Sujet Précédent Sujet Suivant

SECURITY SYSTEM WARNING

Fermé
titiacherie Messages postés 17 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 29 décembre 2008 - 29 déc. 2008 à 14:01
titiacherie Messages postés 17 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 29 décembre 2008 - 29 déc. 2008 à 20:42
Bonjour a tous,
g un probleme avec mon pc il m'indique tout le tem you have a security problem je ne c pas d'ou sa vien.
g cru voir qu'il falai que je mette combo et donc voila les deux raport je c pas si c pas la meme chose je ne compren rien du tout merci de votre aide:

ComboFix 08-12-28.01 - BOUTIN MARION 2008-12-29 2:27:27.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1015.590 [GMT 1:00]
Lancé depuis: c:\documents and settings\BOUTIN MARION\Bureau\BIBITE.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Outdated)
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system\winlog.ini
c:\windows\system32\EDF684C4AB.dll
c:\windows\system32\Tasks\cscript03.exe
c:\windows\system32\Tasks\cscript04.exe
c:\windows\system32\Tasks\cscript05.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 ))))))))))))))))))))))))))))))))))))
.

2009-11-25 00:17 . 2009-11-25 00:17 <REP> d----c--- c:\windows\system32\Atheros_L2
2008-12-29 01:41 . 2008-03-17 22:33 <REP> d--h-c--- c:\documents and settings\Administrateur\Voisinage réseau
2008-12-29 01:41 . 2008-03-17 22:33 <REP> d--h-c--- c:\documents and settings\Administrateur\Voisinage d'impression
2008-12-29 01:41 . 2008-03-17 14:41 <REP> d--h-c--- c:\documents and settings\Administrateur\Modèles
2008-12-29 01:41 . 2008-04-16 03:19 <REP> dr---c--- c:\documents and settings\Administrateur\Mes documents
2008-12-29 01:41 . 2008-03-17 22:33 <REP> dr---c--- c:\documents and settings\Administrateur\Menu Démarrer
2008-12-29 01:41 . 2008-04-16 03:19 <REP> dr---c--- c:\documents and settings\Administrateur\Favoris
2008-12-29 01:41 . 2008-04-17 21:36 <REP> d----c--- c:\documents and settings\Administrateur\Bureau
2008-12-29 01:41 . 2008-04-06 07:47 <REP> d----c--- c:\documents and settings\Administrateur\Application Data\InterVideo
2008-12-29 01:41 . 2008-04-05 20:36 <REP> d----c--- c:\documents and settings\Administrateur\Application Data\InstallShield
2008-12-29 01:41 . 2008-12-29 01:41 <REP> d----c--- c:\documents and settings\Administrateur
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\program files\Malwarebytes' Anti-Malware
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Application Data\Malwarebytes
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-29 01:02 . 2008-12-03 19:52 38,496 --a--c--- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-29 01:02 . 2008-12-03 19:52 15,504 --a--c--- c:\windows\system32\drivers\mbam.sys
2008-12-28 22:42 . 2008-12-28 23:00 <REP> d----c--- c:\windows\system32\drivers\Avg
2008-12-28 22:42 . 2008-12-29 00:11 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Application Data\AVGTOOLBAR
2008-12-28 22:42 . 2008-12-28 22:42 98,440 --a--c--- c:\windows\system32\drivers\avgldx86.sys
2008-12-28 22:42 . 2008-12-28 22:42 90,632 --a--c--- c:\windows\system32\drivers\avgtdix.sys
2008-12-28 22:42 . 2008-12-28 22:42 12,936 --a--c--- c:\windows\system32\drivers\avgrkx86.sys
2008-12-28 22:42 . 2008-12-28 22:42 10,520 --a--c--- c:\windows\system32\avgrsstx.dll
2008-12-28 22:40 . 2008-12-28 22:40 <REP> d----c--- c:\program files\AVG
2008-12-28 22:40 . 2008-12-28 22:40 <REP> d----c--- c:\documents and settings\All Users\Application Data\avg8
2008-12-28 22:24 . 2008-11-06 02:03 <REP> d----c--- C:\SDFix
2008-12-28 22:17 . 2008-12-28 22:17 <REP> d----c--- C:\rsit
2008-12-28 22:17 . 2008-12-28 22:17 <REP> d----c--- c:\program files\trend micro
2008-12-28 22:11 . 2008-12-28 22:11 <REP> d----c--- c:\documents and settings\All Users\Application Data\813423737
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\Mozilla Plugins
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\iTunesMiniPlayer.Resources
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\iTunesHelper.Resources
2008-12-27 21:41 . 2008-12-27 21:42 <REP> d----c--- C:\iTunes.Resources
2008-12-27 21:40 . 2008-12-27 21:41 <REP> d----c--- C:\CD Configuration
2008-12-27 21:33 . 2008-12-27 21:33 <REP> d----c--- c:\program files\Apple Software Update
2008-12-16 16:31 . 2008-12-29 01:06 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Tracing
2008-12-16 16:06 . 2008-12-16 16:06 <REP> d----c--- c:\program files\Microsoft Silverlight
2008-12-16 16:06 . 2008-12-08 17:01 55,136 --a--c--- c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-16 15:50 . 2008-12-16 15:50 <REP> d----c--- c:\program files\Microsoft Sync Framework
2008-12-16 15:41 . 2008-12-16 15:41 <REP> d----c--- c:\program files\Microsoft
2008-12-16 15:39 . 2008-12-16 15:39 <REP> d----c--- c:\program files\Windows Live SkyDrive
2008-12-16 15:21 . 2008-12-16 15:21 <REP> d----c--- c:\program files\Fichiers communs\Windows Live
2008-12-05 00:11 . 2008-12-05 00:11 308,584 --a--c--- c:\windows\WLXPGSS.SCR
2008-12-03 01:25 . 2008-12-03 01:25 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Contacts
2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a--c--- c:\windows\system32\sirenacm.dll
2008-12-01 23:38 . 2006-10-08 06:13 167,936 --a--c--- c:\windows\system32\igfxres.dll
2008-12-01 23:07 . 2008-12-01 23:08 11,858 --a--c--- c:\windows\Ascd_log.ini
2008-12-01 23:07 . 2008-12-01 23:07 11,325 --a--c--- c:\windows\Ascd_tmp.ini
2008-12-01 23:07 . 2007-12-28 08:22 10,296 --a--c--- c:\windows\system32\drivers\ASUSHWIO.SYS

