sooprano

voici lien rapport

rapport ZHPDiag mon rapport

salut mon Pc me semble infecté c'est pour ça j'ai utilisé Combofix, voici le Rapport d'analyse

ok merci, j'ai telechargé Kaspersky Anti-Virus File Server , es ce que ca pourra etre utile pour windows server 2003

pour l'info j y travail dans windows server 2003, et rkill ne marche pas sous ce dernier

salut j'au un probleme dans mon pc voici le raport de hijackthis

salut mon pc est infecter par des virus qui bloque certain fonctionnement des programme(msn9, photoshop et d'autre) voila rapport comboFix ComboFix 09-04-04.01 - Touch Advertising 2009-04-08 12:15:34.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.990.642 [GMT 0:00] Lancé depuis: c:\combofix\ComboFix.exe AV: AVG 7.5.557 *On-access scanning enabled* (Updated) * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\upw.bat c:\windows\system32\nmdfgds0.dll c:\windows\system32\nmdfgds1.dll c:\windows\system32\olhrwef.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2009-03-08 au 2009-04-08 )))))))))))))))))))))))))))))))))))) . 2009-04-07 09:21 . 2009-04-07 09:21 109,400 -r-hs---- C:\1ogf.exe 2009-04-06 15:17 . 2009-04-06 15:17 <REP> d-------- c:\program files\Microsoft Office Outlook Connector 2009-04-06 15:15 . 2009-04-06 15:15 <REP> d-------- c:\program files\Windows Live SkyDrive 2009-04-06 15:15 . 2009-04-06 15:15 <REP> d-------- c:\program files\Microsoft 2009-04-03 09:06 . 2009-04-03 09:05 109,512 -r-hs---- C:\cqxj.exe 2009-04-02 09:14 . 2009-04-02 09:14 108,083 -r-hs---- C:\o3n9k.com 2009-04-01 13:14 . 2009-04-01 13:14 <REP> d--hs---- c:\documents and settings\Touch Advertising\PrivacIE 2009-04-01 13:13 . 2009-04-01 13:13 <REP> d--hs---- c:\documents and settings\Touch Advertising\IETldCache 2009-04-01 12:09 . 2009-04-01 12:09 <REP> d--h----- c:\windows\msdownld.tmp 2009-04-01 12:09 . 2009-01-07 18:21 26,144 --a------ c:\windows\system32\spupdsvc.exe 2009-04-01 12:07 . 2009-04-01 12:09 <REP> d--h-c--- c:\windows\ie8 2009-03-30 12:04 . 2009-04-01 08:59 108,693 -r-hs---- C:\0bcobed.exe 2009-03-18 10:23 . 2009-03-18 10:23 <REP> d-------- c:\program files\Microsoft Silverlight 2009-03-16 15:42 . 2008-09-16 11:57 48,941 --a------ c:\windows\hpbj1200.hi2 2009-03-16 15:42 . 2008-09-16 11:58 5,685 --a------ c:\windows\mariner.hi2 2009-03-16 15:42 . 2008-09-16 11:57 4,537 --a------ c:\windows\hpbj1200.bu2 2009-03-16 15:42 . 2008-09-16 11:58 3,571 --a------ c:\windows\mariner.bu2 2009-03-08 14:17 . 2009-03-08 14:17 57,344 --------- c:\windows\system32\msrating.dll.mui 2009-03-08 14:17 . 2009-03-08 14:17 2,560 --------- c:\windows\system32\mshta.exe.mui 2009-03-08 14:16 . 2009-03-08 14:16 4,096 --------- c:\windows\system32\ie4uinit.exe.mui 2009-03-08 14:15 . 2009-03-08 14:15 81,920 --------- c:\windows\system32\iedkcs32.dll.mui . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-08 11:35 --------- d-----w c:\program files\Windows Live 2009-04-08 11:35 --------- d-----w c:\program files\MSN Messenger 2009-04-08 09:22 --------- d-----w c:\documents and settings\Touch Advertising\Application Data\AVG7 2009-03-26 10:46 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-17 09:01 --------- d-----w c:\program files\Hewlett-Packard 2009-03-08 04:34 914,944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 04:34 43,008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 04:33 420,352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 04:33 18,944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 04:32 72,704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 04:32 71,680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 04:31 48,128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 04:31 45,568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 04:31 34,816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 04:22 156,160 ----a-w c:\windows\system32\msls31.dll 2009-03-06 16:02 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-02-27 16:10 --------- d-----w c:\program files\Messenger Plus! Live 2009-02-26 09:16 103,663 --sh--r C:\wx8o0bt1.com 2009-02-12 14:23 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-02-11 14:37 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2009-02-11 14:27 --------- d-----w c:\program files\Bonjour 2009-02-11 14:06 --------- d-----w c:\program files\Fichiers communs\Macrovision Shared 2009-02-06 18:52 49,504 ----a-w c:\windows\system32\sirenacm.dll 2008-01-01 12:05 16,384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat 2008-01-01 12:05 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat 2008-01-01 12:05 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008010120080102\index.dat 2008-01-01 12:05 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((( snapshot@2009-01-17_12.41.44,32 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-14 22:16:53 71,680 -c----w c:\windows\ie8\admparse.dll + 2007-12-07 01:42:15 124,928 -c----w c:\windows\ie8\advpack.dll + 2007-10-14 22:16:54 17,408 -c----w c:\windows\ie8\corpol.dll + 2007-12-19 22:20:28 347,136 -c----w c:\windows\ie8\dxtmsft.dll + 2007-12-07 01:42:15 214,528 -c----w c:\windows\ie8\dxtrans.dll + 2007-10-14 22:16:56 60,416 -c----w c:\windows\ie8\hmmapi.dll + 2007-12-07 01:42:15 63,488 -c----w c:\windows\ie8\icardie.dll + 2007-12-06 08:34:28 70,656 -c----w c:\windows\ie8\ie4uinit.exe + 2007-12-07 01:42:15 153,088 -c----w c:\windows\ie8\ieakeng.dll + 2007-12-07 01:42:16 230,400 -c----w c:\windows\ie8\ieaksie.dll + 2007-12-06 05:00:02 161,792 -c----w c:\windows\ie8\ieakui.dll + 2007-07-01 03:31:33 2,455,488 -c----w c:\windows\ie8\ieapfltr.dat + 2007-12-07 01:42:16 383,488 -c----w c:\windows\ie8\ieapfltr.dll + 2007-12-07 01:42:16 388,096 -c----w c:\windows\ie8\iedkcs32.dll + 2007-10-14 22:16:59 78,336 -c----w c:\windows\ie8\ieencode.dll + 2007-10-14 22:16:59 78,336 -c----w c:\windows\ie8\ieencode.dll.000 + 2007-12-07 01:42:19 6,067,200 -c----w c:\windows\ie8\ieframe.dll + 2007-10-14 22:16:59 191,488 -c----w c:\windows\ie8\iepeers.dll + 2006-10-27 13:09:58 287,744 -c----w c:\windows\ie8\ieproxy.dll + 2007-12-07 01:42:19 44,544 -c----w c:\windows\ie8\iernonce.dll + 2007-12-07 01:42:19 267,776 -c----w c:\windows\ie8\iertutil.dll + 2007-10-14 22:16:59 55,296 -c----w c:\windows\ie8\iesetup.dll + 2007-10-14 22:17:39 180,736 -c----w c:\windows\ie8\ieui.dll + 2007-12-06 08:34:45 625,664 -c----w c:\windows\ie8\iexplore.exe + 2007-10-14 22:17:01 36,352 -c----w c:\windows\ie8\imgutil.dll + 2007-10-14 22:17:06 92,672 -c----w c:\windows\ie8\inseng.dll + 2007-10-14 22:17:06 491,520 -c----w c:\windows\ie8\jscript.dll + 2007-12-07 01:42:20 27,648 -c----w c:\windows\ie8\jsproxy.dll + 2007-10-14 22:17:07 40,960 -c----w c:\windows\ie8\licmgr10.dll + 2007-12-07 01:42:20 459,264 -c----w c:\windows\ie8\msfeeds.dll + 2007-12-07 01:42:20 52,224 -c----w c:\windows\ie8\msfeedsbs.dll + 2007-03-08 18:33:56 12,288 -c----w c:\windows\ie8\msfeedssync.exe + 2007-10-14 22:17:07 45,568 -c----w c:\windows\ie8\mshta.exe + 2007-12-07 01:42:21 3,593,216 -c----w c:\windows\ie8\mshtml.dll + 2007-12-07 01:42:21 478,208 -c----w c:\windows\ie8\mshtmled.dll + 2007-10-14 22:17:16 48,128 -c----w c:\windows\ie8\mshtmler.dll + 2007-10-14 22:17:16 156,160 -c----w c:\windows\ie8\msls31.dll + 2007-12-07 01:42:21 193,024 -c----w c:\windows\ie8\msrating.dll + 2007-12-07 01:42:21 671,232 -c----w c:\windows\ie8\mstime.dll + 2007-12-07 01:42:21 102,912 -c----w c:\windows\ie8\occache.dll + 2008-01-11 05:54:27 44,544 -c----w c:\windows\ie8\pngfilt.dll + 2009-03-08 16:14:22 58,448 -c----w c:\windows\ie8\spuninst\iecustom.dll + 2009-01-07 18:21:08 235,040 -c----w c:\windows\ie8\spuninst\spuninst.exe + 2009-01-07 18:21:08 406,048 -c----w c:\windows\ie8\spuninst\updspapi.dll + 2007-12-07 01:42:21 105,984 -c----w c:\windows\ie8\url.dll + 2007-12-07 01:42:22 1,162,752 -c----w c:\windows\ie8\urlmon.dll + 2007-10-14 22:17:23 413,696 -c----w c:\windows\ie8\vbscript.dll + 2007-10-14 22:17:24 765,952 -c----w c:\windows\ie8\vgx.dll + 2007-12-07 01:42:22 233,472 -c----w c:\windows\ie8\webcheck.dll + 2006-10-17 11:05:58 206,336 -c----w c:\windows\ie8\winfxdocobj.exe + 2007-12-07 01:42:22 825,344 -c----w c:\windows\ie8\wininet.dll + 2009-04-08 11:35:29 80,395 ----a-r c:\windows\Installer\{059C042E-796A-4ACC-A81A-ECC2010BB78C}\MsblIco.Exe + 2009-04-08 11:34:58 62,304 ----a-r c:\windows\Installer\{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}\IconWlc.exe + 2009-01-19 15:53:41 38,240 ----a-r