Aller au contenu

karinee

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    52

  • Inscription

  • Dernière visite

À propos de karinee

  • Date de naissance 06/08/1971

Profile Information

  • Sexe
    Female
  • Localisation
    picardie

Autres informations

  • Mes langues
    francais

karinee's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. karinee
    voila qui est fait je te remercie pour tout tchao
  2. karinee
    le voili le voila Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:53:05, on 07/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\chachou_2\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing) O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing) O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [showWnd] ShowWnd.exe O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b7823a9b92f64041915fb61f7c1f80a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b7823a9b92f64041915fb61f7c1f80a0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10192 bytes blague à part j'ai toujours ce p;;;;; de msn qui clignotent se faisant passé pour mon amie ki veut m'envoyer un tel de photos; encore deux ou trois fois depuis tout à l'heure, c sur que c pas elle je l'ai appelé en fait il semblerait que le truc se déclanche quand elle se connecte, bon voila mes petits soucis merci à toi
  3. karinee
    bonjour voici le rapport que tu ma demandé par contre la demande de dial msn se déclanche toujours me porposant le téléchergement de photos pourtant j'ai supprimé l'adresse msn de mon amie, encore deux ou trois fois aujourdhui -----------\\ ToolBar S&D 1.0 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : chachou_2 ] [ "C:\Toolbar SD" ] [ Selection : 2 ] [ 06/07/2008 | 21:57:02,20 ] [ PC : POTHIN-E746FB14 ] [ MAJ : 03-07-2008 | 23:30 ] -----------\\ SUPPRESSION Echec ! - C:\Program Files\AskSBar\bar Supprime! - C:\Program Files\AskSBar\SrchAstt Supprime! - C:\Program Files\GamesBar\Localization-French.ini Supprime! - C:\DOCUME~1\CHACHO~1\LOCALS~1\TEMPOR~1\content.IE5\3MBVB53H\1347360587453b35b8848ed[1].jpg Supprime! - C:\DOCUME~1\CHACHO~1\LOCALS~1\TEMPOR~1\content.IE5\52XS36JN\1884896089[1].jpg Supprime! - C:\Program Files\AskSBar Supprime! - C:\Program Files\GamesBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [HKCU\..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] -----------\\ Fin du rapport a 21:59:35,45 merci à toi
  4. karinee
    voici le rapport que tu m'as demandé -----------\\ ToolBar S&D 1.0 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : chachou_2 ] [ "C:\Toolbar SD" ] [ Selection : 1 ] [ 05/07/2008 | 15:16:57,29 ] [ PC : POTHIN-E746FB14 ] [ MAJ : 03-07-2008 | 23:30 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskSBar C:\Program Files\AskSBar\bar C:\Program Files\AskSBar\SrchAstt C:\Program Files\GamesBar C:\Program Files\GamesBar\Localization-French.ini C:\DOCUME~1\CHACHO~1\LOCALS~1\TEMPOR~1\content.IE5\3MBVB53H\1347360587453b35b8848ed[1].jpg C:\DOCUME~1\CHACHO~1\LOCALS~1\TEMPOR~1\content.IE5\52XS36JN\1884896089[1].jpg -----------\\ [HKCU\..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] -----------\\ Fin du rapport a 15:18:1
  5. karinee
    bonjour sisi j'avais redémaré j'ai meme eu peur parceque au redemarrage mon écran est resté noir trés trés longtemps mais la ca va bon voici le rapport demandé merci de ton aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:07:00, on 05/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\CNYHKey.exe C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\chachou_2\Bureau\HiJackThis.exe C:\Documents and Settings\chachou_2\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [showWnd] ShowWnd.exe O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b7823a9b92f64041915fb61f7c1f80a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b7823a9b92f64041915fb61f7c1f80a0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10065 bytes
  6. karinee
    voici le reapport obtenu, il ete marqué à un moment qu'ilne trouvait pas certains fichiers puis fichiers suspects merci de ton aide MSNFix 1.732 C:\Documents and Settings\chachou_2\Bureau\MSNFix Fix exécuté le 04/07/2008 - 11:23:40,64 By chachou_2 mode normal ************************ Recherche les fichiers présents ... C:\log.txt ************************ Recherche les dossiers présents Aucun dossier trouvé ************************ Suppression des fichiers /!\ ... C:\log.txt ************************ Nettoyage du registre Les fichiers encore présents seront supprimés au prochain redémarrage ************************ Suppression des fichiers /!\ ... C:\log.txt ************************ Fichiers suspects Aucun Fichier trouvé Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04072008_11383054.zip ************************ HKLM\...\Winlogon\Userinit Userinit = C:\WINDOWS\system32\userinit.exe, Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte ------------------------------------------------------------------------ Auteur : !aur3n7 Contact: http://changelog.fr ------------------------------------------------------------------------ --------------------------------------------- END ---------------------------------------------