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-28 19:32 107,541 -c--a-w c:\windows\system32\cscript02.exe
2008-12-21 02:09 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\StarOffice8
2008-12-16 15:05 --------- dc----w c:\program files\Windows Live
2008-12-08 12:24 --------- dc----w c:\program files\Fichiers communs\Adobe
2008-12-01 22:58 --------- dc----w c:\program files\QuickTime
2008-12-01 22:29 --------- dc----w c:\program files\Elantech
2008-12-01 20:05 1,916 -c--a-w c:\documents and settings\BOUTIN MARION\Application Data\wklnhst.dat
2008-11-26 18:46 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Apple Computer
2008-11-25 20:35 --------- dc----w c:\documents and settings\All Users\Application Data\Protexis
2008-11-25 17:40 --------- dc----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-25 17:37 --------- dc----w c:\program files\iPod
2008-11-25 17:37 --------- dc----w c:\program files\Fichiers communs\Apple
2008-11-25 17:37 --------- dc----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-25 17:36 --------- dc----w c:\program files\Zylom Games
2008-11-25 17:24 --------- dc----w c:\documents and settings\All Users\Application Data\Apple
2008-11-23 03:18 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Zylom
2008-11-23 03:18 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Meridian93
2008-11-22 17:57 --------- dc----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-20 12:20 643,072 -c--a-w C:\iPodUpdaterExt.dll
2008-11-20 12:20 438,272 -c--a-w C:\CDDBControlApple.dll
2008-11-20 12:20 290,088 -c--a-w C:\iTunesHelper.exe
2008-11-20 12:20 283,136 -c--a-w C:\iTunesOutlookAddIn.dll
2008-11-20 12:20 172,544 -c--a-w C:\iTunesPhotoSupport.dll
2008-11-20 12:20 14,294,824 -c--a-w C:\iTunes.exe
2008-11-20 12:20 132,392 -c--a-w C:\iTunesMiniPlayer.dll
2008-11-20 12:20 108,328 -c--a-w C:\iTunesAdmin.dll
2008-11-20 02:41 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\emsuser
2008-11-20 02:40 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Emjysoft
2008-11-20 02:40 --------- dc----w c:\documents and settings\All Users\Application Data\Emjysoft
2008-11-11 01:50 --------- dc--a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-11 00:50 --------- dc----w c:\program files\orange
2008-11-11 00:50 --------- dc----w c:\program files\Oberon Media
2008-11-11 00:50 --------- dc----w c:\program files\Fichiers communs\Oberon Media
2008-11-10 20:41 690,781 -c--a-w c:\windows\system32\cscript04.exe
2008-11-07 13:23 32,000 -c--a-w c:\windows\system32\drivers\usbaapl.sys
2008-11-06 01:02 --------- dc-h--w c:\program files\InstallShield Installation Information
2008-11-06 00:16 --------- dc----w c:\program files\Samsung
2008-10-23 12:36 286,720 -c--a-w c:\windows\system32\gdi32.dll
2008-10-16 13:13 202,776 -c--a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 -c--a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 -c--a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 -c--a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 -c--a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 -c--a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 -c--a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 -c--a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 -c--a-w c:\windows\system32\muweb.dll
2008-10-16 01:01 670,208 -c--a-w c:\windows\system32\wininet.dll
2008-10-03 10:03 247,326 -c--a-w c:\windows\system32\strmdll.dll
2008-09-30 15:43 1,286,152 -c--a-w c:\windows\system32\msxml4.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\iTunesHelper.exe" [2008-11-20 290088]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-08 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-08 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-08 94208]
"136419629"="c:\documents and settings\All Users\Application Data\813423737\136419629.exe" [2008-12-28 1711655]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-28 1261336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AutoRun OSCleaner.lnk - c:\program files\ASUS\Asus OS Cleaner\AsOSCleaner.exe [2008-04-05 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a--c--- 2008-12-02 22:41 3882312 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-12-28 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-28 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-28 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-28 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-28 231704]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-16 55136]
R2 SeaPort;SeaPort;"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [2008-12-04 226640]
R3 AsusACPI;ASUS ACPI Driver;c:\windows\system32\DRIVERS\ASUSACPI.sys [2008-04-05 11264]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l251x86.sys [2008-04-15 30720]
R3 Ktp;Elantech Smart-Pad;c:\windows\system32\DRIVERS\ETD.sys [2008-04-07 25088]
S3 fsssvc;Windows Live Contrôle parental;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-12-08 533344]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-12-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com

