[Résolu] Désinfection PC récalcitrante

[bruce lee]

salut max397

 

 

Escan a fait du ménage. Pour le fameux logon.exe on va le renommer.

 

rend toi ici:

 

C:\WINDOWS\System32\logon.exe

 

fais un clique droit sur logon.exe puis choisis renommer et tu le renommes en logon.old

 

rend toi ici:

 

http://www.microsoft.com/downloads/details...;displaylang=en

 

telecharge et installe le patch de sécurité redemarre ensuite ton PC et dis moi ce que ca donne au niveau des alertes.

[maxr397]

Salut,

je n'ai pas retrouvé logon.exe ...

(y a juste winlogon.exe)

 

J'ai donc installé le patch à voir maintenant. (à la première alertes : j'édite)

[bruce lee]

re,

 

(y a juste winlogon.exe)

 

J'ai donc installé le patch à voir maintenant. (à la première alertes : j'édite)

 

ne touche pas a winlogon.exe. Quand tu auras une alerte n'édite pas mais poste une nouvelle réponse en attendant Fais un nouveau scan avec combofix puis poste le rapport

 

@+

[maxr397]

Bon je n'ai toujour pas eu d'alertes, mon pc est démarré depuis bientot 2h et vu la vitesse ou les alertes apparaissaient j epense que ca doit etre bon.

 

Voici le rapport comboFix.txt :

Maxime - 06-12-05 19:32:17,98 Service Pack 1

ComboFix 06.11.27W - Running from: "C:\Documents and Settings\Maxime\Bureau\desinfection"

 

((((((((((((((((((((((((((((((( Files Created from 2006-11-05 to 2006-12-05 ))))))))))))))))))))))))))))))))))

 

 

2006-12-05 11:21 109,056 --a------ C:\WINDOWS\system32\umpnpmgr.dll

2006-12-04 23:00 <REP> d-------- C:\Bases

2006-12-04 22:56 <REP> d-------- C:\Kaspersky

2006-12-04 22:50 0 --ahs---- C:\WINDOWS\system32\.exe

2006-12-03 02:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA

2006-12-02 20:54 40,973 ---hs---- C:\WINDOWS\system32\wvuvuvs.dll

2006-12-02 19:40 40,973 ---hs---- C:\WINDOWS\system32\ljjjkkl.dll

2006-12-02 18:10 <REP> d-------- C:\VundoFix Backups

2006-12-02 18:09 40,973 ---hs---- C:\WINDOWS\system32\byxwwvs.dll

2006-12-02 17:32 40,973 ---hs---- C:\WINDOWS\system32\opnonlj.dll

2006-12-02 14:55 40,973 ---hs---- C:\WINDOWS\system32\rqrpnkk.dll

2006-12-02 14:52 40,973 ---hs---- C:\WINDOWS\system32\khfdcde.dll

2006-12-02 14:30 40,973 ---hs---- C:\WINDOWS\system32\cbxutqo.dll

2006-12-02 13:07 40,973 ---hs---- C:\WINDOWS\system32\tuvspnm.dll

2006-12-02 11:54 40,973 ---hs---- C:\WINDOWS\system32\nnnlljk.dll

2006-12-01 20:09 40,973 ---hs---- C:\WINDOWS\system32\ddcyywu.dll

2006-12-01 19:59 40,973 ---hs---- C:\WINDOWS\system32\ljjgebb.dll

2006-12-01 19:54 40,973 ---hs---- C:\WINDOWS\system32\awttrsq.dll

2006-12-01 19:52 20,164 --a------ C:\WINDOWS\system32\27031_redworld.exe

2006-11-30 16:38 <REP> d-------- C:\Documents and Settings\Maxime\bluej

2006-11-30 14:26 118 --a------ C:\WINDOWS\system32\wdtdpddy.bat

2006-11-30 14:18 117 --a------ C:\WINDOWS\system32\dvqbqpt.bat

2006-11-30 14:14 31,744 --ah----- C:\WINDOWS\system32\uxww.exe

2006-11-30 12:14 <REP> d-------- C:\SDFix

2006-11-29 20:54 <REP> d-------- C:\Program Files\Java

2006-11-29 20:54 <REP> d-------- C:\Program Files\Fichiers communs\Java

2006-11-19 22:47 <REP> d-------- C:\WINDOWS\Minidump

2006-11-19 14:22 <REP> d-------- C:\Program Files\Fichiers communs\Elecard

2006-11-19 14:22 <REP> d-------- C:\Program Files\Elecard

2006-11-19 12:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2006-11-19 12:42 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll

