probleme avec Wscript.exe

[jiraya7]

slt j'a vais un virus malwere i je li supprimé avec Malwarebytes' Anti-Malware i puis con je double clic sur mon disc dur il me dit windows ne trouve pas Wscript.exe merci de me répondre

[etienne2000]

donc c'est quand tu veux acceder a ton disque dur qu'il t'afiche cela?

le mieux c'estz de suivre le tutoriel affiché ici: http://www.pc-infopratique.com/article-13-1-le-nettoyage-du-pc.html

PS: attention a ton ortographe

(je sais c'est pas facile ^^)

[jiraya7]

merci oui je c par se que je suis pa français mais merci beaucoup

[jiraya7]

SLT DE PUITS QUELQUE JOUR MON PC M'AFFICHE 6 FOI PAR JOUR minimum UN MESSAGE QUI DIT (MICROSOFT FEEDS SYNCHRONIZATION A RENCONTRé un probleme et doit fermer) alors je c pas c koi le probleme merci de me repondre

[anthony5151]

Bonjour,


L'impossibilité d'accéder au disque dur par double-clic est due à une infection qui se transmet par disque amovible (cle USB, disques durs externes, mp3, appareils photos numériques etc...)

Commence par utiliser ce logiciel de diagnostic stp :

. Télécharge Random's System Information Tool (RSIT) de random/random, et enregistre le sur ton Bureau.
. Double clique sur RSIT.exe pour lancer l'outil.
. Clique sur ' continue ' à l'écran Disclaimer.
. Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
. Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés

Tutoriel illustré pour t'aider : http://forum-aide-contre-virus.be/tutoriel_RSIT.html

[jiraya7]

slt merci mais le problème du disk dur et régler, il ya un être probleme avec MICROSOFT FEEDS SYNCHRONIZATION

[jiraya7]

voila le 1:


Logfile of random's system information tool 1.06 (written by random/random)
Run by TIRACHE at 2009-06-07 19:53:57
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 32 GB (78%) free of 40 GB
Total RAM: 479 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:56, on 07/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:Program FilesJavajre6injqs.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32VTtrayp.exe
C:Program FilesJavajre6injusched.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesInternet Download ManagerIDMan.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsTIRACHEApplication DataMicrosoftNotification de cadeaux MSNlsnfier.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesInternet Download ManagerIEMonitor.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:WINDOWSsystem32osk.exe
C:WINDOWSsystem32MSSWCHX.EXE
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleChromeApplicationchrome.exe
C:Documents and SettingsTIRACHEMes documentsDownloadsProgramsRSIT.exe
C:Program Files rend microTIRACHE.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://fr.msn.com/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program FilesInternet Download ManagerIDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [VTTrayp] VTtrayp.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [AVP] "C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe"
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Google Update] "C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe" /c
O4 - HKCU..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:Documents and SettingsTIRACHEApplication DataMicrosoftNotification de cadeaux MSNlsnfier.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:Program FilesKaspersky LabKaspersky Internet Security 2009ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:Program FilesInternet Download ManagerIEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:Program FilesInternet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:Program FilesInternet Download ManagerIEGetAll.htm
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:Program FilesKaspersky LabKaspersky Internet Security 2009SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O17 - HKLMSystemCCSServicesTcpip..{C24D0249-0DCB-44C3-9A41-8E088CF28948}: NameServer = 4.2.2.3 4.2.2.4
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6injqs.exe