c:\windows\Downloaded Program Files\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file://c:\program files\Monopoly Here and Now\Images\stg_drm.ocx

c:\windows\Downloaded Program Files\zylomgamesplayer.dll - O16 -: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
c:\windows\Downloaded Program Files\ZylomGamesPlayer.inf

c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
file://c:\program files\Monopoly Here and Now\Images\armhelper.ocx

c:\windows\Downloaded Program Files\OberonGameHost.dll - O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
hxxp://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
c:\windows\Downloaded Program Files\OberonGameHost_dbg.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 02:32:52
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\avgrsstx.dll
c:\windows\system32\igfxdev.dll

- - - - - - - > 'lsass.exe'(772)
c:\windows\system32\avgrsstx.dll
.
Heure de fin: 2008-12-29 2:35:19
ComboFix-quarantined-files.txt 2008-12-29 01:35:10

Avant-CF: 115 032 064 octets libres
Après-CF: 177,106,944 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

225 --- E O F --- 2008-12-19 02:01:07


rapport 2:

ComboFix 08-12-28.01 - BOUTIN MARION 2008-12-29 13:47:14.2 - NTFSx86
Lancé depuis: c:\documents and settings\BOUTIN MARION\Bureau\BIBITE.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Outdated)
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-29 ))))))))))))))))))))))))))))))))))))
.

