APFP38
-
Compteur de contenus
1 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par APFP38
-
Analyse rapport ComboFix
APFP38 a répondu à un(e) sujet de mimi6515 dans Analyses et éradication malwares
bonjour moi aussi, j'aurai besoin d'une analyse car je ne comprends rien du tout au rapport Merci d'avance (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\roboot.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-04-11 au 2012-05-11 )))))))))))))))))))))))))))))))))))) . . 2012-05-11 22:02 . 2012-05-11 22:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-11 21:36 . 2012-05-11 21:36 -------- d-----w- c:\programdata\Yahoo! Companion 2012-05-11 21:33 . 2012-05-11 21:33 -------- d-----w- c:\programdata\Systweak 2012-05-11 21:33 . 2012-05-11 21:33 -------- d-----w- c:\program files\Advanced System Protector 2012-05-11 21:33 . 2012-01-25 10:00 17136 ----a-w- c:\windows\system32\sasnative32.exe 2012-05-11 21:33 . 2012-05-11 21:33 -------- d-----w- c:\program files\RegClean Pro 2012-05-11 21:21 . 2012-05-11 21:21 -------- d-----w- c:\windows\LastGood 2012-05-11 21:21 . 2006-11-16 12:36 20480 ----a-w- c:\windows\system32\drivers\DNISP50.sys 2012-05-11 21:21 . 2006-11-16 12:36 21504 ----a-w- c:\windows\system32\drivers\DNIMP50.sys 2012-05-11 21:21 . 2012-05-11 21:21 -------- d-----w- c:\program files\NETGEAR 2012-05-11 21:21 . 2007-06-01 16:36 870400 ----a-w- c:\windows\system32\drivers\WPN111v.sys 2012-05-11 21:07 . 2012-05-11 21:07 -------- d-----w- c:\program files\ATI 2012-05-11 20:44 . 2007-07-03 02:05 15392 ----a-w- c:\windows\system32\drivers\INT15.SYS 2012-05-11 20:44 . 2006-08-16 07:45 77824 ----a-w- c:\windows\system32\drivers\INT15_DETECT.EXE 2012-05-11 20:43 . 2007-07-17 17:33 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe 2012-05-11 20:43 . 2006-11-12 09:54 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe 2012-05-11 20:43 . 2006-11-10 15:27 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe 2012-05-11 20:43 . 2005-12-09 07:12 16384 ----a-w- c:\windows\system32\ClearEvent.exe 2012-05-11 20:43 . 2012-05-11 20:43 -------- d-----w- c:\program files\Yahoo! 2012-05-11 20:42 . 2012-05-11 21:21 -------- d-----w- c:\users\AURELIE 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\Voisinage réseau 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\Voisinage d'impression 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\Modèles 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\Mes documents 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\Menu Démarrer 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\users\Default\AppData\Local\Historique 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\programdata\Modèles 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\programdata\Menu Démarrer 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\programdata\Favoris 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\programdata\Bureau 2012-05-11 20:39 . 2012-05-11 20:39 -------- d-sh--we c:\program files\Fichiers communs . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-12 06:27 . 2007-12-03 15:39 1226 ----a-w- c:\windows\CLEANUP.CMD . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032] "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104] "Advanced System Protector"="c:\program files\Advanced System Protector\advancedsystemprotector.exe" [2012-05-07 5925760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208] "Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-09-07 326176] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216] "PCMMediaSharing"="c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2007-06-21 204908] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112] "IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2006-11-21 46728] "osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-11-21 22696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-27 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-27 8497696] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-27 81920] "PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-09-11 187936] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552] "Advanced System Protector"="c:\program files\Advanced System Protector\advancedsystemprotector.exe" [2012-05-07 5925760] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-12-3 535336] NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111\wpn111.exe [2012-5-11 995328] . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-06-21 269448] . . --- Autres Services/Pilotes en mémoire --- . *NewlyCreated* - COMHOST *NewlyCreated* - DNISP50 *NewlyCreated* - NATIVEWIFIP *NewlyCreated* - NDISUIO . Contenu du dossier 'Tâches planifiées' . 2012-05-11 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-05-11 10:14] . 2012-05-11 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files\RegClean Pro\RegCleanPro.exe [2012-05-11 10:14] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://fr.fr.acer.yahoo.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://fr.fr.acer.yahoo.com uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com TCP: DhcpNameServer = 192.168.1.254 . - - - - ORPHELINS SUPPRIMES - - - - . HKLM-Run-Acer Tour - (no file) HKLM-Run-Apanel - c:\acersw\config\SetApanel.cmd HKLM-Run-eRecoveryService - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-12 00:03 Windows 6.0.6000 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Heure de fin: 2012-05-12 00:10:24 ComboFix-quarantined-files.txt 2012-05-11 22:10 . Avant-CF: 140 549 480 448 octets libres Après-CF: 140 536 750 080 octets libres . - - End Of File - - 439B7FA01CC5B2CBBEFE169587F6A972