alpha encore une fois • page 2

[carlito7]

voila ya eu un message avec hijack quand ej l'ai fait mais j'ai quand meme eu le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:54, on 23/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32 askeng.exe
C:Program FilesNewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesPACKARD BELLPackard Bell PowerSave SolutionePowerTray.exe
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesVideoWebCameraVideoWebCamera.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesLaunch ManagerLManager.exe
C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
C:Program FilesPACKARD BELLSetUpMyPCSmpSys.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe
C:UsersCarlitoAppDataLocalTempRtkBtMnt.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
C:Program FilesSynapticsSynTPSynTPHelper.exe
C:Windowssystem32wuauclt.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:WindowsSystem32mobsync.exe
C:Program FilesAlphaAVAlpha Antivirus.exe
C:Windowssystem32 undll32.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:Windowssystem32SearchFilterHost.exe
C:Windowssystem32DllHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program FilesNorton Internet SecurityEngine16.7.2.11IPSBHO.DLL
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:ProgramDataPartnerpartner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: (no name) - {A77D3539-581D-450C-9E44-A84C415A6172} - C:WindowsSystem32msnaoladdon.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [BackupManagerTray] "C:Program FilesNewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe" -k
O4 - HKLM..Run: [Acer ePower Management] C:Program FilesPackard BellPackard Bell PowerSave SolutionePowerTrayLauncher.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [StartCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe
O4 - HKLM..Run: [VideoWebCamera] "C:Program FilesVideoWebCameraVideoWebCamera.exe" -a
O4 - HKLM..Run: [PLFSetI] C:Program FilesPLFSetI.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1LManager.exe
O4 - HKLM..Run: [RemoteControl8] "C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe"
O4 - HKLM..Run: [PDVD8LanguageShortcut] "C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe"
O4 - HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU..Run: [SmpcSys] C:Program FilesPACKARD BELLSetUpMyPCSmpSys.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:Program FilesPACKARD BELLPackard Bell PowerSave SolutionePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1ca355990113a10) (gupdate1ca355990113a10) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:Program FilesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:Program FilesNewTech InfosystemsPackard Bell MyBackupIScheduleSvc.exe
O23 - Service: Partner Service - Google Inc. - C:ProgramDataPartnerpartner.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:Windowssystem32IoctlSvc.exe

--
End of file - 9050 bytes

[danakil]

Scan saved at 22:23:54, on 23/09/2009

C'est celui de hier

Peux-tu relancer HijackThis en cliquant sur son raccourci présent sur le Bureau > Sélectionne ensuite Do a system scan and save a logfile

[carlito7]

désolé je dois filer je reviens tout a l'heure!
je comprends pas c'est pourtant ce que j'ai fait! a tt a l'heure$

[carlito7]

voila voila j'ai régler le probleme du message d'erreur


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:05:08, on 24/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32 askeng.exe
C:Windowssystem32 askeng.exe
C:Program FilesAlphaAVAlpha Antivirus.exe
C:Program FilesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesNewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesPACKARD BELLPackard Bell PowerSave SolutionePowerTray.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesRealtekAudioHDARtHDVCpl.exe
C:Program FilesVideoWebCameraVideoWebCamera.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesLaunch ManagerLManager.exe
C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
C:Program FilesPACKARD BELLSetUpMyPCSmpSys.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:UsersCarlitoAppDataLocalTempRtkBtMnt.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
C:Program FilesSynapticsSynTPSynTPHelper.exe
C:Windowssystem32wuauclt.exe
C:WindowsSystem32wsqmcons.exe
C:Windowssystem32 undll32.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:Program FilesNorton Internet SecurityEngine16.7.2.11IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.2.4204.1700swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [BackupManagerTray] "C:Program FilesNewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe" -k
O4 - HKLM..Run: [Acer ePower Management] C:Program FilesPackard BellPackard Bell PowerSave SolutionePowerTrayLauncher.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [StartCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARtHDVCpl.exe
O4 - HKLM..Run: [VideoWebCamera] "C:Program FilesVideoWebCameraVideoWebCamera.exe" -a
O4 - HKLM..Run: [PLFSetI] C:Program FilesPLFSetI.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [LManager] C:PROGRA~1LAUNCH~1LManager.exe
O4 - HKLM..Run: [RemoteControl8] "C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe"
O4 - HKLM..Run: [PDVD8LanguageShortcut] "C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe"
O4 - HKLM..Run: [Malwarebytes Anti-Malware (reboot)] "C:Program FilesMalwarebytes' Anti-Malwarembam.exe" /runcleanupscript
O4 - HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU..Run: [SmpcSys] C:Program FilesPACKARD BELLSetUpMyPCSmpSys.exe
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:Program FilesNorton Internet SecurityEngine16.7.2.11coIEPlg.dll
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:Program FilesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:Program FilesPACKARD BELLPackard Bell PowerSave SolutionePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Service Google Update (gupdate1ca355990113a10) (gupdate1ca355990113a10) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:Program FilesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:Program FilesNewTech InfosystemsPackard Bell MyBackupIScheduleSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:Windowssystem32IoctlSvc.exe

