Aller au contenu

fulton

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    30

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par fulton

  1. fulton
    Voici le rapport: C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\yazzsnet.exe moved successfully. C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~uavsetup.exe moved successfully. File/Folder C:\Program Files\Fichiers communs\AVSystemCare not found. C:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe moved successfully. C:\QooBox\Quarantine\Registry_backups moved successfully. C:\QooBox\Quarantine\D moved successfully. C:\QooBox\Quarantine\C\WINDOWS\Downloaded Program Files moved successfully. C:\QooBox\Quarantine\C\WINDOWS\DOBE~1\Аdobe moved successfully. C:\QooBox\Quarantine\C\WINDOWS\DOBE~1 moved successfully. C:\QooBox\Quarantine\C\WINDOWS moved successfully. C:\QooBox\Quarantine\C\temp\sanR24 moved successfully. C:\QooBox\Quarantine\C\temp\1cb moved successfully. C:\QooBox\Quarantine\C\temp moved successfully. C:\QooBox\Quarantine\C\Program Files\Outerinfo\FF moved successfully. C:\QooBox\Quarantine\C\Program Files\Outerinfo moved successfully. C:\QooBox\Quarantine\C\Program Files\NetMeeting moved successfully. C:\QooBox\Quarantine\C\Program Files moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Menu Démarrer moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com\support moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\macromedia.com moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com\Emerp\Events\flash_object.swf moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com\Emerp\Events moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com\Emerp moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects\U4HB2AYR moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player\#SharedObjects moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia\Flash Player moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire\Application Data moved successfully. C:\QooBox\Quarantine\C\Documents and Settings\Compaq_Propriétaire moved successfully. C:\QooBox\Quarantine\C\Documents and Settings moved successfully. C:\QooBox\Quarantine\C\ComboFix[1] moved successfully. C:\QooBox\Quarantine\C\ComboFix moved successfully. C:\QooBox\Quarantine\C moved successfully. C:\QooBox\Quarantine moved successfully. C:\QooBox\BackEnv moved successfully. C:\QooBox moved successfully. File/Folder not found. OTMoveIt2 v1.0.20 log created on 03092008_142240 Par contre j'ai toujours des éléments en quarantaine est ce normal?? merci
  2. fulton
    Bonsoir voici le scan , j'ai entendu parler du reformatage est ce necessaire? merci encore de ton aide ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, March 09, 2008 12:34:36 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 8/03/2008 Kaspersky Anti-Virus database records: 615488 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 75911 Number of viruses found: 6 Number of infected objects: 15 Number of suspicious objects: 0 Duration of the scan process: 01:19:44 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fdbffbf9ccc3d97bf49d42391fa706a8_3ae277af-39d7-4aba-b708-738769a82dbf Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Historique\History.IE5\MSHist012008030820080309\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\NI.UGA6P_0001_N122M2802\setup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\yazzsnet.exe/data0003 Infected: Trojan.Win32.Scapur.k skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\yazzsnet.exe NSIS: infected - 1 skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~DF13B9.tmp Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~DF13C7.tmp Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~DFD78.tmp Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~uavsetup.exe/file70 Infected: not-a-virus:Downloader.Win32.WinFixer.cv skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\~uavsetup.exe Inno: infected - 1 skipped C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Compaq_Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped C:\Program Files\Fichiers communs\AVSystemCare\bm.exe Infected: not-a-virus:Downloader.Win32.WinFixer.cv skipped C:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe Infected: Trojan.Win32.Scapur.k skipped C:\QooBox\Quarantine\C\Program Files\NetMeeting\lusaba89104.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.d skipped C:\QooBox\Quarantine\C\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M1202NetInstaller.exe.vir Infected: not-a-virus:Downloader.Win32.WinFixer.ep skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP13\A0005133.exe Infected: Trojan.Win32.Scapur.k skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP13\A0005135.exe/file70 Infected: not-a-virus:Downloader.Win32.WinFixer.cv skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP13\A0005135.exe Inno: infected - 1 skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP13\change.log Object is locked skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP6\A0001561.dll Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP6\A0001563.exe Infected: Trojan.Win32.Scapur.k skipped C:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP8\A0002128.dll Infected: not-a-virus:AdWare.Win32.TTC.d skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{422D9C6E-6A20-44E2-9B8A-B3D0B96257B3}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_624.dat Object is locked skipped C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped D:\System Volume Information\_restore{88F0EC16-5093-454D-BD2D-4DD02919E000}\RP13\change.log Object is locked skipped Scan process completed.