--
End of file - 6553 bytes

======Scheduled tasks folder======

C:WINDOWS asksGoogleUpdateTaskUserS-1-5-21-1993962763-179605362-725345543-1003.job
C:WINDOWS asksUser_Feed_Synchronization-{1BEB6398-7EE9-4A92-8294-365254177C0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:Program FilesInternet Download ManagerIDMIECC.dll [2009-04-27 169392]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:PROGRA~1SPYBOT~1SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:Program FilesKaspersky LabKaspersky Internet Security 2009ievkbd.dll [2009-05-10 62728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:Program FilesJavajre6injp2ssv.dll [2009-05-09 35840]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll [2009-05-09 73728]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
"VTTimer"=C:WINDOWSsystem32VTTimer.exe [2005-03-07 53248]
"VTTrayp"=C:WINDOWSsystem32VTtrayp.exe [2005-03-11 147456]
"SunJavaUpdateSched"=C:Program FilesJavajre6injusched.exe [2009-05-09 148888]
"AVP"=C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-05-10 201992]
"SoundMan"=C:WINDOWSSOUNDMAN.EXE [2005-06-20 77824]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"=C:WINDOWSsystem32ctfmon.exe [2004-08-19 15360]
"Google Update"=C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2009-05-06 133104]
"IDMan"=C:Program FilesInternet Download ManagerIDMan.exe [2009-04-27 2799024]
"MSMSGS"=C:Program FilesMessengermsmsgs.exe [2004-08-19 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregAdobe Reader Speed Launcher]
C:Program FilesAdobeReader 9.0ReaderReader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregMSMSGS]
C:Program FilesMessengermsmsgs.exe [2004-08-19 1667584]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregRaidTool]
C:Program FilesVIARAID aid_tool.exe [2005-06-20 1056768]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregSpybotSD TeaTimer]
C:Program FilesSpybot - Search & DestroyTeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregUniblue RegistryBooster 2009]
C:Program FilesUniblueRegistryBoosterRegistryBooster.exe /S []

C:Documents and SettingsTIRACHEMenu DémarrerProgrammesDémarrage
Notification de cadeaux MSN.lnk - C:Documents and SettingsTIRACHEApplication DataMicrosoftNotification de cadeaux MSNlsnfier.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon]
C:WINDOWSsystem32klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBoot
etworkprocexp90.Sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Internet Security 2009frenchsetup.exe"="C:Documents and SettingsAll UsersApplication DataKaspersky Lab Setup FilesKaspersky Internet Security 2009frenchsetup.exe:*:Disabled:Programme d'installation de Kaspersky Internet Security 2009"
"C:Program FilesMSN Messengermsnmsgr.exe"="C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:Program FilesMSN Messengerlivecall.exe"="C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:Program FilesuTorrentuTorrent.exe"="C:Program FilesuTorrentuTorrent.exe:*:Enabled:µTorrent"
"C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE"="C:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:Logicielutorrent.exe"="D:Logicielutorrent.exe:*:Enabled:µTorrent"
"C:Program FilesYahoo!MessengerYahooMessenger.exe"="C:Program FilesYahoo!MessengerYahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"F:STHIWstInstall.exe"="F:STHIWstInstall.exe:*:Enabled:SpeedTouch Home Install Wizard"
"C:Documents and SettingsTIRACHEBureauutorrent.exe"="C:Documents and SettingsTIRACHEBureauutorrent.exe:*:Enabled:µTorrent"
"C:Program FilesCamfrogCamfrog Video ChatCamfrog Video Chat.exe"="C:Program FilesCamfrogCamfrog Video ChatCamfrog Video Chat.exe:*:Disabled:Camfrog Client Module"
"C:Program FilesVideoLANVLCvlc.exe"="C:Program FilesVideoLANVLCvlc.exe:*:Disabled:VLC media player"
"E:STHIWstInstall.exe"="E:STHIWstInstall.exe:*:Enabled:SpeedTouch Home Install Wizard"
"C:Program FileseMuleemule.exe"="C:Program FileseMuleemule.exe:*:Enabled:eMule"
"C:Program FilesMessengermsmsgs.exe"="C:Program FilesMessengermsmsgs.exe:*:Enabled:Windows Messenger"
"C:WINDOWSsystem32dpvsetup.exe"="C:WINDOWSsystem32dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:WINDOWSsystem32 undll32.exe"="C:WINDOWSsystem32 undll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%system32sessmgr.exe"="%windir%system32sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:Program FilesMSN Messengermsnmsgr.exe"="C:Program FilesMSN Messengermsnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:Program FilesMSN Messengerlivecall.exe"="C:Program FilesMSN Messengerlivecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bde03f0c-4962-11de-9aa3-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2b1dcf0-46b4-11de-9a9c-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f915fbe0-3b1e-11de-9a68-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg


======List of files/folders created in the last 1 months======

2009-06-07 19:54:02 ----D---- C:Program Files rend micro
2009-06-07 19:53:57 ----D---- C: sit
2009-06-07 12:06:46 ----D---- C:Program FilesQUAD Utilities
2009-06-06 19:20:29 ----D---- C:Program FilesSoftChris
2009-06-06 18:17:35 ----D---- C:WINDOWSPrefetch
2009-06-06 18:09:21 ----RAH---- C:WINDOWSsystem32logonui.exe.manifest
2009-06-06 17:56:54 ----A---- C:WINDOWSsystem32spxcoins.dll
2009-06-06 17:56:54 ----A---- C:WINDOWSsystem32irclass.dll
2009-06-06 17:56:36 ----RA---- C:WINDOWSSET3B.tmp
2009-06-06 17:56:32 ----RA---- C:WINDOWSSET2F.tmp
2009-06-06 17:56:30 ----RA---- C:WINDOWSSET2C.tmp
2009-06-06 12:18:19 ----D---- C:Program FilesSpybot - Search & Destroy
2009-06-06 12:18:19 ----D---- C:Documents and SettingsAll UsersApplication DataSpybot - Search & Destroy
2009-06-05 14:15:25 ----D---- C:Documents and SettingsTIRACHEApplication DataUniblue
2009-06-05 14:06:29 ----HDC---- C:WINDOWS$MSI31Uninstall_KB893803v2$
2009-06-05 11:43:38 ----D---- C:Program FilesMalwarebytes' Anti-Malware
2009-06-05 11:00:20 ----D---- C:WINDOWSERDNT
2009-06-05 11:00:18 ----A---- C:WINDOWSsystem32CF18061.exe
2009-06-04 23:53:45 ----D---- C:Program FilesHotspot Shield
2009-06-04 18:49:00 ----A---- C:WINDOWSsystem32wmpns.dll
2009-06-04 18:35:35 ----RA---- C:WINDOWSSET3C.tmp
2009-06-04 18:35:33 ----RA---- C:WINDOWSSET30.tmp
2009-06-04 18:35:31 ----RA---- C:WINDOWSSET2D.tmp
2009-05-29 02:26:18 ----D---- C:Program FilesIvacy Monitor
2009-05-27 11:54:10 ----D---- C:Program FilesHandicap International
2009-05-27 10:38:52 ----A---- C:WINDOWSmUninstallFR.exe
2009-05-27 10:38:42 ----A---- C:WINDOWSmInstall.ini
2009-05-26 11:18:47 ----D---- C:Documents and SettingsTIRACHEApplication DataIDM
2009-05-26 11:18:41 ----D---- C:Program FilesInternet Download Manager
2009-05-12 16:45:55 ----D---- C:Program FileseMule
2009-05-12 11:27:13 ----D---- C:Documents and SettingsTIRACHEApplication Datadvdcss
2009-05-11 17:32:46 ----D---- C:Program FilesAcoustica Mp3 To Wave Converter Plus
2009-05-10 11:30:51 ----D---- C:Program FilesKaspersky Lab
2009-05-10 11:30:51 ----D---- C:Documents and SettingsAll UsersApplication DataKaspersky Lab
2009-05-09 19:04:55 ----D---- C:Documents and SettingsTIRACHEApplication Datavlc
2009-05-09 19:03:46 ----D---- C:Program FilesVideoLAN
2009-05-09 17:33:01 ----D---- C:WINDOWSSun
2009-05-09 17:13:47 ----A---- C:WINDOWSsystem32javaws.exe
2009-05-09 17:13:47 ----A---- C:WINDOWSsystem32javaw.exe
2009-05-09 17:13:47 ----A---- C:WINDOWSsystem32java.exe
2009-05-09 17:13:47 ----A---- C:WINDOWSsystem32deploytk.dll
2009-05-09 17:13:39 ----D---- C:Program FilesJava
2009-05-09 16:59:07 ----D---- C:WINDOWSsystem32appmgmt
2009-05-09 16:58:44 ----D---- C:Documents and SettingsTIRACHEApplication DataSun
2009-05-09 12:36:18 ----D---- C:Program FilesuTorrent