2006-11-19 12:42 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll

2006-11-19 12:42 331,776 --a------ C:\WINDOWS\system32\winhttp.dll

2006-11-19 12:42 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe

2006-11-19 12:42 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll

2006-11-19 12:42 <REP> d--h----- C:\WINDOWS\$hf_mig$

2006-11-19 12:42 <REP> d-------- C:\WINDOWS\system32\PreInstall

2006-11-19 12:42 <REP> d-------- C:\WINDOWS\system32\bits

2006-11-18 16:59 467,224 --a------ C:\WINDOWS\system32\wuapi.dll

2006-11-18 16:59 41,240 --a------ C:\WINDOWS\system32\wups.dll

2006-11-18 16:59 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll

2006-11-18 16:59 18,200 --a------ C:\WINDOWS\system32\wups2.dll

2006-11-18 16:59 175,896 --a------ C:\WINDOWS\system32\wuauclt1.exe

2006-11-18 16:59 128,792 --a------ C:\WINDOWS\system32\wucltui.dll

2006-11-18 16:58 <REP> d-------- C:\WINDOWS\SoftwareDistribution

2006-11-17 01:43 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll

2006-11-17 01:42 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll

2006-11-17 01:42 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll

2006-11-17 01:42 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll

2006-11-16 17:11 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe

2006-11-16 17:11 71,936 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys

2006-11-16 17:11 69,632 --a------ C:\WINDOWS\system32\KemXML.dll

2006-11-16 17:11 55,936 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys

2006-11-16 17:11 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys

2006-11-16 17:11 3,712 --a------ C:\WINDOWS\system32\drivers\LBeepKE.sys

2006-11-16 17:11 22,656 --a------ C:\WINDOWS\system32\drivers\mouclass.sys

2006-11-16 17:11 155,648 --a------ C:\WINDOWS\system32\kemutb.dll

2006-11-16 17:11 131,072 --a------ C:\WINDOWS\system32\KemUtil.dll

2006-11-16 17:11 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS

2006-11-16 17:11 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll

2006-11-16 17:11 <REP> d-------- C:\Program Files\Fichiers communs\Logitech

2006-11-15 00:02 <REP> d-------- C:\Documents and Settings\Maxime\Application Data\GlobalSCAPE

