Aller au contenu

boadice

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par boadice

  1. boadice
    Bonsoir, Désolé si je ne poste pas mon message au bonne endroit...j'ai par erreur récupérer un virus sur msn J'ai donc utilisé combofix...mais je ne sais pas lire le rapport votre aide serait bienvenue merci d'avance aux courageux qui s'attaqueront au rapport ComboFix 09-09-23.02 - Famille Dreux 24/09/2009 23:26.1.2 - NTFSx86 Lancé depuis: c:\documents and settings\Famille Dreux\Mes documents\Téléchargements\ComboFix.exe AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\pdfforge Toolbar\SeARchsettings.dll c:\program files\QUAD Utilities c:\program files\QUAD Utilities\QUAD Registry Cleaner\program.log c:\program files\QUAD Utilities\QUAD Registry Cleaner\Styles\Vista.cjstyles c:\recycler\S-1-5-21-4230163953-1765287014-2669462618-500 c:\windows\Installer\WMEncoder.msi c:\windows\kb913800.exe c:\windows\TEMP\logishrd\LVPrcInj01.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-08-24 au 2009-09-24 )))))))))))))))))))))))))))))))))))) . 2009-09-22 19:30 . 2009-09-24 20:15 -------- d-----w- C:\$AVG8.VAULT$ 2009-09-21 15:04 . 2009-09-21 15:04 -------- d-----w- c:\documents and settings\Famille Dreux\Local Settings\Application Data\AVG Security Toolbar 2009-09-21 15:02 . 2009-09-21 15:02 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-09-21 15:02 . 2009-09-21 15:02 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-09-21 15:02 . 2009-09-21 15:02 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-09-21 15:02 . 2009-09-21 15:02 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-09-21 15:01 . 2009-09-24 08:14 -------- d-----w- c:\windows\system32\drivers\Avg 2009-09-21 15:01 . 2009-09-21 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-09-21 15:01 . 2009-09-21 15:01 -------- d-----w- c:\program files\AVG 2009-09-21 15:01 . 2009-09-21 15:01 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-09-21 09:01 . 2009-09-21 09:01 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\Aisle 5 Games, Inc 2009-09-20 21:43 . 2009-09-20 21:44 -------- d-----w- c:\program files\G.H.O.S.T. Chronicles - Le Fantome de la Foire de la Renaissance 2009-09-18 12:05 . 2009-09-18 12:05 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\blg 2009-09-18 12:05 . 2009-09-18 12:05 -------- d-----w- c:\documents and settings\All Users\Application Data\blg 2009-09-11 11:02 . 2009-09-11 11:02 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\dvdcss 2009-09-09 19:11 . 2009-09-09 19:11 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\SultansLabyrinth 2009-09-08 09:08 . 2009-09-08 09:09 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\HiT-MM 2009-09-04 21:15 . 2009-09-04 21:15 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\GAMESHASTRA 2009-09-04 21:15 . 2009-09-04 21:15 -------- d-----w- c:\documents and settings\All Users\Application Data\GAMESHASTRA 2009-09-04 09:25 . 2009-09-04 09:25 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\Search Settings 2009-09-04 09:25 . 2009-09-04 09:25 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\pdfforge 2009-09-02 19:23 . 2009-09-02 19:23 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\Lost in the City 2009-09-02 15:55 . 2009-09-02 15:55 -------- d-----r- C:\MSOCache 2009-09-02 14:56 . 2009-09-24 21:35 -------- d-----w- c:\program files\pdfforge Toolbar 2009-08-29 11:03 . 2009-08-29 11:03 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayPond 2009-08-28 18:03 . 2009-08-28 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishSavedGames . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-21 11:15 . 2008-11-23 15:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-21 10:00 . 2008-11-23 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-09-10 08:53 . 2009-02-20 23:48 -------- d-----w- c:\program files\Microsoft Silverlight 2009-09-08 16:36 . 2008-11-10 11:48 -------- d-----w- c:\program files\Google 2009-09-08 16:29 . 2008-11-20 14:13 -------- d-----w- c:\program files\Windows Media Connect 2 2009-09-08 16:29 . 2008-11-10 11:51 -------- d-----w- c:\documents and settings\Famille Dreux\Application Data\Delicious IE Extension 2009-09-08 16:24 . 2008-08-27 13:54 -------- d-----w- c:\program files\QuickTime 2009-09-08 16:22 . 2009-04-14 08:59 -------- d-----w- c:\program files\iTunes 2009-09-08 16:22 . 2008-11-24 15:17 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-09-02 20:25 . 2008-08-27 13:29 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-02 20:25 . 2008-11-10 14:21 -------- d-----w- c:\program files\Canon 2009-09-02 16:18 . 