  3. fulton
    Salut donc j'ai fait comme tu m'a dit et voila le nouveau scan : ComboFix 08-03-06.4 - Compaq_Propriétaire 2008-03-07 21:35:49.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.125 [GMT 1:00] Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Compaq_PropriÚtaire\Bureau\CFScript.txt * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Démarrage\DW_Start.lnk C:\WINDOWS\Downloaded Program Files\UGA6PV_0001_N122M1202NetInstaller.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-07 to 2008-03-07 )))))))))))))))))))))))))))))))))))) . 2008-03-07 19:35 . 2008-03-07 19:35 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe 2008-03-07 19:35 . 2008-03-07 19:35 9,344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2008-03-07 19:35 . 2008-03-07 19:35 8,320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2008-03-07 19:35 . 2008-03-07 19:35 6,272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys 2008-03-07 19:27 . 2008-03-07 19:27 <REP> d-------- C:\Program Files\CCleaner 2008-03-07 16:07 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2008-03-07 16:04 . 2007-02-03 18:44 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys 2008-03-07 15:30 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico 2008-03-07 15:29 . 2008-03-07 15:30 <REP> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs 2008-03-07 15:27 . 2008-03-07 15:27 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers 2008-03-07 15:27 . 2008-03-07 15:27 <REP> d-------- C:\WINDOWS\LastGood 2008-03-07 15:27 . 2005-08-30 01:49 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys 2008-03-07 15:27 . 2005-08-30 01:47 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys 2008-03-07 15:27 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Driver.ico 2008-03-07 15:27 . 2005-08-30 01:49 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys 2008-03-07 15:27 . 2005-08-30 01:49 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys 2008-03-07 15:27 . 2005-08-30 01:49 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys 2008-03-07 15:27 . 2005-08-30 01:47 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys 2008-03-07 15:27 . 2005-08-30 01:47 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys 2008-03-07 12:42 . 2008-03-07 12:47 <REP> d-------- C:\ComboFix[1] 2008-03-07 01:21 . 2008-03-07 01:21 102 --a------ C:\WINDOWS\wininit.ini 2008-03-07 00:57 . 2004-06-02 08:54 7,406 --a------ C:\WINDOWS\system32\doc.ico 2008-03-07 00:51 . 2008-03-07 00:49 691,545 --a------ C:\WINDOWS\unins000.exe 2008-03-07 00:49 . 2008-03-07 16:07 <REP> dr-hsc--- C:\WINDOWS\system32\dllcache 2008-03-07 00:49 . 2008-03-07 00:54 <REP> dr------- C:\WINDOWS\system32\config\systemprofile\Menu Démarrer 2008-03-06 19:56 . 2006-05-05 10:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys 2008-03-06 18:26 . 2008-03-06 18:27 <REP> d--h----- C:\WINDOWS\msdownld.tmp 2008-03-06 18:25 . 2008-03-06 18:25 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-03-06 18:03 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-03-06 17:46 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-03-06 17:46 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-03-06 17:46 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-03-06 17:46 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-03-06 17:45 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-03-06 17:45 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-03-06 17:45 . 2003-03-18 20:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2008-03-06 17:45 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-03-06 17:45 . 2003-02-21 04:42 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2008-03-06 17:45 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-03-06 17:45 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-03-06 17:18 . 2004-08-05 11:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-03-06 17:18 . 2008-03-06 17:18 3,644 -rahs---- C:\WINDOWS\system32\drivers\HP_PN100AA-ABF SR1228FR FR440_YC_Pres_QCZB448_E44FRheREF2_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_W2_L40C_M512_J160_7AMD_8Sempron 3000+_92_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G10DE0322.MRK 2008-03-06 17:17 . 2004-01-02 01:04 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\WINDOWS 2008-03-06 17:17 . 2004-01-02 01:04 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\WINDOWS 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage réseau 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage réseau 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage d'impression 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage d'impression 2008-03-06 17:17 . 