2006-11-07 21:18 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll

2006-11-07 21:18 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe

2006-11-07 21:18 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys

2006-11-07 21:18 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe

2006-11-07 21:18 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll

2006-11-07 21:18 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll

2006-11-07 21:18 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll

2006-11-07 21:18 76,800 --a------ C:\WINDOWS\system32\dmscript.dll

2006-11-07 21:18 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll

2006-11-07 21:18 723,968 --a------ C:\WINDOWS\system32\dpnet.dll

2006-11-07 21:18 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys

2006-11-07 21:18 64,512 --a------ C:\WINDOWS\system32\amstream.dll

2006-11-07 21:18 63,768 --a------ C:\WINDOWS\system32\dxdllreg.exe

2006-11-07 21:18 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll

2006-11-07 21:18 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll

2006-11-07 21:18 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys

2006-11-07 21:18 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys

2006-11-07 21:18 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys

2006-11-07 21:18 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll

2006-11-07 21:18 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys

2006-11-07 21:18 470,528 --a------ C:\WINDOWS\system32\qdvd.dll

2006-11-07 21:18 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll

2006-11-07 21:18 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys

2006-11-07 21:18 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys

2006-11-07 21:18 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll

2006-11-07 21:18 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll

2006-11-07 21:18 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll

2006-11-07 21:18 33,280 --a------ C:\WINDOWS\system32\dmloader.dll

2006-11-07 21:18 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll

2006-11-07 21:18 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll

2006-11-07 21:18 316,928 --a------ C:\WINDOWS\system32\qdv.dll

2006-11-07 21:18 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll

2006-11-07 21:18 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll

2006-11-07 21:18 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe

2006-11-07 21:18 27,136 --a------ C:\WINDOWS\system32\dmband.dll

2006-11-07 21:18 257,024 --a------ C:\WINDOWS\system32\qcap.dll

2006-11-07 21:18 230,400 --a------ C:\WINDOWS\system32\dplayx.dll

2006-11-07 21:18 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll

2006-11-07 21:18 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll

2006-11-07 21:18 181,248 --a------ C:\WINDOWS\system32\dmime.dll

2006-11-07 21:18 18,944 --a------ C:\WINDOWS\system32\encapi.dll

2006-11-07 21:18 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys

2006-11-07 21:18 18,432 --a------ C:\WINDOWS\system32\dswave.dll

2006-11-07 21:18 16,896 --a------ C:\WINDOWS\system32\msyuv.dll

2006-11-07 21:18 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe

2006-11-07 21:18 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys

2006-11-07 21:18 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys

2006-11-07 21:18 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys

2006-11-07 21:18 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys

2006-11-07 21:18 122,880 --a------ C:\WINDOWS\system32\dmusic.dll

2006-11-07 21:18 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll

2006-11-07 21:18 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys

2006-11-07 21:18 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll

2006-11-07 21:18 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys

2006-11-07 21:18 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys

2006-11-07 21:18 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll

2006-11-07 21:18 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll

2006-11-07 21:18 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll

2006-11-07 21:18 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll

2006-11-07 21:18 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll

2006-11-07 21:18 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll

2006-11-07 21:18 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll

2006-11-06 00:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe

2006-11-06 00:04 565,760 --a------ C:\WINDOWS\system32\msvcp50.dll

2006-11-05 23:29 94,208 --a------ C:\WINDOWS\ctdrvins.exe

2006-11-05 23:29 69,632 --a------ C:\WINDOWS\system32\wgomnfsd.dll

2006-11-05 23:29 53,248 --a------ C:\WINDOWS\system32\stvgmnsl.dll

2006-11-05 23:29 49,152 --a------ C:\WINDOWS\system32\wgomnevt.dll

2006-11-05 23:29 49,152 --a------ C:\WINDOWS\system32\wgomncfg.dll

2006-11-05 23:29 49,152 --a------ C:\WINDOWS\system32\wcmisc.dll

2006-11-05 23:29 49,152 --a------ C:\WINDOWS\system32\stvscale.dll

2006-11-05 23:29 45,056 --a------ C:\WINDOWS\system32\wgomnpin.dll

2006-11-05 23:29 430,080 --a------ C:\WINDOWS\system32\stvcol.dll

2006-11-05 23:29 36,864 --a------ C:\WINDOWS\system32\STVgmntg.dll

2006-11-05 23:29 225,280 --a------ C:\WINDOWS\system32\STVgmnu.dll

2006-11-05 23:29 105,576 --a------ C:\WINDOWS\system32\drivers\stvgmn.sys

2006-11-05 23:29 <REP> d-------- C:\Program Files\WCGoMini

 

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2006-12-05 19:32 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Azureus

2006-12-05 18:15 -------- d-------- C:\Program Files\BitDefender8

2006-12-05 00:25 0 --ahs---- C:\WINDOWS\system32\.exe

2006-11-30 12:55 -------- d--h----- C:\Program Files\InstallShield Installation Information

2006-11-29 20:54 -------- d-------- C:\Program Files\Fichiers communs

2006-11-18 16:59 -------- d--h----- C:\Program Files\WindowsUpdate

2006-11-16 17:11 -------- d---s---- C:\Documents and Settings\Maxime\Application Data\Microsoft

