Aller au contenu

musico

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    27

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par musico

  1. musico
    Salut et merci de votre réponse, Voici le rapport de Combofix ComboFix 08-06-12.2 - Admin 2008-06-15 11:24:41.1 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.242 [GMT 2:00] Endroit: D:\Documents and Settings\Admin.XPSP2-8246C1C43\Bureau\combofix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610152248734.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610161119109.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610200241843.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610214833843.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610215851125.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080610221742515.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080611062521765.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080611075651421.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080611123639625.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612061101156.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612073023578.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612074743171.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612075905375.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612125457171.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612125908796.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612131500765.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612201150968.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612211545593.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612224621453.log D:\Documents and Settings\All Users.WINDOWS\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080612225750593.log D:\Program Files\hottvplayer D:\Program Files\hottvplayer\Ogg\ogg.dll D:\Program Files\hottvplayer\Ogg\ogg_demux.dll D:\Program Files\hottvplayer\Ogg\theora_decoder.dll D:\Program Files\hottvplayer\Ogg\vorbis.dll D:\Program Files\hottvplayer\Ogg\vorbis_decoder.dll D:\WINDOWS\cookies.ini D:\WINDOWS\pack.epk D:\WINDOWS\system32\bebueroc.ini D:\WINDOWS\system32\DdJTAyxx.ini D:\WINDOWS\system32\DdJTAyxx.ini2 D:\WINDOWS\system32\diwbpsim.ini D:\WINDOWS\system32\dkopubto.ini d:\windows\system32\Drivers\Winms63.sys D:\WINDOWS\system32\gdnbkoyg.ini D:\WINDOWS\system32\iuygqeo.dat D:\WINDOWS\system32\iuygqeo.exe d:\WINDOWS\system32\iuygqeo_nav.dat D:\WINDOWS\system32\iuygqeo_navps.dat D:\WINDOWS\system32\lwoprsas.ini D:\WINDOWS\system32\mcrh.tmp D:\WINDOWS\system32\netwbix32.dll D:\WINDOWS\system32\nomtccbs.ini D:\WINDOWS\system32\nvs2.inf D:\WINDOWS\system32\olaxpujl.ini D:\WINDOWS\system32\orrprxvv.ini D:\WINDOWS\system32\qqsynecd.ini D:\WINDOWS\system32\tauuvkjj.ini D:\WINDOWS\system32\WinCtrl32.dl_ D:\WINDOWS\system32\WinCtrl32.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_WINMS63 -------\Service_Winms63 ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-15 to 2008-06-15 )))))))))))))))))))))))))))))))))))) . 2008-06-14 11:18 . 2008-06-14 11:18 <REP> d-------- D:\WINDOWS\temp-rp 2008-06-14 11:18 . 2008-06-14 11:18 400 --a------ D:\WINDOWS\RPCD.ini 2008-06-13 21:00 . 2008-06-13 21:27 51,072 --a------ D:\WINDOWS\system32\drivers\fsdfw.sys 2008-06-13 21:00 . 2008-06-13 21:27 30,016 --a------ D:\WINDOWS\system32\drivers\fsndis5.sys 2008-06-13 20:58 . 2008-06-13 20:58 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure 2008-06-13 20:54 . 2008-06-13 20:54 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\fssg 2008-06-13 20:48 . 2008-06-13 20:48 32 --a-s---- D:\WINDOWS\system32\2742944188.dat 2008-06-13 12:09 . 2008-06-13 12:09 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion 2008-06-13 11:47 . 2008-06-13 11:47 <REP> d-------- D:\Program Files\Yahoo! 2008-06-13 11:46 . 2008-06-13 11:46 <REP> d-------- D:\Program Files\CCleaner 2008-06-13 09:59 . 2008-06-13 09:59 93,056 --a------ D:\WINDOWS\system32\dcenysqq.0ll 2008-06-13 00:11 . 2008-06-13 00:11 <REP> d-------- D:\WINDOWS\system32\AlertModule 2008-06-12 23:22 . 2007-09-25 19:31 65,536 --a------ D:\WINDOWS\system32\Autodial2000.dll 2008-06-12 23:21 . 2008-06-12 23:21 <REP> d-------- D:\Program Files\Orange 2008-06-12 23:21 . 