--
End of file - 8797 bytes




désolé d'avoir été si long ^^

[carlito7]

y'a plus personne? O_o

[carlito7]

...

[chiva]

Bonjour,

@carlito7: danakil as une vie en dehors du forum. Il as un boulot,.... .
Laisse le un peu de temps svp. T'inquiète, il vous laisse pas tomber.
Ceci dit, je comprend très bien que vous voulez récupérer votre pc au plus vite, suis le même.

Merci

Amicalement, Chiva

[carlito7]

lol en effet ça peut s'avérer utile de travailler^^
oui non mais c juste que je me manifeste pour qu'il me rate pas a son retour sinon je comprends tres bien qu'il ne veuille pas passer sa vie sur un forum^^
bonne soirée

[chiva]

Merci de ta compréhension.

Il vas pas vous louper, ça c'est sure. C'est pas son style !!
Allez, je vous laisse.

Bon courage pour le reste de la procédure.

Amicalement, Chiva

[danakil]

Salut à tous !

Coucou chiva

carlito7
Ton dernier rapport HJT se présente trés bien, mais face à cette infection trés surprenante en diversité, je préfère te demander d'effectuer une nouvelle manipulation avant de t'affirmer que c'est OK et que l'on puisse fermer ce topic.


Fais ceci, je te pris :
Télécharge ComboFix de sUBs sur ton Bureau et pas ailleurs.

*** Déconnectes toi d'internet et désactives ton antivirus pour que ComboFix puisse s'exécuter normalement ***

> Clic droit sur ComboFix.exe
> Exécuter en tant qu'administrateur > puis suis les instructions du tool.
(Si demandé, sélectionne la langue et l'option 1 puis valide).

> Installe la console de récupération si proposé et continue.

!!! Ne touches à rien tant que le scan n'est pas terminé !!!

> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
(il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.)

NOTE : Le rapport se trouve également ici : C:ComboFix.txt

[carlito7]

ok merci beaucoup je vais faire tout ça =D je post des ke j'ai fait je sais pas si ça va prendre longtemps

[carlito7]

voila

ComboFix 09-09-23.02 - Carlito 24/09/2009 23:50.2.2 - NTFSx86
Microsoft® Windows Vista™ Edition Familiale Premium 6.0.6001.1.1252.33.1036.18.3069.1925 [GMT 2:00]
Lancé depuis: c:usersCarlitoDownloadsComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:windowssystem32msnaoladdon.dll.tmp

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-24 au 2009-09-24 ))))))))))))))))))))))))))))))))))))
.