c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2009-04-06 15:17:17 29,316 ----a-r c:\windows\Installer\{95120000-0120-040C-0000-0000000FF1CE}\olc_setup.exe - 2007-12-07 01:42:15 124,928 ----a-w c:\windows\system32\advpack.dll + 2009-03-08 04:32:48 128,512 ----a-w c:\windows\system32\advpack.dll - 2007-10-14 22:16:53 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll + 2009-03-08 04:32:56 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll - 2007-12-07 01:42:15 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll + 2009-03-08 04:32:48 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll - 2007-10-14 22:16:54 17,408 -c--a-w c:\windows\system32\dllcache\corpol.dll + 2009-03-08 04:33:40 18,944 -c--a-w c:\windows\system32\dllcache\corpol.dll - 2007-12-19 22:20:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll + 2009-03-08 04:31:44 348,160 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll - 2007-12-07 01:42:15 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll + 2009-03-08 04:31:38 216,064 -c--a-w c:\windows\system32\dllcache\dxtrans.dll - 2007-10-14 22:16:56 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll + 2009-03-08 04:24:28 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll - 2007-12-07 01:42:15 63,488 -c----w c:\windows\system32\dllcache\icardie.dll + 2009-03-08 04:31:52 59,904 -c--a-w c:\windows\system32\dllcache\icardie.dll - 2007-12-06 08:34:28 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe + 2009-03-08 04:32:54 173,056 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe - 2007-12-07 01:42:15 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll + 2009-03-08 04:33:02 125,952 -c--a-w c:\windows\system32\dllcache\ieakeng.dll - 2007-12-07 01:42:16 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll + 2009-03-08 04:33:08 229,376 -c--a-w c:\windows\system32\dllcache\ieaksie.dll - 2007-12-06 05:00:02 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll + 2009-03-08 04:32:52 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll - 2007-07-01 03:31:33 2,455,488 -c----w c:\windows\system32\dllcache\ieapfltr.dat + 2009-02-06 21:07:58 3,698,584 -c--a-w c:\windows\system32\dllcache\ieapfltr.dat - 2007-12-07 01:42:16 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll + 2009-03-08 04:11:12 445,952 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll - 2007-12-07 01:42:16 388,096 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 14:09:26 391,536 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll - 2007-12-07 01:42:19 6,067,200 -c----w c:\windows\system32\dllcache\ieframe.dll + 2009-03-08 04:39:48 11,063,808 -c--a-w c:\windows\system32\dllcache\ieframe.dll - 2007-10-14 22:16:59 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll + 2009-03-08 04:31:56 183,808 -c--a-w c:\windows\system32\dllcache\iepeers.dll - 2007-12-07 01:42:19 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll + 2009-03-08 04:32:50 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll - 2007-12-07 01:42:19 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll + 2009-03-08 04:32:22 1,985,024 -c--a-w c:\windows\system32\dllcache\iertutil.dll - 2007-10-14 22:16:59 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll + 2009-03-08 04:32:50 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll - 2007-12-06 08:34:45 625,664 -c--a-w c:\windows\system32\dllcache\iexplore.exe + 2009-03-08 14:09:26 638,816 -c--a-w c:\windows\system32\dllcache\iexplore.exe - 2007-10-14 22:17:01 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll + 2009-03-08 04:31:38 34,816 -c--a-w c:\windows\system32\dllcache\imgutil.dll - 2007-10-14 22:17:06 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll + 2009-03-08 04:32:46 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll - 2007-10-14 22:17:06 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll + 2009-03-08 04:33:16 726,528 -c--a-w c:\windows\system32\dllcache\jscript.dll - 2007-12-07 01:42:20 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll + 2009-03-08 04:33:26 25,600 -c--a-w c:\windows\system32\dllcache\jsproxy.dll - 2007-10-14 22:17:07 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 04:34:30 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll - 2007-12-07 01:42:20 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll + 2009-03-08 04:32:26 594,432 -c--a-w c:\windows\system32\dllcache\msfeeds.dll - 2007-12-07 01:42:20 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll + 2009-03-08 04:31:52 55,296 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll - 2007-10-14 22:17:07 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe + 2009-03-08 04:31:02 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe - 2007-12-07 01:42:21 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll + 2009-03-08 04:41:16 5,937,152 -c--a-w c:\windows\system32\dllcache\mshtml.dll - 2007-12-07 01:42:21 478,208 -c--a-w c:\windows\system32\dllcache\mshtmled.dll + 2009-03-08 04:31:26 66,560 -c--a-w c:\windows\system32\dllcache\mshtmled.dll - 2007-10-14 22:17:16 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll + 2009-03-08 04:31:18 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll - 2007-10-14 22:17:16 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll + 2009-03-08 04:22:38 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll - 2007-12-07 01:42:21 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll + 2009-03-08 04:34:18 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll - 2007-12-07 01:42:21 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll + 2009-03-08 04:32:04 611,840 -c--a-w c:\windows\system32\dllcache\mstime.dll - 2007-12-07 01:42:21 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll + 2009-03-08 04:34:18 109,568 -c--a-w c:\windows\system32\dllcache\occache.dll - 2008-01-11 05:54:27 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2009-03-08 04:31:36 46,592 -c--a-w c:\windows\system32\dllcache\pngfilt.dll + 2009-01-07 18:20:54 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll - 2007-12-07 01:42:21 105,984 -c--a-w c:\windows\system32\dllcache\url.dll + 2009-03-08 04:34:28 105,984 -c--a-w c:\windows\system32\dllcache\url.dll - 2007-12-07 01:42:22 1,162,752 -c--a-w c:\windows\system32\dllcache\urlmon.dll + 2009-03-08 04:34:56 1,206,784 -c--a-w c:\windows\system32\dllcache\urlmon.dll + 2004-08-03 22:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys - 2007-10-14 22:17:23 413,696 -c--a-w c:\windows\system32\dllcache\vbscript.dll + 2009-03-08 04:33:06 420,352 -c--a-w c:\windows\system32\dllcache\vbscript.dll - 2007-10-14 22:17:24 765,952 -c--a-w c:\windows\system32\dllcache\vgx.dll + 2009-03-08 04:33:48 759,296 -c--a-w c:\windows\system32\dllcache\VGX.dll - 2007-12-07 01:42:22 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll + 2009-03-08 04:34:48 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll - 2007-12-07 01:42:22 825,344 -c--a-w c:\windows\system32\dllcache\wininet.dll + 2009-03-08 04:34:58 914,944 -c--a-w c:\windows\system32\dllcache\wininet.dll + 2006-02-28 12:41:34 61,440 ----a-w c:\windows\system32\dns-sd.exe + 2006-02-28 12:41:22 53,248 ----a-w c:\windows\system32\dnssd.dll + 2009-01-17 12:46:53 821,856 ----a-w c:\windows\system32\drivers\avg7core.sys + 2009-01-17 12:46:58 4,224 ----a-w c:\windows\system32\drivers\avg7rsw.sys + 2009-01-17 12:46:58 27,776 ----a-w c:\windows\system32\drivers\avg7rsxp.sys + 2009-01-17 12:53:01 10,760 ----a-w c:\windows\system32\drivers\avgclean.sys + 2009-01-17 12:52:59 26,952 ----a-w c:\windows\system32\drivers\avgmfx86.sys + 2009-01-17 12:47:04 4,960 ----a-w c:\windows\system32\drivers\avgtdi.sys + 2004-08-03 22:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys - 2007-12-19 22:20:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll + 2009-03-08 04:31:44 348,160 ----a-w c:\windows\system32\dxtmsft.dll - 2007-12-07 01:42:15 214,528 ----a-w c:\windows\system32\dxtrans.dll + 2009-03-08 04:31:38 216,064 ----a-w c:\windows\system32\dxtrans.dll - 2009-01-15 08:52:38 331,480 ----a-w c:\windows\system32\FNTCACHE.DAT + 2009-02-13 08:52:38 1,611,024 ----a-w c:\windows\system32\FNTCACHE.DAT - 2007-12-07 01:42:15 63,488 ----a-w c:\windows\system32\icardie.dll + 2009-03-08 04:31:52 59,904 ----a-w c:\windows\system32\icardie.dll - 2007-10-14 22:17:27 26,112 ----a-w c:\windows\system32\idndl.dll + 2009-01-07 18:20:36 26,112 ----a-w c:\windows\system32\idndl.dll - 2007-12-06 08:34:28 70,656 ----a-w