2008-03-06 17:22 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Modèles 2008-03-06 17:17 . 2008-03-06 17:22 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Modèles 2008-03-06 17:17 . 2008-03-07 19:33 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Mes documents 2008-03-06 17:17 . 2008-03-07 19:33 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Mes documents 2008-03-06 17:17 . 2008-03-06 21:22 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer 2008-03-06 17:17 . 2008-03-06 21:22 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer 2008-03-06 17:17 . 2008-03-07 01:25 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Favoris 2008-03-06 17:17 . 2008-03-07 01:25 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Favoris 2008-03-06 17:17 . 2008-03-07 21:35 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Bureau 2008-03-06 17:17 . 2008-03-07 21:35 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Bureau 2008-03-06 17:17 . 2004-01-01 21:38 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Symantec 2008-03-06 17:17 . 2004-01-02 01:38 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SampleView 2008-03-06 17:17 . 2008-03-06 17:19 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Intervideo 2008-03-06 17:17 . 2008-03-06 17:19 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Apple Computer 2008-03-06 17:15 . 2004-01-02 01:04 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\WINDOWS 2008-03-06 17:15 . 2004-01-01 21:38 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2008-03-06 17:15 . 2004-01-02 01:38 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\SampleView 2008-03-06 17:15 . 2004-01-02 00:55 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Intervideo 2008-03-06 17:15 . 2004-01-02 01:04 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Apple Computer 2008-03-06 17:15 . 2003-09-10 23:36 21,060 --------- C:\WINDOWS\system32\drivers\iviaspi.sys 2008-03-06 17:15 . 2003-09-19 01:47 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys 2008-03-06 17:12 . 2003-08-01 19:37 1,040 --a------ C:\WINDOWS\system32\drivers\alcxinit.dat 2008-03-06 17:10 . 2004-05-01 01:37 172,032 --a------ C:\WINDOWS\system32\NVUninst.exe 2008-03-06 17:01 . 2004-08-03 23:10 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys 2008-03-06 17:01 . 2004-08-03 23:10 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys 2008-03-06 17:01 . 2001-08-17 21:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2008-03-06 14:49 . 2008-03-06 14:49 <REP> d-------- C:\Program Files\Avira 2008-03-06 14:49 . 2008-03-06 14:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-06 14:39 . 2008-03-06 14:50 <REP> d-------- C:\Program Files\jv16 PowerTools 2008-03-06 00:12 . 2008-03-06 21:20 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-06 00:11 . 2008-03-06 21:20 <REP> d-------- C:\Program Files\Spyware Doctor 2008-03-06 00:04 . 2008-03-06 00:04 <REP> d-------- C:\Program Files\Lavasoft 2008-03-06 00:04 . 2008-03-06 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-03-06 00:03 . 2008-03-06 00:03 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-03-05 20:11 . 2008-03-07 00:51 4,688 --a------ C:\WINDOWS\unins000.dat 2008-03-05 20:07 . 2008-03-05 20:07 <REP> d-------- C:\Program Files\AxBx 2008-03-05 16:41 . 2008-03-05 16:41 <REP> d-------- C:\Program Files\Trend Micro 2008-03-05 15:26 . 2008-03-07 19:36 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-03-05 15:26 . 2008-03-07 19:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-05 15:18 . 2008-03-05 23:48 <REP> d-------- C:\Program Files\The Cleaner Free 2008-03-05 12:36 . 2008-03-07 00:36 <REP> d--hs---- C:\WINDOWS\ZW1pbGllIHBldHJl . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-07 20:17 --------- d-----w C:\Program Files\eMule 2008-03-07 00:21 --------- d-----w C:\Program Files\BearShare 2008-03-06 18:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-03-06 18:37 --------- d-----w C:\Program Files\Symantec 2008-03-06 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-03-06 16:21 --------- d-----w C:\Program Files\Easy Internet signup 2008-03-06 16:18 3,644 --sha-r C:\WINDOWS\system32\drivers\HP_PN100AA-ABF SR1228FR FR440_YC_Pres_QCZB448_E44FRheREF2_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_W2_L40C_M512_J160_7AMD_8Sempron 3000+_92_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G10DE0322.MRK 2008-03-06 16:14 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-06 16:14 --------- d-----w C:\Program Files\InterVideo 2008-03-06 15:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\WholeSecurity 