  7. karinee
    bon me voici de retour sur ce cite que décidément je ne quitte plus, voila le probléme j'ai recu hier un appel à conversation msn d'une ami qui semblait vouloir m'envoyer des fichiers photos!! erreur c'était un piège et je me sui laissée avoir comme une stupide idiote que je suis mon antivirus ma signalé l'intrusion d'un trojan mais n'a pu ni le mette en quarantaine ni le supprimer depuis régulièrement cette appel à conversation s'active bien sur je ne l'ouvre plus j'ai meme tenter de supprimer son msn mais peine perdu je vous mets mon rapport hijackthis merci de votre paciente karineLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:56:01, on 03/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\chachou_2\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [showWnd] ShowWnd.exe O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1659004503-1708537768-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'romain') O4 - HKUS\S-1-5-21-1659004503-1708537768-682003330-1009\..\Run: [cymewiqcy] c:\windows\system32\cymewiqcy.exe cymewiqcy (User 'romain') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b7823a9b92f64041915fb61f7c1f80a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b7823a9b92f64041915fb61f7c1f80a0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10201 bytes Ce message a été modifié par karinee - Aujourd'hui à 22h04.
  8. karinee
    je ferais tout ca demain je te remercie pour ton aide et le temps que tu m'as consacré elle m'a été précieuse merci
  9. karinee
    c bon apparament ia plus de soucis, merci de ton aide une derniere chose pourrais tu m'indiquer un bonantivirus gratuit à télécharger car le mien et payant alors autant en charger un bon voila merci
  10. karinee
    ouf c dur tout ca! bon la taille de qooboxzip est de 1.33mo (1396745oct) voila a toi
  11. karinee
    vivi j'ai bien ca
  12. karinee
    jsuis vraiment trop forte non pour moi zipper c une histoire de fermeture eclair loll blague à paart je sais pas j'ai jamais fait mais si tu m'expliques tout bien comme i fo jdevrais i arrivé merci
  13. karinee
    le voici le voilaLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:01:44, on 28/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Orange\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Orange\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\Orange\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsqh.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsus.exe C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsav32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe C:\WINDOWS\CNYHKey.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\Orange\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Controleur de calendrier pour Ulead Photo Express] C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe O4 - HKLM\..\Run: [showWnd] ShowWnd.exe O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1659004503-1708537768-682003330-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'loulou') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b7823a9b92f64041915fb61f7c1f80a0 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b7823a9b92f64041915fb61f7c1f80a0 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_...geUploader5.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 9518 bytes j'attends que tu me dises ce que je dois faire maintenant et encore grand merci
  14. karinee
