pc infecte

[mayasun]

bonsoir,

je pense etre infectee mon anti virus nod32 est hors fonction , et le pc fonctionne mal ,

j ai essaye malwarebite mais le nettoyage n a pas ete realise completement

j ai telecharge hijacckits et antivir mais mon pc refuse de demarrer en mode sans echec

je suis vraiment bloquee je ne sais pas installer hijackits message'' n est pas une application win 32 valide'',

que faire, merci pour vos conseils

martine

[Apollo]

Bonsoir,

 

 

ComboFix ne doit pas être utilisé comme un outil de diagnostic, il ne doit être employé que sur demande expresse d'un conseiller formé à cet outil et sous son contrôle. Cet outil peut être dangereux!

 

Connecter les supports amovibles (clé usb et autres) avant de procéder.

 

TUTO Officiel

 

Fais un clic droit ICI

• Dans le menu qui se déroule, choisis "Enregistrer la cible du lien sous" (si tu utilises Firefox) et "Enregistrer la cible sous" (si tu utilises Internet Explorer)
  
• Une fenêtre va s'ouvrir: dans le champs Nom du fichier (en bas ), tape ceci > badaboum
  
• On va enregistrer ce fichier sur le Bureau: pour cela, sur le panneau de gauche, clique sur le Bureau.
   
  
• Clique enfin sur le bouton Enregistrer en bas de page à droite.
  
• Assure toi que tous les programmes sont fermés avant de lancer le fix!
  
• Fait un double clique sur combofix.exe.
  
• Si la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepte!
  
• Clique sur Oui au message de Limitation de Garantie qui s'affiche.
  
• Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte!
  
• Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  
• Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.
  

 

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.

 

 

@++

[mayasun]

merci ,

voila j ai suivi la procedure confofix a scanne le pc (detection ''rootkit'' ?)

mon pc va deja mieux,

[mayasun]

ComboFix 09-01-20.05 - Martine 2009-01-21 18:47:53.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.991.716 [GMT 1:00]

Lancé depuis: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\badabom.exe

* Un nouveau point de restauration a été créé

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\113109.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\113265.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\120343.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\121765.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\121796.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\130687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\132125.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\132421.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137312.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\137703.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\139531.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140093.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140515.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140531.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\140796.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\142500.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\143015.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\145062.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\146031.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\148984.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\150250.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\150312.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\151093.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\151953.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\152500.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\152875.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\153890.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\155109.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\155468.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156109.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156640.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\156843.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157250.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157406.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\157500.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\159703.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\160265.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\160281.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\168609.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\169546.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\169906.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\170578.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\171421.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\172140.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\176984.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\177937.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\178421.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\182687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183328.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183359.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\183640.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\188671.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\188718.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189359.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189390.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\189828.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\192875.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\193625.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\196671.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\198281.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\198750.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199421.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199890.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\199968.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\200328.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\200390.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\201343.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\206750.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\209546.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\209578.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\213859.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\217593.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\218062.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\218328.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232453.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232921.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\232968.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\233265.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\236265.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\236843.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\243031.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\243656.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\244562.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\245234.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\246218.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\246765.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\247125.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\248359.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\251703.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253109.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253625.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\253875.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\259718.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\260093.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\260515.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263328.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\263718.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264125.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264234.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\264296.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\289078.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\289421.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\297171.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\297984.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301156.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301328.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\301359.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\321343.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\323562.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\324203.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\324546.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\326937.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\355578.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\356734.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\356906.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\36578.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39187.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39468.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\39531.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\41484.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42250.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42390.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\42484.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44203.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44484.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\44796.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\45031.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\45312.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\47500.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\47515.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\49703.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\50750.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\51078.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\53640.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\54109.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\54609.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55187.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55468.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55500.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55765.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\55984.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\58875.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\58921.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\59671.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\59937.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\60296.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\60765.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63531.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63578.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\63812.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64343.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64375.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64640.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64671.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\64953.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\68671.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69546.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69687.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\69843.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\74187.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\74937.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\75843.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\78750.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\81187.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\82453.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\89203.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\91984.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\downld\92703.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\srosa2.sys

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\wfsintwq.sys

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers\winupgro.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\data.oct