2008-03-06 12:37 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\one gpl 2008-03-06 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Defyroadthirdbody 2008-03-04 13:53 --------- d-----w C:\Program Files\Lx_cats 2008-01-21 16:16 --------- d-----w C:\Program Files\Logitech 2008-01-21 16:16 --------- d-----w C:\Program Files\Fichiers communs\FotoWire 2008-01-21 16:16 --------- d-----w C:\Program Files\directx 2008-01-21 16:16 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\FotoWire 2008-01-21 16:13 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2008-01-21 16:12 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe 2008-01-13 19:25 --------- d-----w C:\Program Files\Macrogaming 2006-12-07 18:23 26,402 -c--a-w C:\Documents and Settings\Compaq_Propriétaire\TB2Categories000.dat 2006-12-07 18:23 26,402 -c--a-w C:\Documents and Settings\Compaq_Propriétaire\TB2Categories000.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 08:07 1667584] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00 15360] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-01-02 00:08 32881] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736] "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 20:02 61440] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-05-11 00:48 286720] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12 4112384] "nwiz"="nwiz.exe" [2004-07-01 23:12 843776 C:\WINDOWS\system32\nwiz.exe] "VTTimer"="VTTimer.exe" [] "SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 09:47 249856] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304] "AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 02:21 50176 C:\WINDOWS\ALCXMNTR.EXE] "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-17 23:31 118784] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Contr“leur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2006-10-25 20:33:56 69632] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-21 17:12:49 169472] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Bit Lord 1.1\\BitLord.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\eMule\\emule.exe"= S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-06 16:21:21 C:\WINDOWS\Tasks\Connexion facile à Internet.job" - C:\Program Files\Easy Internet signup\HPSdpApp.exe "2008-03-06 18:25:33 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-07 21:38:28 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-07 21:39:03 ComboFix-quarantined-files.txt 2008-03-07 20:38:54 ComboFix2.txt 2008-03-07 12:05:59 . 2008-03-07 11:53:34 --- E O F ---
  4. fulton
    Tout d'abord merci pour ton aide . voila le resultat du scan: ComboFix 08-03-06.4 - Compaq_Propriétaire 2008-03-07 13:03:09.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.267 [GMT 1:00] Endroit: C:\Documents and Settings\Compaq_Propriétaire\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Compaq_Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com C:\Documents and Settings\Compaq_Propriétaire\Application Data\macromedia\Flash Player\#SharedObjects\U4HB2AYR\iforex.com\Emerp\Events\flash_object.swf\user_data.sol C:\Documents and Settings\Compaq_Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com C:\Documents and Settings\Compaq_Propriétaire\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol C:\Program Files\NetMeeting\lusaba89104.dll C:\WINDOWS\BM5f949afb.xml . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-07 to 2008-03-07 )))))))))))))))))))))))))))))))))))) . 2008-03-07 12:42 . 2008-03-07 12:47 <REP> d-------- C:\ComboFix[1] 2008-03-07 01:21 . 2008-03-07 01:21 102 --a------ C:\WINDOWS\wininit.ini 2008-03-07 00:57 . 2004-06-02 08:54 7,406 --a------ C:\WINDOWS\system32\doc.ico 2008-03-07 00:51 . 2008-03-07 00:49 691,545 --a------ C:\WINDOWS\unins000.exe 2008-03-07 00:49 . 2008-03-07 12:59 <REP> dr-hsc--- C:\WINDOWS\system32\dllcache 2008-03-07 00:49 . 2008-03-07 00:54 <REP> dr------- C:\WINDOWS\system32\config\systemprofile\Menu Démarrer 2008-03-06 19:56 . 2006-05-05 10:41 453,120 -----c--- C:\WINDOWS\system32\dllcache\mrxsmb.sys 2008-03-06 18:26 . 2008-03-06 18:27 <REP> d--h----- C:\WINDOWS\msdownld.tmp 2008-03-06 18:25 . 2008-03-06 18:25 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-03-06 18:03 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-03-06 17:46 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-03-06 17:46 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-03-06 17:46 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-03-06 17:46 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-03-06 17:45 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-03-06 17:45 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-03-06 17:45 . 