    voici le raport cfscript que tu m'as demandé et je te poste dans deux minutes l'autre ComboFix 08-06-20.4 - chachou_2 2008-06-28 17:43:01.5 - NTFSx86 Endroit: C:\Documents and Settings\chachou_2\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\chachou_2\Bureau\CFscript.Txt * Création d'un nouveau point de restauration * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-28 )))))))))))))))))))))))))))))))))))) . 2008-06-27 11:43 . 2008-06-28 12:49 <REP> d-------- C:\Program Files\Navilog1 2008-06-26 22:42 . 2008-06-26 22:42 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-06-26 14:31 . 2008-06-26 14:31 <REP> d-------- C:\Documents and Settings\romain\Application Data\Malwarebytes 2008-06-26 06:19 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-06-26 06:19 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-06-26 06:19 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-06-26 06:19 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-06-26 06:19 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-26 06:18 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-06-26 06:18 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-06-26 06:18 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-06-26 06:18 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-06-25 16:40 . 2007-08-10 12:56 303,104 --a------ C:\WINDOWS\system32\ciplListBar.ocx 2008-06-25 16:40 . 2007-08-10 12:56 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx 2008-06-25 16:40 . 2007-08-10 12:56 155,648 --a------ C:\WINDOWS\system32\ciplImageList.ocx 2008-06-25 16:32 . 2008-06-25 16:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ascentive 2008-06-25 16:29 . 2008-04-17 16:22 208,896 --a------ C:\WINDOWS\system32\ConTest.dll 2008-06-25 16:29 . 2007-10-17 10:19 20,480 --a------ C:\WINDOWS\system32\SysRestore.dll 2008-06-25 16:28 . 2008-06-25 17:12 <REP> d-------- C:\Program Files\Ascentive 2008-06-25 14:02 . 2008-06-25 14:02 <REP> d-------- C:\Program Files\VS Revo Group 2008-06-25 12:06 . 2008-06-26 22:42 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-06-24 18:54 . 2008-06-24 18:54 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Windows Live Writer 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-24 10:13 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-06-24 10:12 . 2008-06-24 10:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-24 09:24 . 2008-06-24 09:24 <REP> d-------- C:\Program Files\Trend Micro 2008-06-22 00:06 . 2008-06-22 00:06 1,409 --a------ C:\WINDOWS\system32\tmpE4A1A.FOT 2008-06-19 10:00 . 2008-06-20 11:18 193 --a------ C:\WINDOWS\hppsapp.INI 2008-06-16 15:44 . 2008-06-24 08:57 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-16 15:44 . 2008-06-24 08:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp7B431.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp50531.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp34531.FOT 2008-06-16 08:46 . 2008-06-16 09:23 141 --a------ C:\WINDOWS\Clubhouse.ini 2008-06-16 08:40 . 2008-06-21 23:42 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2008-06-16 08:40 . 2008-06-21 23:42 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2008-06-16 08:40 . 2008-06-21 23:42 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2008-06-16 08:35 . 2008-06-16 08:35 <REP> d-------- C:\Program Files\Knowledge Adventure 2008-06-16 08:35 . 2001-03-26 11:55 1,325,821 --a------ C:\WINDOWS\UninstFrankClub.exe 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys 2008-06-15 17:21 . 2008-06-15 17:21 <REP> d-------- C:\sj646 2008-06-15 17:21 . 2000-10-09 18:57 102,400 --a------ C:\WINDOWS\system32\hpgmastr.dll 2008-06-15 17:21 . 2001-08-14 13:24 90,112 --a------ C:\WINDOWS\system32\hpsjvset.dll 2008-06-15 17:21 . 2001-08-03 11:23 40,960 --a------ C:\WINDOWS\system32\hpgmausd.dll 2008-06-15 17:21 . 2001-08-14 13:15 11,185 --a------ C:\WINDOWS\system32\hpgmasti.inf 2008-06-11 06:33 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 06:33 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-07 21:38 . 2008-06-07 21:41 <REP> d-------- C:\Program Files\Satsuki Decoder Pack 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\SmartSound Software 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\WINDOWS\system32\QuickTime 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\Program Files\Fichiers communs\Java 2008-06-07 20:29 . 2007-10-24 01:47 282,112 --a------ C:\WINDOWS\system32\mscoree.dll 2008-06-07 16:12 . 2008-06-07 20:32 <REP> d-------- C:\Program Files\Yahoo! 2008-06-07 16:11 . 2008-06-07 16:13 <REP> d-------- C:\Program Files\CCleaner 2008-06-07 15:54 . 2008-06-07 15:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-06 18:10 . 2008-06-06 18:10 <REP> d-------- C:\Documents and Settings\antoine\WINDOWS 2008-06-06 18:10 . 1996-02-08 11:24 247,296 --a------ C:\WINDOWS\UN16040C.EXE 2008-06-04 16:08 . 2008-06-04 16:08 <REP> d--hs---- C:\WINDOWS\ftpcache 2008-06-04 12:58 . 2008-06-04 12:58 21,504 --a------ C:\WINDOWS\jestertb.