2006-11-13 13:28 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared

2006-11-06 00:15 -------- d-------- C:\Program Files\MSN Messenger

2006-11-05 23:57 -------- d-------- C:\Program Files\Messenger

2006-10-27 17:52 -------- d-------- C:\Program Files\NetMeeting

2006-10-27 16:48 58 --a------ C:\WINDOWS\sysdat.dll

2006-10-27 16:37 -------- d-------- C:\Program Files\directx

2006-10-27 16:36 -------- d-------- C:\Program Files\Creative

2006-10-26 19:10 -------- d-------- C:\Program Files\Windows Media Player

2006-10-26 19:08 -------- d-------- C:\Program Files\Internet Explorer

2006-10-26 19:07 -------- d-------- C:\Program Files\D-Tools

2006-10-25 00:43 -------- d-------- C:\Program Files\HardwareDetection

2006-10-23 17:21 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Lavasoft

2006-10-23 00:37 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Sun

2006-10-22 15:06 208896 --a------ C:\WINDOWS\system32\nvusmb.exe

2006-10-22 15:06 208896 --a------ C:\WINDOWS\system32\nvunrm.exe

2006-10-22 15:06 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE

2006-10-22 15:06 208896 --a------ C:\WINDOWS\system32\nvudisp.exe

2006-10-22 12:22 888832 --a------ C:\WINDOWS\system32\nvmobls.dll

2006-10-22 12:22 86016 --a------ C:\WINDOWS\system32\nvmctray.dll

2006-10-22 12:22 81920 --a------ C:\WINDOWS\system32\nvwddi.dll

2006-10-22 12:22 794624 --a------ C:\WINDOWS\system32\nvcplui.exe

2006-10-22 12:22 7700480 --a------ C:\WINDOWS\system32\nvcpl.dll

2006-10-22 12:22 581632 --a------ C:\WINDOWS\system32\nvhwvid.dll

2006-10-22 12:22 5644288 --a------ C:\WINDOWS\system32\nvoglnt.dll

2006-10-22 12:22 5619712 --a------ C:\WINDOWS\system32\nvdisps.dll

2006-10-22 12:22 5255168 --a------ C:\WINDOWS\system32\nvdispsr.dll

2006-10-22 12:22 466944 --a------ C:\WINDOWS\system32\nvshell.dll

2006-10-22 12:22 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll

2006-10-22 12:22 4527488 --a------ C:\WINDOWS\system32\nv4_disp.dll

2006-10-22 12:22 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll

2006-10-22 12:22 442368 --a------ C:\WINDOWS\system32\nvappbar.exe

2006-10-22 12:22 425984 --a------ C:\WINDOWS\system32\keystone.exe

2006-10-22 12:22 3994624 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys

2006-10-22 12:22 35840 --a------ C:\WINDOWS\system32\nvcodins.dll

2006-10-22 12:22 35840 --a------ C:\WINDOWS\system32\nvcod.dll

2006-10-22 12:22 335872 --a------ C:\WINDOWS\system32\nvwrses.dll

2006-10-22 12:22 335872 --a------ C:\WINDOWS\system32\nvwrsel.dll

2006-10-22 12:22 327680 --a------ C:\WINDOWS\system32\nvwrsfr.dll

2006-10-22 12:22 327680 --a------ C:\WINDOWS\system32\nvwrsesm.dll

2006-10-22 12:22 323584 --a------ C:\WINDOWS\system32\nvwrspt.dll

2006-10-22 12:22 323584 --a------ C:\WINDOWS\system32\nvwrsit.dll

2006-10-22 12:22 323584 --a------ C:\WINDOWS\system32\nvrshe.dll

2006-10-22 12:22 323584 --a------ C:\WINDOWS\system32\nvrsar.dll

2006-10-22 12:22 3203072 --a------ C:\WINDOWS\system32\nvgamesr.dll

2006-10-22 12:22 319488 --a------ C:\WINDOWS\system32\nvwrsptb.dll

2006-10-22 12:22 319488 --a------ C:\WINDOWS\system32\nvwrsnl.dll

2006-10-22 12:22 315392 --a------ C:\WINDOWS\system32\nvwrsru.dll

2006-10-22 12:22 315392 --a------ C:\WINDOWS\system32\nvwrshu.dll

2006-10-22 12:22 311296 --a------ C:\WINDOWS\system32\nvwrsde.dll

2006-10-22 12:22 311296 --a------ C:\WINDOWS\system32\nvexpbar.dll

2006-10-22 12:22 3047424 --a------ C:\WINDOWS\system32\nvgames.dll

2006-10-22 12:22 303104 --a------ C:\WINDOWS\system32\nvwrstr.dll

2006-10-22 12:22 303104 --a------ C:\WINDOWS\system32\nvwrssl.dll

2006-10-22 12:22 303104 --a------ C:\WINDOWS\system32\nvwrsfi.dll

2006-10-22 12:22 299008 --a------ C:\WINDOWS\system32\nvwrssk.dll

2006-10-22 12:22 299008 --a------ C:\WINDOWS\system32\nvwrsno.dll