2009-09-24 21:56 . 2009-09-24 21:56 -------- d-----w- c:usersPublicAppDataLocal emp
2009-09-24 21:56 . 2009-09-24 21:56 -------- d-----w- c:usersDefaultAppDataLocal emp
2009-09-23 20:42 . 2009-09-23 20:42 -------- d-----w- c:usersCarlitoAppDataRoamingMalwarebytes
2009-09-23 20:42 . 2009-09-10 12:54 38224 ----a-w- c:windowssystem32driversmbamswissarmy.sys
2009-09-23 20:42 . 2009-09-23 20:42 -------- d-----w- c:program filesMalwarebytes' Anti-Malware
2009-09-23 20:42 . 2009-09-23 20:42 -------- d-----w- c:programdataMalwarebytes
2009-09-23 20:42 . 2009-09-10 12:53 19160 ----a-w- c:windowssystem32driversmbam.sys
2009-09-23 20:14 . 2009-09-23 20:14 -------- d-----w- c:program filesTrend Micro
2009-09-23 17:52 . 2009-09-23 17:52 -------- d-----w- c:program filesCommon FilesUninstall
2009-09-23 17:49 . 2009-09-23 17:49 -------- d-----w- c:program filesAlphaAV
2009-09-16 17:15 . 2009-09-16 17:15 -------- d-----w- c:usersCarlitoAppDataRoamingTemplate
2009-09-14 16:36 . 2009-09-14 16:36 -------- d-----w- c:program filesCommon FilesDivX Shared
2009-09-14 16:36 . 2009-09-14 16:36 -------- d-----w- c:program filesDivX
2009-09-14 01:07 . 2008-06-20 01:14 97800 ----a-w- c:windowssystem32infocardapi.dll
2009-09-14 01:07 . 2008-06-20 01:14 105016 ----a-w- c:windowssystem32PresentationCFFRasterizerNative_v0300.dll
2009-09-14 01:07 . 2008-06-20 01:14 43544 ----a-w- c:windowssystem32PresentationHostProxy.dll
2009-09-14 01:07 . 2008-06-20 01:14 11264 ----a-w- c:windowssystem32icardres.dll
2009-09-14 01:07 . 2008-06-20 01:14 622080 ----a-w- c:windowssystem32icardagt.exe
2009-09-14 01:07 . 2008-06-20 01:14 781344 ----a-w- c:windowssystem32PresentationNative_v0300.dll
2009-09-14 01:07 . 2008-06-20 01:14 326160 ----a-w- c:windowssystem32PresentationHost.exe
2009-09-14 01:01 . 2008-07-27 18:03 96760 ----a-w- c:windowssystem32dfshim.dll
2009-09-14 01:01 . 2008-07-27 18:03 282112 ----a-w- c:windowssystem32mscoree.dll
2009-09-14 01:01 . 2008-07-27 18:03 41984 ----a-w- c:windowssystem32
etfxperf.dll
2009-09-14 01:01 . 2008-07-27 18:03 158720 ----a-w- c:windowssystem32mscorier.dll
2009-09-14 01:01 . 2008-07-27 18:03 83968 ----a-w- c:windowssystem32mscories.dll
2009-09-13 16:14 . 2009-04-30 12:37 428544 ----a-w- c:windowssystem32EncDec.dll
2009-09-13 16:14 . 2009-04-30 12:37 293376 ----a-w- c:windowssystem32psisdecd.dll
2009-09-13 12:32 . 2009-09-13 12:32 0 ----a-w- c:windows
sreg.dat
2009-09-13 12:32 . 2009-09-13 12:32 -------- d-----w- c:usersCarlitoAppDataLocalMozilla
2009-09-13 12:24 . 2008-10-16 21:09 51224 ----a-w- c:windowssystem32wuauclt.exe
2009-09-13 12:24 . 2008-10-16 21:09 43544 ----a-w- c:windowssystem32wups2.dll
2009-09-13 12:24 . 2008-10-16 20:56 1524736 ----a-w- c:windowssystem32wucltux.dll
2009-09-13 12:24 . 2008-10-16 21:13 1809944 ----a-w- c:windowssystem32wuaueng.dll
2009-09-13 12:24 . 2008-10-16 21:12 561688 ----a-w- c:windowssystem32wuapi.dll
2009-09-13 12:24 . 2008-10-16 21:08 34328 ----a-w- c:windowssystem32wups.dll
2009-09-13 12:24 . 2008-10-16 20:55 83456 ----a-w- c:windowssystem32wudriver.dll
2009-09-13 12:24 . 2008-10-16 12:08 162064 ----a-w- c:windowssystem32wuwebv.dll
2009-09-13 12:24 . 2008-10-16 11:56 31232 ----a-w- c:windowssystem32wuapp.exe
2009-09-13 11:36 . 2009-09-24 21:44 -------- d-----w- c:usersCarlitoTracing
2009-09-13 10:43 . 2009-06-15 15:24 175104 ----a-w- c:windowssystem32wdigest.dll
2009-09-13 10:43 . 2009-06-15 15:24 270848 ----a-w- c:windowssystem32schannel.dll
2009-09-13 10:43 . 2009-06-15 15:23 1256448 ----a-w- c:windowssystem32lsasrv.dll
2009-09-13 10:43 . 2009-06-15 15:22 213504 ----a-w- c:windowssystem32msv1_0.dll
2009-09-13 10:43 . 2009-06-15 15:21 499712 ----a-w- c:windowssystem32kerberos.dll
2009-09-13 10:43 . 2009-06-15 18:20 439896 ----a-w- c:windowssystem32driversksecdd.sys
2009-09-13 10:43 . 2009-06-15 15:24 72704 ----a-w- c:windowssystem32secur32.dll
2009-09-13 10:43 . 2009-06-15 12:57 9728 ----a-w- c:windowssystem32lsass.exe
2009-09-13 09:17 . 2009-06-22 10:22 2048 ----a-w- c:windowssystem32 zres.dll
2009-09-12 17:48 . 2009-09-12 17:48 -------- d-----w- c:programdataFLEXnet
2009-09-12 16:46 . 2009-08-26 00:08 25648 ----a-r- c:windowssystem32driversSymIMV.sys
2009-09-12 16:46 . 2009-09-13 16:26 124976 ----a-w- c:windowssystem32driversSYMEVENT.SYS
2009-09-12 16:46 . 2009-09-13 16:26 -------- d-----w- c:program filesSymantec
