Aller au contenu

galsenpape

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais -anglais

galsenpape's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. galsenpape
    j ai des problemes avec ma connexion wifi( je peut pas voir les reseaux sans fil disponible).comme reponse j ai windows ne peut pas confugurer votre connexion sans fil(article 871122) et jai instalé combofix;voici le rapport. merci de m aider svp ComboFix 08-05-01.3 - secretariat cctm 2008-05-05 13:23:55.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.102 [GMT 1:00] Endroit: C:\Documents and Settings\secretariat cctm\Bureau\killer.exe Command switches used :: C:\Documents and Settings\secretariat cctm\Bureau\WinXP_FR_PRO_BF.EXE * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\install\install.exe C:\WINDOWS\system32\_000012_.tmp.dll C:\WINDOWS\system32\ban_list.txt C:\WINDOWS\system32\drivers\downld C:\WINDOWS\system32\drivers\downld\105593.exe C:\WINDOWS\system32\drivers\downld\111078.exe C:\WINDOWS\system32\drivers\downld\128265.exe C:\WINDOWS\system32\drivers\downld\154000.exe C:\WINDOWS\system32\drivers\downld\194250.exe C:\WINDOWS\system32\drivers\downld\199437.exe C:\WINDOWS\system32\drivers\downld\202843.exe C:\WINDOWS\system32\drivers\downld\207781.exe C:\WINDOWS\system32\drivers\downld\216140.exe C:\WINDOWS\system32\drivers\downld\225734.exe C:\WINDOWS\system32\drivers\downld\249812.exe C:\WINDOWS\system32\drivers\downld\258265.exe C:\WINDOWS\system32\drivers\downld\289921.exe C:\WINDOWS\system32\drivers\downld\290218.exe C:\WINDOWS\system32\drivers\downld\444187.exe C:\WINDOWS\system32\drivers\downld\491046.exe C:\WINDOWS\system32\drivers\downld\509265.exe C:\WINDOWS\system32\drivers\downld\523500.exe C:\WINDOWS\system32\drivers\downld\541296.exe C:\WINDOWS\system32\drivers\downld\574562.exe C:\WINDOWS\system32\drivers\downld\575187.exe C:\WINDOWS\system32\drivers\downld\617953.exe C:\WINDOWS\system32\drivers\downld\638062.exe C:\WINDOWS\system32\drivers\downld\762921.exe C:\WINDOWS\system32\drivers\downld\773843.exe C:\WINDOWS\system32\drivers\hldrrr.exe C:\WINDOWS\system32\drivers\mdelk.exe C:\WINDOWS\system32\drivers\srosa.sys C:\WINDOWS\system32\drivers\Xprotector.sys C:\WINDOWS\system32\mdelk.exe C:\WINDOWS\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SROSA -------\Legacy_XPROTECTOR -------\Service_XPROTECTOR ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-05 to 2008-05-05 )))))))))))))))))))))))))))))))))))) . 2008-05-05 13:30 . 2008-05-05 13:30 <REP> d-------- C:\WINDOWS\system32\drivers\downld 2008-05-05 13:22 . 2008-05-05 13:22 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG 2008-05-05 11:31 . 2008-05-05 11:31 <REP> d-------- C:\Program Files\Alwil Software 2008-05-05 09:36 . 2008-05-05 09:37 <REP> d-------- C:\Program Files\mine22 2008-05-02 10:27 . 2008-05-02 10:27 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-05-02 10:27 . 2008-05-02 10:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-04-30 15:06 . 2008-04-30 15:06 <REP> d-------- C:\Program Files\Search Settings 2008-04-30 15:06 . 2008-04-30 15:06 <REP> d-------- C:\Program Files\FLV Player 2008-04-30 15:06 . 2008-04-30 15:06 <REP> d-------- C:\Program Files\Fichiers communs\DVDVideoSoft 2008-04-30 15:05 . 2008-04-30 15:05 <REP> d-------- C:\Program Files\ANI 2008-04-30 14:12 . 2008-04-30 15:06 <REP> d-------- C:\Documents and Settings\secretariat cctm\Application Data\Search Settings 2008-04-30 11:29 . 2008-05-05 11:36 3,284 --a------ C:\WINDOWS\system32\ANIWZCS{DC2194BA-F440-4E6F-9405-632CB513B03A} 2008-04-30 09:21 . 2008-05-05 11:36 17 --a------ C:\WINDOWS\system32\ANIWZCSUSERNAME{DC2194BA-F440-4E6F-9405-632CB513B03A} 2008-04-30 09:16 . 2005-03-28 17:49 137 --a------ C:\WINDOWS\system32\DWLAB.DAT 2008-04-29 09:02 . 2008-04-30 14:58 <REP> d-------- C:\Program Files\Fichiers communs\DVDVideoSoft(2) 2008-04-24 09:58 . 2008-04-30 15:03 <REP> d-------- C:\Program Files\Flash Movie Player 2008-04-22 10:57 . 