2003-09-23 11:38 34,688 --a------ D:\WINDOWS\system32\pcampr5.sys 2008-06-12 23:20 . 2008-06-12 23:20 <REP> d-------- D:\Program Files\Fichiers communs\France Telecom 2008-06-12 23:20 . 2003-03-19 04:05 89,088 --a------ D:\WINDOWS\system32\atl71.dll 2008-06-12 23:16 . 2008-06-12 23:16 <REP> d-------- D:\Program Files\SAGEM 2008-06-12 21:14 . 2008-06-12 21:14 <REP> d--hs---- D:\FOUND.013 2008-06-11 12:34 . 2008-06-11 12:34 <REP> d--hs---- D:\FOUND.012 2008-06-10 20:07 . 2008-06-10 20:07 322,432 --a------ D:\WINDOWS\system32\xxyATJdD.0ll 2008-06-10 16:11 . 2008-06-12 06:11 0 --a------ D:\WINDOWS\system32\ieupdates.exe.tmp 2008-06-10 15:22 . 2008-06-10 15:22 <REP> d-------- D:\Program Files\AbsoluteTransfer 2008-06-10 14:11 . 2008-06-10 14:11 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\Nero 2008-06-10 13:39 . 2008-06-10 03:28 315,392 --a------ D:\WINDOWS\xkefqtgs.0ll 2008-06-10 13:39 . 2008-06-10 03:28 188,416 --a------ D:\WINDOWS\rtsplgob.0ll 2008-06-10 13:39 . 2008-06-10 03:28 176,128 --a------ D:\WINDOWS\esrt.0xe 2008-06-10 13:39 . 2008-06-10 03:28 143,360 --a------ D:\WINDOWS\pebgkxwq.0xe 2008-06-10 13:39 . 2008-06-10 13:39 29,312 --a------ D:\WINDOWS\system32\wvUlmmjH.0ll 2008-06-10 13:39 . 2008-06-10 13:40 29,312 --a------ D:\WINDOWS\system32\jkkLDVNH.0ll 2008-06-01 18:40 . 2008-06-01 18:40 <REP> d-------- D:\Program Files\PHOTOCITE Collection 2008-06-01 18:40 . 2008-06-01 18:49 44,614 --a------ D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\mdb.bin 2008-05-26 18:19 . 2008-05-26 18:19 <REP> d-------- D:\Program Files\eMule 2008-05-25 08:35 . 2008-06-12 22:05 182 --a------ D:\WINDOWS\NeroDigital.ini 2008-05-24 23:27 . 2008-05-24 23:27 <REP> d-------- D:\Program Files\MSXML 4.0 2008-05-23 22:56 . 2008-05-23 22:56 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Elaborate Bytes 2008-05-23 15:52 . 2008-05-23 15:52 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\SlySoft 2008-05-23 15:50 . 2008-05-23 15:50 <REP> d-------- D:\Program Files\SlySoft 2008-05-23 15:46 . 2008-05-23 15:46 72 ---hs---- D:\WINDOWS\S90016F46.tmp 2008-05-23 15:45 . 2008-05-23 15:45 <REP> d-------- D:\Program Files\Elaborate Bytes 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Program Files\Nero 2008-05-23 15:16 . 2008-05-23 15:16 <REP> d-------- D:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2008-05-23 15:08 . 2008-05-23 15:08 <REP> d-------- D:\Program Files\AskTBar 2008-05-20 20:03 . 2008-05-20 20:03 <REP> d-------- D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\vlc 2008-05-20 19:31 . 2008-05-20 19:31 <REP> d-------- D:\Program Files\VideoLAN . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-19 20:38 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\ItsLabel 2008-04-19 05:56 --------- d-----w D:\Program Files\EoRezo 2008-04-19 05:56 --------- d-----w D:\Documents and Settings\Admin.XPSP2-8246C1C43\Application Data\EoRezo 2008-03-25 04:51 621,344 ----a-w D:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 621,344 ------w D:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w D:\WINDOWS\system32\msjint40.dll 2008-03-25 04:51 194,144 ------w D:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w D:\WINDOWS\system32\win32k.sys 2008-03-20 08:09 1,845,376 ------w D:\WINDOWS\system32\dllcache\win32k.sys 2008-03-18 17:15 3,858,985 ----a-w D:\Program Files\eMule0.48a-Installer.exe 2007-12-23 17:00 18,764,248 ----a-w D:\Program Files\setupfre.exe 2007-11-21 10:41 2,044,091 ----a-w D:\Program Files\LimeWireAccelerationPatch_installer.exe 2007-11-01 19:49 13,411,824 ----a-w D:\Program Files\Google_Earth_BZXD.exe . ------- Sigcheck ------- 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\drivers\tcpip.sys 2007-10-30 18:20 360064 ecf02439fd31bbd0dbc2ec05600cf08a D:\WINDOWS\system32\dllcache\tcpip.sys 2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e4000b62-fa5d-4b39-b254-0a4c485aaf11}] 2008-04-27 10:48 1470488 --a------ D:\Program Files\download-boosters\tbdow1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{E4000B62-FA5D-4B39-B254-0A4C485AAF11}"= "D:\Program Files\download-boosters\tbdow1.dll" [2008-04-27 10:48 1470488] [HKEY_CLASSES_ROOT\clsid\{e4000b62-fa5d-4b39-b254-0a4c485aaf11}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{E4000B62-FA5D-4B39-B254-0A4C485AAF11}"= D:\Program