2006-10-22 12:22 2973696 --a------ C:\WINDOWS\system32\nvvitvsr.dll

2006-10-22 12:22 294912 --a------ C:\WINDOWS\system32\nvwrssv.dll

2006-10-22 12:22 294912 --a------ C:\WINDOWS\system32\nvwrspl.dll

2006-10-22 12:22 294912 --a------ C:\WINDOWS\system32\nvwrsda.dll

2006-10-22 12:22 2924544 --a------ C:\WINDOWS\system32\nvvitvs.dll

2006-10-22 12:22 286720 --a------ C:\WINDOWS\system32\nvwrseng.dll

2006-10-22 12:22 286720 --a------ C:\WINDOWS\system32\nvwrscs.dll

2006-10-22 12:22 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll

2006-10-22 12:22 2859008 --a------ C:\WINDOWS\system32\nvmoblsr.dll

2006-10-22 12:22 282624 --a------ C:\WINDOWS\system32\nvwrsar.dll

2006-10-22 12:22 278528 --a------ C:\WINDOWS\system32\nvwrshe.dll

2006-10-22 12:22 278528 --a------ C:\WINDOWS\system32\nvrsfr.dll

2006-10-22 12:22 274432 --a------ C:\WINDOWS\system32\nvrsit.dll

2006-10-22 12:22 274432 --a------ C:\WINDOWS\system32\nvrses.dll

2006-10-22 12:22 274432 --a------ C:\WINDOWS\system32\nvrsel.dll

2006-10-22 12:22 270336 --a------ C:\WINDOWS\system32\nvrsde.dll

2006-10-22 12:22 266240 --a------ C:\WINDOWS\system32\nvrspt.dll

2006-10-22 12:22 266240 --a------ C:\WINDOWS\system32\nvrsnl.dll

2006-10-22 12:22 266240 --a------ C:\WINDOWS\system32\nvrsesm.dll

2006-10-22 12:22 262144 --a------ C:\WINDOWS\system32\nvrsru.dll

2006-10-22 12:22 262144 --a------ C:\WINDOWS\system32\nvrsptb.dll

2006-10-22 12:22 262144 --a------ C:\WINDOWS\system32\nvrsja.dll

2006-10-22 12:22 258048 --a------ C:\WINDOWS\system32\nvrsko.dll

2006-10-22 12:22 253952 --a------ C:\WINDOWS\system32\nvrshu.dll

2006-10-22 12:22 249856 --a------ C:\WINDOWS\system32\nvrstr.dll

2006-10-22 12:22 249856 --a------ C:\WINDOWS\system32\nvrssl.dll

2006-10-22 12:22 249856 --a------ C:\WINDOWS\system32\nvrssk.dll

2006-10-22 12:22 249856 --a------ C:\WINDOWS\system32\nvrspl.dll

2006-10-22 12:22 249856 --a------ C:\WINDOWS\system32\nvrsno.dll

2006-10-22 12:22 245760 --a------ C:\WINDOWS\system32\nvrssv.dll

2006-10-22 12:22 245760 --a------ C:\WINDOWS\system32\nvrsda.dll

2006-10-22 12:22 241664 --a------ C:\WINDOWS\system32\nvrsfi.dll

2006-10-22 12:22 241664 --a------ C:\WINDOWS\system32\nvrseng.dll

2006-10-22 12:22 241664 --a------ C:\WINDOWS\system32\nvrscs.dll

2006-10-22 12:22 229376 --a------ C:\WINDOWS\system32\nvmccs.dll

2006-10-22 12:22 221184 --a------ C:\WINDOWS\system32\nvrszhc.dll

2006-10-22 12:22 212992 --a------ C:\WINDOWS\system32\nvwrsja.dll

2006-10-22 12:22 212992 --a------ C:\WINDOWS\system32\nvapi.dll

2006-10-22 12:22 196608 --a------ C:\WINDOWS\system32\nvwrsko.dll

2006-10-22 12:22 188416 --a------ C:\WINDOWS\system32\nvmccss.dll

2006-10-22 12:22 1732608 --a------ C:\WINDOWS\system32\nvwssr.dll

2006-10-22 12:22 167936 --a------ C:\WINDOWS\system32\nvwrszht.dll

2006-10-22 12:22 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll

2006-10-22 12:22 163840 --a------ C:\WINDOWS\system32\nvwrszhc.dll

2006-10-22 12:22 1622016 --a------ C:\WINDOWS\system32\nwiz.exe

2006-10-22 12:22 159810 --a------ C:\WINDOWS\system32\nvsvc32.exe

2006-10-22 12:22 147456 --a------ C:\WINDOWS\system32\nvcolor.exe

2006-10-22 12:22 1470464 --a------ C:\WINDOWS\system32\nview.dll

2006-10-22 12:22 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe

2006-10-22 12:22 1236992 --a------ C:\WINDOWS\system32\nvwss.dll

2006-10-22 12:22 118784 --a------ C:\WINDOWS\system32\nvrszht.dll

2006-10-22 12:22 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll

2006-10-22 12:22 1011712 --a------ C:\WINDOWS\system32\nvcpluir.dll

2006-10-21 12:49 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Google

2006-10-20 21:14 -------- d-------- C:\Program Files\Free

2006-10-19 16:25 120 --a------ C:\WINDOWS\system32\hvtxjaj.bat

2006-10-19 15:54 61440 --a------ C:\WINDOWS\system32\sockspy.dll