2009-09-12 16:46 . 2009-09-12 17:03 -------- d-----w- c:program filesCommon FilesSymantec Shared
2009-09-12 16:44 . 2009-09-12 16:44 -------- d-----w- c:usersCarlitoAppDataRoamingPackard Bell
2009-09-12 16:42 . 2009-09-12 16:42 -------- d-----w- c:usersCarlitoAppDataLocalAcer ePower Management V4
2009-09-12 16:42 . 2009-09-12 16:42 -------- d-----w- c:usersCarlitoAppDataRoamingATI
2009-09-12 16:42 . 2009-09-12 16:42 -------- d-----w- c:usersCarlitoAppDataLocalATI
2009-09-12 16:42 . 2009-09-23 18:31 -------- d-----w- c:usersCarlitoAppDataLocalGoogle
2009-09-12 16:41 . 2009-09-22 18:13 -------- d-----w- c:usersCarlitoAppDataLocalVirtualStore
2009-09-12 16:36 . 2009-09-12 16:36 71256 ----a-w- c:usersCarlitoAppDataLocalGDIPFONTCACHEV1.DAT
2009-09-12 16:36 . 2009-09-12 16:44 -------- d-----w- c:usersCarlitoAppDataLocalPackard Bell
2009-09-12 16:35 . 2009-09-12 16:35 -------- d-----w- c:windowsoem
2009-09-12 16:35 . 2009-09-24 06:43 -------- d-----w- c:programdataPartner
2009-09-12 16:24 . 2009-09-12 17:51 -------- d-----w- c:usersCarlitoAppDataLocalAdobe
2009-09-12 13:10 . 2009-07-11 19:32 513024 ----a-w- c:windowssystem32wlansvc.dll
2009-09-12 13:10 . 2009-07-11 19:32 302592 ----a-w- c:windowssystem32wlansec.dll
2009-09-12 13:10 . 2009-07-11 19:32 293376 ----a-w- c:windowssystem32wlanmsm.dll
2009-09-12 13:10 . 2009-07-11 19:29 127488 ----a-w- c:windowssystem32L2SecHC.dll
2009-09-12 13:10 . 2009-04-21 11:55 2033152 ----a-w- c:windowssystem32win32k.sys
2009-09-12 13:10 . 2009-06-15 15:24 156672 ----a-w- c:windowssystem32 2embed.dll
2009-09-12 13:10 . 2009-06-15 15:20 72704 ----a-w- c:windowssystem32fontsub.dll
2009-09-12 13:10 . 2009-06-15 15:20 10240 ----a-w- c:windowssystem32dciman32.dll
2009-09-12 13:10 . 2009-06-15 12:52 289792 ----a-w- c:windowssystem32atmfd.dll
2009-09-12 13:10 . 2009-06-10 12:11 2868224 ----a-w- c:windowssystem32mf.dll
2009-09-12 13:10 . 2009-07-17 14:35 71680 ----a-w- c:windowssystem32atl.dll
2009-09-12 13:09 . 2009-06-10 12:12 160256 ----a-w- c:windowssystem32wkssvc.dll
2009-09-12 13:08 . 2009-06-04 12:34 2066432 ----a-w- c:windowssystem32mstscax.dll
2009-09-12 13:08 . 2009-04-23 12:42 636928 ----a-w- c:windowssystem32localspl.dll
2009-09-12 13:08 . 2009-06-10 12:07 91136 ----a-w- c:windowssystem32avifil32.dll
2009-09-12 13:08 . 2009-07-14 13:00 313344 ----a-w- c:windowssystem32wmpdxm.dll
2009-09-12 13:08 . 2009-07-14 12:58 7680 ----a-w- c:windowssystem32spwmp.dll
2009-09-12 13:08 . 2009-07-14 12:59 4096 ----a-w- c:windowssystem32dxmasf.dll
2009-09-12 13:08 . 2009-07-14 10:59 8147456 ----a-w- c:windowssystem32wmploc.DLL
2009-09-12 13:08 . 2009-08-28 12:39 28672 ----a-w- c:windowssystem32Apphlpdm.dll
2009-09-12 13:08 . 2009-08-28 10:15 4240384 ----a-w- c:windowssystem32GameUXLegacyGDFs.dll
2009-09-12 13:06 . 2009-04-23 12:43 784896 ----a-w- c:windowssystem32 pcrt4.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-24 21:48 . 2008-01-21 08:40 669566 ----a-w- c:windowssystem32perfh00C.dat
2009-09-24 21:48 . 2008-01-21 08:40 123556 ----a-w- c:windowssystem32perfc00C.dat
2009-09-24 15:48 . 2009-09-16 17:15 200 ----a-w- c:usersCarlitoAppDataRoamingwklnhst.dat
2009-09-14 16:37 . 2009-03-13 19:22 -------- d-----w- c:program filesGoogle
2009-09-13 16:26 . 2009-09-12 16:46 806 ----a-w- c:windowssystem32driversSYMEVENT.INF
2009-09-13 16:26 . 2009-09-12 16:46 7456 ----a-w- c:windowssystem32driversSYMEVENT.CAT
2009-09-13 09:20 . 2006-11-02 11:18 -------- d-----w- c:program filesWindows Mail
2009-09-12 16:47 . 2009-03-13 19:43 -------- d-----w- c:programdataSymantec
2009-09-12 16:46 . 2009-03-13 19:43 -------- d-----w- c:programdataNorton
2009-09-12 16:35 . 2009-03-14 02:23 -------- d-----w- c:program filesPACKARD BELL
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-sh--we c:programdataModèles
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-sh--we c:programdataMenu Démarrer
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-sh--we c:programdataFavoris
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-sh--we c:programdataBureau
2009-09-12 16:33 . 2009-09-12 16:33 -------- d-sh--we c:program filesFichiers communs
2009-08-14 17:07 . 2009-09-12 13:11 897608 ----a-w- c:windowssystem32drivers cpip.sys
2009-08-14 16:29 . 2009-09-12 13:11 104960 ----a-w- c:windowssystem32
etiohlp.dll
2009-08-14 16:29 . 2009-09-12 13:11 17920 ----a-w- c:windowssystem32