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 14:56 --------- d-----w C:\Program Files\Ulead Systems 2008-06-25 14:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-25 14:46 --------- d-----w C:\Program Files\Maxis 2008-06-25 12:26 --------- d-----w C:\Program Files\LucasArts 2008-06-25 12:06 --------- d-----w C:\Program Files\Windows Live 2008-06-25 10:08 --------- d-----w C:\Program Files\Google 2008-06-24 07:59 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-16 06:36 --------- d-----w C:\Program Files\QuickTime 2008-06-15 15:21 --------- d-----w C:\Program Files\Hewlett-Packard 2008-06-07 19:11 --------- d-----w C:\Program Files\Share_Accelerator_MM 2008-06-07 19:11 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\Ulead Systems 2008-06-07 19:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-06-07 19:08 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-06-07 18:54 --------- d-----w C:\Program Files\Java 2008-06-02 05:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-05-13 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS 2008-05-12 11:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microgaming 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\quartz.dll 2008-05-01 12:54 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\CoSoSys 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-11 16:34 68,656 -c--a-w C:\Documents and Settings\chachou_2\Application Data\GDIPFONTCACHEV1.DAT 2007-09-04 07:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2005-11-03 23:29 72,832 -c--a-r C:\WINDOWS\inf\CamAvb.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 18:49 4739072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-05-13 17:11 1397760] "Controleur de calendrier pour Ulead Photo Express"="C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [ ] "ShowWnd"="ShowWnd.exe" [2003-09-19 09:09 36864 C:\WINDOWS\ShowWnd.exe] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 16:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "Cmaudio"="cmicnfg.cpl,CMICtrlWnd" [] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-04 10:43 1836544] "mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 13:12 53248] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-06-21 12:19 188416] "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 11:45 135214] "F-Secure Manager"="C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2007-06-13 15:58 176177] "F-Secure TNB"="C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] "RegistryMechanic"="" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.mpegacm"= mpegacm.acm "msacm.ulmp3acm"= ulmp3acm.acm "vidc.SEDG"= mcs_vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza "6346:UDP"= 6346:UDP:shareaza R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2008-03-20 15:28] R0 ndisrd;ndisrd;C:\WINDOWS\system32\drivers\ndisrd.sys [2005-04-04 17:25] R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-03-20 15:27] R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 14:39] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 11:38] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10066d6-b278-11dc-9ba8-8f3b69726229}] \Shell\Auto\command - cmd /C launch.bat \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-06-27 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2008-06-28 09:22:52 C:\WINDOWS\Tasks\Scheduled scanning task.job" - C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\report.txt %C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus. "2008-06-28 15:14:07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-28 17:48:36 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\HKCYDLL.dll PROCESS: C:\WINDOWS\explorer.exe . Temps d'accomplissement: 2008-06-28 17:53:32 ComboFix-quarantined-files.txt 2008-06-28 15:53:23 ComboFix2.txt 2008-06-28 10:06:03 ComboFix3.txt 2008-06-24 17:42:59 ComboFix4.txt 2008-06-24 13:49:31 Pre-Run: 44,319,199,232 octets libres Post-Run: 44,073,144,320 octets libres 195 --- E O F --- 2008-06-26 20:43:01 voici le raport cfscript que tu m'as demandé et je te poste dans deux minutes l'autre ComboFix 08-06-20.4 - chachou_2 2008-06-28 17:43:01.5 - NTFSx86 Endroit: C:\Documents and Settings\chachou_2\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\chachou_2\Bureau\CFscript.Txt * Création d'un nouveau point de restauration * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-28 )))))))))))))))))))))))))))))))))))) . 2008-06-27 11:43 . 2008-06-28 12:49 <REP> d-------- C:\Program Files\Navilog1 2008-06-26 22:42 . 2008-06-26 22:42 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-06-26 14:31 . 