nutTenburG

j'ai telecharger un truc keygen sur un forum !!! ma petite soeur l'a executez :'( !!! et c'etait un chevale de troi d'aprés mon antivirus :'( aidez moi que faire ?

merci bien frero ^^ liltek zina toi o6

merciiii infiniment encore une derniere chose comment restorer le systeme si quelque chose arrive ^^ j'te remercie tu a etait tres comprehensif et trés aidant merci merci merci !!

...

maintenant le seule probleme s'est le poinnt de restoration ça marche pas

voila le test aprés la mise a jour Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5445 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 02/01/2011 22:33:03 mbam-log-2011-01-02 (22-33-03).txt Type d'examen: Examen rapide Elément(s) analysé(s): 125204 Temps écoulé: 1 minute(s), 8 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

oui oui je crois que c'est a cause de kaspersky !!!! puisque j'ai changer de version comme tu me l'a conseiller !!!!

oki

un autre truc _____" je peut plus changer le type de fichier exp le site d'hebergement ne peut pas uploader des fichier de genre bmp (bitmap) , avant la detection du malware je pouvait faire ce truc en chnagant juste la fin du nom du fichier mais mntn j'ai eu un peut d'mal a le changer j'me demande pourquoi

ouiii

oki

le point de restoration n'a pas marcher !! comment faire ?? message d'erreur no restoration point in the systeme

QuickScan Beta 32-bit v0.9.9.52 ------------------------------- Date de l'analyse : Sun Jan 02 18:14:57 2011 ID de la machine : 2036F385 Aucune infection détectée. -------------------------- Processus --------- Facemoi Application 1504 C:\Facemoi\facemoi.exe Firefox 1924 C:\Program Files\Mozilla Firefox\firefox.exe Firefox 3280 C:\Program Files\Mozilla Firefox\plugin-container.exe Java Platform SE 6 U21 1812 C:\Program Files\Java\jre6\bin\jqs.exe Java Platform SE Auto Updater 2 0 1328 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe Microsoft® Windows® Operating System 2652 C:\WINDOWS\system32\alg.exe Microsoft® Windows® Operating System 1348 C:\WINDOWS\system32\csrss.exe Microsoft® Windows® Operating System 1352 C:\WINDOWS\system32\ctfmon.exe Microsoft® Windows® Operating System 1428 C:\WINDOWS\system32\lsass.exe Microsoft® Windows® Operating System 744 C:\WINDOWS\system32\spoolsv.exe Microsoft® Windows® Operating System 148 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 268 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 380 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1636 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1860 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1952 C:\WINDOWS\system32\wscntfy.exe NVIDIA Driver Helper Service, Version 2 1600 C:\WINDOWS\system32\nvsvc32.exe Realtek HD Audio Sound Effect Manager 1292 C:\WINDOWS\RTHDCPL.EXE Système d'exploitation Microsoft® Windo 1128 C:\WINDOWS\explorer.exe Système d'exploitation Microsoft® Windo 700 C:\WINDOWS\system32\rundll32.exe Système d'exploitation Microsoft® Windo 1416 C:\WINDOWS\system32\services.exe Système d'exploitation Microsoft® Windo 1300 C:\WINDOWS\system32\smss.exe Système d'exploitation Microsoft® Windo 1372 C:\WINDOWS\system32\winlogon.exe Système d'exploitation Microsoft® Windo 2264 C:\WINDOWS\system32\wuauclt.exe Activité du réseau ------------------ Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.158.32 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 77.67.91.130 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 74.125.232.20 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 74.208.43.192 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 209.85.229.102 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 88.221.61.115 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.235.142.20 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 91.199.104.31 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.158.32 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.235.142.20 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 77.67.91.130 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.145.38 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.158.32 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.158.32 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 77.67.91.130 Processus firefox.exe (1924) connecté sur le port 80 (HTTP) --> 66.220.158.32 Processus svchost.exe (1860) écoute sur les ports: 135 (RPC) Fichiers critiques et Autorun ----------------------------- Facemoi Application C:\Facemoi\facemoi.exe Google Update C:\Program Files\Google\Update\GoogleUpdate.exe Java Platform SE Auto Updater 2 0 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe Kaspersky Anti-Virus c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll Kaspersky Anti-Virus c:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll Kaspersky Anti-Virus C:\WINDOWS\system32\klogon.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\nvcpl.dll NVIDIA Media Center Library C:\WINDOWS\system32\nvmctray.dll Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE Steam C:\Program Files\Steam\Steam.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Plugins du navigateur --------------------- BitDefender QuickScan C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll BitDefender QuickScan C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll Google Update C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll Java Deployment Toolkit 6.0.210.7 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll Java Platform SE 6 U21 c:\program files\java\jre6\bin\jp2ssv.dll Java Platform SE 6 U21 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll Java Platform SE 6 U21 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky anti-virus 2009\ievkbd.dll Microsoft Office 2003 C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll QuickTime Plug-in 7.5 (861) C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll QuickTime Plug-in 7.5 (861) C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll QuickTime Plug-in 7.5 (861) C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll QuickTime Plug-in 7.5 (861) C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll QuickTime Plug-in 7.5 (861) C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll RealPlayer Version Plugin C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll RealPlayer G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll RealPlayer G2 LiveConnect-Enabled P C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll Analyse ------- Aucun fichier téléchargé vers le serveur. Analyse terminée - la communication a duré 10 secondes Trafic total - 0.04 Mo envoyés, 636.31 Ko reçus 872 fichiers et modules analysés - 23 seconds ==============================================================================