======List of files/folders modified in the last 1 months======

2009-06-07 19:54:57 ----D---- C:WINDOWSTemp
2009-06-07 19:54:02 ----RD---- C:Program Files
2009-06-07 19:48:14 ----D---- C:Documents and SettingsTIRACHEApplication DataDMCache
2009-06-07 19:19:04 ----A---- C:WINDOWSSchedLgU.Txt
2009-06-07 15:32:58 ----D---- C:Program FilesAvidemux 2.4
2009-06-07 15:32:37 ----D---- C:Documents and SettingsTIRACHEApplication DatauTorrent
2009-06-07 12:16:25 ----D---- C:Documents and SettingsTIRACHEApplication Datagtk-2.0
2009-06-07 12:07:28 ----D---- C:WINDOWS
2009-06-07 03:02:53 ----D---- C:Documents and SettingsTIRACHEApplication DataCamfrog
2009-06-07 00:34:57 ----D---- C:WINDOWSsystem32
2009-06-06 22:03:19 ----A---- C:WINDOWSsystem32PerfStringBackup.INI
2009-06-06 18:52:33 ----D---- C:WINDOWSsystem32Setup
2009-06-06 18:52:33 ----D---- C:WINDOWSsystem
2009-06-06 18:52:31 ----D---- C:WINDOWSHelp
2009-06-06 18:52:22 ----D---- C:WINDOWSsystem32usmt
2009-06-06 18:52:13 ----D---- C:WINDOWSAppPatch
2009-06-06 18:52:12 ----D---- C:WINDOWSime
2009-06-06 18:52:12 ----D---- C:WINDOWSehome
2009-06-06 18:52:10 ----RSD---- C:WINDOWSFonts
2009-06-06 18:52:10 ----D---- C:WINDOWSMedia
2009-06-06 18:51:55 ----D---- C:WINDOWSPeerNet
2009-06-06 18:51:39 ----D---- C:WINDOWSsystem32
pp
2009-06-06 18:51:31 ----D---- C:WINDOWSmsagent
2009-06-06 18:49:30 ----D---- C:WINDOWSsystem321036
2009-06-06 18:49:22 ----D---- C:WINDOWS wain_32
2009-06-06 18:49:09 ----D---- C:WINDOWSsystem32icsxml
2009-06-06 18:48:38 ----D---- C:WINDOWSsystem321033
2009-06-06 18:47:40 ----D---- C:WINDOWSDriver Cache
2009-06-06 18:22:57 ----D---- C:WINDOWSsecurity
2009-06-06 18:22:32 ----SH---- C:oot.ini
2009-06-06 18:22:32 ----A---- C:WINDOWSwin.ini
2009-06-06 18:22:32 ----A---- C:WINDOWSsystem.ini
2009-06-06 18:20:01 ----D---- C:WINDOWSRegistration
2009-06-06 18:19:18 ----D---- C:WINDOWSsystem32CatRoot2
2009-06-06 18:19:15 ----HD---- C:WINDOWSinf
2009-06-06 18:19:08 ----A---- C:WINDOWSsetuplog.txt
2009-06-06 18:17:40 ----SHD---- C:System Volume Information
2009-06-06 18:17:40 ----D---- C:WINDOWSsystem32Restore
2009-06-06 18:17:05 ----D---- C:WINDOWSsystem32config
2009-06-06 18:14:31 ----D---- C:WINDOWS epair
2009-06-06 18:13:59 ----RSHDC---- C:WINDOWSsystem32dllcache
2009-06-06 18:10:28 ----A---- C:WINDOWSOEWABLog.txt
2009-06-06 18:10:24 ----A---- C:WINDOWSODBCINST.INI
2009-06-06 18:09:57 ----D---- C:WINDOWSsystem32ias
2009-06-06 18:09:25 ----RD---- C:WINDOWSWeb
2009-06-06 18:09:14 ----RAH---- C:WINDOWSsystem32cdplayer.exe.manifest
2009-06-06 18:08:58 ----D---- C:WINDOWSsystem32oobe
2009-06-06 18:08:13 ----D---- C:WINDOWSsystem32Com
2009-06-06 18:07:49 ----D---- C:Program FilesMessenger
2009-06-06 18:07:48 ----D---- C:WINDOWSsystem32wbem
2009-06-06 17:59:25 ----D---- C:WINDOWSsystem32drivers
2009-06-06 17:56:46 ----ASH---- C:Documents and SettingsAll UsersApplication Datadesktop.ini
2009-06-06 17:56:39 ----D---- C:WINDOWSsystem32CatRoot
2009-06-05 18:40:06 ----SD---- C:Documents and SettingsTIRACHEApplication DataMicrosoft
2009-06-05 14:45:12 ----SHD---- C:WINDOWSInstaller
2009-06-05 14:06:55 ----A---- C:WINDOWSimsins.BAK
2009-06-04 19:27:27 ----D---- C:WINDOWSWinSxS
2009-06-04 18:47:19 ----D---- C:Program FilesInternet Explorer
2009-06-03 18:01:29 ----D---- C:Program FilesCamfrog
2009-05-29 22:31:39 ----D---- C:Program FilesAviSynth 2.5
2009-05-27 14:46:52 ----D---- C:Documents and SettingsTIRACHEApplication DataAdobe