2008-12-14 16:01 1822 -c--a-w- c:\documents and settings\Famille Dreux\Application Data\wklnhst.dat 2009-08-27 13:05 . 2009-05-12 14:21 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-08-07 13:30 . 2008-08-27 13:22 78288 -c--a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-07 04:56 . 2004-09-23 16:12 84874 ----a-w- c:\windows\system32\perfc00C.dat 2009-08-07 04:56 . 2004-09-23 16:12 510656 ----a-w- c:\windows\system32\perfh00C.dat 2009-08-05 09:00 . 2004-09-23 16:10 205312 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-27 15:33 . 2008-08-27 13:50 -------- d-----w- c:\program files\Java 2009-07-17 19:03 . 2004-09-23 16:09 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 08:08 . 2004-09-23 16:13 286720 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-06 10:00 . 2009-07-06 10:00 4096 -c--a-w- c:\windows\d3dx.dat 2009-07-03 16:57 . 2004-09-23 16:11 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-13 12:03 . 2009-05-12 13:35 32 -csha-w- c:\windows\system32\drivers\fidbox.dat 2009-05-13 12:03 . 2009-05-12 13:35 32 -csha-w- c:\windows\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-07-24 07:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] 2009-07-31 00:00 698880 ----a-w- c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll" [2009-07-31 698880] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "RTHDCPL"="c:\windows\RTHDCPL.EXE" [2005-12-09 15691264] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SoftwareHelper"="c:\documents and settings\Famille Dreux\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe" [2008-12-09 368224] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888] "SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-07-29 1024512] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-21 2007832] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-21 15:02 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\startupfolder\C:^Documents and Settings^Famille Dreux^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk] path=c:\documents and settings\Famille Dreux\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.0.lnk backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%ProgramFiles%\\AOL 9.0\\aol.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"= "%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"= "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Adobe\\Photoshop Elements 5.0\\AdobePhotoshopElementsMediaServer.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [21/09/2009 17:02 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [21/09/2009 17:02 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [21/09/2009 17:01 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [21/09/2009 17:01 297752] R2 Eset_TrialReset_serv;Eset TrialReset;c:\windows\Eset_TrialReset_serv.exe [27/07/2008 12:27 69632] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [21/02/2009 01:48 55152] S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-09-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://y.lo.st mStart Page = hxxp://www.tinit.org/ uInternet Connection Wizard,ShellNext = hxxp://www.yahoo.fr/ uInternet Settings,ProxyOverride = *.local DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab FF - ProfilePath - c:\documents and settings\Famille Dreux\Application Data\Mozilla\Firefox\Profiles\864hlc80.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://fr.mg41.mail.yahoo.com/dc/launch?.gx=1&.rand=0elgpbhbeboo5 FF - prefs.js: keyword.URL - hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_fr&p= FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- . - - - - ORPHELINS SUPPRIMES - - - - URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) HKLM-Run-EoEngine - (no file) AddRemove-{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1 - c:\documents and settings\Famille Dreux\Bureau\NOD32\NOD32\crack\1\Obsolete\unins000.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-24 23:40 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(564) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3780) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Canon\CAL\CALMAIN.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\dllhost.exe c:\program files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Java\jre6\bin\jucheck.exe . ************************************************************************** . Heure de fin: 2009-09-24 23:49 - La machine a redémarré ComboFix-quarantined-files.txt 2009-09-24 21:48 Avant-CF: 56 334 843 904 octets libres Après-CF: 57 440 886 784 octets libres 221 --- E O F --- 2009-09-22 21:27
×
×
  • Créer...