2006-10-17 19:53 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Talkback

2006-10-17 19:53 -------- d-------- C:\Documents and Settings\Maxime\Application Data\Mozilla

2006-10-02 18:59 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll

 

 

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries are not shown

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"BDMCon"="C:\\Program Files\\BitDefender8\\bdmcon.exe"

"BDOESRV"="C:\\Program Files\\BitDefender8\\bdoesrv.exe"

"BDNewsAgent"="\"c:\\program files\\bitdefender8\\bdnagent.exe\""

"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"

"!AVG Anti-Spyware"="\"D:\\Program Files\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"NoChange"="1"

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]

"DeskHtmlVersion"=dword:00000110

"DeskHtmlMinorVersion"=dword:00000005

"Settings"=dword:00000001

"GeneralFlags"=dword:00000000

 

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

"Flags"=dword:00000002

"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,c4,03,00,00,00,\

00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00

"CurrentState"=dword:40000004

"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\

00,00,04,00,00,40

"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\

00,00,01,00,00,00

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]

"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=hex:91,00,00,00

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]

"NoDriveTypeAutoRun"=dword:00000091

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]

"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"

"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"

"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"

"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Lancement rapide d'Adobe Reader.lnk"

"backup"="C:\\WINDOWS\\pss\\Lancement rapide d'Adobe Reader.lnkCommon Startup"

"location"="Common Startup"

"command"="D:\\PROGRA~1\\ACROBA~1.0\\Reader\\READER~1.EXE "

"item"="Lancement rapide d'Adobe Reader"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Logitech SetPoint.lnk"

"backup"="C:\\WINDOWS\\pss\\Logitech SetPoint.lnkCommon Startup"

"location"="Common Startup"

"command"="D:\\PROGRA~1\\Logitech\\SetPoint\\SetPoint.exe "

"item"="Logitech SetPoint"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Microsoft Office.lnk"

"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"

"location"="Common Startup"

"command"="D:\\PROGRA~1\\MICROS~1\\Office\\OSA9.EXE -b -l"

"item"="Microsoft Office"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Pinnacle Scheduler.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Pinnacle Scheduler.lnk"

"backup"="C:\\WINDOWS\\pss\\Pinnacle Scheduler.lnkCommon Startup"

"location"="Common Startup"

"command"="C:\\PROGRA~1\\Pinnacle\\SHARED~1\\Programs\\SCHEDU~1\\PCLESC~1.EXE "

"item"="Pinnacle Scheduler"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"=""

"hkey"="HKLM"

"command"=""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="WZCSLDR2"

"hkey"="HKLM"

"command"="C:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootSkin Startup Jobs]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BootSkin"

"hkey"="HKLM"

"command"="\"C:\\PROGRA~1\\BootSkin\\BootSkin.exe\" /StartupJobs"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CloneCDTray"

"hkey"="HKLM"

"command"="\"D:\\Program Files\\CloneCD\\CloneCDTray.exe\" /s"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AirGCFG"

"hkey"="HKLM"

"command"="C:\\Program Files\\D-Link\\AirPlus G\\AirGCFG.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="dumprep 0 -k"

"hkey"="HKLM"

"command"="%systemroot%\\system32\\dumprep 0 -k"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="KHALMNPR"