2009-05-27 14:41:36 ----D---- C:Documents and SettingsAll UsersApplication DataAdobe
2009-05-27 14:40:40 ----D---- C:Program FilesFichiers communsAdobe
2009-05-26 12:06:13 ----D---- C:Documents and SettingsTIRACHEApplication DataVso
2009-05-26 12:06:13 ----D---- C:Documents and SettingsAll UsersApplication DataVso
2009-05-14 10:45:03 ----D---- C:Program FilesGoogle
2009-05-13 12:29:34 ----D---- C:Documents and SettingsAll UsersApplication DataGoogle
2009-05-10 16:33:42 ----D---- C:Program Filesm4ng
2009-05-09 18:51:54 ----SD---- C:Documents and SettingsAll UsersApplication DataMicrosoft
2009-05-09 16:59:00 ----D---- C:Program FilesFichiers communs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:WINDOWSsystem32DRIVERSintelppm.sys [2004-08-19 40320]
R1 KLIF;Kaspersky Lab Driver; C:WINDOWSsystem32DRIVERSklif.sys [2009-05-10 213520]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:WINDOWSsystem32DRIVERS cpip6.sys [2004-08-03 223616]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:WINDOWSSystem32driversws2ifsl.sys [2001-10-02 12032]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:WINDOWSsystem32DRIVERSmdc8021x.sys [2009-05-09 15781]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:WINDOWSsystem32driversALCXWDM.SYS [2005-06-20 2324480]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:WINDOWSsystem32DRIVERSfetnd5.sys [2001-08-17 27165]
R3 hidusb;Pilote de classe HID Microsoft; C:WINDOWSsystem32DRIVERShidusb.sys [2001-10-02 9600]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:WINDOWSsystem32DRIVERSklfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:WINDOWSsystem32DRIVERSklim5.sys [2008-03-25 24592]
R3 mouhid;Pilote HID de souris; C:WINDOWSsystem32DRIVERSmouhid.sys [2001-10-02 12288]
R3 pcouffin;VSO Software pcouffin; C:WINDOWSSystem32Driverspcouffin.sys [2009-05-06 47360]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:WINDOWSsystem32DRIVERS unmp.sys [2004-08-19 12416]
R3 USB_RNDIS;Thomson ST Remote NDIS Device Driver; C:WINDOWSsystem32DRIVERSusb8023.sys [2004-08-03 12672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:WINDOWSsystem32DRIVERSusbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:WINDOWSsystem32DRIVERSusbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:WINDOWSsystem32DRIVERSusbuhci.sys [2004-08-03 20480]
R3 viagfx;viagfx; C:WINDOWSsystem32DRIVERSvtmini.sys [2005-08-24 237312]
S3 tapvpn;TAP VPN Adapter; C:WINDOWSsystem32DRIVERS apvpn.sys [2009-05-14 27136]
S3 usbccgp;Pilote parent générique USB Microsoft; C:WINDOWSsystem32DRIVERSusbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:WINDOWSsystem32DRIVERSUSBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:WINDOWSsystem32driversIntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Service d'application d'assistance IPv6; C:WINDOWSsystem32svchost.exe [2004-08-19 14336]
R2 AVP;Kaspersky Internet Security; C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe [2009-05-10 201992]
R2 JavaQuickStarterService;Java Quick Starter; C:Program FilesJavajre6injqs.exe [2009-05-09 152984]
S3 odserv;Microsoft Office Diagnostics Service; C:Program FilesFichiers communsMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:Program FilesFichiers communsMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:Program FilesMSN Messengerusnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[jiraya7]