2008-06-26 14:31 <REP> d-------- C:\Documents and Settings\romain\Application Data\Malwarebytes 2008-06-26 06:19 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-06-26 06:19 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-06-26 06:19 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-06-26 06:19 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-06-26 06:19 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-26 06:18 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-06-26 06:18 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-06-26 06:18 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-06-26 06:18 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-06-25 16:40 . 2007-08-10 12:56 303,104 --a------ C:\WINDOWS\system32\ciplListBar.ocx 2008-06-25 16:40 . 2007-08-10 12:56 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx 2008-06-25 16:40 . 2007-08-10 12:56 155,648 --a------ C:\WINDOWS\system32\ciplImageList.ocx 2008-06-25 16:32 . 2008-06-25 16:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ascentive 2008-06-25 16:29 . 2008-04-17 16:22 208,896 --a------ C:\WINDOWS\system32\ConTest.dll 2008-06-25 16:29 . 2007-10-17 10:19 20,480 --a------ C:\WINDOWS\system32\SysRestore.dll 2008-06-25 16:28 . 2008-06-25 17:12 <REP> d-------- C:\Program Files\Ascentive 2008-06-25 14:02 . 2008-06-25 14:02 <REP> d-------- C:\Program Files\VS Revo Group 2008-06-25 12:06 . 2008-06-26 22:42 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-06-24 18:54 . 2008-06-24 18:54 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Windows Live Writer 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-24 10:13 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-06-24 10:12 . 2008-06-24 10:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-24 09:24 . 2008-06-24 09:24 <REP> d-------- C:\Program Files\Trend Micro 2008-06-22 00:06 . 2008-06-22 00:06 1,409 --a------ C:\WINDOWS\system32\tmpE4A1A.FOT 2008-06-19 10:00 . 2008-06-20 11:18 193 --a------ C:\WINDOWS\hppsapp.INI 2008-06-16 15:44 . 2008-06-24 08:57 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-16 15:44 . 2008-06-24 08:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp7B431.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp50531.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp34531.FOT 2008-06-16 08:46 . 2008-06-16 09:23 141 --a------ C:\WINDOWS\Clubhouse.ini 2008-06-16 08:40 . 2008-06-21 23:42 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2008-06-16 08:40 . 2008-06-21 23:42 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2008-06-16 08:40 . 2008-06-21 23:42 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2008-06-16 08:35 . 2008-06-16 08:35 <REP> d-------- C:\Program Files\Knowledge Adventure 2008-06-16 08:35 . 2001-03-26 11:55 1,325,821 --a------ C:\WINDOWS\UninstFrankClub.exe 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys 2008-06-15 17:21 . 2008-06-15 17:21 <REP> d-------- C:\sj646 2008-06-15 17:21 . 2000-10-09 18:57 102,400 --a------ C:\WINDOWS\system32\hpgmastr.dll 2008-06-15 17:21 . 2001-08-14 13:24 90,112 --a------ C:\WINDOWS\system32\hpsjvset.dll 2008-06-15 17:21 . 2001-08-03 11:23 40,960 --a------ C:\WINDOWS\system32\hpgmausd.dll 2008-06-15 17:21 . 2001-08-14 13:15 11,185 --a------ C:\WINDOWS\system32\hpgmasti.inf 2008-06-11 06:33 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 06:33 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-07 21:38 . 2008-06-07 21:41 <REP> d-------- C:\Program Files\Satsuki Decoder Pack 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\SmartSound Software 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\WINDOWS\system32\QuickTime 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\Program Files\Fichiers communs\Java 2008-06-07 20:29 . 2007-10-24 01:47 282,112 --a------ C:\WINDOWS\system32\mscoree.dll 2008-06-07 16:12 . 2008-06-07 20:32 <REP> d-------- C:\Program Files\Yahoo! 2008-06-07 16:11 . 2008-06-07 16:13 <REP> d-------- C:\Program Files\CCleaner 2008-06-07 15:54 . 2008-06-07 15:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-06 18:10 . 2008-06-06 18:10 <REP> d-------- C:\Documents and Settings\antoine\WINDOWS 2008-06-06 18:10 . 1996-02-08 11:24 247,296 --a------ C:\WINDOWS\UN16040C.EXE 2008-06-04 16:08 . 2008-06-04 16:08 <REP> d--hs---- C:\WINDOWS\ftpcache 2008-06-04 12:58 . 2008-06-04 12:58 21,504 --a------ C:\WINDOWS\jestertb.