etevent.dll
2009-08-14 14:16 . 2009-09-12 13:11 9728 ----a-w- c:windowssystem32TCPSVCS.EXE
2009-08-14 14:16 . 2009-09-12 13:11 17920 ----a-w- c:windowssystem32ROUTE.EXE
2009-08-14 14:16 . 2009-09-12 13:11 11264 ----a-w- c:windowssystem32MRINFO.EXE
2009-08-14 14:16 . 2009-09-12 13:11 27136 ----a-w- c:windowssystem32NETSTAT.EXE
2009-08-14 14:16 . 2009-09-12 13:11 19968 ----a-w- c:windowssystem32ARP.EXE
2009-08-14 14:16 . 2009-09-12 13:11 8704 ----a-w- c:windowssystem32HOSTNAME.EXE
2009-08-14 14:16 . 2009-09-12 13:11 10240 ----a-w- c:windowssystem32finger.exe
2009-07-18 16:06 . 2009-09-12 13:11 827904 ----a-w- c:windowssystem32wininet.dll
2009-07-18 16:01 . 2009-09-12 13:11 78336 ----a-w- c:windowssystem32ieencode.dll
2009-07-18 12:58 . 2009-07-18 12:58 505128 ----a-w- c:windowssystem32msvcp71.dll
2009-07-18 12:58 . 2009-07-18 12:58 353576 ----a-w- c:windowssystem32msvcr71.dll
2009-07-18 12:58 . 2009-07-18 12:58 29480 ----a-w- c:windowssystem32msxml3a.dll
2009-07-18 12:37 . 2009-07-18 12:36 319456 ----a-w- c:windowsDIFxAPI.dll
2009-07-18 12:35 . 2009-07-18 12:35 0 ----a-w- c:windowsativpsrm.bin
2009-07-18 09:46 . 2009-09-12 13:11 26624 ----a-w- c:windowssystem32ieUnatt.exe
2009-03-13 19:22 . 2009-09-13 09:05 122880 ----a-w- c:program filesmozilla firefoxcomponentsGoogleDesktopMozilla.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:program filesmozilla firefoxpluginslibdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:program filesmozilla firefoxpluginsssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-24_20.51.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-09-24 21:43 39238 c:windowsSystem32WDIShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-09-24 21:42 77592 c:windowsSystem32WDIBootPerformanceDiagnostics_SystemData.bin
+ 2009-09-12 16:35 . 2009-09-24 21:43 4480 c:windowsSystem32WDI{86432a0b-3c7d-4ddf-a89c-172faa90485d}S-1-5-21-3676421253-1432536787-3545086782-1000_UserData.bin
- 2009-09-24 06:46 . 2009-09-24 06:46 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat
+ 2009-09-24 21:41 . 2009-09-24 21:41 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive1.dat
- 2009-09-24 06:46 . 2009-09-24 06:46 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat
+ 2009-09-24 21:41 . 2009-09-24 21:41 2048 c:windowsServiceProfilesLocalServiceAppDataLocallastalive0.dat
+ 2009-09-12 16:59 . 2009-09-24 21:37 203054 c:windowsSystem32WDISuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-09-24 21:48 587178 c:windowsSystem32perfh009.dat
+ 2006-11-02 10:33 . 2009-09-24 21:48 101250 c:windowsSystem32perfc009.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"SmpcSys"="c:program filesPACKARD BELLSetUpMyPCSmpSys.exe" [2009-03-18 1160736]
"msnmsgr"="c:program filesWindows LiveMessengermsnmsgr.exe" [2008-12-02 3882312]
"WMPNSCFG"="c:program filesWindows Media PlayerWMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"Windows Defender"="c:program filesWindows DefenderMSASCui.exe" [2008-01-21 1008184]
"Google Desktop Search"="c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe" [2009-03-13 30192]
"BackupManagerTray"="c:program filesNewTech InfosystemsPackard Bell MyBackupBackupManagerTray.exe" [2009-03-09 250624]
"Acer ePower Management"="c:program filesPackard BellPackard Bell PowerSave SolutionePowerTrayLauncher.exe" [2009-04-15 440864]
"Adobe Reader Speed Launcher"="c:program filesAdobeReader 9.0ReaderReader_sl.exe" [2008-06-12 34672]
"StartCCC"="c:program filesATI TechnologiesATI.ACECore-StaticCLIStart.exe" [2009-02-13 61440]
"RtHDVCpl"="c:program filesRealtekAudioHDARtHDVCpl.exe" [2009-02-24 6789664]
"VideoWebCamera"="c:program filesVideoWebCameraVideoWebCamera.exe" [2009-03-12 1552497]
"SynTPEnh"="c:program filesSynapticsSynTPSynTPEnh.exe" [2009-02-06 1430824]
"LManager"="c:progra~1LAUNCH~1LManager.exe" [2009-02-12 862728]
"RemoteControl8"="c:program filesCyberLinkPowerDVD8PDVD8Serv.exe" [2008-10-17 91432]
"PDVD8LanguageShortcut"="c:program filesCyberLinkPowerDVD8LanguageLanguage.exe" [2007-12-14 50472]
"Malwarebytes Anti-Malware (reboot)"="c:program filesMalwarebytes' Anti-Malwarembam.exe" [2009-09-10 1312080]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows]
"AppInit_DLLs"=c:progra~1GoogleGOOGLE~1GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalSymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWinDefend]
@="Service"