et voila 2:



info.txt logfile of random's system information tool 1.06 2009-06-07 19:55:02

======Uninstall list======

-->C:PROGRA~1Yahoo!CommonUNYT_W~1.EXE
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:WINDOWSINFPCHealth.inf
Adobe Flash Player 10 ActiveX-->C:WINDOWSsystem32MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:WINDOWSsystem32MacromedFlashuninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Archiveur WinRAR-->C:Program FilesWinRARuninstall.exe
Avidemux 2.4-->C:Program FilesAvidemux 2.4uninstall.exe
AviSynth 2.5-->"C:Program FilesAviSynth 2.5Uninstall.exe"
Camfrog Video Chat 5.3-->"C:Program FilesCamfrogCamfrog Video Chatuninstall.exe"
Direct Show Ogg Vorbis Filter (remove only)-->"C:WINDOWSsystem32OggDSuninst.exe"
eMule-->"C:Program FileseMuleUninstall.exe"
ffdshow [rev 2275] [2008-11-01]-->"C:Program Filesffdshowunins000.exe"
HijackThis 2.0.2-->"C:Program Files rend microHijackThis.exe" /uninstall
Internet Download Manager-->C:Program FilesInternet Download ManagerUninstall.exe
Ivacy Monitor 1.1.8.78-->"C:Program FilesIvacy Monitorunins000.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Lame ACM MP3 Codec-->C:WINDOWSsystem32 undll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:WINDOWSINFLameACM.inf
m4ng-->C:Program Filesm4ngm4ng_Uninstal.exe
Malwarebytes' Anti-Malware-->"C:Program FilesMalwarebytes' Anti-Malwareunins000.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:Program FilesFichiers communsMicrosoft SharedOFFICE12Office Setup Controllersetup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MP3 To Wave Converter PLUS 2.22-->C:PROGRA~1ACOUST~1UNWISE.EXE C:PROGRA~1ACOUST~1INSTALL.LOG
Realtek AC'97 Audio-->RunDll32 C:PROGRA~1FICHIE~1INSTAL~1PROFES~1RunTime110Intel32Ctor.dll,LaunchSetup "C:Program FilesInstallShield Installation Information{FB08F381-6533-4108-B7DD-039E11FBC27E}setup.exe" -l0x40c -removeonly
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:Program FilesSpybot - Search & Destroyunins000.exe"
VIA Platform Device Manager-->C:PROGRA~1FICHIE~1INSTAL~1Driver7INTEL3~1IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA/S3G Display Driver-->C:PROGRA~1S3UChromePs3minset.exe /u UChromeP.uns
VLC media player 0.9.9-->C:Program FilesVideoLANVLCuninstall.exe
VSO CopyToDVD 4-->"C:Program FilesVSOunins000.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Xvid 1.1.3 final uninstall-->"C:Program FilesXvidunins000.exe"
Yahoo! Messenger-->C:PROGRA~1Yahoo!MESSEN~1UNWISE.EXE /U C:PROGRA~1Yahoo!MESSEN~1INSTALL.LOG
Yahoo! Toolbar-->C:PROGRA~1Yahoo!CommonUNYT_W~1.EXE