2003-03-18 20:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2008-03-06 17:45 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-03-06 17:45 . 2003-02-21 04:42 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll 2008-03-06 17:45 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-03-06 17:45 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-03-06 17:18 . 2004-08-05 11:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-03-06 17:18 . 2008-03-06 17:18 3,644 -rahs---- C:\WINDOWS\system32\drivers\HP_PN100AA-ABF SR1228FR FR440_YC_Pres_QCZB448_E44FRheREF2_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_W2_L40C_M512_J160_7AMD_8Sempron 3000+_92_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G10DE0322.MRK 2008-03-06 17:17 . 2004-01-02 01:04 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\WINDOWS 2008-03-06 17:17 . 2004-01-02 01:04 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\WINDOWS 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage réseau 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage réseau 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage d'impression 2008-03-06 17:17 . 2004-01-01 23:45 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Voisinage d'impression 2008-03-06 17:17 . 2008-03-06 17:22 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Modèles 2008-03-06 17:17 . 2008-03-06 17:22 <REP> d--h----- C:\Documents and Settings\Compaq_Propriétaire\Modèles 2008-03-06 17:17 . 2008-03-07 00:42 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Mes documents 2008-03-06 17:17 . 2008-03-07 00:42 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Mes documents 2008-03-06 17:17 . 2008-03-06 21:22 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer 2008-03-06 17:17 . 2008-03-06 21:22 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer 2008-03-06 17:17 . 2008-03-07 01:25 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Favoris 2008-03-06 17:17 . 2008-03-07 01:25 <REP> dr------- C:\Documents and Settings\Compaq_Propriétaire\Favoris 2008-03-06 17:17 . 2008-03-07 13:01 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Bureau 2008-03-06 17:17 . 2008-03-07 13:01 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Bureau 2008-03-06 17:17 . 2004-01-01 21:38 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Symantec 2008-03-06 17:17 . 2004-01-02 01:38 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\SampleView 2008-03-06 17:17 . 2008-03-06 17:19 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Intervideo 2008-03-06 17:17 . 2008-03-06 17:19 <REP> d-------- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Apple Computer 2008-03-06 17:15 . 2004-01-02 01:04 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\WINDOWS 2008-03-06 17:15 . 2004-01-01 21:38 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Symantec 2008-03-06 17:15 . 2004-01-02 01:38 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\SampleView 2008-03-06 17:15 . 2004-01-02 00:55 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Intervideo 2008-03-06 17:15 . 2004-01-02 01:04 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Apple Computer 2008-03-06 17:15 . 2003-09-10 23:36 21,060 --------- C:\WINDOWS\system32\drivers\iviaspi.sys 2008-03-06 17:15 . 2003-09-19 01:47 10,368 --------- C:\WINDOWS\system32\drivers\pfc.sys 2008-03-06 17:12 . 2003-08-01 19:37 1,040 --a------ C:\WINDOWS\system32\drivers\alcxinit.dat 2008-03-06 17:10 . 2004-05-01 01:37 172,032 --a------ C:\WINDOWS\system32\NVUninst.exe 2008-03-06 17:01 . 2004-08-03 23:10 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys 2008-03-06 17:01 . 2004-08-03 23:10 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys 2008-03-06 17:01 . 2001-08-17 21:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2008-03-06 14:49 . 2008-03-06 14:49 <REP> d-------- C:\Program Files\Avira 2008-03-06 14:49 . 2008-03-06 14:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-06 14:39 . 2008-03-06 14:50 <REP> d-------- C:\Program Files\jv16 PowerTools 2008-03-06 00:12 . 2008-03-06 21:20 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-06 00:11 . 2008-03-06 21:20 <REP> d-------- C:\Program Files\Spyware Doctor 2008-03-06 00:04 . 2008-03-06 00:04 <REP> d-------- C:\Program Files\Lavasoft 2008-03-06 00:04 . 2008-03-06 00:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-03-06 00:03 . 2008-03-06 00:03 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-03-05 20:11 . 2008-03-07 00:51 4,688 --a------ C:\WINDOWS\unins000.dat 2008-03-05 20:07 . 2008-03-05 20:07 <REP> d-------- C:\Program Files\AxBx 2008-03-05 16:41 . 