Aller au contenu

dom_

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    3

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par dom_

  1. dom_
    ok tout a été fait, RAS c'est cool les problèmes semblent réglés. Je te remercie beaucoup pour ton aide précieuse ça commençait à être bien relou. je te souhaite bonne continuation pour la suite merci encore bye
  2. dom_
    ok pour combofix voilà le raport : ComboFix 09-06-22.08 - dominique 23/06/2009 11:45.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1630 [GMT 2:00] Lancé depuis: c:\COlaF.exe AV: Antivirus de Trend Micro Client/Server Security Agent *On-access scanning disabled* (Outdated) {E5C6C2F8-3043-404E-9F0C-ABD13D0EFC98} FW: Trend Micro Personal Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\404Fix.exe c:\windows\system32\acad32.dll c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\drivers\gxvxclpiyejkltowqjkdsbaxwpvnqpfkaoyda.sys c:\windows\system32\drivers\gxvxcqrnedrxeatysubyuejndmktivkjyxrdg.sys c:\windows\system32\dumphive.exe c:\windows\system32\gxvxccount c:\windows\system32\gxvxcekrbfmvpwmpipvgrsqnyfrmdddltknwt.dll c:\windows\system32\gxvxcqogqjssxyobakytxeoduqtvqbtwrdxjr.dll c:\windows\system32\IEDFix.C.exe c:\windows\system32\IEDFix.exe c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_GXVXCSERV.SYS ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-06-23 )))))))))))))))))))))))))))))))))))) . 2009-06-23 09:35 . 2009-06-23 09:35 -------- d-sh--w- c:\documents and settings\dominique\IETldCache 2009-06-22 13:33 . 2009-06-22 13:33 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Local Settings\Application Data\IsolatedStorage 2009-06-22 08:41 . 2009-06-22 08:41 -------- d-----w- c:\program files\Paint.NET 2009-06-22 08:41 . 2009-06-22 08:42 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Local Settings\Application Data\Paint.NET 2009-06-17 10:34 . 2009-06-23 09:29 -------- d-----w- c:\program files\a-squared Anti-Malware 2009-06-16 16:40 . 2009-06-16 16:47 -------- d-----w- C:\fixwareout 2009-06-16 12:10 . 2009-06-16 12:10 -------- d-----w- c:\temp\info 2009-06-15 12:19 . 2009-06-15 13:56 -------- d-----w- c:\temp\topocad 2009-06-15 12:19 . 2009-06-15 12:19 -------- d-----w- C:\TopoCad 2009-06-15 12:17 . 2009-06-15 12:17 -------- d-----w- c:\program files\Borland 2009-06-15 12:17 . 1996-04-29 06:20 289280 ----a-w- c:\windows\uninst.exe 2009-06-15 10:36 . 2009-06-15 10:36 -------- d-----w- c:\program files\Diskeeper Lite Setup 2009-06-12 15:57 . 2009-06-22 16:23 532536 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-06-12 14:38 . 2009-06-12 14:38 -------- d-----w- c:\program files\MSBuild 2009-06-12 14:04 . 2001-08-17 19:28 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys 2009-06-12 14:03 . 2001-08-17 20:02 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys 2009-06-12 14:02 . 2001-08-23 15:47 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll 2009-06-12 14:01 . 2001-08-23 15:20 6912 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2009-06-12 14:00 . 2008-04-14 12:00 20736 -c--a-w- c:\windows\system32\dllcache\ramdisk.sys 2009-06-12 13:59 . 2001-08-17 20:05 351616 -c--a-w- c:\windows\system32\dllcache\ovcodek2.sys 2009-06-12 13:58 . 2001-08-23 15:47 19968 -c--a-w- c:\windows\system32\dllcache\mxicfg.dll 2009-06-12 13:57 . 2008-04-14 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll 2009-06-12 13:56 . 2001-08-17 19:28 73279 -c--a-w- c:\windows\system32\dllcache\hsf_spkp.sys 2009-06-12 13:55 . 2001-08-17 18:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys 2009-06-12 13:54 . 