c:\windows\system32\ie4uinit.exe + 2009-03-08 04:32:54 173,056 ----a-w c:\windows\system32\ie4uinit.exe - 2007-12-07 01:42:15 153,088 ----a-w c:\windows\system32\ieakeng.dll + 2009-03-08 04:33:02 125,952 ----a-w c:\windows\system32\ieakeng.dll - 2007-12-07 01:42:16 230,400 ----a-w c:\windows\system32\ieaksie.dll + 2009-03-08 04:33:08 229,376 ----a-w c:\windows\system32\ieaksie.dll - 2007-12-06 05:00:02 161,792 ----a-w c:\windows\system32\ieakui.dll + 2009-03-08 04:32:52 163,840 ----a-w c:\windows\system32\ieakui.dll - 2007-10-14 22:17:29 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat + 2009-02-06 21:07:58 3,698,584 ----a-w c:\windows\system32\ieapfltr.dat - 2007-12-07 01:42:16 383,488 ----a-w c:\windows\system32\ieapfltr.dll + 2009-03-08 04:11:12 445,952 ----a-w c:\windows\system32\ieapfltr.dll - 2007-12-07 01:42:16 388,096 ----a-w c:\windows\system32\iedkcs32.dll + 2009-03-08 14:09:26 391,536 ----a-w c:\windows\system32\iedkcs32.dll - 2007-12-07 01:42:19 6,067,200 ----a-w c:\windows\system32\ieframe.dll + 2009-03-08 04:39:48 11,063,808 ----a-w c:\windows\system32\ieframe.dll - 2007-10-14 22:16:59 191,488 ----a-w c:\windows\system32\iepeers.dll + 2009-03-08 04:31:56 183,808 ----a-w c:\windows\system32\iepeers.dll - 2007-12-07 01:42:19 44,544 ----a-w c:\windows\system32\iernonce.dll + 2009-03-08 04:32:50 55,808 ----a-w c:\windows\system32\iernonce.dll - 2007-12-07 01:42:19 267,776 ----a-w c:\windows\system32\iertutil.dll + 2009-03-08 04:32:22 1,985,024 ----a-w c:\windows\system32\iertutil.dll - 2007-12-06 08:34:29 13,824 ----a-w c:\windows\system32\ieudinit.exe + 2009-03-08 04:32:52 36,864 ----a-w c:\windows\system32\ieudinit.exe - 2007-10-14 22:17:39 180,736 ----a-w c:\windows\system32\ieui.dll + 2009-03-08 04:22:46 164,352 ----a-w c:\windows\system32\ieui.dll - 2007-10-14 22:17:06 92,672 ----a-w c:\windows\system32\inseng.dll + 2009-03-08 04:32:46 94,720 ----a-w c:\windows\system32\inseng.dll - 2007-10-14 22:17:06 491,520 ----a-w c:\windows\system32\jscript.dll + 2009-03-08 04:33:16 726,528 ----a-w c:\windows\system32\jscript.dll - 2007-12-07 01:42:20 27,648 ----a-w c:\windows\system32\jsproxy.dll + 2009-03-08 04:33:26 25,600 ----a-w c:\windows\system32\jsproxy.dll + 2009-01-07 18:20:18 265,720 ----a-w c:\windows\system32\msdbg2.dll - 2007-12-07 01:42:20 459,264 ----a-w c:\windows\system32\msfeeds.dll + 2009-03-08 04:32:26 594,432 ----a-w c:\windows\system32\msfeeds.dll - 2007-12-07 01:42:20 52,224 ----a-w c:\windows\system32\msfeedsbs.dll + 2009-03-08 04:31:52 55,296 ----a-w c:\windows\system32\msfeedsbs.dll - 2007-03-08 18:33:56 12,288 ----a-w c:\windows\system32\msfeedssync.exe + 2009-03-08 04:31:54 13,312 ----a-w c:\windows\system32\msfeedssync.exe - 2007-12-07 01:42:21 3,593,216 ----a-w c:\windows\system32\mshtml.dll + 2009-03-08 04:41:16 5,937,152 ----a-w c:\windows\system32\mshtml.dll - 2007-12-07 01:42:21 478,208 ----a-w c:\windows\system32\mshtmled.dll + 2009-03-08 04:31:26 66,560 ----a-w c:\windows\system32\mshtmled.dll - 2007-12-07 01:42:21 193,024 ----a-w c:\windows\system32\msrating.dll + 2009-03-08 04:34:18 193,536 ----a-w c:\windows\system32\msrating.dll - 2007-12-07 01:42:21 671,232 ----a-w c:\windows\system32\mstime.dll + 2009-03-08 04:32:04 611,840 ----a-w c:\windows\system32\mstime.dll - 2007-10-14 22:17:40 24,576 ----a-w c:\windows\system32\nlsdl.dll + 2009-01-07 18:20:38 24,576 ----a-w c:\windows\system32\nlsdl.dll - 2007-10-14 22:17:40 23,552 ----a-w c:\windows\system32\normaliz.dll + 2009-01-07 18:20:36 23,552 ----a-w c:\windows\system32\normaliz.dll - 2007-12-07 01:42:21 102,912 ----a-w c:\windows\system32\occache.dll + 2009-03-08 04:34:18 109,568 ----a-w c:\windows\system32\occache.dll - 2008-01-11 05:54:27 44,544 ----a-w c:\windows\system32\pngfilt.dll + 2009-03-08 04:31:36 46,592 ----a-w c:\windows\system32\pngfilt.dll + 2001-08-23 17:47:16 5,632 ----a-w c:\windows\system32\ptpusb.dll + 2004-08-19 16:09:40 159,232 ----a-w c:\windows\system32\ptpusd.dll - 2007-03-06 01:34:33 15,072 ------w c:\windows\system32\spmsg.dll + 2009-01-07 18:21:08 17,952 ------w c:\windows\system32\spmsg.dll + 2005-06-25 13:16:50 138,240 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL + 2005-06-25 13:16:52 480,256 ----a-w