je suis de la tunisie on a ni freebox ni noeufbox ni flybox !!!! j'ai un abonnement adsl routeur smc ^^ que veut tu dire par mettre a jour ma version de kaspersky acheter la nouvelle version ou faire une simple mise a jour !!!! (la mise a jour de sa base de donné est automatique et quotidienne )

..........

le tout premier code d'erreur program_error_updating (12002.0.winhttpreceiveresponse)

nn mon pare feu est deja desactivez !!! il etait desactivez quand j'ai acheter ce nouveau pc

mon pare feu et deja desactivez

...............

OTL logfile created on: 01/01/2011 21:38:55 - Run 2 OTL by OldTimer - Version 3.2.20.0 Folder = C:\Documents and Settings\user\Bureau Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free 5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 488,28 Gb Total Space | 448,58 Gb Free Space | 91,87% Space Free | Partition Type: NTFS Drive D: | 443,22 Gb Total Space | 430,22 Gb Free Space | 97,07% Space Free | Partition Type: NTFS Computer Name: USER-0A25FC8BB8 | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\user\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Facemoi\facemoi.exe (FaceMoi) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab) PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\user\Bureau\OTL.exe (OldTimer Tools) MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll () MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab) MOD - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll (Kaspersky Lab) ========== Win32 Services (SafeList) ========== SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab) SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (teamviewervpn) -- C:\WINDOWS\system32\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab) DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (k57w2k) Broadcom NetLink -- C:\WINDOWS\system32\drivers\k57xp32.sys (Broadcom Corporation) DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab) DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-823518204-1085031214-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-823518204-1085031214-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.fr/ig" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2 FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.9.1 FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.34 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&btnI=&q=" FF - prefs.js..network.proxy.backup.ftp_port: "" FF - prefs.js..network.proxy.backup.gopher_port: "" FF - prefs.js..network.proxy.backup.socks_port: "" FF - prefs.js..network.proxy.backup.ssl_port: "" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/13 20:56:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 17:19:50 | 000,000,000 | ---D | M] [2010/07/20 14:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions [2011/01/01 21:04:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions [2010/12/18 22:16:36 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2010/12/18 22:16:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/23 20:24:53 | 000,000,000 | ---D | M] ("SearchStatus") -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2010/09/03 02:21:46 | 000,000,000 | ---D | M] (Facicons) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254} [2010/07/20 11:11:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\extensions\temp [2008/06/13 06:23:30 | 000,002,258 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\binsearch.xml [2008/06/13 06:23:30 | 000,002,036 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\exalead.xml [2007/05/06 19:29:16 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\live-search.xml [2010/12/26 11:24:40 | 000,006,394 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\nowtorrents.xml [2008/01/17 21:52:17 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\opensubtitlesorg.xml [2008/07/21 18:22:55 | 000,002,213 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\subscene.xml [2007/08/13 21:50:47 | 000,005,532 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\vidos-dailymotion.xml [2006/11/16 21:11:10 | 000,001,025 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\wikipedia-english.xml [2010/12/26 11:24:40 | 000,002,087 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\youtube---videos.xml [2011/01/01 