2001-08-23 15:47 110621 -c--a-w- c:\windows\system32\dllcache\digirlpt.dll 2009-06-12 13:53 . 2008-04-13 17:33 516768 -c--a-w- c:\windows\system32\dllcache\ativvaxx.dll 2009-06-11 15:24 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe 2009-06-11 15:23 . 2009-06-11 15:24 -------- d-----w- c:\program files\DuctiSoft 2009-06-11 09:23 . 2009-06-11 09:23 -------- d-----w- c:\program files\Hugin 2009-06-10 08:14 . 2009-06-10 08:14 -------- d-----w- c:\program files\FastStone Capture 2009-06-09 15:04 . 2009-06-11 09:27 -------- d-----w- c:\program files\Autopano-SIFT-2.3 2009-06-09 12:12 . 2009-06-09 12:12 -------- d-----w- c:\program files\FastStone Photo Resizer 2009-06-09 09:26 . 2001-12-02 08:43 467456 ----a-w- c:\windows\system\pano12.dll 2009-06-09 08:49 . 2009-06-09 08:49 -------- d-----w- c:\program files\Canon 2009-06-08 15:12 . 2009-06-08 17:16 81984 ----a-w- c:\windows\system32\bdod.bin 2009-06-08 09:32 . 2009-06-08 09:33 -------- d-----w- c:\program files\Fichiers communs\BitDefender 2009-06-08 09:29 . 2009-06-08 17:12 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-05 15:52 . 2009-06-05 15:52 -------- d-----w- c:\program files\Microsoft Research 2009-06-05 14:25 . 2009-06-05 14:25 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\Paludour 2009-06-05 14:13 . 2009-06-05 14:13 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\Barbudor 2009-06-05 13:08 . 2009-06-05 13:08 -------- d-----w- c:\program files\MapMaker 2009-06-04 07:01 . 2009-06-04 07:01 -------- d--h--w- c:\windows\system32\GroupPolicy 2009-06-03 04:03 . 2009-06-03 04:03 -------- d-sh--w- c:\documents and settings\jean-baptiste\PrivacIE 2009-06-03 04:02 . 2009-06-03 04:02 -------- d-sh--w- c:\documents and settings\jean-baptiste\IETldCache 2009-05-29 13:44 . 2009-05-29 13:44 -------- d-sh--w- c:\documents and settings\dominique.DOMLUXEL\IECompatCache 2009-05-29 13:44 . 2009-05-29 13:44 -------- d-sh--w- c:\documents and settings\dominique.DOMLUXEL\PrivacIE 2009-05-29 13:43 . 2009-05-29 13:43 -------- d-sh--w- c:\documents and settings\dominique.DOMLUXEL\IETldCache 2009-05-29 13:43 . 2009-05-29 13:43 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-05-29 12:36 . 2009-05-29 12:36 -------- d--h--w- c:\windows\msdownld.tmp 2009-05-29 12:36 . 2009-05-29 12:36 -------- dc-h--w- c:\windows\ie8 2009-05-29 12:30 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-29 12:30 . 2009-05-29 12:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-05-29 12:30 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-29 10:55 . 2009-05-29 10:55 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\Malwarebytes 2009-05-29 10:25 . 2009-05-29 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-28 12:25 . 2009-05-28 13:19 -------- d-----w- c:\program files\AutoIt3 2009-05-26 11:02 . 2009-06-22 11:21 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SolidDocuments 2009-05-26 08:18 . 2009-05-26 08:18 -------- d-----w- c:\program files\PDFTools 2009-05-26 07:37 . 2009-05-26 07:37 -------- d-----w- c:\program files\PDF-XChange Viewer 2009-05-26 06:59 . 2009-06-18 10:57 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\SolidDocuments 2009-05-26 06:59 . 2009-03-18 16:08 13568 ----a-w- c:\windows\system32\solidlocalui.dll 2009-05-26 06:59 . 2009-03-18 16:08 21248 ----a-w- c:\windows\system32\solidlocalmon.dll 2009-05-26 06:59 . 2009-05-26 06:59 -------- d-----w- c:\program files\SolidDocuments 2009-05-26 06:59 . 2009-05-26 06:59 -------- d-----w- c:\documents and settings\All Users\Application Data\SolidDocuments 2009-05-25 16:35 . 2009-05-25 16:35 -------- d-----w- c:\documents and settings\LocalService\Bureau 2009-05-25 16:34 . 