realflow.exe"="C:\Program Files\Next Limit\RealFlow4\realflow.exe:*:Enabled:realflow"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\eChanblard\emule.exe"="C:\Program Files\eChanblard\emule.exe:*:Enabled:eChanblard"
"C:\Program Files\Pinnacle Systems\Commotion Pro 4.1\CommotionPro.exe"="C:\Program Files\Pinnacle Systems\Commotion Pro 4.1\CommotionPro.exe:*:Enabled:Commotion"
"C:\Program Files\ooVoo\ooVoo.exe"="C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Documents and Settings\savitri de koumac\Application Data\VuzeStream\VuzeStream.exe"="C:\Documents and Settings\savitri de koumac\Application Data\VuzeStream\VuzeStream.exe:*:Enabled:Vuze Streaming Assistant"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\FileZilla\FileZilla.exe"="C:\Program Files\FileZilla\FileZilla.exe:*:Enabled:FileZilla"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-12-27 23:27:59 ----D---- C:\WINDOWS\temp
2009-12-27 23:27:56 ----A---- C:\ComboFix.txt
2009-12-27 23:00:10 ----A---- C:\Boot.bak
2009-12-27 23:00:04 ----RASHD---- C:\cmdcons
2009-12-27 22:55:48 ----A---- C:\WINDOWS\PEV.exe
2009-12-27 22:55:48 ----A---- C:\WINDOWS\MBR.exe
2009-12-27 14:51:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-27 13:22:50 ----D---- C:\rsit
2009-12-27 12:14:28 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-14 14:21:57 ----D---- C:\Program Files\Ask.com
2009-12-14 14:20:56 ----D---- C:\Program Files\uTorrent
2009-12-14 14:18:53 ----D---- C:\Documents and Settings\savitri de koumac\Application Data\uTorrent
2009-11-29 22:35:05 ----D---- C:\Program Files\Windows Live Safety Center

======List of files/folders modified in the last 1 months======

2009-12-27 23:50:18 ----D---- C:\Documents and Settings\savitri de koumac\Application Data\Skype
2009-12-27 23:50:11 ----D---- C:\Program Files\Mozilla Firefox
2009-12-27 23:48:38 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Data Fax Modem.txt
2009-12-27 23:28:00 ----D---- C:\WINDOWS\system32\drivers
2009-12-27 23:28:00 ----AD---- C:\QooBox
2009-12-27 23:27:59 ----D---- C:\WINDOWS
2009-12-27 23:25:23 ----D---- C:\WINDOWS\erdnt
2009-12-27 23:25:15 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-27 23:19:53 ----A---- C:\WINDOWS\system.ini
2009-12-27 23:15:29 ----AD---- C:\WINDOWS\system32
2009-12-27 23:11:51 ----D---- C:\WINDOWS\AppPatch
2009-12-27 23:11:49 ----D---- C:\Program Files\Fichiers communs
2009-12-27 23:00:10 ----RASH---- C:\boot.ini
2009-12-27 20:20:46 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-27 16:06:10 ----D---- C:\WINDOWS\Driver Cache
2009-12-27 14:51:51 ----RD---- C:\Program Files
2009-12-27 12:20:40 ----D---- C:\Documents and Settings\savitri de koumac\Application Data\skypePM
2009-12-27 12:14:49 ----D---- C:\Documents and Settings
2009-12-23 00:16:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-22 17:46:35 ----D---- C:\Program Files\3Dsmax7
2009-12-22 15:30:23 ----HD---- C:\WINDOWS\inf
2009-12-21 18:31:36 ----D---- C:\Documents and Settings\savitri de koumac\Application Data\Azureus
2009-12-19 09:25:42 ----D---- C:\Program Files\Azureus
2009-12-19 08:32:48 ----SHD---- C:\WINDOWS\Installer
2009-12-19 08:32:48 ----D---- C:\Config.Msi
2009-12-19 08:32:03 ----D---- C:\Program Files\Google
2009-12-14 14:22:03 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 40320]
R1 pclepci;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 scdemu;scdemu; C:\WINDOWS\system32\drivers\scdemu.sys [2007-08-07 33052]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-16 16877]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-01-18 271360]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-01-18 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 asapiw2k;ASAPIW2K; \??\C:\WINDOWS\system32\Drivers\asapiW2k.sys []
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-03-23 2547008]
R3 marvinbus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-11-24 3223648]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-08-01 839724]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-18 188928]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vpcnets2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
S1 5aa59e59;5aa59e59; C:\WINDOWS\System32\drivers\5aa59e59.sys []
S1 6d1b4134;6d1b4134; C:\WINDOWS\System32\drivers\6d1b4134.sys []
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696]
S3 catchme;catchme; \??\C:\CombFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys []
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 pinnaclemarvinusb;Pinnacle Systems Service for MovieBox Deluxe, 500-USB and 700-USB; C:\WINDOWS\system32\DRIVERS\MarvinUsb.sys [2005-06-29 425984]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 wudfpf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 wudfrd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-11 51712]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-07 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-11-07 151297]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2007-01-18 72704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 DCPFLICS;DCPFLICS; C:\Program Files\DCPFLICS\DCPFLICS.exe [2003-09-29 139266]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 mi-raysat_3dsmax8;RaySat_3dsmax8 Server; C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe [2005-09-21 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-11-24 127042]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S2 gupdate1c985f7cf654ba;Google Update Service (gupdate1c985f7cf654ba); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-14 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-13 234864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2006-05-09 86016]
S3 wudfsvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

-----------------EOF-----------------
Hors ligneMister_masque Le 28/12/2009 à 15:54 Profil de Mister_masque Configuration de Mister_masque

Combofix a fait du bon boulot

Pour aider plus rapidement d'autres personne j'aimerais récupéré plusieurs fichiers.
Voci la marche à suivre :

Rend toi dans Poster de travail > C:
Repère le dossier QooBox.et compresse le.
Si tu ne sais pas faire, voici un tutoriel

Déplace de fichier sur ton Bureau pour le retrouver plus facilement.
Rend toi sur Senduit

Selectionne le fichier QooBox.zip qui est sur ton Bureau, Change la valeur de Expire In, met 2 days.
Clique sur Upload.

Patiente quelques instant et poste le lien qui te sera donné.

Après que tu mes communiquer le lien, on attaquera la partie Nettoyage et Prévention. Phase à ne pas négliger pour ne pas réinfecter ta machine ;)

@+
--
Hors ligneRafiti Le 29/12/2009 à 00:34 Profil de Rafiti Configuration de Rafiti

Oui effectivement mon ordi semble renaitre de ses cendres... c cool...c la magie de Noël
Tiens voilà pour toi l'ami, le lien que tu m'as demandé :

http://senduit.com/bdbfa2
Vous avez résolu votre problème avec VIC ? Faites-le savoir sur les réseaux sociaux !
Vulgarisation-informatique.com
Cours en informatique & tutoriels