dinomaster

voici le rapport ComboFix 08-11-14.01 - christine 2008-11-16 14:21:16.1 - NTFSx86 Lancé depuis: c:\documents and settings\christine\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\christine\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-16 au 2008-11-16 )))))))))))))))))))))))))))))))))))) . 2008-11-16 13:59 . 2008-11-16 13:59 <REP> d---s---- c:\documents and settings\christine\UserData 2008-11-16 13:56 . 2008-11-16 13:56 <REP> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles 2008-11-04 21:12 . 2008-11-04 21:12 <REP> d-------- c:\documents and settings\christine\Application Data\OpenOffice.org 2008-11-04 21:05 . 2008-11-04 21:05 <REP> d-------- c:\windows\Sun 2008-11-04 21:00 . 2008-11-04 21:00 <REP> d-------- c:\documents and settings\christine\Application Data\Media Player Classic 2008-11-04 11:39 . 2008-11-04 11:39 <REP> d-------- c:\documents and settings\christine\Application Data\vlc 2008-11-02 18:30 . 2008-11-02 18:30 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-04 11:23 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-02 19:55 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-02 16:32 --------- d-----w c:\program files\RegCleaner 2008-11-02 16:32 --------- d-----w c:\program files\Alwil Software 2008-11-02 16:30 --------- d-----w c:\program files\CCleaner 2008-11-02 16:27 --------- d-----w c:\program files\OpenOffice.org 3 2008-11-02 16:27 --------- d-----w c:\program files\JRE 2008-11-02 16:27 --------- d-----w c:\program files\Java 2008-11-02 16:26 --------- d-----w c:\program files\Fichiers communs\Adobe 2008-11-02 16:24 --------- d-----w c:\program files\VideoLAN 2008-11-02 16:23 --------- d-----w c:\program files\K-Lite Codec Pack 2008-11-02 16:21 --------- d-----w c:\program files\Fichiers communs\Java 2008-11-02 16:03 --------- d-----w c:\program files\VIA Technologies, Inc 2008-11-02 16:00 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-11-02 15:52 --------- d-----w c:\program files\microsoft frontpage 2008-11-02 15:49 --------- d-----w c:\program files\Services en ligne . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-04-13 3309568] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-04-13 46080] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "nwiz"="nwiz.exe" [2004-04-13 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="move" [X] "Config"="c:\windows\system32\run.cmd" [2006-02-14 248] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-19 44544] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoStrCmpLogical"= 0 (0x0) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "MemCheckBoxInRunDlg"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3fhg"= mp3fhg.acm "msacm.divxa32"= divxa32.acm "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "DisablePagingExecutive"=dword:00000001 "SecondLevelDataCache"=dword:00000200 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-02 78416] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-02 20560] *Newly Created Service* - PROCEXP90 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-16 14:23:08 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2008-11-16 14:24:08 ComboFix-quarantined-files.txt 2008-11-16 13:24:04 Avant-CF: 37 196 541 952 octets libres Après-CF: 37,191,544,832 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 100

Bonjour, Voici mon probleme: lorsque je suis sur mon navigateur internet, le pc reboot au bout d'un certain temps en affichant un écran noir. Avec firefox c' est immédiat. J'ai utilisé combofix qui a été tres rapide et m'a laissé un rapport. pourriez vous y jeter un coup d'oeil svp pour m' aider? merci