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Kaspersky Internet Security
FW: Kaspersky Internet Security

======System event log======

Computer Name: TIRACHE-F767F6E
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 2581
Source Name: Service Control Manager
Time Written: 20090526095036.000000+060
Event Type: Informations
User: AUTORITE NTSYSTEM

Computer Name: TIRACHE-F767F6E
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entré dans l'état : en cours d'exécution.

Record Number: 2580
Source Name: Service Control Manager
Time Written: 20090526094158.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service Messenger Sharing Folders USN Journal Reader.

Record Number: 2579
Source Name: Service Control Manager
Time Written: 20090526094158.000000+060
Event Type: Informations
User: AUTORITE NTSYSTEM

Computer Name: TIRACHE-F767F6E
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : arrêté.

Record Number: 2578
Source Name: Service Control Manager
Time Written: 20090526092019.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.

Record Number: 2577
Source Name: Service Control Manager
Time Written: 20090526092019.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: TIRACHE-F767F6E
Event Code: 103
Message: msnmsgr (796) \.C:Documents and SettingsTIRACHELocal SettingsApplication DataMicrosoftMessengeradidas_92@hotmail ... ngdatabase_A624_F509_24F4_DCEDdfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 1127
Source Name: ESENT
Time Written: 20090525125248.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 102
Message: msnmsgr (796) \.C:Documents and SettingsTIRACHELocal SettingsApplication DataMicrosoftMessengeradidas_92@hotmail ... ngdatabase_A624_F509_24F4_DCEDdfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 1126
Source Name: ESENT
Time Written: 20090525121444.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 100
Message: msnmsgr (796) Le moteur de base de données 5.01.2600.2180 est démarré.

Record Number: 1125
Source Name: ESENT
Time Written: 20090525121444.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 101
Message: msnmsgr (796) Le moteur de base de données est arrêté.

Record Number: 1124
Source Name: ESENT
Time Written: 20090525121336.000000+060
Event Type: Informations
User:

Computer Name: TIRACHE-F767F6E
Event Code: 103
Message: msnmsgr (796) \.C:Documents and SettingsTIRACHELocal SettingsApplication DataMicrosoftMessenger -avatar@hotmail.comSharingMetadataWorkingdatabase_A624_F509_24F4_DCEDdfsr.db: Le moteur de base de données a arrêté une instance (0).

Record Number: 1123
Source Name: ESENT
Time Written: 20090525121336.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%system32cmd.exe
"Path"=%SystemRoot%system32;%SystemRoot%;%SystemRoot%system32WBEM
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%TEMP
"TMP"=%SystemRoot%TEMP

-----------------EOF-----------------

[anthony5151]

Mais le rapport RSIT montre bien une infection de disque amovible :

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{bde03f0c-4962-11de-9aa3-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{c2b1dcf0-46b4-11de-9a9c-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f915fbe0-3b1e-11de-9a68-00147f2d28b7}]
shellAutoRuncommand - C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg

Télécharge UsbFix (de Chiquitine29 et C_XX) sur ton Bureau
. Lance l'installation avec les paramètres par défaut
. Branche tes sources de données externes à ton PC (clé USB, disque dur externe, lecteur mp3 etc...) sans les ouvrir
. Double clique sur le raccourci UsbFix sur ton Bureau
. Au menu principal, choisis l'option 1 (recherche)
. Un rapport USBFix.txt apparaitra à la fin, poste le dans ta prochaine réponse stp