c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL + 2007-03-21 20:54:16 77,312 ----a-w c:\windows\system32\TWAIN_32.DLL + 2007-03-21 20:54:16 48,560 ----a-w c:\windows\system32\TWUNK_16.EXE + 2007-03-21 20:54:16 69,632 ----a-w c:\windows\system32\TWUNK_32.EXE - 2007-12-07 01:42:21 105,984 ----a-w c:\windows\system32\url.dll + 2009-03-08 04:34:28 105,984 ----a-w c:\windows\system32\url.dll - 2007-12-07 01:42:22 1,162,752 ----a-w c:\windows\system32\urlmon.dll + 2009-03-08 04:34:56 1,206,784 ----a-w c:\windows\system32\urlmon.dll - 2007-12-07 01:42:22 233,472 ----a-w c:\windows\system32\webcheck.dll + 2009-03-08 04:34:48 236,544 ----a-w c:\windows\system32\webcheck.dll - 2006-10-17 11:05:58 206,336 ----a-w c:\windows\system32\winfxdocobj.exe + 2009-03-08 04:34:48 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe - 2007-10-14 22:17:43 121,856 ----a-w c:\windows\system32\xmllite.dll + 2009-01-07 18:21:04 121,856 ----a-w c:\windows\system32\xmllite.dll - 2006-10-26 13:40:36 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-22 22:48:08 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll - 2006-10-26 13:40:36 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-22 22:48:08 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll - 2006-10-26 13:40:36 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2005-09-22 22:48:06 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2007-11-06 20:23:58 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 01:19:34 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 01:19:34 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "cdoosoft"="c:\windows\system32\olhrwef.exe" [bU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2009-02-25 590848] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360] "AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2009-01-17 219136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Touch Advertising^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=c:\documents and settings\Touch Advertising\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 10:50 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Common SM] --------- 2004-05-17 05:34 360448 c:\windows\Samsung\ComSMMgr\SSMMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower] -ra------ 2005-05-26 03:01 49152 c:\windows\system32\SiSPower.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\aMSN\\bin\\wish.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= S3 SM_ml1600_FUService;ML-1610 Status Monitor Service;"c:\program files\Samsung ML-1610 Series\CommonSM\ssmsrvc /Service --> c:\program files\Samsung ML-1610 Series\CommonSM\ssmsrvc [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00b65650-1cde-11dd-8e8b-00805a4fb57f}] \Shell\AutoRun\command - E:\xlu8a8sy.exe \Shell\explore\Command - E:\xlu8a8sy.exe \Shell\open\Command - E:\xlu8a8sy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adc5832a-1d0e-11de-8f8f-00805a4fb57f}] \Shell\AutoRun\command - E:\0bcobed.exe \Shell\open\Command - E:\0bcobed.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b13e3691-c908-11dc-8e24-00805a4fb57f}] \Shell\Auto\command - auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca0b10b8-74ea-11dd-8eda-00805a4fb57f}] \Shell\AutoRun\command - lsass.exe \Shell\open\Command - lsass.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d57e1dd4-e3b9-11dd-8f50-00805a4fb57f}] \Shell\AutoRun\command - E:\2u.com \Shell\explore\Command - E:\2u.com \Shell\open\Command - E:\2u.com . Contenu du dossier 'Tâches planifiées' 2008-06-30 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-ares - c:\program files\Ares\Ares.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {75619C52-4189-4DA5-89A6-98507BA30F4C} = 212.217.0.1,212.217.0.12 . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-08 12:17:33 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SM_ml1600_FUService] "ImagePath"="\"c:\program files\Samsung ML-1610 Series\CommonSM\ssmsrvc /Service" . Heure de fin: 2009-04-08 12:18:51 ComboFix-quarantined-files.txt 2009-04-08 12:18:38 ComboFix2.txt 2009-03-06 15:59:35 ComboFix3.txt 2009-01-17 12:42:33 Avant-CF: 65 561 280 512 octets libres Après-CF: 65,698,553,856 octets libres 422 --- E O F --- 2008-04-23 18:30:48