2009-06-02 14:49 -------- dc----w- c:\windows\system32\DRVSTORE 2009-05-25 16:34 . 2009-06-02 14:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2009-05-25 07:53 . 2009-05-25 07:53 -------- d-----w- c:\program files\ET GeoWizards 9.8 2009-05-25 07:53 . 2009-05-25 07:53 -------- d-----w- c:\program files\ET GeoTools 9.4 for ArcGIS 9.2 2009-05-25 07:44 . 2009-05-25 07:44 -------- d-----w- c:\program files\CCleaner . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-23 08:44 . 2009-02-26 13:13 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\gtk-2.0 2009-06-23 06:51 . 2009-03-04 15:34 -------- d-----w- c:\program files\Taskbar Shuffle 2009-06-22 13:33 . 2009-02-25 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk 2009-06-17 12:29 . 2009-02-25 10:54 -------- d-----w- c:\program files\UltraVNC 2009-06-16 16:32 . 2009-02-25 10:54 -------- d-----w- c:\program files\Trend Micro 2009-06-15 10:36 . 2009-02-18 16:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2009-06-12 14:39 . 2008-04-25 12:46 553442 ----a-w- c:\windows\system32\perfh00C.dat 2009-06-12 14:39 . 2008-04-25 12:46 103618 ----a-w- c:\windows\system32\perfc00C.dat 2009-06-12 13:37 . 2009-02-25 13:29 -------- d-----w- c:\program files\AutoCAD Map 3D 2009 2009-06-11 15:24 . 2009-06-11 15:24 3483 ----a-w- c:\program files\uninstal.log 2009-06-11 12:08 . 2009-02-25 16:53 -------- d-----w- c:\program files\GIMP-2.0 2009-06-10 17:39 . 2009-03-09 08:56 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\XnView 2009-06-10 17:27 . 2009-02-18 16:33 128304 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-09 12:12 . 2009-03-09 11:11 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\FastStone 2009-06-05 16:43 . 2009-04-28 10:11 -------- d-----w- c:\program files\Folder Marker 2009-05-27 09:52 . 2009-05-19 07:42 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-05-26 12:04 . 2009-02-27 16:52 -------- d-----w- c:\program files\Google 2009-05-22 16:26 . 2009-05-22 15:43 -------- d-----w- c:\program files\ABCAutoCAD 2009-05-22 15:47 . 2009-05-22 15:47 -------- d-----w- c:\program files\Common Files 2009-05-20 14:03 . 2009-05-20 13:54 -------- d-----w- c:\program files\WinTopo 2009-05-15 07:11 . 2009-02-25 16:47 -------- d-----w- c:\program files\Fichiers communs\Adobe 2009-05-12 09:32 . 2009-05-12 09:32 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\Skyline 2009-05-12 09:26 . 2009-05-12 09:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Skyline 2009-05-12 09:26 . 2009-05-12 09:26 -------- d-----w- c:\program files\Skyline 2009-05-12 09:25 . 2009-05-12 09:26 116048 ----a-w- c:\documents and settings\All Users\Application Data\Skyline\TEDetect.dll 2009-04-24 15:31 . 2009-02-25 16:09 -------- d-----w- c:\documents and settings\dominique.DOMLUXEL\Application Data\ESRI 2009-04-24 14:14 . 2009-02-25 17:01 -------- d-----w- c:\program files\Inkscape 2009-04-20 14:40 . 2009-04-20 14:27 249856 ------w- c:\windows\Setup1.exe 2009-04-20 14:40 . 2009-04-20 14:27 73216 ----a-w- c:\windows\ST6UNST.EXE 2009-04-02 14:00 . 2009-02-25 16:31 142864 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2009-03-31 09:33 . 2009-03-31 09:33 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-02-26 09:47 . 2009-02-26 09:47 15397 ----a-w- c:\program files\settings.dat 1997-07-22 02:30 . 1997-07-22 02:30 1045776 --sha-w- c:\windows\system32\Msjet35.dll 1997-06-23 10:00 . 1997-06-23 10:00 123664 --sha-w- c:\windows\system32\Msjint35.dll 1997-06-23 19:06 . 1997-06-23 19:06 24848 --sha-w- c:\windows\system32\Msjter35.dll 1997-06-23 19:06 . 