21:04:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/09/23 20:23:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/09/23 20:23:17 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/09/23 20:23:17 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/12/11 17:19:43 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/11 17:19:43 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/11 17:19:43 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/11 17:19:43 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/11 17:19:43 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/01/01 19:54:23 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-823518204-1085031214-682003330-1003..\Run: [Facemoi] C:\Facemoi\facemoi.exe (FaceMoi) O4 - HKU\S-1-5-21-823518204-1085031214-682003330-1003..\Run: [steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-823518204-1085031214-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010/07/20 11:04:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/01 21:19:25 | 006,312,976 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureau\mbam-rules.exe [2011/01/01 20:35:55 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureau\mbam-setup.exe [2011/01/01 19:50:02 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\user\Bureau\WinsockxpFix.exe [2011/01/01 19:49:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\Nouveau dossier [2011/01/01 18:31:39 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Bureau\OTL.exe [2011/01/01 18:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\Malwarebytes [2011/01/01 18:12:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011/01/01 18:10:21 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Mes documents\mbam-setup.exe [2011/01/01 18:04:09 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Bureau\TFC.exe [2011/01/01 17:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Bureau\hijackthis [2010/12/19 19:57:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\FileZilla [2010/12/18 22:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\IDM [2010/12/18 22:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\DMCache [2010/12/18 22:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Démarrer\Programmes\Internet Download Manager [2010/12/18 19:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeamViewer 5 [2010/12/16 22:03:39 | 000,025,088 | ---- | C] (TeamViewer GmbH) -- C:\WINDOWS\System32\drivers\teamviewervpn.sys [2010/12/16 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeamViewer 6 [2010/12/07 21:15:16 | 000,000,000 | ---D | C] -- C:\Temp [2010/12/03 19:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Steam [2010/12/03 19:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Steam ========== Files - Modified Within 30 Days ========== [2011/01/01 21:16:07 | 006,312,976 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureau\mbam-rules.exe [2011/01/01 20:37:30 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureau\mbam-setup.exe [2011/01/01 20:35:14 | 001,587,744 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2011/01/01 20:35:09 | 000,014,532 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2011/01/01 20:34:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/01 20:33:38 | 000,401,440 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2011/01/01 20:33:38 | 000,003,500 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2011/01/01 20:33:08 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\user\Bureau\mbam-clean.exe [2011/01/01 20:19:37 | 000,046,736 | ---- | M] () -- C:\Documents and Settings\user\Bureau\76659_155354414507552_100000989830057_270719_7719391_n.jpg [2011/01/01 19:54:23 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2011/01/01 19:49:57 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\user\Bureau\WinsockxpFix.exe [2011/01/01 18:31:35 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureau\OTL.exe [2011/01/01 18:11:55 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Mes documents\mbam-setup.exe [2011/01/01 18:04:06 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureau\TFC.exe [2011/01/01 12:55:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/12/31 18:59:28 | 000,094,679 | ---- | M] () -- C:\Documents and Settings\user\Bureau\168014_152546631461087_100001172523764_251754_2207680_n.jpg [2010/12/30 