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 14:56 --------- d-----w C:\Program Files\Ulead Systems 2008-06-25 14:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-25 14:46 --------- d-----w C:\Program Files\Maxis 2008-06-25 12:26 --------- d-----w C:\Program Files\LucasArts 2008-06-25 12:06 --------- d-----w C:\Program Files\Windows Live 2008-06-25 10:08 --------- d-----w C:\Program Files\Google 2008-06-24 07:59 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-16 06:36 --------- d-----w C:\Program Files\QuickTime 2008-06-15 15:21 --------- d-----w C:\Program Files\Hewlett-Packard 2008-06-07 19:11 --------- d-----w C:\Program Files\Share_Accelerator_MM 2008-06-07 19:11 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\Ulead Systems 2008-06-07 19:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-06-07 19:08 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-06-07 18:54 --------- d-----w C:\Program Files\Java 2008-06-02 05:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-05-13 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS 2008-05-12 11:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microgaming 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\quartz.dll 2008-05-01 12:54 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\CoSoSys 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-11 16:34 68,656 -c--a-w C:\Documents and Settings\chachou_2\Application Data\GDIPFONTCACHEV1.DAT 2007-09-04 07:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2005-11-03 23:29 72,832 -c--a-r C:\WINDOWS\inf\CamAvb.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 18:49 4739072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-05-13 17:11 1397760] "Controleur de calendrier pour Ulead Photo Express"="C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [ ] "ShowWnd"="ShowWnd.exe" [2003-09-19 09:09 36864 C:\WINDOWS\ShowWnd.exe] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 16:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "Cmaudio"="cmicnfg.cpl,CMICtrlWnd" [] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-04 10:43 1836544] "mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 13:12 53248] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-06-21 12:19 188416] "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 11:45 135214] "F-Secure Manager"="C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2007-06-13 15:58 176177] "F-Secure TNB"="C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] "RegistryMechanic"="" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.mpegacm"= mpegacm.acm "msacm.ulmp3acm"= ulmp3acm.acm "vidc.SEDG"= mcs_vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza "6346:UDP"= 6346:UDP:shareaza R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2008-03-20 15:28] R0 ndisrd;ndisrd;C:\WINDOWS\system32\drivers\ndisrd.sys [2005-04-04 17:25] R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-03-20 15:27] R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 14:39] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 11:38] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10066d6-b278-11dc-9ba8-8f3b69726229}] \Shell\Auto\command - cmd /C launch.bat \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-06-27 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2008-06-28 09:22:52 C:\WINDOWS\Tasks\Scheduled scanning task.job" - C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\report.txt %C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus. "2008-06-28 15:14:07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-28 17:48:36 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\HKCYDLL.dll PROCESS: C:\WINDOWS\explorer.exe . Temps d'accomplissement: 2008-06-28 17:53:32 ComboFix-quarantined-files.txt 2008-06-28 15:53:23 ComboFix2.txt 2008-06-28 10:06:03 ComboFix3.txt 2008-06-24 17:42:59 ComboFix4.txt 2008-06-24 13:49:31 Pre-Run: 44,319,199,232 octets libres Post-Run: 44,073,144,320 octets libres 195 --- E O F --- 2008-06-26 20:43:01
  15. karinee
    voici le raport cfscript que tu m'as demandé et je te poste dans deux minutes l'autre ComboFix 08-06-20.4 - chachou_2 2008-06-28 17:43:01.5 - NTFSx86 Endroit: C:\Documents and Settings\chachou_2\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\chachou_2\Bureau\CFscript.Txt * Création d'un nouveau point de restauration * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-28 )))))))))))))))))))))))))))))))))))) . 2008-06-27 11:43 . 2008-06-28 12:49 <REP> d-------- C:\Program Files\Navilog1 2008-06-26 22:42 . 2008-06-26 22:42 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-06-26 14:31 . 