Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

mon ordi était infecté par personal shield pro, j'ai lancé COMBOFIX, voici le rapport d'erreurs dites moi s'il y a autre chose à faire. merci

ComboFix 11-07-15.03 - Home 16/07/2011 23:51:27.1.2 - x86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1516 [GMT 2:00]

Running from: c:\documents and settings\Home\Bureau\ComboFix.exe

AV: avast! Antivirus *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\eM09801EmInM09801

c:\documents and settings\All Users\Application Data\eM09801EmInM09801\eM09801EmInM09801

c:\documents and settings\All Users\Application Data\eM09801EmInM09801\eM09801EmInM09801.exe

c:\documents and settings\Home\Application Data\Adobe\plugs

c:\documents and settings\Home\Application Data\Adobe\plugs\mmc17605312.txt

c:\documents and settings\Home\Application Data\Adobe\plugs\mmc215.exe

c:\documents and settings\Home\Application Data\Adobe\plugs\mmc91.exe

c:\documents and settings\Home\Application Data\Adobe\shed

c:\documents and settings\Home\Application Data\Adobe\shed\thr1.chm

c:\documents and settings\Home\Application Data\alot

c:\documents and settings\Home\Application Data\alot\Button_0\Button_0.xml

c:\documents and settings\Home\Application Data\alot\Button_0\Button_0.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_1\Button_1.xml

c:\documents and settings\Home\Application Data\alot\Button_1\Button_1.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_2\Button_2.xml

c:\documents and settings\Home\Application Data\alot\Button_2\Button_2.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_3\Button_3.xml

c:\documents and settings\Home\Application Data\alot\Button_3\Button_3.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_4\Button_4.xml

c:\documents and settings\Home\Application Data\alot\Button_4\Button_4.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_5\Button_5.xml

c:\documents and settings\Home\Application Data\alot\Button_5\Button_5.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_6\Button_6.xml

c:\documents and settings\Home\Application Data\alot\Button_6\Button_6.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_7\Button_7.xml

c:\documents and settings\Home\Application Data\alot\Button_7\Button_7.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_8\Button_8.xml

c:\documents and settings\Home\Application Data\alot\Button_8\Button_8.xml.backup

c:\documents and settings\Home\Application Data\alot\Button_9\Button_9.xml

c:\documents and settings\Home\Application Data\alot\Button_9\Button_9.xml.backup

c:\documents and settings\Home\Application Data\alot\configurator\configurator.xml

c:\documents and settings\Home\Application Data\alot\configurator\configurator.xml.backup

c:\documents and settings\Home\Application Data\alot\contextMenu\contextMenu.xml

c:\documents and settings\Home\Application Data\alot\contextMenu\contextMenu.xml.backup

c:\documents and settings\Home\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml

c:\documents and settings\Home\Application Data\alot\hideToolbarLayout\hideToolbarLayout.xml.backup

c:\documents and settings\Home\Application Data\alot\postInstallLayout\postInstallLayout.xml

c:\documents and settings\Home\Application Data\alot\postInstallLayout\postInstallLayout.xml.backup

c:\documents and settings\Home\Application Data\alot\products\products.xml

c:\documents and settings\Home\Application Data\alot\products\products.xml.backup

c:\documents and settings\Home\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html

c:\documents and settings\Home\Application Data\alot\Resources\BrowserSearch\images\favicon.ico

c:\documents and settings\Home\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_0\images\alot_logo_button.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_image_search.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_image_search.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_news_search.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_news_search.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_search_button.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_shop_search.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_shop_search.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_videos_search.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_videos_search.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_web_search.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_1\images\alot_web_search.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_2\images\alot_configure.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_2\images\alot_configure.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_3\images\default_5119_alot_weather_widget.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_3\images\default_5119_alot_weather_widget.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_4\images\3321_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_4\images\3321_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_5\images\3320_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_5\images\3320_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_6\images\3319_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_6\images\3319_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_7\images\4001_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_7\images\4001_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_8\images\4352_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_8\images\4352_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\Button_9\images\4131_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Button_9\images\4131_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp

c:\documents and settings\Home\Application Data\alot\Resources\contextMenu\images\alot_icon.png

c:\documents and settings\Home\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp

c:\documents and settings\Home\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png

c:\documents and settings\Home\Application Data\alot\Resources\Shared\domains.dat