21:56:59 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/28 21:10:28 | 004,320,054 | ---- | M] () -- C:\Documents and Settings\user\Bureau\lol.bmp [2010/12/25 14:58:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/12/15 19:54:20 | 004,320,054 | ---- | M] () -- C:\Documents and Settings\user\Bureau\456.jpg [2010/12/15 19:53:58 | 000,119,496 | ---- | M] () -- C:\Documents and Settings\user\Bureau\123.jpg [2010/12/15 08:57:42 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/12/11 22:08:01 | 004,320,054 | ---- | M] () -- C:\Documents and Settings\user\Bureau\Nouveau Image bitmap.bmp [2010/12/08 16:18:39 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2010/12/08 16:18:39 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2010/12/07 12:01:04 | 004,320,054 | ---- | M] () -- C:\Documents and Settings\user\Bureau\hacking.bmp [2010/12/03 19:41:34 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Steam.lnk [2010/12/03 19:15:41 | 010,970,112 | ---- | M] () -- C:\Documents and Settings\user\Mes documents\SteamInstall_French.msi [2010/12/03 11:54:51 | 030,862,316 | ---- | M] () -- C:\Documents and Settings\user\Mes documents\themes.rar [2010/12/03 11:47:59 | 000,202,807 | ---- | M] () -- C:\Documents and Settings\user\Mes documents\anis.rar [2010/12/02 22:14:54 | 000,001,883 | R--- | M] () -- C:\Documents and Settings\user\Bureau\KAV09-CM-20110207-043440EF.KEY ========== Files Created - No Company Name ========== [2011/01/01 20:33:13 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\user\Bureau\mbam-clean.exe [2011/01/01 20:19:37 | 000,046,736 | ---- | C] () -- C:\Documents and Settings\user\Bureau\76659_155354414507552_100000989830057_270719_7719391_n.jpg [2010/12/31 18:59:28 | 000,094,679 | ---- | C] () -- C:\Documents and Settings\user\Bureau\168014_152546631461087_100001172523764_251754_2207680_n.jpg [2010/12/28 21:10:17 | 004,320,054 | ---- | C] () -- C:\Documents and Settings\user\Bureau\lol.bmp [2010/12/15 19:54:14 | 004,320,054 | ---- | C] () -- C:\Documents and Settings\user\Bureau\456.jpg [2010/12/15 19:00:29 | 000,119,496 | ---- | C] () -- C:\Documents and Settings\user\Bureau\123.jpg [2010/12/15 08:57:42 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [2010/12/11 22:07:38 | 004,320,054 | ---- | C] () -- C:\Documents and Settings\user\Bureau\Nouveau Image bitmap.bmp [2010/12/07 12:00:36 | 004,320,054 | ---- | C] () -- C:\Documents and Settings\user\Bureau\hacking.bmp [2010/12/06 22:39:13 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/03 19:24:10 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Steam.lnk [2010/12/03 19:12:40 | 010,970,112 | ---- | C] () -- C:\Documents and Settings\user\Mes documents\SteamInstall_French.msi [2010/12/03 11:50:22 | 030,862,316 | ---- | C] () -- C:\Documents and Settings\user\Mes documents\themes.rar [2010/12/03 11:48:27 | 000,001,883 | R--- | C] () -- C:\Documents and Settings\user\Bureau\KAV09-CM-20110207-043440EF.KEY [2010/12/03 11:48:10 | 000,202,807 | ---- | C] () -- C:\Documents and Settings\user\Mes documents\anis.rar [2010/07/22 10:09:02 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010/07/20 12:56:53 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/07/20 11:13:11 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010/07/20 11:11:20 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010/07/20 11:11:20 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010/07/20 11:11:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010/07/20 11:11:19 | 002,041,363 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2010/07/20 11:11:19 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010/07/20 11:11:19 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/07/20 11:11:18 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2003/04/01 06:28:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== Custom Scans ========== < c:\Temp\* /s > < End of report >

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5363 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 01/01/2011 21:21:18 mbam-log-2011-01-01 (21-21-18).txt Type d'examen: Examen rapide Elément(s) analysé(s): 123557 Temps écoulé: 1 minute(s), 4 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

programme_error_database (2.2 create sdk)

aaaaaaaaa3333333 ça marche pas :'(

a333333333 ça marche pas