[HKLM~servicessharedaccessparametersfirewallpolicyDomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM~servicessharedaccessparametersfirewallpolicyFirewallRules]
"{985BAC35-6D23-4D6D-AAD7-B3DF2B21EB04}"= UDP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
"{04AAA321-9236-46E5-A28D-B42E49B8D509}"= TCP:c:program filesMicrosoft OfficeOffice12ONENOTE.EXE:Microsoft Office OneNote
"{F58FE707-1582-4806-844F-24047AA362F5}"= Disabled:UDP:c:program filesAdobePhotoshop Elements 6.0AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{718BC532-9D17-4668-8661-451732ADBC78}"= Disabled:TCP:c:program filesAdobePhotoshop Elements 6.0AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{6655DD5E-E918-4195-99EF-A4B8DC9C2EEC}"= c:program filesWindows LiveSyncWindowsLiveSync.exe:Windows Live Sync
"{5C9F2B07-97BE-459B-B8DA-036AC39E2579}"= c:program filesCyberLinkPowerDVD8PowerDVD8.EXE:CyberLink PowerDVD 8.0

[HKLM~servicessharedaccessparametersfirewallpolicyPublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM~servicessharedaccessparametersfirewallpolicyStandardProfile]
"EnableFirewall"= 0 (0x0)