salut bon quoi dire bon mon pc s'est infecté par virus autrun ainsi mon antivirus ne peut pas le supprimer s'il vous plait aidez moi voila mon rapport ComboFix ComboFix 09-03-31.01 - mehdi 2009-03-31 22:17:28.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2047.1680 [GMT 2:00] Lancé depuis: c:\documents and settings\mehdi\Bureau\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) * Un nouveau point de restauration a été créé * Resident AV is active . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-28 au 2009-03-31 )))))))))))))))))))))))))))))))))))) . 2009-03-29 23:13 . 2009-03-29 23:13 <REP> d-------- c:\program files\Java 2009-03-29 23:13 . 2009-03-29 23:13 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-29 23:13 . 2009-03-29 23:13 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-03-29 14:41 . 2009-03-29 14:50 <REP> d-------- c:\program files\EasyPHP1-8 2009-03-29 14:39 . 2009-03-29 14:39 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet 2009-03-29 13:40 . 2008-04-07 05:38 45,392 -ra------ c:\windows\system32\AdobePDF.dll 2009-03-29 13:40 . 2008-04-07 05:38 22,872 -ra------ c:\windows\system32\AdobePDFUI.dll 2009-03-29 13:11 . 2009-03-29 13:11 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared 2009-03-29 02:22 . 2009-03-29 02:22 <REP> d-------- C:\ATI 2009-03-29 00:14 . 2009-03-29 00:14 <REP> d-------- c:\program files\VIA 2009-03-29 00:08 . 2008-12-21 00:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll 2009-03-29 00:08 . 2007-04-17 11:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat 2009-03-29 00:08 . 2007-03-08 07:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui 2009-03-29 00:08 . 2008-12-21 00:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll 2009-03-29 00:08 . 2008-12-21 00:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll 2009-03-29 00:08 . 2008-12-21 00:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll 2009-03-29 00:08 . 2008-12-21 00:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll 2009-03-29 00:08 . 2008-12-21 00:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll 2009-03-29 00:08 . 2008-12-19 11:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe 2009-03-28 23:29 . 2009-03-29 00:08 <REP> d-------- c:\windows\system32\fr-fr 2009-03-28 23:29 . 2009-03-28 23:29 <REP> d-------- c:\windows\system32\fr 2009-03-28 23:29 . 2009-03-28 23:29 <REP> d-------- c:\windows\system32\bits 2009-03-28 23:29 . 2009-03-28 23:29 <REP> d-------- c:\windows\l2schemas 2009-03-28 23:26 . 2009-03-28 23:26 <REP> d-------- c:\windows\ServicePackFiles 2009-03-28 23:21 . 2009-03-28 23:21 <REP> d-------- c:\program files\ma-config.com 2009-03-28 23:21 . 2009-03-28 23:21 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com 2009-03-28 20:37 . 2004-08-03 23:41 1,309,184 --------- c:\windows\system32\drivers\mtlstrm.sys 2009-03-28 20:36 . 2009-03-28 20:36 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR 2009-03-28 20:36 . 2009-03-28 20:36 <REP> d-------- c:\program files\AdobeSupportAdvisor 2009-03-28 20:36 . 2009-03-28 20:36 <REP> d-------- c:\documents and settings\mehdi\Application Data\AdobeSupportAdvisor.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-03-28 19:58 . 2004-03-02 10:56 50,007 -ra------ c:\windows\system32\drivers\adildr.sys 2009-03-28 19:33 . 2008-06-14 19:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys 2009-03-28 19:31 . 2008-10-16 03:01 1,499,648 -----c--- c:\windows\system32\dllcache\shdocvw.dll 2009-03-28 19:31 . 2008-12-21 00:47 1,160,192 -----c--- c:\windows\system32\dllcache\urlmon.dll 2009-03-28 19:31 . 2008-12-21 00:47 826,368 -----c--- c:\windows\system32\dllcache\wininet.dll 2009-03-28 19:28 . 2009-03-28 19:28 <REP> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-03-28 19:24 . 2008-08-14 15:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2009-03-28 19:24 . 2008-08-14 15:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-03-28 19:24 . 2008-08-14 15:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-03-28 19:24 . 2008-08-14 15:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2009-03-28 19:23 . 2009-01-16 21:15 3,594,752 -----c--- c:\windows\system32\dllcache\mshtml.dll 2009-03-28 19:21 . 2009-03-28 19:21 <REP> d---s---- c:\documents and settings\mehdi\UserData 2009-03-28 19:18 . 2008-05-08 16:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys 2009-03-28 19:17 . 2008-10-24 13:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2009-03-28 19:17 . 2008-12-11 12:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys 2009-03-28 19:16 . 2009-03-28 19:16 <REP> d-------- c:\program files\VideoLAN 2009-03-28 19:16 . 2009-03-28 19:16 <REP> d-------- c:\documents and settings\mehdi\Application Data\vlc 2009-03-28 19:16 . 2008-04-11 21:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll 2009-03-28 19:16 . 2008-05-01 16:36 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll 2009-03-28 19:15 . 2008-09-04 19:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll 2009-03-28 19:15 . 2008-10-15 18:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll 2009-03-28 19:14 . 2009-03-28 19:14 <REP> d-------- c:\program files\Real 2009-03-28 19:14 . 2009-03-28 19:14 <REP> d-------- c:\program files\Fichiers communs\xing shared 2009-03-28 19:14 . 2009-03-28 19:14 <REP> d-------- c:\program files\Fichiers communs\Real 2009-03-28 19:14 . 2009-03-28 19:14 499,712 --a------ c:\windows\system32\msvcp71.dll 2009-03-28 19:14 . 2009-03-28 19:14 348,160 --a------ c:\windows\system32\msvcr71.dll 2009-03-28 19:13 . 2009-03-30 01:31 <REP> d--h----- c:\windows\$hf_mig$ 2009-03-28 19:13 . 2007-08-10 09:18 26,488 --a------ c:\windows\system32\spupdsvc.exe 2009-03-28 19:10 . 2009-03-28 19:11 <REP> d-------- c:\program files\DivX 2009-03-28 19:10 . 2009-03-28 19:10 <REP> d-------- c:\program files\Ares 2009-03-28 19:06 . 2009-03-31 22:03 3 --a------ C:\data.ini 2009-03-28 19:05 . 2009-03-28 19:28 <REP> d-------- c:\windows\nview 2009-03-28 19:05 . 