Files\download-boosters\tbdow1.dll [2008-04-27 10:48 1470488] [HKEY_CLASSES_ROOT\clsid\{e4000b62-fa5d-4b39-b254-0a4c485aaf11}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOKIT"="D:\PROGRA~1\WANADOO\Shell.exe" [2004-08-23 14:50 122880] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872] "AnyDVD"="D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 07:42 2075584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SystrayORAHSS"="D:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208] "ORAHSSSessionManager"="D:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400] "WOOWATCH"="D:\PROGRA~1\WANADOO\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="D:\PROGRA~1\WANADOO\GestMaj.exe" [2004-10-14 16:55 32768] "F-Secure Manager"="D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.exe" [2007-06-13 15:58 176177] "F-Secure TNB"="D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Config"="D:\WINDOWS\system32\run.cmd" [2005-08-23 11:24 341] "nlsf"="cmd.exe" [2004-08-19 16:09 400896 D:\WINDOWS\system32\cmd.exe] "tscuninstall"="D:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 17:52 44544] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUlmmjH] wvUlmmjH.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winqx16.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\eMule\\EMULE.EXE"= "D:\\Program Files\\iTunes\\iTunes.exe"= "D:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"= R0 FSFW;F-Secure Firewall Driver;D:\WINDOWS\system32\drivers\fsdfw.sys [2008-06-13 21:27] R1 F-Secure HIPS;F-Secure HIPS;D:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-06-13 21:24] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] R3 SOFTXG;YAMAHA XG SoftSynthesizer;D:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 08:34] S4 F-Secure Filter;F-Secure File System Filter;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] *Newly Created Service* - EVENTLOGDCOMLAUNCHHELPSVC . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-06-06 05:34:10 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - D:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-15 11:28:51 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventlogDcomLaunch] "ImagePath"="ð%€|x\01\09 srv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventlogDcomLaunchhelpsvc] "ImagePath"="ð%€|x\01\09 srv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystemBITS] "ImagePath"="ð%€|x\01\09 srv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanserverAudioSrv] "ImagePath"="ð%€|x\01\09 srv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NlaVSS] "ImagePath"="ð%€|x\01\09 srv" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmtEventlog] "ImagePath"="ð%€|x\01\09 srv" . ------------------------ Other Running Processes ------------------------ . D:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32ST.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSGK32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMA32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\FRANCE TELECOM\SHARED MODULES\FTRTSVC\0\FTRTSVC.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FSMB32.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE D:\WINDOWS\SYSTEM32\ALERTMODULE\ALERTM~1.EXE D:\PROGRAM FILES\ORANGE\LAUNCHER\LAUNCHER.EXE D:\PROGRAM FILES\WANADOO\TASKBARICON.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FCH32.EXE D:\WINDOWS\SYSTEM32\WDFMGR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\COMMON\FAMEH32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSQH.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSGUI\FSGUIDLL.EXE D:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXINGSERVICE.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\ANTI-VIRUS\FSSM32.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSAUA.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FWES\PROGRAM\FSDFWD.EXE D:\PROGRAM FILES\FICHIERS COMMUNS\AHEAD\LIB\NMINDEXSTORESVR.EXE D:\PROGRAM FILES\ORANGE\ANTIVIRUSFIREWALL\FSAUA\PROGRAM\FSUS.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-15 11:30:46 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-15 09:30:40 Pre-Run: 9,856,491,520 octets libres Post-Run: 9,895,993,344 octets libres 260 --- E O F --- 2008-05-24 21:28:02