2009-11-25 00:17 . 2009-11-25 00:17 <REP> d----c--- c:\windows\system32\Atheros_L2
2008-12-29 01:41 . 2008-03-17 22:33 <REP> d--h-c--- c:\documents and settings\Administrateur\Voisinage réseau
2008-12-29 01:41 . 2008-03-17 22:33 <REP> d--h-c--- c:\documents and settings\Administrateur\Voisinage d'impression
2008-12-29 01:41 . 2008-03-17 14:41 <REP> d--h-c--- c:\documents and settings\Administrateur\Modèles
2008-12-29 01:41 . 2008-04-16 03:19 <REP> dr---c--- c:\documents and settings\Administrateur\Mes documents
2008-12-29 01:41 . 2008-03-17 22:33 <REP> dr---c--- c:\documents and settings\Administrateur\Menu Démarrer
2008-12-29 01:41 . 2008-04-16 03:19 <REP> dr---c--- c:\documents and settings\Administrateur\Favoris
2008-12-29 01:41 . 2008-04-17 21:36 <REP> d----c--- c:\documents and settings\Administrateur\Bureau
2008-12-29 01:41 . 2008-04-06 07:47 <REP> d----c--- c:\documents and settings\Administrateur\Application Data\InterVideo
2008-12-29 01:41 . 2008-04-05 20:36 <REP> d----c--- c:\documents and settings\Administrateur\Application Data\InstallShield
2008-12-29 01:41 . 2008-12-29 01:41 <REP> d----c--- c:\documents and settings\Administrateur
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\program files\Malwarebytes' Anti-Malware
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Application Data\Malwarebytes
2008-12-29 01:02 . 2008-12-29 01:02 <REP> d----c--- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-29 01:02 . 2008-12-03 19:52 38,496 --a--c--- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-29 01:02 . 2008-12-03 19:52 15,504 --a--c--- c:\windows\system32\drivers\mbam.sys
2008-12-28 22:42 . 2008-12-28 23:00 <REP> d----c--- c:\windows\system32\drivers\Avg
2008-12-28 22:42 . 2008-12-29 00:11 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Application Data\AVGTOOLBAR
2008-12-28 22:42 . 2008-12-28 22:42 98,440 --a--c--- c:\windows\system32\drivers\avgldx86.sys
2008-12-28 22:42 . 2008-12-28 22:42 90,632 --a--c--- c:\windows\system32\drivers\avgtdix.sys
2008-12-28 22:42 . 2008-12-28 22:42 12,936 --a--c--- c:\windows\system32\drivers\avgrkx86.sys
2008-12-28 22:42 . 2008-12-28 22:42 10,520 --a--c--- c:\windows\system32\avgrsstx.dll
2008-12-28 22:40 . 2008-12-28 22:40 <REP> d----c--- c:\program files\AVG
2008-12-28 22:40 . 2008-12-28 22:40 <REP> d----c--- c:\documents and settings\All Users\Application Data\avg8
2008-12-28 22:24 . 2008-11-06 02:03 <REP> d----c--- C:\SDFix
2008-12-28 22:17 . 2008-12-28 22:17 <REP> d----c--- C:\rsit
2008-12-28 22:17 . 2008-12-28 22:17 <REP> d----c--- c:\program files\trend micro
2008-12-28 22:11 . 2008-12-28 22:11 <REP> d----c--- c:\documents and settings\All Users\Application Data\813423737
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\Mozilla Plugins
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\iTunesMiniPlayer.Resources
2008-12-27 21:42 . 2008-12-27 21:42 <REP> d----c--- C:\iTunesHelper.Resources
2008-12-27 21:41 . 2008-12-27 21:42 <REP> d----c--- C:\iTunes.Resources
2008-12-27 21:40 . 2008-12-27 21:41 <REP> d----c--- C:\CD Configuration
2008-12-27 21:33 . 2008-12-27 21:33 <REP> d----c--- c:\program files\Apple Software Update
2008-12-16 16:31 . 2008-12-29 02:50 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Tracing
2008-12-16 16:06 . 2008-12-16 16:06 <REP> d----c--- c:\program files\Microsoft Silverlight
2008-12-16 16:06 . 2008-12-08 17:01 55,136 --a--c--- c:\windows\system32\drivers\fssfltr_tdi.sys
2008-12-16 15:50 . 2008-12-16 15:50 <REP> d----c--- c:\program files\Microsoft Sync Framework
2008-12-16 15:41 . 2008-12-16 15:41 <REP> d----c--- c:\program files\Microsoft
2008-12-16 15:39 . 2008-12-16 15:39 <REP> d----c--- c:\program files\Windows Live SkyDrive
2008-12-16 15:21 . 2008-12-16 15:21 <REP> d----c--- c:\program files\Fichiers communs\Windows Live
2008-12-05 00:11 . 2008-12-05 00:11 308,584 --a--c--- c:\windows\WLXPGSS.SCR
2008-12-03 01:25 . 2008-12-03 01:25 <REP> d----c--- c:\documents and settings\BOUTIN MARION\Contacts
2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a--c--- c:\windows\system32\sirenacm.dll
2008-12-01 23:38 . 2006-10-08 06:13 167,936 --a--c--- c:\windows\system32\igfxres.dll
2008-12-01 23:07 . 2008-12-01 23:08 11,858 --a--c--- c:\windows\Ascd_log.ini
2008-12-01 23:07 . 2008-12-01 23:07 11,325 --a--c--- c:\windows\Ascd_tmp.ini
2008-12-01 23:07 . 2007-12-28 08:22 10,296 --a--c--- c:\windows\system32\drivers\ASUSHWIO.SYS