"hkey"="HKLM"

"command"="KHALMNPR.EXE"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Security Monitor Process]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mssmp"

"hkey"="HKLM"

"command"="mssmp.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroCheck"

"hkey"="HKLM"

"command"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvCpl"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvMcTray"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="nwiz"

"hkey"="HKLM"

"command"="nwiz.exe /install"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SOUNDMAN"

"hkey"="HKLM"

"command"="SOUNDMAN.EXE"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="gain_trickler_3202"

"hkey"="HKLM"

"command"="\"d:\\program files\\divx\\divx pro codec\\gain_trickler_3202.exe\""

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Logon Application]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="logon"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\System32\\logon.exe"

"inimapping"="0"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

Completion time: 06-12-05 19:32:42.98

C:\ComboFix.txt ... 06-12-05 19:32

Modifié le 5 décembre 2006 par maxr397

[bruce lee]

re,

 

Bon je n'ai toujour pas eu d'alertes, mon pc est démarré depuis bientot 2h et vu la vitesse ou les alertes apparaissaient j epense que ca doit etre bon.

 

On va attendre un peu avant de crier victoire si tu veux bien

 

Le rapport de combofix revele encore des infections poste un nouveau rapport hijackthis s'il te plait.

[maxr397]

En tout cas il y a du mieux, c'est toujours ca !

 

Voici le rapport :

 

Logfile of HijackThis v1.99.1

Scan saved at 20:06:32, on 05/12/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\BitDefender8\bdoesrv.exe

C:\program files\bitdefender8\bdnagent.exe

C:\Program Files\D-Tools\daemon.exe

D:\Program Files\AVG Anti-Spyware 7.5\avgas.exe

D:\Program Files\PCTV Remote\bin\winremote.exe

D:\Program Files\AVG Anti-Spyware 7.5\guard.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\BitDefender8\vsserv.exe

c:\program files\bitdefender8\bdmcon.exe

D:\Program Files\Azureus\Azureus.exe

D:\Program Files\Mozilla Firefox\firefox.exe

F:\install\programmation\Java\eclipse\eclipse.exe

C:\WINDOWS\system32\javaw.exe

D:\Program Files\MeuhMeuhTV\MeuhMeuhTV.exe

C:\Documents and Settings\Maxime\Bureau\desinfection\maxr397.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - D:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O4 - HKLM\..\Run: [bDMCon] C:\Program Files\BitDefender8\bdmcon.exe

O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\BitDefender8\bdoesrv.exe

O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\bitdefender8\bdnagent.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - Startup: Raccourci vers winremote.lnk = D:\Program Files\PCTV Remote\bin\winremote.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163865510171

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: pHsockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program Files\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender8\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Modifié le 5 décembre 2006 par maxr397

[bruce lee]

re,

 

j'aimerai une derniere fois a titre verificatif que tu repasses vundofix (il ne devrait rien trouvé mais c'est pour etre sur)

 

@+

[maxr397]

il n'a donc rien trouvé :

VundoFix V6.2.13

 

Checking Java version...

 

Java version is 1.5.0.9

 

Scan started at 20:12:53 05/12/2006

 

Listing files found while scanning....

 

No infected files were found.

[bruce lee]

re,

 

Une petite analyse chez JOTTI de:

 

C:\WINDOWS\system32\uxww.exe

 

Je te montre plus le chemin pour faire analyser la bas

 

Poste le rapport apres analyse

[maxr397]

bingo : encore un !

File: uxww.exe

Status:

INFECTED/MALWARE

MD5 c7122a795321496e3c53a9a70a585803

Packers detected:

PE_PATCH

Scanner results

 

AntiVir Found nothing

ArcaVir Found nothing

Avast Found nothing

AVG Antivirus Found nothing

BitDefender Found nothing

ClamAV Found Trojan.Sdbot-3424

Dr.Web Found BackDoor.IRC.Sdbot.901

F-Prot Antivirus Found nothing

F-Secure Anti-Virus Found nothing

Fortinet Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

VirusBuster Found Worm.SdBot.EKJ

VBA32 Found BackDoor.IRC.Sdbot.901

de qui me dépasse, c'est que cette fois Antivir ne détectait rien : je comptait l'installer à la place de néro, du coup je sais plus quoi prendre.

Modifié le 5 décembre 2006 par maxr397