2008-04-30 15:04 <REP> d-------- C:\Documents and Settings\secretariat cctm\Application Data\VMNTOOLBAR 2008-04-22 09:55 . 2008-04-22 09:55 <REP> d-------- C:\Documents and Settings\secretariat cctm\Application Data\AVSMedia 2008-04-18 16:33 . 2008-04-18 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2008-04-18 14:54 . 2008-04-22 10:02 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia 2008-04-17 13:49 . 2008-04-17 13:49 <REP> d-------- C:\WINDOWS\Replay Media Catcher 2008-04-17 13:45 . 2008-04-17 13:48 4,265,560 --a------ C:\Program Files\FLV PlayerRCATSetup.exe 2008-04-17 13:44 . 2008-04-17 13:44 <REP> d-------- C:\WINDOWS\Applian FLV Player 2008-04-16 17:14 . 2005-10-13 13:42 208,500 --a------ C:\WINDOWS\system32\ReyXpBasics.tlb 2008-04-16 17:14 . 2004-03-09 01:00 84,512 --a------ C:\WINDOWS\system32\PICCLP32.OCX 2008-04-16 17:14 . 2005-09-28 02:31 24,576 --a------ C:\WINDOWS\system32\ControlSubX.ocx 2008-04-16 17:14 . 1998-07-13 01:00 9,728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL 2008-04-09 16:23 . 2008-04-09 16:23 <REP> d-------- C:\Documents and Settings\secretariat cctm\Application Data\3DFA 2008-04-09 15:10 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe 2008-04-09 11:33 . 2008-04-09 11:33 <REP> d-------- C:\Program Files\Google 2008-04-08 08:32 . 2008-04-08 08:32 <REP> d-------- C:\Documents and Settings\secretariat cctm\Application Data\CA 2008-04-07 13:07 . 2008-04-30 15:04 <REP> d-------- C:\Program Files\PimpFish 2008-04-07 11:03 . 2008-04-07 11:03 372,736 --a------ C:\WINDOWS\FLASH1.scr 2008-04-07 10:50 . 2005-10-10 12:38 933,888 --a------ C:\WINDOWS\system32\Flash.ocx 2008-04-07 10:50 . 2005-07-16 10:36 77,824 --a------ C:\WINDOWS\system32\Wavdest.ax . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-02 08:50 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-30 14:23 --------- d-----w C:\Program Files\D-Link 2008-04-30 14:05 --------- d-----w C:\Program Files\Macromedia 2008-04-30 14:05 --------- d-----w C:\Program Files\Fichiers communs\Macromedia 2008-04-30 07:15 --------- d-----w C:\Program Files\eMule 2008-04-21 08:53 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\Image Zone Express 2008-04-09 14:32 --------- d-----w C:\Program Files\WinISO 2008-04-02 13:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-04-01 15:46 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-04-01 15:46 249,856 ------w C:\WINDOWS\Setup1.exe 2008-04-01 14:46 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\AdobeUM 2008-03-31 13:01 --------- d-----w C:\Program Files\Intuisphere 2008-03-28 09:51 --------- d-----w C:\Program Files\Java 2008-03-26 07:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision 2008-03-26 07:54 --------- d-----w C:\Program Files\Fichiers communs\Macromedia Shared 2008-03-25 15:33 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-03-25 11:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zabersoft 2008-03-18 15:41 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\LogoMaker 2008-03-17 14:02 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\Serif 2008-03-17 08:49 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-03-14 07:28 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\VCOM 2008-03-14 07:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\VCOM 2008-03-12 12:33 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\Nvu 2008-03-12 09:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Icon Constructor 3 2008-03-12 09:48 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\gtk-2.0 2008-03-11 13:31 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\Talkback 2008-03-11 13:25 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\SmartDraw 2008-03-11 12:31 --------- d-----w C:\Documents and Settings\secretariat cctm\Application Data\FileZilla 2008-03-07 09:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\EwisoftWeb 2008-03-06 16:34 --------- d-----w C:\Program Files\Fichiers communs\Adobe . ------- Sigcheck ------- 2005-03-02 