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-28 19:32 107,541 -c--a-w c:\windows\system32\cscript02.exe
2008-12-21 02:09 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\StarOffice8
2008-12-16 15:05 --------- dc----w c:\program files\Windows Live
2008-12-08 12:24 --------- dc----w c:\program files\Fichiers communs\Adobe
2008-12-01 22:58 --------- dc----w c:\program files\QuickTime
2008-12-01 22:29 --------- dc----w c:\program files\Elantech
2008-12-01 20:05 1,916 -c--a-w c:\documents and settings\BOUTIN MARION\Application Data\wklnhst.dat
2008-11-26 18:46 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Apple Computer
2008-11-25 20:35 --------- dc----w c:\documents and settings\All Users\Application Data\Protexis
2008-11-25 17:40 --------- dc----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-25 17:37 --------- dc----w c:\program files\iPod
2008-11-25 17:37 --------- dc----w c:\program files\Fichiers communs\Apple
2008-11-25 17:37 --------- dc----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-25 17:36 --------- dc----w c:\program files\Zylom Games
2008-11-25 17:24 --------- dc----w c:\documents and settings\All Users\Application Data\Apple
2008-11-23 03:18 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Zylom
2008-11-23 03:18 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Meridian93
2008-11-22 17:57 --------- dc----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-20 12:20 643,072 -c--a-w C:\iPodUpdaterExt.dll
2008-11-20 12:20 438,272 -c--a-w C:\CDDBControlApple.dll
2008-11-20 12:20 290,088 -c--a-w C:\iTunesHelper.exe
2008-11-20 12:20 283,136 -c--a-w C:\iTunesOutlookAddIn.dll
2008-11-20 12:20 172,544 -c--a-w C:\iTunesPhotoSupport.dll
2008-11-20 12:20 14,294,824 -c--a-w C:\iTunes.exe
2008-11-20 12:20 132,392 -c--a-w C:\iTunesMiniPlayer.dll
2008-11-20 12:20 108,328 -c--a-w C:\iTunesAdmin.dll
2008-11-20 02:41 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\emsuser
2008-11-20 02:40 --------- dc----w c:\documents and settings\BOUTIN MARION\Application Data\Emjysoft
2008-11-20 02:40 --------- dc----w c:\documents and settings\All Users\Application Data\Emjysoft
2008-11-11 01:50 --------- dc--a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-11 00:50 --------- dc----w c:\program files\orange
2008-11-11 00:50 --------- dc----w c:\program files\Oberon Media
2008-11-11 00:50 --------- dc----w c:\program files\Fichiers communs\Oberon Media
2008-11-10 20:41 690,781 -c--a-w c:\windows\system32\cscript04.exe
2008-11-07 13:23 32,000 -c--a-w c:\windows\system32\drivers\usbaapl.sys
2008-11-06 01:02 --------- dc-h--w c:\program files\InstallShield Installation Information
2008-11-06 00:16 --------- dc----w c:\program files\Samsung
2008-10-23 12:36 286,720 -c--a-w c:\windows\system32\gdi32.dll
2008-10-16 13:13 202,776 -c--a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 -c--a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 -c--a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 -c--a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 -c--a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 -c--a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 -c--a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 -c--a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 -c--a-w c:\windows\system32\muweb.dll
2008-10-16 01:01 670,208 -c--a-w c:\windows\system32\wininet.dll
2008-10-03 10:03 247,326 -c--a-w c:\windows\system32\strmdll.dll
2008-09-30 15:43 1,286,152 -c--a-w c:\windows\system32\msxml4.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\iTunesHelper.exe" [2008-11-20 290088]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-08 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-08 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-08 94208]
"136419629"="c:\documents and settings\All Users\Application Data\813423737\136419629.exe" [2008-12-28 1711655]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-28 1261336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
AutoRun OSCleaner.lnk - c:\program files\ASUS\Asus OS Cleaner\AsOSCleaner.exe [2008-04-05 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a--c--- 2008-12-02 22:41 3882312 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-12-28 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-28 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-28 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-28 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-28 231704]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-16 55136]
R2 SeaPort;SeaPort;"c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [2008-12-04 226640]
R3 AsusACPI;ASUS ACPI Driver;c:\windows\system32\DRIVERS\ASUSACPI.sys [2008-04-05 11264]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l251x86.sys [2008-04-15 30720]
R3 Ktp;Elantech Smart-Pad;c:\windows\system32\DRIVERS\ETD.sys [2008-04-07 25088]
S3 fsssvc;Windows Live Contrôle parental;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-12-08 533344]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-12-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com