R0 SymEFA;Symantec Extended File Attributes;c:windowsSystem32driversNIS1007020.00BSymEFA.sys [13/09/2009 18:26 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:windowsSystem32driversNIS1007020.00BBHDrvx86.sys [13/09/2009 18:26 259632]
R1 ccHP;Symantec Hash Provider;c:windowsSystem32driversNIS1007020.00Bcchpx86.sys [13/09/2009 18:26 482432]
R1 IDSVix86;IDSVix86;c:programdataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonDefinitionsIPSDefs20090916.003IDSvix86.sys [17/09/2009 07:13 342576]
R2 ePowerSvc;Acer ePower Service;c:program filesPACKARD BELLPackard Bell PowerSave SolutionePowerSvc.exe [13/03/2009 21:37 703008]
R2 Norton Internet Security;Norton Internet Security;c:program filesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe [13/09/2009 18:26 117640]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:program filesNewTech InfosystemsPackard Bell MyBackupIScheduleSvc.exe [10/03/2009 01:53 44800]
R3 amdkmdag;amdkmdag;c:windowsSystem32driversatipmdag.sys [14/03/2009 04:21 4385280]
R3 amdkmdap;amdkmdap;c:windowsSystem32driversatikmpag.sys [14/03/2009 04:21 93696]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [12/09/2009 19:13 102448]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:windowsSystem32driversk57nd60x.sys [14/03/2009 04:21 223232]
R3 SYMNDISV;Symantec Network Filter Driver;c:windowsSystem32driversNIS1007020.00Bsymndisv.sys [13/09/2009 18:26 48688]
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:program filesAdobePhotoshop Elements 6.0PhotoshopElementsFileAgent.exe [11/09/2007 01:45 124832]
S2 gupdate1ca355990113a10;Service Google Update (gupdate1ca355990113a10);c:program filesGoogleUpdateGoogleUpdate.exe [14/09/2009 18:36 133104]
S2 HsfXAudioService;HsfXAudioService;c:windowssystem32svchost.exe -k HsfXAudioService [21/01/2008 04:23 21504]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:program filesGoogleGoogle Desktop SearchGoogleDesktop.exe [13/03/2009 21:22 30192]
.
Contenu du dossier 'Tâches planifiées'