19:20 578048 c34920eb988ce98910bd6b0417f334eb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll 2007-03-08 16:50 579072 4d88aaf39adabfe45958ea1384e2c4ff C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll 2004-08-04 01:54 578048 e46fb493e3b33704f0715020cf52106b C:\WINDOWS\$NtUninstallKB890859$\user32.dll 2005-03-02 19:10 578048 0df75fb73f705b011630159a43d7c354 C:\WINDOWS\$NtUninstallKB925902$\user32.dll 2007-03-08 16:37 578560 753354f594809a9b96f73999b435a533 C:\WINDOWS\system32\user32.dll 2007-03-08 16:37 578560 753354f594809a9b96f73999b435a533 C:\WINDOWS\system32\dllcache\user32.dll 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2004-08-18 10:22 359040 27a5959c94ee173a063ca06bd14f021a C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\system32\dllcache\tcpip.sys 2007-10-30 18:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\system32\drivers\tcpip.sys 2005-03-02 19:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe 2007-02-28 17:08 2061440 7a56a64eb50399613587e90292dd2aab C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe 2005-03-02 19:07 2058880 73fa9c95d235844a36968c7852c7dbdd C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe 2007-02-28 17:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe 2007-02-28 17:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\system32\ntkrnlpa.exe 2007-02-28 17:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2005-03-02 19:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2007-02-28 17:08 2184192 8e244108562e0e452eb68dff64cb08a9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe 2005-03-02 19:08 2181376 63729dd0f2aae36cc52b89c05505146c C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe 2007-02-28 17:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe 2007-02-28 17:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\system32\ntoskrnl.exe 2007-02-28 17:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2007-06-13 14:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\explorer.exe 2007-06-13 14:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-22 23:35 1036288 998f3f568f6074a35ab08cd3395a9dc2 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 2007-06-13 14:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\system32\dllcache\explorer.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] 2008-02-06 17:47 1160544 --a------ C:\Program Files\Search Settings\kb126\SearchSettings.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:54 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-06-12 07:01 688128] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-01 16:59 49152] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 21:16 39792] "SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-02-06 17:47 1036640] "D-Link AirPlus XtremeG"="C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe" [2006-06-16 10:24 1323008] "avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2008-05-05 13:25 98352] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\eMule\\emule.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\English\\setup.exe"= S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys [2006-05-11 13:11] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e99b5ce-182b-11dd-8607-0002b3ade6b2}] \Shell\AutoRun\command - E:\nideiect.com \Shell\explore\Command - E:\nideiect.com \Shell\open\Command - E:\nideiect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba1c0f5d-c989-11dc-96a7-0002b3ade6b2}] \Shell\AutoRun\command - fooool.exe \Shell\explore\Command - fooool.exe \Shell\open\Command - fooool.exe . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-05 13:30:34 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-05 13:33:56 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-05 12:33:49 Pre-Run: 5,906,206,720 octets libres Post-Run: 6,371,082,240 octets libres WinXP_FR_PRO_BF.EXE [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons 231 --- E O F --- 2008-04-09 09:31:45
×
×
  • Créer...