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\flec006.exe

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\list.oct

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\.0.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\[keygen].avg.anti-virus.professional.7.0..key.generator.(check.&.rebulid.10.04.2005).zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\98.9 The Bear Listener 1.5.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\A Really Small App 2.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\A.I. Engine 2.1.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ACM Converter ActiveX 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Adobe Acrobat 3D 8.1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Agree Free MP3 to AMR Converter 4.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\akaDylan Collage 1.00.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Alert's icons pack 4.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\AMPHIOTIK ENHANCER ST [Winamp] 2.01.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Antique Collector 1.15.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\AntiVirus Tester 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Audio Transcoder 1.4.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Avast!.Antivirus.Profesional.Edition.Licencia.Spanish.By.Ekio.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Avira UnErase Personal 1.4.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\BG.-.Toni.Storaro.(2005).-.Teb.obicham.(by.PANDA_1960).zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Book Writer 5.10.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\BX 4.5.117.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Cas 2.20.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Charon.Communications for .NET and .NET Compact Framework 1.1.3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Chromas 2.33.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Cool Stiky! 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\CustomizeGoogle 0.76.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\CyoGenerator 1.0.0 Beta.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Daily SweetIM.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\DEGMA Audio Handler 0.5.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Dicm PACS Client 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\DTM SQL editor 2.02.97.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\E-Mail Sender 1.23.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Easy Credit Card Checker 1.2.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Easy MP3 Splitter 1.05.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\EZgrades 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Fix-Aula 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\FoxPro2MySQL Sync 1.2.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\G3 Player Simple 1.0.33.32.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Girlsense Radio Player 1.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Google All-In-One 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Happy Browser 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HeldUp 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HPS Date Reminder 3.0.4.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Hylafx.DLL 1.3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\HyperPublish 2008.25.250.352.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ICQ Watcher 1.3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Ideaspad 1.1.9.5.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ImagePrinter 1.4.8.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\InVideo Studio 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Javascript Glide Navigation 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\JB Ptime 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Joyfax Server 2.7.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\JumpKeys Pro 1.21.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kansas City Toolbar 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kaspersky.AntiSpam.key.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Kirby's Pink Dream 1.3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Koma-Connect 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Law Practice Management Profit Secrets 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\LiveMark Family 1.7.2.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\McAfee Internet Security Suite 2005 Version 7.0_Crack.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Mcafee.Internet.Security.Suite.2006.Real.Patch.Update.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\McAfee.Virus.Scan.10.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Memory Status Widget 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MEMOTXT Scheduler 1.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MetaTraffic 2.24.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MidWavi Pro 2.99.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MousetrapCar 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MP3 Audio from Video tool 3.30.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MP3Cutter 4.0 Build 534 Beta.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\MS Word Duplicate Data Remove Software 7.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Mucha Art Nouveau 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Nidesoft iPhone Video Converter 2.3.08.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\NOD32.v.2.70.16.Final.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Ocean Life 2 Screensaver.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PasswordCreator 1.9.0.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PeonySoft Video to Flash Converter 2.0.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\pgEdit 1.4.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Phonotics Deal Watcher 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Phorest 1.0.3.2.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PictoWin 2.0.1c.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Plasmaplugs Progress Bar 2.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Portable MSD Organizer Freeware 9.10.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ProCalc 2.0.3.4.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\PS3 Media Center X 0.92.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Pumpkin Shoot Game Demo Screensaver 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Radyo Eksen 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RAM Idle Standard v5.0 Beta.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RealOne Player Mobile v3.0 Symbian Nokia.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RetailRoadshow 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\RM to WMA Converter 1.00.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\ROMAN MONOGRAMS SOLID BAR 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SaxLab 2.0.3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Servlet.Vote 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SightReader for Guitar 1.1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Simple Failover 1.21.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SmartNetSoft Smart Popup Blocker 1.01.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Softek Barcode Maker for WIndows 1.1.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SoftSearch Toolbar 1.2 Ad-Killer Ed..zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Sonic DLA 4.98.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SPX Graphic Editor 3.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Star Wars Screensaver 3.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\starQuiz NetClient 3.6.10.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\StripMDL 4.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Summer Beauty Screensaver 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SuperCool Window Washer 1.09.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Symantec.BAckup.Exec.System.Recoverry.BESystemRecovery65AllWinEnglishEval.z

ip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\SyncOnDemand 2.7.0.2.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Threaded Ping Component and Trace Route Demo 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Tomtom Mobile 2005 Pda Ipaq.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Trade Calculator 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Trellian eComm PRO 2.08.002.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Update Checker Opera Widget 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Update Facebook Status 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Veox Projekt Standard 5.62.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Viking Reminder 1.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Vista Clock RF 2.1.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Visual Schema 1.0.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\VoiceTweaker VST 4.1.0.2.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Vulture Screensaver 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WebTime 2000 3.8.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WebTransporter 3.42.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Whizlabs Cisco CCNA Exam (640-801) Simulator 5.2.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Wild Garlic Flowers Screensaver 1.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Windows Live Admin Center SDK 4.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\WinSkan 1.10.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\XUpload Pro 2.6.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\shared\Yale toolbar for IE 4.5.131.0.zip

c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\m\srvlist.oct

c:\program files\Messenger\msmsgs.exe

c:\windows\system32\a.bat

c:\windows\system32\ban_list.txt

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_BOONTY_GAMES

-------\Service_Boonty Games

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-21 au 2009-01-21 ))))))))))))))))))))))))))))))))))))

.