  2. musico
    Bonsoir à tous, Mon PC rame un peu et à de temps en temps un comportement bizzare (fenêtres qui se ferment toute seule, fenêtres pop up, problène de connection avec internet explorer), j'ai donc fais un rapport Hijackthis est-ce quelqu'un pourrait m'aider à résoudre mon problème? Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:31:12, on 14/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Orange\Systray\SystrayApp.exe D:\PROGRA~1\WANADOO\TaskBarIcon.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE D:\Program Files\Orange\Launcher\Launcher.exe D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe D:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE D:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe D:\PROGRA~1\WANADOO\GestionnaireInternet.exe D:\windows\system32\iuygqeo.exe D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe D:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE D:\PROGRA~1\WANADOO\ComComp.exe D:\Program Files\Microsoft Office\Office\OSA.EXE D:\PROGRA~1\WANADOO\Toaster.exe D:\PROGRA~1\WANADOO\Inactivity.exe D:\PROGRA~1\WANADOO\PollingModule.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe D:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe D:\Program Files\Internet Explorer\iexplore.exe D:\PROGRA~1\WANADOO\Watch.exe D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe D:\WINDOWS\System32\svchost.exe D:\PROGRA~1\WANADOO\WOOBrowser\WOOBrowser.exe D:\DOCUME~1\ADMIN~1.XPS\Bureau\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\WANADOO\SEARCH~1.DLL R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AbsoluteTransfer Class - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - D:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll O2 - BHO: (no name) - {36E3E9FF-DF74-4753-A1FD-8AAF160DE4E7} - (no file) O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: (no name) - {70F76008-A8D9-4d5f-ABB7-3395612738F8} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: P2P Torrent Toolbar - {e4000b62-fa5d-4b39-b254-0a4c485aaf11} - D:\Program Files\download-boosters\tbdow1.dll O2 - BHO: (no name) - {EBE27D06-C936-40DF-972C-40693B782D90} - (no file) O3 - Toolbar: P2P Torrent Toolbar - {e4000b62-fa5d-4b39-b254-0a4c485aaf11} - D:\Program Files\download-boosters\tbdow1.dll O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O3 - Toolbar: (no name) - {0939FF27-A717-4F67-96B5-555F9510F17F} - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [systrayORAHSS] "D:\Program Files\Orange\Systray\SystrayApp.exe" O4 - HKLM\..\Run: [ORAHSSSessionManager] D:\Program Files\Orange\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [WOOKIT] D:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AnyDVD] D:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [iuygqeo] d:\windows\system32\iuygqeo.exe iuygqeo O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user') O4 - Global Startup: Microsoft Recherche accélérée.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Démarrage d'Office.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Humour Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O9 - Extra 'Tools' menuitem: Humour Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O15 - Trusted Zone: http://www.orange.fr O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1193861332750 O20 - Winlogon Notify: WinCtrl32 - D:\WINDOWS\SYSTEM32\WinCtrl32.dll O20 - Winlogon Notify: wvUlmmjH - wvUlmmjH.dll (file missing) O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Journal des événements EventlogDcomLaunch (EventlogDcomLaunch) - Unknown owner - D:\WINDOWS\ O23 - Service: Système d'événements de COM+ EventSystemBITS (EventSystemBITS) - Unknown owner - D:\WINDOWS\ O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - D:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Serveur lanmanserverAudioSrv (lanmanserverAudioSrv) - Unknown owner - D:\WINDOWS\ O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NLA (Network Location Awareness) NlaVSS (NlaVSS) - Unknown owner - D:\WINDOWS\ O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Infrastructure de gestion Windows winmgmtEventlog (winmgmtEventlog) - Unknown owner - D:\WINDOWS\ -- End of file - 9147 bytes
×
×
  • Créer...