1997-06-23 19:06 252176 --sha-w- c:\windows\system32\Msrd2x35.dll 1997-06-23 19:06 . 1997-06-23 19:06 287504 --sha-w- c:\windows\system32\Msxbse35.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "Taskbar Shuffle"="c:\program files\Taskbar Shuffle\taskbarshuffle.exe" [2008-04-17 818176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-11-29 1036288] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-27 13578240] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "WinVNC"="c:\program files\UltraVNC\WinVNC.exe" [2006-07-17 364544] "OfficeScanNT Monitor"="c:\program files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2008-06-18 873856] "OE"="c:\program files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe" [2008-04-03 492808] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\dominique.DOMLUXEL\Menu D‚marrer\Programmes\D‚marrage\ FastStone Capture.lnk - c:\program files\FastStone Capture\FSCapture.exe [2007-2-23 1115136] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk * [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-908609674-3106447201-242287442-1140\Scripts\Logon\0\0] "Script"=luxel_logon.bat [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-908609674-3106447201-242287442-1152\Scripts\Logon\0\0] "Script"=luxel_logon.bat [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "23138:TCP"= 23138:TCP:Trend Micro Client/Server Security Agent Listener R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ESRI\License\arcgis9x\lmgrd.exe [25/02/2009 18:27 1431440] R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [20/06/2007 16:30 79168] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10/02/2007 07:29 29178224] R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [10/09/2008 16:30 3653632] R2 SdReadSpool;SolidPDFCreatorReadSpool;c:\program files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe [18/03/2009 18:08 189696] R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\Client Server Security Agent\tmxpflt.sys [19/11/2008 12:42 225296] R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\Client Server Security Agent\tmpreflt.sys [19/11/2008 12:42 36368] R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [25/02/2009 12:54 6016] R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [19/11/2008 12:42 335888] R3 TmPfw;Pare-feu personnel Trend Micro Client/Server Security Agent;c:\program files\Trend Micro\Client Server Security Agent\TmPfw.exe [19/11/2008 12:42 488768] R3 TmProxy;Service proxy Trend Micro Client/Server Security Agent;c:\program files\Trend Micro\Client Server Security Agent\TmProxy.exe [19/11/2008 12:42 652552] S0 wplc;wplc;c:\windows\system32\drivers\psrh.sys --> c:\windows\system32\drivers\psrh.sys [?] S2 gupdate1c998fbc6d8e4ef;Google Update Service (gupdate1c998fbc6d8e4ef);c:\program files\Google\Update\GoogleUpdate.exe [27/02/2009 18:52 133104] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-23 11:49 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2009-06-23 11:50 ComboFix-quarantined-files.txt 2009-06-23 09:50 Avant-CF: 134 967 881 728 octets libres Après-CF: 137 868 128 256 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 228 --- E O F --- 2009-05-12 06:54
  3. dom_
    Ok merci j'ai pu faire mon checkdisk. Voici le log de catchme : catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-23 08:54:51 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden files ... disk error: c:\windows\system32\ please note that you need administrator rights to perform deep scan ça craint? Je suis très heureux que tu m'aides merci encore maintenant inutile d'être présomptueux.
×
×
  • Créer...