 

2009-01-21 17:22 . 2009-01-21 17:22 3,588 --------- c:\windows\system32\winupgro.exe

2009-01-21 15:48 . 2009-01-21 18:49 <REP> d--h----- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers

2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys

2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys

2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys

2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys

2009-01-03 11:21 . 2009-01-03 11:21 <REP> d-------- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\dvdcss

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-21 16:18 --------- d-----w c:\program files\ESET

2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys

2008-12-05 14:42 --------- d-----w c:\program files\Malwarebytes' Anti-Malware

2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2008-12-03 12:59 --------- d-----w c:\program files\Java

2004-07-22 08:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB

2004-07-19 20:58 1,156,363 ----a-w c:\program files\BDANT.cab

2004-07-19 20:53 976,020 ----a-w c:\program files\BDAXP.cab

2004-07-09 12:17 13,265,040 ----a-w c:\program files\dxnt.cab

2004-07-09 07:13 703,080 ----a-w c:\program files\BDA.cab

2004-07-09 07:13 15,493,481 ----a-w c:\program files\DirectX.cab

2004-07-09 02:08 472,576 ----a-w c:\program files\dxsetup.exe

2004-07-09 02:08 2,242,560 ----a-w c:\program files\dsetup32.dll

2004-07-09 01:03 62,976 ----a-w c:\program files\DSETUP.dll

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]

"IntelliType"="c:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

"SiSPower"="SiSPower.dll" [2007-04-10 c:\windows\system32\SiSPower.dll]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\

D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-10-25 262144]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"f:\\eMule\\emule.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

 

R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]

.

Contenu du dossier 'Tâches planifiées'

 

2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-MSMSGS - c:\program files\Messenger\msmsgs.exe

HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://fr.yahoo.com/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-21 18:51:58

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\HP\HP Share-to-Web\hpgs2wnf.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Microsoft LifeCam\MSCamS32.exe

c:\windows\system32\HPZipm12.exe

c:\program files\HP\Digital Imaging\bin\hpqimzone.exe

c:\program files\Analog Devices\SoundMAX\SMAgent.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\program files\HP\Digital Imaging\bin\hpqste08.exe

.

**************************************************************************

.

Heure de fin: 2009-01-21 19:00:27 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-01-21 18:00:25

 

Avant-CF: 34,188,472,320 octets libres

Après-CF: 34,332,356,608 octets libres

 

434 --- E O F --- 2009-01-14 17:03:43

[Apollo]

Tu vas devoir désisntaller ton antivirus et le réinstaller (pas un crack hein!) ; si tu veux un gratuit et efficace, je t'en renseignerai un.

 

Ce sont les cracks qui t'ont "offert" le virus Bagle!

Idem pour MBAM, ton firewall (si tu en as un indépendant de Windows) : désinstaller, réinstaller.

 

Mais avant tout:

 

Ce script a été rédigé spécialement pour cet utilisateur; ne pas l'utiliser sur une autre machine: dangereux!

 

1. Ferme tous les navigateurs ouverts.

 

2. Ferme/désactive tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.

 

3. Ouvre le Bloc-notes et fais un copier/coller du texte situé dans la boîte Citation ci-dessous dans le Bloc-notes:

 

File::

 

c:\windows\system32\winupgro.exe

 

Enregistre le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe

 

 

 

Comme sur l'image ci-dessus, fais glisser CFScript puis dépose-le sur ComboFix.exe

 

Lorsque l'outil aura terminé, il t'affichera un rapport nommé C:\ComboFix.txt que tu devras m'envoyer dans ton prochain message.

 

++

[mayasun]

bonsoir,

je viens de faire ce qui est indique il y a un probleme ,conbofix m indique qu il y a une nouvelle version et puis j ai un son '''' tiiiiipp , il est renomme' badabom' ca n est pas la cause ?

[mayasun]

il y a une fenetre combofix ne trouve pas 32788r22fw5fw\nircmd

 

 

je n ai pourtant plus telecharge de crakcs depuis que j ai ete infecte il y a quelques mois,

je me demande comment bagle est revenu

[Apollo]

Bonjour,

 

32788r22fw5fw\nircmd

 

C'est qu'il a été bloqué quelque-part. Ca appartient à ComboFix et il faut l'autoriser comme précisé dans l'explication d'utilisation.

 

 

je n ai pourtant plus telecharge de crakcs depuis que j ai ete infecte il y a quelques mois,

je me demande comment bagle est revenu

Si tu ne t'es pas débarrassé(e) des cracks et keygen, Bagle est resté sur le pc lors de ta désinfection précédente.

