Aller au contenu

benazak

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

benazak's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. benazak
    bjr a tous nouvelle sur le forum, je voudrais etre sure ke mon pc n'est pas infecté je l'ai scannné avec combofix comme le conseillent membres forum, mais je ne comprends pas le rapport et je ne sais koi faire maintenant merci de m'aider voici le rapport(log)combofix: ComboFix 09-01-19.05 - moi 2009-01-20 20:58:09.2 - NTFSx86 Lancé depuis: c:\users\moi\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-20 au 2009-01-20 )))))))))))))))))))))))))))))))))))) . 2009-01-20 19:00 . 2009-01-20 19:00 6,736 --a------ c:\windows\System32\drivers\PROCEXP90.SYS 2009-01-20 18:58 . 2009-01-20 18:59 <REP> d-------- C:\32788R22FWJFW.0.tmp 2009-01-20 13:47 . 2009-01-20 17:59 <REP> d-------- c:\users\moi\.housecall6.6 2009-01-20 13:41 . 2009-01-20 13:40 410,984 --a------ c:\windows\System32\deploytk.dll 2009-01-20 13:40 . 2009-01-20 13:40 <REP> d-------- c:\program files\Java 2009-01-16 19:59 . 2009-01-16 19:59 <REP> d-------- c:\windows\System32\Macromed 2009-01-16 12:28 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2009-01-12 23:43 . 2009-01-12 23:53 <REP> d-------- c:\users\moi\AppData\Roaming\dvdcss 2009-01-12 23:18 . 2009-01-12 23:18 <REP> d-------- c:\users\All Users\WindowsSearch 2009-01-12 23:18 . 2009-01-12 23:18 <REP> d-------- c:\programdata\WindowsSearch 2009-01-12 23:00 . 2009-01-12 23:01 <REP> d-------- c:\users\All Users\Adobe 2009-01-12 22:59 . 2009-01-12 23:01 <REP> d-------- c:\program files\Common Files\Adobe 2009-01-12 19:19 . 2009-01-12 19:53 <REP> d-------- c:\users\moi\AppData\Roaming\vlc 2009-01-12 19:18 . 2009-01-12 19:18 <REP> d-------- c:\program files\VideoLAN 2009-01-12 19:15 . 2009-01-12 19:15 <REP> d-------- c:\program files\Alwil Software 2009-01-12 19:15 . 2003-03-18 21:20 1,060,864 --a------ c:\windows\System32\MFC71.dll 2009-01-12 19:15 . 2003-03-18 20:14 499,712 --a------ c:\windows\System32\MSVCP71.dll 2009-01-12 19:15 . 2003-02-21 04:42 348,160 --a------ c:\windows\System32\MSVCR71.dll 2009-01-12 19:15 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys 2009-01-12 14:50 . 2009-01-20 18:13 <REP> d-------- C:\Downloads 2009-01-12 00:18 . 2009-01-12 00:19 <REP> d-------- c:\users\moi\AppData\Roaming\Software Informer 2009-01-12 00:18 . 2009-01-20 21:00 <REP> d-------- c:\users\moi\AppData\Roaming\Free Download Manager 2009-01-12 00:18 . 2009-01-12 00:18 <REP> d-------- c:\users\All Users\FreeDownloadManager.ORG 2009-01-12 00:18 . 2009-01-12 00:18 <REP> d-------- c:\programdata\FreeDownloadManager.ORG 2009-01-12 00:18 . 2009-01-12 00:18 <REP> d-------- c:\program files\Software Informer 2009-01-12 00:18 . 2009-01-12 00:18 <REP> d-------- c:\program files\Free Download Manager 2009-01-11 14:35 . 2009-01-11 14:35 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-01-11 14:12 . 2009-01-11 14:12 <REP> d-------- c:\program files\Microsoft Works 2009-01-11 14:11 . 2009-01-11 14:11 <REP> d-------- c:\windows\PCHEALTH 2009-01-11 14:11 . 2009-01-11 14:11 <REP> d-------- c:\program files\Microsoft.NET 2009-01-11 14:07 . 2009-01-16 14:13 <REP> d-------- c:\users\All Users\Microsoft Help 2009-01-11 14:07 . 2009-01-16 14:13 <REP> d-------- c:\programdata\Microsoft Help 2009-01-09 19:15 . 2009-01-20 13:42 <REP> d--hs---- c:\windows\Installer 2009-01-09 19:15 . 2009-01-09 19:15 <REP> d-------- c:\program files\Uniblue 2009-01-09 19:13 . 2009-01-09 19:15 <REP> d--h-c--- c:\users\All Users\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-01-09 19:13 . 2009-01-09 19:15 <REP> d--h-c--- c:\programdata\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-01-06 22:08 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-01-06 22:02 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2009-01-06 21:47 . 2008-06-26 02:45 12,240,896 --a------ c:\windows\System32\NlsLexicons0007.dll 2009-01-06 21:47 . 2008-06-26 02:45 2,644,480 --a------ c:\windows\System32\NlsLexicons0009.dll 2009-01-06 21:47 . 2008-06-26 04:29 801,280 --a------ c:\windows\System32\NaturalLanguage6.dll 2009-01-06 21:40 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll 2009-01-06 21:35 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe 2009-01-06 21:34 . 2008-06-26 04:29 303,616 --a------ c:\windows\System32\wmpeffects.dll 2009-01-06 21:34 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys 2009-01-06 21:32 . 