2009-09-24 c:windowsTasksAlphaAV.job
- c:program filesAlphaAVAlpha Antivirus.exe [2009-09-23 17:49]

2009-09-24 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2009-09-14 16:36]

2009-09-24 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program filesGoogleUpdateGoogleUpdate.exe [2009-09-14 16:36]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://homepage.packardbell.com/rdr.asp ... ynote_lj65
mStart Page = hxxp://homepage.packardbell.com/rdr.asp ... ynote_lj65
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
FF - ProfilePath - c:usersCarlitoAppDataRoamingMozillaFirefoxProfilesjfsxxk11.default
FF - component: c:program filesMozilla FirefoxcomponentsGoogleDesktopMozilla.dll
FF - component: c:programdataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortoncoFFPlgncomponentscoFFPlgn.dll
FF - component: c:programdataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NortonIPSFFPlgncomponentsIPSFFPl.dll
FF - plugin: c:program filesGoogleUpdate1.2.183.7
pGoogleOneClick8.dll
FF - plugin: c:program filesWindows LivePhoto GalleryNPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 23:56
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesNorton Internet Security]
"ImagePath"=""c:program filesNorton Internet SecurityEngine16.7.2.11ccSvcHst.exe" /s "Norton Internet Security" /m "c:program filesNorton Internet SecurityEngine16.7.2.11diMaster.dll" /prefetch:1"
.
Heure de fin: 2009-09-24 23:58
ComboFix-quarantined-files.txt 2009-09-24 21:58
ComboFix2.txt 2009-09-24 20:52

Avant-CF: 436 461 563 904 octets libres
Après-CF: 436 443 144 192 octets libres

251 --- E O F --- 2009-09-16 05:17







alors que me reste-t-il a faire?

[danakil]

Aucun signe visible d'Alpha Antivirus dans ton rapport Combo ... et de ton côté en visuel, tu as encore des manifestations?

Demain matin je te donne une solution pour terminer ce sujet et nous poster un joli [Résolu] sur ce sujet ...

Petite question :
Depuis combien de temps Norton est-il installé?

[carlito7]

ouais je crois que c'est bon il ne se manifeste plus ! =D

et norton doit etre présent depuis le début depuis que je l'ai acheté pq?
que me reste-t-il a supprimer pour nettoyer tout ces programmes?
merci beaucoup en tout cas =)

[danakil]

Salut !

Pour Norton > Simple curiosité car je n'arrivais pas à cerner sa date d'installation.
Message en attente AlphaAV est encore présent sur ton PC - du moins les résidus ...
J'édite ce message dans quelques minutes ...
Oups ! j'étais fatigué ...


Edit :
Télécharge OTM de OldTimer sur ton Bureau et pas ailleurs.

> Double-clique sur OTM.exe pour le lancer.
Copie et colle le texte ci-dessous :

:Reg
[-HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "Alpha Antivirus"]
[-HKEY_CURRENT_USERSoftwareAlpha Antivirus]
[-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAlpha Antivirus]
[-HKEY_LOCAL_MACHINESOFTWAREAlpha Antivirus]

:files
c:program filesAlphaAV
c:program filesAlphaAVAlpha Antivirus.exe
c:windowssystem32perfh00C.dat
c:windowssystem32perfc00C.dat
c:windowsSystem32perfh009.dat
c:windowsSystem32perfc009.dat

:commands
[purity]
[emptytemp]
[reboot]

> Clique sur MoveIt! pour lancer la suppression.
... Le résultat apparaitra dans le cadre Results.
Si ton PC ne redémarre pas automatiquement > Clique sur Exit pour refermer OTM > et fais le.


Poste le rapport situé dans C:\_OTMoveItMovedFiles*******_******.log <-- en gras