2008-03-05 16:41 <REP> d-------- C:\Program Files\Trend Micro 2008-03-05 15:26 . 2008-03-07 12:37 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-03-05 15:26 . 2008-03-07 12:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-05 15:18 . 2008-03-05 23:48 <REP> d-------- C:\Program Files\The Cleaner Free 2008-03-05 12:36 . 2008-03-07 00:36 <REP> d--hs---- C:\WINDOWS\ZW1pbGllIHBldHJl . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-07 00:21 --------- d-----w C:\Program Files\BearShare 2008-03-06 19:55 --------- d-----w C:\Program Files\eMule 2008-03-06 18:40 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-03-06 18:37 --------- d-----w C:\Program Files\Symantec 2008-03-06 18:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-03-06 16:21 --------- d-----w C:\Program Files\Easy Internet signup 2008-03-06 16:18 3,644 --sha-r C:\WINDOWS\system32\drivers\HP_PN100AA-ABF SR1228FR FR440_YC_Pres_QCZB448_E44FRheREF2_4_IKelut_SASUSTek Computer INC._V2.02_B3.11_T040902_W2_L40C_M512_J160_7AMD_8Sempron 3000+_92_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G10DE0322.MRK 2008-03-06 16:14 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-06 16:14 --------- d-----w C:\Program Files\InterVideo 2008-03-06 15:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\WholeSecurity 2008-03-06 12:37 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\one gpl 2008-03-06 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Defyroadthirdbody 2008-03-04 13:53 --------- d-----w C:\Program Files\Lx_cats 2008-01-21 16:16 --------- d-----w C:\Program Files\Logitech 2008-01-21 16:16 --------- d-----w C:\Program Files\Fichiers communs\FotoWire 2008-01-21 16:16 --------- d-----w C:\Program Files\directx 2008-01-21 16:16 --------- d-----w C:\Documents and Settings\Compaq_Propriétaire\Application Data\FotoWire 2008-01-21 16:13 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2008-01-21 16:12 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe 2008-01-13 19:25 --------- d-----w C:\Program Files\Macrogaming 2006-12-07 18:23 26,402 -c--a-w C:\Documents and Settings\Compaq_Propriétaire\TB2Categories000.dat 2006-12-07 18:23 26,402 -c--a-w C:\Documents and Settings\Compaq_Propriétaire\TB2Categories000.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 08:07 1667584] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00 15360] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-01-02 00:08 32881] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736] "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 20:02 61440] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-05-11 00:48 286720] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12 4112384] "nwiz"="nwiz.exe" [2004-07-01 23:12 843776 C:\WINDOWS\system32\nwiz.exe] "VTTimer"="VTTimer.exe" [] "SiS Windows KeyHook"="C:\WINDOWS\system32\keyhook.exe" [2004-05-20 09:47 249856] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 17:06 88363 C:\WINDOWS\AGRSMMSG.exe] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304] "AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 02:21 50176 C:\WINDOWS\ALCXMNTR.EXE] "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2003-12-17 23:31 118784] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Contr“leur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2006-10-25 20:33:56 69632] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-01-21 17:12:49 169472] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Bit Lord 1.1\\BitLord.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\eMule\\emule.exe"= . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-06 16:21:21 C:\WINDOWS\Tasks\Connexion facile à Internet.job" - C:\Program Files\Easy Internet signup\HPSdpApp.exe "2008-03-06 18:25:33 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-07 13:05:13 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-07 13:05:59 ComboFix-quarantined-files.txt 2008-03-07 12:05:50 . 2008-03-07 11:53:34 --- E O F ---
  5. fulton
    Bonsoir , hier mon ordi a été infesté par plein de virus ( je ne l'ai meme plus compté!!) . Aujourd'hui j'ai fait une réinstallation de systeme a priori tout allait bien quand apres un scan d'avast me dis que j'ai encore 3 virus , je l'ai mis sous quarantaine . Le probleme c'est que c'est les memes virus que j'avais avant de reinstaller le systeme . Comment faire pour les detruire de mon ordi??? J'ai telecharger hijackthis mais je suis incapable de comprendre , spybot, multivirus cleaner. Voici le nom des virus si ca peut aider win32 purityscan q et win32agent ruq merci de votre aide!!
×
×
  • Créer...