2008-04-18 06:48 269,312 --a------ c:\windows\System32\es.dll 2009-01-06 21:22 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2009-01-06 21:22 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2009-01-06 21:22 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2009-01-06 21:22 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll 2009-01-06 21:22 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe 2009-01-06 21:22 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll 2009-01-06 21:22 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll 2009-01-06 21:21 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll 2009-01-06 21:21 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe 2009-01-06 21:16 . 2007-08-24 19:44 101,504 -ra------ c:\windows\System32\drivers\ewusbmdm.sys 2009-01-06 21:16 . 2007-08-24 19:44 23,424 -ra------ c:\windows\System32\drivers\ewdcsc.sys 2009-01-06 21:14 . 2009-01-06 21:16 <REP> d-------- c:\program files\Internet Mobile 2009-01-06 21:00 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Searches 2009-01-06 20:59 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Videos 2009-01-06 20:59 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Saved Games 2009-01-06 20:59 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Pictures 2009-01-06 20:59 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Music 2009-01-06 20:59 . 2009-01-06 21:00 <REP> dr------- c:\users\moi\Links 2009-01-06 20:59 . 2009-01-09 19:18 <REP> dr------- c:\users\moi\Downloads 2009-01-06 20:59 . 2009-01-19 18:38 <REP> dr------- c:\users\moi\Documents 2009-01-06 20:59 . 2009-01-06 20:59 <REP> dr------- c:\users\moi\Contacts 2009-01-06 20:59 . 2009-01-06 21:00 <REP> d--h----- c:\users\moi\AppData 2009-01-06 20:59 . 2009-01-20 13:47 <REP> d-------- c:\users\moi 2009-01-06 20:57 . 2009-01-06 20:57 <REP> dr------- c:\windows\System32\config\systemprofile\Contacts 2009-01-06 20:56 . 2009-01-09 10:48 <REP> d-------- c:\windows\Debug 2009-01-06 20:42 . 2009-01-06 20:53 <REP> d-------- c:\windows\Panther 2009-01-06 20:29 . 2009-01-06 20:29 <REP> d-------- C:\Windows.old 2008-12-29 20:06 . 2008-12-29 20:06 <REP> d-------- C:\umdtask . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-16 13:13 --------- d-----w c:\program files\Windows Mail 2009-01-06 19:57 --------- d-sh--w c:\programdata\Modèles 2009-01-06 19:57 --------- d-sh--w c:\programdata\Menu Démarrer 2009-01-06 19:57 --------- d-sh--w c:\programdata\Favoris 2009-01-06 19:57 --------- d-sh--w c:\programdata\Bureau 2009-01-06 19:57 --------- d-sh--w c:\program files\Fichiers communs 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-21 05:25 296,960 ----a-w c:\windows\System32\gdi32.dll 2008-10-21 05:25 1,645,568 ----a-w c:\windows\System32\connect.dll 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((( snapshot@2009-01-20_19.10.05,54 ))))))))))))))))))))))))))))))))))))))))) . - 2009-01-20 16:59:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-01-20 19:29:43 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-01-20 16:59:55 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-01-20 19:29:43 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-01-20 16:59:55 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-20 19:29:43 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-20 136600] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6D623F45-2678-4AE4-8C13-9AB190974CC0}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ef4ff4-dc2e-11dd-b02b-dd4bd45c19b1}] \shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{809fb651-dcfa-11dd-a0cd-e9e437912cae}] \shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{809fb661-dcfa-11dd-a0cd-e9e437912cae}] \shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{809fb663-dcfa-11dd-a0cd-e9e437912cae}] \shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9034ae40-e0b6-11dd-8821-c35a1f09fbcf}] \shell\AutoRun\command - F:\ps.bat \shell\explore\Command - F:\ps.bat \shell\open\Command - F:\ps.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a549dcb2-de2b-11dd-8c5e-f0f1a7db0a81}] \shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a549dcbb-de2b-11dd-8c5e-90958416ce28}] \shell\AutoRun\command - E:\AutoRun.exe . Contenu du dossier 'Tâches planifiées' 2009-01-20 c:\windows\Tasks\User_Feed_Synchronization-{218FBD26-08EA-449C-A5EC-BA7C3EA02E55}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 03:25] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.yahoo.com/index_narrow.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-20 21:00:32 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... [0] 0x08458B00 Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-01-20 21:02:55 ComboFix-quarantined-files.txt 2009-01-20 20:02:52 ComboFix2.txt 2009-01-20 18:12:26 Avant-CF: 43 765 350 400 octets libres Après-CF: 44,061,409,280 octets libres 178 --- E O F --- 2009-01-19 17:29:52
×
×
  • Créer...