2008-06-26 14:31 <REP> d-------- C:\Documents and Settings\romain\Application Data\Malwarebytes 2008-06-26 06:19 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-06-26 06:19 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-06-26 06:19 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-06-26 06:19 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-06-26 06:19 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-26 06:18 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-06-26 06:18 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-06-26 06:18 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-06-26 06:18 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-06-25 16:40 . 2007-08-10 12:56 303,104 --a------ C:\WINDOWS\system32\ciplListBar.ocx 2008-06-25 16:40 . 2007-08-10 12:56 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx 2008-06-25 16:40 . 2007-08-10 12:56 155,648 --a------ C:\WINDOWS\system32\ciplImageList.ocx 2008-06-25 16:32 . 2008-06-25 16:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ascentive 2008-06-25 16:29 . 2008-04-17 16:22 208,896 --a------ C:\WINDOWS\system32\ConTest.dll 2008-06-25 16:29 . 2007-10-17 10:19 20,480 --a------ C:\WINDOWS\system32\SysRestore.dll 2008-06-25 16:28 . 2008-06-25 17:12 <REP> d-------- C:\Program Files\Ascentive 2008-06-25 14:02 . 2008-06-25 14:02 <REP> d-------- C:\Program Files\VS Revo Group 2008-06-25 12:06 . 2008-06-26 22:42 <REP> d-------- C:\WINDOWS\system32\fr-fr 2008-06-24 18:54 . 2008-06-24 18:54 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Windows Live Writer 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\chachou_2\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-24 10:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-24 10:13 . 2008-06-19 17:48 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-24 10:13 . 2008-06-19 17:47 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-06-24 10:12 . 2008-06-24 10:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-24 09:24 . 2008-06-24 09:24 <REP> d-------- C:\Program Files\Trend Micro 2008-06-22 00:06 . 2008-06-22 00:06 1,409 --a------ C:\WINDOWS\system32\tmpE4A1A.FOT 2008-06-19 10:00 . 2008-06-20 11:18 193 --a------ C:\WINDOWS\hppsapp.INI 2008-06-16 15:44 . 2008-06-24 08:57 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-06-16 15:44 . 2008-06-24 08:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp7B431.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp50531.FOT 2008-06-16 08:46 . 2008-06-16 08:46 1,409 --a------ C:\WINDOWS\system32\tmp34531.FOT 2008-06-16 08:46 . 2008-06-16 09:23 141 --a------ C:\WINDOWS\Clubhouse.ini 2008-06-16 08:40 . 2008-06-21 23:42 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2008-06-16 08:40 . 2008-06-21 23:42 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2008-06-16 08:40 . 2008-06-21 23:42 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2008-06-16 08:35 . 2008-06-16 08:35 <REP> d-------- C:\Program Files\Knowledge Adventure 2008-06-16 08:35 . 2001-03-26 11:55 1,325,821 --a------ C:\WINDOWS\UninstFrankClub.exe 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-06-16 08:31 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys 2008-06-15 17:21 . 2008-06-15 17:21 <REP> d-------- C:\sj646 2008-06-15 17:21 . 2000-10-09 18:57 102,400 --a------ C:\WINDOWS\system32\hpgmastr.dll 2008-06-15 17:21 . 2001-08-14 13:24 90,112 --a------ C:\WINDOWS\system32\hpsjvset.dll 2008-06-15 17:21 . 2001-08-03 11:23 40,960 --a------ C:\WINDOWS\system32\hpgmausd.dll 2008-06-15 17:21 . 2001-08-14 13:15 11,185 --a------ C:\WINDOWS\system32\hpgmasti.inf 2008-06-11 06:33 . 2008-06-14 19:59 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 06:33 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-07 21:38 . 2008-06-07 21:41 <REP> d-------- C:\Program Files\Satsuki Decoder Pack 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\SmartSound Software 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-06-07 21:11 . 2008-06-07 21:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\WINDOWS\system32\QuickTime 2008-06-07 21:06 . 2008-06-07 21:06 <REP> d-------- C:\Program Files\Fichiers communs\Java 2008-06-07 20:29 . 2007-10-24 01:47 282,112 --a------ C:\WINDOWS\system32\mscoree.dll 2008-06-07 16:12 . 2008-06-07 20:32 <REP> d-------- C:\Program Files\Yahoo! 2008-06-07 16:11 . 2008-06-07 16:13 <REP> d-------- C:\Program Files\CCleaner 2008-06-07 15:54 . 2008-06-07 15:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-06 18:10 . 2008-06-06 18:10 <REP> d-------- C:\Documents and Settings\antoine\WINDOWS 2008-06-06 18:10 . 1996-02-08 11:24 247,296 --a------ C:\WINDOWS\UN16040C.EXE 2008-06-04 16:08 . 2008-06-04 16:08 <REP> d--hs---- C:\WINDOWS\ftpcache 2008-06-04 12:58 . 2008-06-04 12:58 21,504 --a------ C:\WINDOWS\jestertb.