2006-10-22 06:22 7,700,480 -ra------ c:\windows\system32\nvcpl.bak 2009-03-28 19:05 . 2007-04-02 06:40 1,011,712 -ra------ c:\windows\system32\nvcpluir.dll 2009-03-28 19:05 . 2006-08-26 09:29 481,792 -ra------ c:\windows\system32\Rscmpt.exe 2009-03-28 19:05 . 2006-10-22 06:22 208,896 --a------ c:\windows\system32\nvudisp.exe 2009-03-28 19:05 . 2009-03-29 01:57 88,566 --a------ c:\windows\system32\nvapps.xml 2009-03-28 19:05 . 2008-12-03 11:57 57,425 -ra------ c:\windows\system32\vdesk32.exe 2009-03-28 19:05 . 2007-11-05 06:38 38,580 -ra------ c:\windows\system32\sys_en.xsl 2009-03-28 19:05 . 2006-10-22 06:22 17,056 --a------ c:\windows\system32\nvdisp.nvu 2009-03-28 19:01 . 2008-04-14 04:31 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll 2009-03-28 17:58 . 2009-03-28 17:58 0 --a------ c:\windows\nsreg.dat 2009-03-28 17:57 . 2009-03-28 17:57 <REP> d-------- c:\windows\system32\Adobe 2009-03-28 17:57 . 2009-03-28 17:57 <REP> d-------- c:\program files\Fichiers communs\Vbox 2009-03-28 17:57 . 2001-11-14 21:19 16,384 --a------ c:\windows\system32\FileOps.exe 2009-03-28 17:56 . 2009-03-28 17:56 <REP> d-------- c:\windows\Adobe Illustrator CS 2009-03-28 17:53 . 2009-03-28 17:53 <REP> d-------- c:\windows\system32\QuickTime 2009-03-28 17:52 . 2009-03-28 17:54 <REP> d-------- c:\windows\Downloaded Installations 2009-03-28 17:52 . 2009-03-28 17:54 <REP> d-------- c:\program files\Macromedia 2009-03-28 17:52 . 2009-03-28 17:54 <REP> d-------- c:\program files\Fichiers communs\Macromedia 2009-03-28 17:46 . 2009-03-28 17:46 <REP> d-------- c:\program files\Fichiers communs\Adobe Systems Shared 2009-03-28 17:46 . 2009-03-28 17:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Adobe Systems 2009-03-28 17:44 . 2009-03-31 22:04 <REP> d-------- c:\program files\ESET 2009-03-28 17:44 . 2009-03-28 17:44 512,096 --a------ c:\windows\system32\drivers\amon.sys 2009-03-28 17:44 . 2009-03-28 17:44 298,104 --a------ c:\windows\system32\imon.dll 2009-03-28 17:44 . 2009-03-28 17:44 15,424 --a------ c:\windows\system32\drivers\nod32drv.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-29 12:15 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-03-29 00:22 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-28 15:55 --------- d-----w c:\program files\Fichiers communs\InstallShield 2009-03-28 14:42 --------- d-----w c:\program files\Menara 2009-03-28 13:49 --------- d-----w c:\program files\microsoft frontpage 2009-03-28 13:47 --------- d-----w c:\program files\Services en ligne 2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys 2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll 2008-12-05 06:57 144,896 ----a-w c:\windows\system32\schannel.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ares"="c:\program files\Ares\Ares.exe" [2008-12-26 893440] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-03-28 949376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-03-28 185896] "AdobeCS4ServiceManager"="c:\program files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376] "Adobe_ID0ENQBO"="c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2008-08-15 378224] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-29 148888] "nwiz"="nwiz.exe" [2006-10-22 c:\windows\system32\nwiz.exe] c:\documents and settings\mehdi\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 110592] c:\documents and settings\mehdi\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 110592] c:\documents and settings\mehdi\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 110592] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 110592] DSLMON.lnk - c:\program files\Menara\dslmon.exe [2009-03-28 966756] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Ares\\Ares.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"= "c:\\WINDOWS\\system32\\java.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 "3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server "51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server "51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-03-28 15424] S2 Display Desktop 32 Service;Display Desktop 32 Service;c:\windows\system32\vdesk32.exe [2009-03-28 57425] S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Fichiers communs\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232] . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.menara.ma IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html LSP: c:\windows\system32\imon.dll TCP: {558706D2-516A-4526-B5E2-8B512AD3899B} = 62.251.229.237 62.251.229.223 FF - ProfilePath - c:\documents and settings\mehdi\Application Data\Mozilla\Firefox\Profiles\w7p1c786.default\ FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p= FF - plugin: c:\documents and settings\mehdi\Application Data\Mozilla\Firefox\Profiles\w7p1c786.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-31 22:18:40 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(464) c:\program files\Fichiers communs\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'lsass.exe'(520) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll . Heure de fin: 2009-03-31 22:19:55 ComboFix-quarantined-files.txt 2009-03-31 20:19:52 Avant-CF: 19,214,114,816 octets libres Après-CF: 19,861,282,816 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 203 --- E O F --- 2009-03-29 23:31:32

Lequel ce probleme svp bon es ce que mon pc est devenu propre maintenant ?

j'ai fais ce que tu m'as dis j'ai redemarer mon pc en mode sans echec bon voila le repoort

voila rapport du combofix

wi j'ai fais ce que tu m'as demander voila la reponse http://www.virustotal.com/fr/analisis/352b...b25650d7720c957

salut j'ai un pc infecté je suis infographiste alors je travaille avec photoshop bon le virus bloque certain outils de mon logiciel svp pouvez vous m'aidez ? voila rapport HijackThis

ok merci voila le rapport de kaspersky

ok merci j'ai fais tous les etappes que tu m'as demander voila Rapport comboFix Rapport de HiJackThis