[jiraya7]

salut mais les virus que j'ai eu c"est un amis avec ca clé usb mi le problème mon amis né plus la alors voila le résulta avec mes disc dur



############################## [ UsbFix V3.029 | Scan ]

# User : TIRACHE (Administrateurs) # TIRACHE-F767F6E
# Update on 05/06/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 14:41:55 | 08/06/2009

# Intel(R) Pentium(R) 4 CPU 3.06GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 6.0.2900.2180
# Windows Firewall Status : Enabled
# AV : Kaspersky Internet Security 8.0.0.357 [ Enabled | (!) Outdated ]
# FW : Kaspersky Internet Security[ Enabled ]8.0.0.357

# A: # Lecteur de disquettes 3 ½ pouces
# C: # Disque fixe local # 39,44 Go (32,11 Go free) # NTFS
# D: # Disque fixe local # 37,24 Go (27,67 Go free) # NTFS
# E: # Disque CD-ROM
# F: # Disque CD-ROM

############################## [ Processus actifs ]

C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32VTtrayp.exe
C:Program FilesJavajre6injusched.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesJavajre6injqs.exe
C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesInternet Download ManagerIDMan.exe
C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsTIRACHEApplication DataMicrosoftNotification de cadeaux MSNlsnfier.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesInternet Download ManagerIEMonitor.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSsystem32wbemwmiprvse.exe

################## [ Registre Startup ]

HKCU_Main: "Local Page"="C:\WINDOWS\system32\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\WINDOWS\system32\userinit.exe,"
HKLM_logon: "DefaultUserName"="TIRACHE"
HKLM_logon: "AltDefaultUserName"="TIRACHE"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: VTTimer=VTTimer.exe
HKLM_Run: VTTrayp=VTtrayp.exe
HKLM_Run: SunJavaUpdateSched="C:Program FilesJavajre6injusched.exe"
HKLM_Run: SoundMan=SOUNDMAN.EXE
HKLM_Run: AVP="C:Program FilesKaspersky LabKaspersky Internet Security 2009avp.exe"
HKLM_Run: HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversion unOptionalComponents=
HKCU_Run: CTFMON.EXE=C:WINDOWSsystem32ctfmon.exe
HKCU_Run: Google Update="C:Documents and SettingsTIRACHELocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe" /c
HKCU_Run: IDMan=C:Program FilesInternet Download ManagerIDMan.exe /onboot
HKCU_Run: MSMSGS="C:Program FilesMessengermsmsgs.exe" /background

################## [ Fichiers # Dossiers infectieux ]


################## [ Registre # Clés Run infectieuses ]


################## [ Registre # Mountpoints2 ]


################## [ ! Fin du rapport # UsbFix V3.029 ! ]

[anthony5151]

Et toi tu n'as aucune clé USB ?
USBFix n'a rien détecté, relance le et passe quand même l'option 2 pour vacciner tes disques durs.

[jiraya7]

slt merci beaucoup c bon pour mes disk dur mais il ya toujours le problème de MICROSOFT FEEDS SYNCHRONIZ il me dit que (MICROSOFT FEEDS SYNCHRONIZATION A RENCONTRé un probleme et doit fermer)???????????

[anthony5151]

C'est apparemment lié aux mises à jour des flux rss d'Internet Explorer.

Pour régler le problème, fais tes mises à jour de Windows : Menu démarrer --> Windows update --> recherche et installe toutes les mises à jour importantes.

En particulier, il faut que tu mettes à jour Internet Explorer. S'il n'était pas présent dans la liste des mises à jour de Windows Update, télécharge et installe IE 8 depuis ce lien : IE 8

Après ça, fais redémarrer ton ordinateur et dis moi si le problème persiste ?
Si c'est le cas, consulte ceci

[jiraya7]

merci je vais essayé

[jiraya7]

merci merci merci beaucoup c bon le problème et réglé