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-25 14:56 --------- d-----w C:\Program Files\Ulead Systems 2008-06-25 14:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-25 14:46 --------- d-----w C:\Program Files\Maxis 2008-06-25 12:26 --------- d-----w C:\Program Files\LucasArts 2008-06-25 12:06 --------- d-----w C:\Program Files\Windows Live 2008-06-25 10:08 --------- d-----w C:\Program Files\Google 2008-06-24 07:59 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-16 06:36 --------- d-----w C:\Program Files\QuickTime 2008-06-15 15:21 --------- d-----w C:\Program Files\Hewlett-Packard 2008-06-07 19:11 --------- d-----w C:\Program Files\Share_Accelerator_MM 2008-06-07 19:11 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\Ulead Systems 2008-06-07 19:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-06-07 19:08 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-06-07 18:54 --------- d-----w C:\Program Files\Java 2008-06-02 05:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-05-13 17:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\MGS 2008-05-12 11:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microgaming 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 05:15 1,293,824 ------w C:\WINDOWS\system32\quartz.dll 2008-05-01 12:54 --------- d-----w C:\Documents and Settings\chachou_2\Application Data\CoSoSys 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-11 16:34 68,656 -c--a-w C:\Documents and Settings\chachou_2\Application Data\GDIPFONTCACHEV1.DAT 2007-09-04 07:45 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe 2005-11-03 23:29 72,832 -c--a-r C:\WINDOWS\inf\CamAvb.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184] "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2008-01-01 18:49 4739072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-05-13 17:11 1397760] "Controleur de calendrier pour Ulead Photo Express"="C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe" [ ] "ShowWnd"="ShowWnd.exe" [2003-09-19 09:09 36864 C:\WINDOWS\ShowWnd.exe] "Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 16:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "Cmaudio"="cmicnfg.cpl,CMICtrlWnd" [] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-04 10:43 1836544] "mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 13:12 53248] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-06-21 12:19 188416] "ledpointer"="CNYHKey.exe" [2004-02-03 18:15 5794816 C:\WINDOWS\CNYHKey.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 11:45 135214] "F-Secure Manager"="C:\Program Files\Orange\AntivirusFirewall\Common\FSM32.EXE" [2007-06-13 15:58 176177] "F-Secure TNB"="C:\Program Files\Orange\AntivirusFirewall\FSGUI\TNBUtil.exe" [2007-06-13 15:57 733184] "RegistryMechanic"="" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm "msacm.mpegacm"= mpegacm.acm "msacm.ulmp3acm"= ulmp3acm.acm "vidc.SEDG"= mcs_vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:shareaza "6346:UDP"= 6346:UDP:shareaza R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2008-03-20 15:28] R0 ndisrd;ndisrd;C:\WINDOWS\system32\drivers\ndisrd.sys [2005-04-04 17:25] R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Orange\AntivirusFirewall\HIPS\fshs.sys [2008-03-20 15:27] R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 14:39] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [2007-06-13 15:58] S3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 11:38] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2007-06-13 15:58] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Orange\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2007-06-13 15:58] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a10066d6-b278-11dc-9ba8-8f3b69726229}] \Shell\Auto\command - cmd /C launch.bat \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-06-27 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2008-06-28 09:22:52 C:\WINDOWS\Tasks\Scheduled scanning task.job" - C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\fsav.exeX /HARD /POLICY /SCHED /NOBREAK /REPORT=C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1\report.txt %C:\PROGRA~1\Orange\ANTIVI~1\ANTI-V~1.SYSTEM'Tâche ajoutée par F-Secure Anti-Virus. "2008-06-28 15:14:07 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-28 17:48:36 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\HKCYDLL.dll PROCESS: C:\WINDOWS\explorer.exe . Temps d'accomplissement: 2008-06-28 17:53:32 ComboFix-quarantined-files.txt 2008-06-28 15:53:23 ComboFix2.txt 2008-06-28 10:06:03 ComboFix3.txt 2008-06-24 17:42:59 ComboFix4.txt 2008-06-24 13:49:31 Pre-Run: 44,319,199,232 octets libres Post-Run: 44,073,144,320 octets libres 195 --- E O F --- 2008-06-26 20:43:01
×
×
  • Créer...