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\alot_brand.png

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\alot_splitter.png

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\discover.png

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\intro_popup.png

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\spinner.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_bottom.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnconfig0.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnconfig1.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnrefresh0.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_btnrefresh1.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_caption.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_error_close.bmp

c:\documents and settings\Home\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp

c:\documents and settings\Home\Application Data\alot\TimerManager\TimerManager.xml

c:\documents and settings\Home\Application Data\alot\TimerManager\TimerManager.xml.backup

c:\documents and settings\Home\Application Data\alot\toolbar.xml

c:\documents and settings\Home\Application Data\alot\toolbar.xml.backup

c:\documents and settings\Home\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml

c:\documents and settings\Home\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup

c:\documents and settings\Home\Application Data\alot\ToolbarSearch\ToolbarSearch.xml

c:\documents and settings\Home\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup

c:\documents and settings\Home\Application Data\alot\Updater\Updater.xml

c:\documents and settings\Home\Application Data\alot\Updater\Updater.xml.backup

c:\documents and settings\Home\Application Data\dwm.exe

c:\documents and settings\Home\Application Data\Microsoft\conhost.exe

c:\documents and settings\Home\WINDOWS

c:\windows\ejederot.dll

c:\windows\gne2pan.dll

c:\windows\system32\crt.dat

c:\windows\system32\cryptnet32.dll

c:\windows\system32\Dll.dll

c:\windows\system32\drivers\str.sys

c:\windows\system32\shimg.dll

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-06-16 to 2011-07-16 )))))))))))))))))))))))))))))))

.

.

2011-07-16 21:26 . 2011-07-16 21:33 -------- d-----w- C:\32788R22FWJFW

2011-07-16 14:04 . 2011-07-16 14:04 0 ---ha-w- c:\documents and settings\Home\Local Settings\Application Data\BITB.tmp

2011-07-16 11:44 . 2011-07-16 11:44 189 ----a-w- c:\documents and settings\Home\Application Data\Microsoft\gb_61937.bat

2011-07-15 21:11 . 2011-07-15 21:11 0 ---ha-w- c:\documents and settings\Home\Local Settings\Application Data\BIT9.tmp

2011-07-15 17:23 . 2011-07-15 17:23 0 ---ha-w- c:\documents and settings\Home\Local Settings\Application Data\BIT6.tmp

2011-06-25 15:49 . 2011-06-25 15:49 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-15 39408]

"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

"nwiz"="nwiz.exe" [2008-05-03 1630208]

"WinSys2"="c:\windows\system32\winsys2.exe" [2008-01-18 208896]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]

"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]

"Face-Plus"="c:\program files\faceplus\pre_faceplus.exe" [2010-07-21 32768]

"BlackBerryAutoUpdate"="c:\program files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-11-19 623960]

"RoxWatchTray"="c:\program files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-12-20 2656528]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

.

c:\documents and settings\Home\Menu D‚marrer\Programmes\D‚marrage\

OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

.

c:\documents and settings\Home\Menu D‚marrer\Programmes\D‚marrage\

OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

.

c:\documents and settings\Home\Menu D‚marrer\Programmes\D‚marrage\

OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

.

c:\documents and settings\Home\Menu D‚marrer\Programmes\D‚marrage\

OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=

"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.

R2 SCRCAMHRDRV;ScreenCamera HR;c:\windows\system32\drivers\SCRCAMHRDRV.sys [16/02/2010 21:22 234304]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [26/07/2010 18:23 27632]

R3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [26/01/2010 17:02 468768]

S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15/04/2010 18:35 135664]

S2 wtmstmsxbt;wtmstmsxbt;"c:\docume~1\Home\LOCALS~1\Temp\DAT1C3.tmp.exe" --SERVICE --> c:\docume~1\Home\LOCALS~1\Temp\DAT1C3.tmp.exe [?]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [26/07/2010 18:23 13224]

S3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15/04/2010 18:35 135664]

.

Contents of the 'Scheduled Tasks' folder

.

2011-07-16 c:\windows\Tasks\Epson Printer Software Downloader.job

- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]

.

2011-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 16:34]

.

2011-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 16:34]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.orange.fr/

uInternet Settings,ProxyServer = http=127.0.0.1:53717

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKCU-Run-Power2GoExpress - (no file)

HKCU-Run-uTYNEsbrvPE - c:\documents and settings\All Users\Application Data\uTYNEsbrvPE.exe

HKCU-Run-Mpico - c:\windows\gne2pan.dll

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-07-17 00:37

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(4668)

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\eappprxy.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\windows\system32\nvsvc32.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\RTHDCPL.EXE

c:\program files\faceplus\faceplus.exe

c:\program files\OpenOffice.org 3\program\soffice.exe

c:\program files\OpenOffice.org 3\program\soffice.bin

c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\wscntfy.exe

c:\windows\eHome\ehmsas.exe

c:\program files\Internet Explorer\IEXPLORE.EXE

c:\program files\Internet Explorer\IEXPLORE.EXE

.

**************************************************************************

.

Completion time: 2011-07-17 00:52:47 - machine was rebooted

ComboFix-quarantined-files.txt 2011-07-16 22:52

.

Pre-Run: 235 502 510 080 octets libres

Post-Run: 236 267 696 128 octets libres

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 1B3C9E4F8D88AC3EF0098FE74FF842B1

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...