Il est primordial de virer cracks et keygen pour être certain de ne pas garder l'exe de Bagle caché parmi eux.

 

As-tu accepté que ComboFix installe sa nouvelle version? Le renommage n'a pas d'importance, j'ai testé comme ça et CF a installé sa nouvelle version quand-même.

 

Désinstalle CF comme ceci:

 

Désinstalle ComboFix de cette manière en copiant/collant la ligne ci-dessous dans exécuter et valide:

 

badabom /u

 

Vire ces dossiers: C:\Qoobox et C:\ComboFix (ou badabom) puis vide la corbeille. (si tu les trouvais encore).

 

Recommence sans renommer l'outil et refais la première procédure stp.

Poste le rapport. Merci.

 

@++

Modifié le 22 janvier 2009 par Apollo

[mayasun]

ok merci ,

 

 

ComboFix 09-01-21.04 - Martine 2009-01-22 17:26:17.4 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.991.638 [GMT 1:00]

Lancé depuis: c:\documents and settings\Martine.SALON-2BF2F785D\Bureau\ComboFix.exe

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)

* Un nouveau point de restauration a été créé

.

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 ))))))))))))))))))))))))))))))))))))

.

 

2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\program files\Avira

2009-01-22 08:46 . 2009-01-22 08:46 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Avira

2009-01-21 17:22 . 2009-01-21 17:22 3,588 --------- c:\windows\system32\winupgro.exe

2009-01-21 15:48 . 2009-01-21 18:49 <REP> d--h----- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\drivers

2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a------ c:\windows\system32\drivers\mouhid.sys

2009-01-04 15:13 . 2001-08-23 17:04 12,288 --a--c--- c:\windows\system32\dllcache\mouhid.sys

2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys

2009-01-04 15:13 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys

2009-01-03 11:21 . 2009-01-03 11:21 <REP> d-------- c:\documents and settings\Martine.SALON-2BF2F785D\Application Data\dvdcss

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-21 16:18 --------- d-----w c:\program files\ESET

2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys

2008-12-05 14:42 --------- d-----w c:\program files\Malwarebytes' Anti-Malware

2008-12-03 18:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2008-12-03 18:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2008-12-03 12:59 --------- d-----w c:\program files\Java

2008-11-10 04:43 410,984 ----a-w c:\windows\system32\deploytk.dll

2008-10-30 15:50 339,968 ----a-w c:\windows\system32\pythoncom25.dll

2008-10-30 15:50 2,117,632 ----a-w c:\windows\system32\python25.dll

2008-10-30 15:50 114,688 ----a-w c:\windows\system32\pywintypes25.dll

2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll

2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll

2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll

2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll

2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll

2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll

2004-07-22 08:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB

2004-07-19 20:58 1,156,363 ----a-w c:\program files\BDANT.cab

2004-07-19 20:53 976,020 ----a-w c:\program files\BDAXP.cab

2004-07-09 12:17 13,265,040 ----a-w c:\program files\dxnt.cab

2004-07-09 07:13 703,080 ----a-w c:\program files\BDA.cab

2004-07-09 07:13 15,493,481 ----a-w c:\program files\DirectX.cab

2004-07-09 02:08 472,576 ----a-w c:\program files\dxsetup.exe

2004-07-09 02:08 2,242,560 ----a-w c:\program files\dsetup32.dll

2004-07-09 01:03 62,976 ----a-w c:\program files\DSETUP.dll

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"VX3000"="c:\windows\vVX3000.exe" [2007-04-10 709992]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]

"IntelliType"="c:\program files\Microsoft Hardware\Keyboard\type32.exe" [2002-03-22 94208]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Share-to-Web Namespace Daemon"="c:\program files\HP\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

"SiSPower"="SiSPower.dll" [2007-04-10 c:\windows\system32\SiSPower.dll]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\

D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-10-25 262144]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"f:\\eMule\\emule.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

 

R4 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]

.

Contenu du dossier 'Tâches planifiées'

 

2008-11-05 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://fr.yahoo.com/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-22 17:27:49

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]

"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Heure de fin: 2009-01-22 17:29:01

ComboFix-quarantined-files.txt 2009-01-22 16:28:59

ComboFix2.txt 2009-01-22 08:49:25

 

Avant-CF: 34.840.920.064 octets libres

Après-CF: 34,841,350,144 octets libres

 

114 --- E O F --- 2009-01-14 17:03:43

[Apollo]

Bonsoir,

 

Procède à l'opération décrite ici: http://forum.zebulon.fr/index.php?s=&s...t&p=1337869

 

@++