c:\windows\Downloaded Program Files\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file://c:\program files\Monopoly Here and Now\Images\stg_drm.ocx

c:\windows\Downloaded Program Files\zylomgamesplayer.dll - O16 -: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B}
hxxp://game11.zylom.com/activex/zylomgamesplayer.cab
c:\windows\Downloaded Program Files\ZylomGamesPlayer.inf

c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
file://c:\program files\Monopoly Here and Now\Images\armhelper.ocx

c:\windows\Downloaded Program Files\OberonGameHost.dll - O16 -: {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
hxxp://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
c:\windows\Downloaded Program Files\OberonGameHost_dbg.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-29 13:49:54
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\avgrsstx.dll
c:\windows\system32\igfxdev.dll

- - - - - - - > 'lsass.exe'(772)
c:\windows\system32\avgrsstx.dll
.
Heure de fin: 2008-12-29 13:51:41
ComboFix-quarantined-files.txt 2008-12-29 12:51:37
ComboFix2.txt 2008-12-29 01:35:23

Avant-CF: 243 937 280 octets libres
Après-CF: 300,212,224 octets libres

208 --- E O F --- 2008-12-19 02:01:07

2 réponses

Réponse 1 / 2
manivitch901 Messages postés 6 Date d'inscription jeudi 18 décembre 2008 Statut Membre Dernière intervention 29 décembre 2008
29 déc. 2008 à 14:04
bonjour
je te conseille d'utiliser kaspersky (payant) parce qu'il est le seul moyen d'effacer les virus , ce n'est obligatoirement d'acheter un paquet contenant le cd et le guide d'utilisation vous pouvez acheter seulement une licence kaspersky (16 euro ) au lieu d'acheter une paquet (35 euro) . la seul moyen de paiement est paypal . la licence sera envoyé sous forme d'e-mail aprés 24 heures de paiement .
www.antivirus.votreboutiquepro.com

Merci
0
Réponse 2 / 2
titiacherie Messages postés 17 Date d'inscription dimanche 18 novembre 2007 Statut Membre Dernière intervention 29 décembre 2008
29 déc. 2008 à 20:42
je n'est absolument pas les moyen d'acheter cet anti virus je ne c plus comment faire au secour!!!
0

Discussions similaires

comment faire si on a un mail delivery system
angeldu5954 -
angeldu5954 -

5 réponses
Code de réinitialisation mdp facebook sans le demander
Colonel_El_Moustachat -
Colonel_El_Moustachat -

4 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse
Supprimer un fichier ouvert dans systeme.
kakashiles -
yly -

12 réponses
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses