Probleme avec winjpg.jpg
Résolu
mamoon25
Messages postés
56
Date d'inscription
Statut
Membre
Dernière intervention
-
yazid20012 -
yazid20012 -
Bonjour,
une fenêtre appairait : impossible de trouver le fichier script: "C:\WINDOWS\system32\winjpg.jpg".
je ne peut pas acceder au gestionnaire des taches.
veuiller m'aidez SVP
Cordialement.
une fenêtre appairait : impossible de trouver le fichier script: "C:\WINDOWS\system32\winjpg.jpg".
je ne peut pas acceder au gestionnaire des taches.
veuiller m'aidez SVP
Cordialement.
57 réponses
re salut destrio5,
voila le rapport de comboFix:
ComboFix 09-06-23.01 - espace deco 24/06/2009 17:09.2 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1606 [GMT 2:00]
Lancé depuis: c:\documents and settings\espace deco\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-06-24 ))))))))))))))))))))))))))))))))))))
.
2009-06-24 14:42 . 2009-06-24 14:42 -------- d-----w- c:\windows\system32\dllcache\cache
2009-06-24 13:11 . 2009-06-24 13:11 -------- d-----w- c:\program files\Java
2009-06-24 13:11 . 2009-06-24 13:11 152576 ----a-w- c:\documents and settings\espace deco\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-24 10:29 . 2009-06-24 10:29 -------- d-sh--w- C:\FOUND.000
2009-06-23 22:27 . 2009-06-23 22:27 -------- d-----w- c:\program files\Ad-remover
2009-06-23 21:53 . 2009-06-23 21:53 -------- d-----w- C:\rsit
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\documents and settings\espace deco\Application Data\Malwarebytes
2009-06-23 21:18 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-23 21:18 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-23 15:54 . 2009-06-23 15:54 -------- d-----w- C:\UsbFix
2009-06-23 13:43 . 2009-06-23 13:43 -------- d-----w- c:\program files\Vilma
2009-06-21 13:28 . 2009-06-21 13:28 4096 ----a-w- c:\windows\d3dx.dat
2009-06-21 13:18 . 2009-06-21 13:18 -------- d-----w- c:\program files\directx
2009-06-20 19:57 . 2009-06-20 19:57 -------- d-----w- c:\program files\LimeWire
2009-06-19 22:08 . 2009-06-19 22:08 -------- d-----w- c:\program files\City Interactive
2009-06-17 22:19 . 2009-06-17 22:19 -------- d-----w- C:\ProgramData
2009-06-17 22:19 . 2009-06-17 22:19 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Downloaded Installations
2009-06-17 14:30 . 2008-10-10 02:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-06-17 14:30 . 2008-10-10 02:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-06-17 14:30 . 2008-10-10 02:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-06-17 13:58 . 2009-06-17 13:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\RapidTyping
2009-06-17 12:00 . 2009-06-17 12:00 -------- d-----w- c:\program files\RapidTyping
2009-06-17 12:00 . 2009-06-17 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidTyping
2009-06-16 01:39 . 2009-06-16 01:39 -------- d-----w- c:\documents and settings\espace deco\Application Data\PipeMania
2009-06-16 01:23 . 2009-06-16 01:23 297 ----a-w- c:\windows\EReg072.dat
2009-06-16 01:13 . 2009-06-16 01:13 -------- d-----w- c:\program files\Firaxis Games
2009-06-16 01:04 . 2009-06-16 01:04 -------- d-----w- c:\documents and settings\espace deco\Application Data\ValuSoft
2009-06-16 01:00 . 2009-06-16 01:00 -------- d-----w- c:\program files\Prison Tycoon 4
2009-06-16 00:47 . 2009-06-16 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-06-16 00:22 . 2009-06-16 00:22 -------- d-----w- c:\windows\system32\RTCOM
2009-06-15 23:31 . 2009-06-15 23:31 -------- d-----w- C:\NVIDIA
2009-06-15 23:29 . 2009-06-15 23:29 -------- d-----w- c:\program files\Intel
2009-06-15 23:29 . 2009-04-09 07:47 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-15 23:21 . 2009-06-15 23:21 -------- d-----w- C:\Intel
2009-06-15 23:19 . 2009-06-15 23:19 -------- d-----w- c:\program files\Marvell
2009-06-15 22:55 . 2009-06-15 22:55 -------- d--h--w- c:\windows\PIF
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\program files\ma-config.com
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\program files\Setup Files
2009-06-15 22:31 . 2009-06-15 22:31 -------- d-----w- c:\program files\MSI
2009-06-15 21:26 . 2009-06-15 21:26 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Electronic Arts
2009-06-15 00:19 . 2009-06-24 14:23 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\documents and settings\espace deco\Application Data\BitDefender
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\program files\BitDefender
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-06-14 10:31 . 2009-06-14 10:31 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-06-14 10:03 . 2009-06-14 10:03 -------- d-----w- c:\windows\BDOSCAN8
2009-06-12 13:28 . 2001-08-17 19:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-06-12 13:28 . 2001-08-17 19:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-06-11 22:35 . 2009-06-11 22:35 -------- d-----w- c:\documents and settings\espace deco\Temp
2009-06-09 22:23 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-08 18:14 . 2009-06-08 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-06-04 11:19 . 2009-06-04 11:19 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-04 11:19 . 2009-06-04 11:19 -------- d-----w- c:\documents and settings\espace deco\Application Data\DAEMON Tools
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\windows\system32\drivers\umdf
2009-06-04 11:11 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-06-04 11:11 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-06-04 11:11 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-06-04 11:11 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\windows\system32\xlive
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-06-03 22:33 . 2009-06-03 22:34 -------- d-----w- c:\program files\GetTubeVideo
2009-06-02 00:45 . 2008-12-16 12:31 354304 ------w- c:\windows\system32\dllcache\winhttp.dll
2009-06-02 00:42 . 2008-04-14 02:33 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\wbem\Repository.001
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\l2schemas
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\fr
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\bits
2009-06-02 00:32 . 2009-06-02 00:32 -------- d-----w- c:\windows\ServicePackFiles
2009-06-01 17:48 . 2009-06-01 17:48 -------- d-----w- c:\documents and settings\espace deco\Application Data\Inkscape
2009-05-31 22:09 . 2009-05-31 22:09 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Seven Zip
2009-05-31 20:50 . 2009-05-31 20:50 -------- d-----w- c:\documents and settings\espace deco\Application Data\GrabPro
2009-05-31 20:50 . 2009-05-31 20:50 -------- d-----w- c:\documents and settings\espace deco\Application Data\Orbit
2009-05-30 20:08 . 2009-05-30 20:08 -------- d-----w- c:\program files\Email Subscriber Pro
2009-05-30 19:44 . 2009-05-30 19:44 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Xenocode
2009-05-30 19:31 . 1997-07-28 10:34 32256 ----a-w- c:\windows\system32\CmDlgFR.dll
2009-05-30 19:31 . 1997-07-28 10:33 100352 ----a-w- c:\windows\system32\CmCtlFR.dll
2009-05-30 19:31 . 1997-02-26 22:00 78608 ----a-w- c:\windows\system32\VB5DB.dll
2009-05-30 19:31 . 1997-02-26 22:00 403216 ----a-w- c:\windows\system32\MsRepl35.dll
2009-05-30 19:31 . 1997-02-26 22:00 251664 ----a-w- c:\windows\system32\MSRD2x35.dll
2009-05-30 19:31 . 1997-02-26 22:00 23552 ----a-w- c:\windows\system32\CmCt2FR.dll
2009-05-30 19:31 . 1997-02-26 22:00 1039360 ----a-w- c:\windows\system32\MSJet35.dll
2009-05-30 19:31 . 1997-02-26 22:00 41232 ----a-w- c:\windows\system32\MSJInt35.dll
2009-05-30 19:31 . 1997-02-26 22:00 34816 ----a-w- c:\windows\system32\DBGrdFR.dll
2009-05-30 19:31 . 1997-02-26 22:00 24336 ----a-w- c:\windows\system32\MSJtEr35.dll
2009-05-30 19:29 . 1997-07-30 16:43 96256 ----a-w- c:\windows\system32\VB5FR.dll
2009-05-30 19:29 . 1997-02-26 22:00 73216 ----a-w- c:\windows\ST5UNST.EXE
2009-05-30 19:29 . 1997-02-26 22:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2009-05-29 22:12 . 2009-05-29 22:12 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Identities
2009-05-27 06:58 . 2009-05-27 06:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\TuneUp Software
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-26 17:37 . 2009-05-26 17:37 -------- d-----w- c:\documents and settings\espace deco\Application Data\WarZone
2009-05-26 17:30 . 2008-03-23 05:15 499200 ----a-w- c:\windows\system32\WZDPlay.dll
2009-05-26 17:20 . 2009-05-26 17:20 -------- d-----w- c:\program files\WarZone
2009-05-25 21:19 . 2009-05-25 21:19 -------- d--h--r- c:\documents and settings\espace deco\Application Data\SecuROM
2009-05-25 16:29 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 13:11 . 2009-03-31 21:09 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-16 21:16 . 2009-04-21 09:57 145544 ----a-w- c:\windows\system32\drivers\bdfm.sys
2009-06-16 00:20 . 2009-06-16 00:20 -------- d-----w- c:\program files\Realtek
2009-06-15 23:21 . 2002-09-06 22:00 79872 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-15 23:21 . 2002-09-06 22:00 497554 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-04 23:48 . 2009-04-05 22:15 2869760 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-06-02 00:44 . 2009-03-31 21:11 186032 ----a-w- c:\documents and settings\espace deco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-02 00:35 . 2009-03-31 20:18 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-25 12:25 . 2009-05-25 12:25 -------- d-----w- c:\program files\Raven
2009-05-24 20:03 . 2009-05-24 20:03 -------- d-----w- c:\documents and settings\espace deco\Application Data\InstallShield
2009-05-22 23:05 . 2009-05-22 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-05-22 23:04 . 2009-05-22 23:04 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-05-22 23:04 . 2009-05-22 23:04 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-05-22 23:04 . 2009-05-22 23:04 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-05-22 22:59 . 2009-05-22 22:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-05-22 22:59 . 2009-05-22 22:59 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\PC Suite
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\Nokia
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Fichiers communs\PCSuite
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Fichiers communs\Nokia
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\DIFX
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Nokia
2009-05-22 22:56 . 2009-05-22 22:56 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-22 22:56 . 2009-05-22 22:56 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-22 22:56 . 2009-05-22 22:56 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-22 22:55 . 2009-05-22 22:56 34227512 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_fre.exe
2009-05-22 22:22 . 2009-05-22 22:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-05-22 22:22 . 2009-05-22 23:05 24392896 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_fr.exe
2009-05-22 14:30 . 2009-05-22 14:30 -------- d-----w- c:\program files\Wages of War
2009-05-21 17:00 . 2009-05-21 17:00 -------- d-----w- c:\program files\Alwil Software
2009-05-21 11:45 . 2009-05-21 11:45 -------- d-----w- c:\program files\Lost on the Path
2009-05-20 20:16 . 2009-05-20 20:16 -------- d-----w- c:\program files\ScannerU
2009-05-20 12:11 . 2009-05-20 12:11 -------- d-----w- c:\documents and settings\espace deco\Application Data\Autodesk
2009-05-20 12:07 . 2009-05-20 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2009-05-20 12:06 . 2009-05-20 12:06 -------- d-----w- c:\program files\Autodesk
2009-05-16 20:37 . 2009-05-16 20:37 -------- d-----w- c:\program files\Haysoft
2009-05-16 01:56 . 2009-05-16 01:56 -------- d-----w- c:\program files\CCleaner
2009-05-14 20:34 . 2009-05-14 20:34 -------- d-----w- c:\program files\Windows Sidebar
2009-05-12 19:46 . 2009-05-12 19:46 -------- d-----w- c:\documents and settings\espace deco\Application Data\NeroVision
2009-05-12 19:46 . 2009-05-12 19:46 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-05-09 11:23 . 2009-05-09 11:23 -------- d-----w- c:\program files\ColorPage-SF600
2009-05-07 23:18 . 2009-05-07 23:18 -------- d-----w- c:\program files\Common Files
2009-05-07 23:18 . 2009-05-07 23:18 -------- d-----w- c:\program files\Fichiers communs\comscan
2009-05-07 15:33 . 2004-08-04 02:54 348672 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:34 . 2004-08-04 02:54 670720 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:34 . 2004-08-04 02:54 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-21 08:09 . 2009-04-21 08:09 297344 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2009-04-21 08:09 . 2009-04-21 08:09 282624 ----a-w- c:\windows\system32\yk51x86.dll
2009-04-19 19:50 . 2004-08-04 02:45 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-16 15:23 . 2009-06-16 00:20 540672 ----a-w- c:\windows\RtlExUpd.dll
2009-04-15 14:53 . 2004-08-04 02:54 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-06 14:44 . 2009-04-06 14:44 266376 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 3
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 2
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 1
2009-03-31 20:16 . 2009-03-31 20:16 21892 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-06-24_14.41.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-24 14:42 . 2008-10-16 12:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-06-24 14:42 . 2008-04-14 02:33 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 26624 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-06-24 14:42 . 2008-04-14 02:33 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-06-24 14:42 . 2008-04-14 02:05 25216 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-06-24 14:42 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-06-24 14:42 . 2008-04-14 02:34 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 512000 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-24 14:42 . 2009-04-29 04:34 670720 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 579584 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 297984 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-06-24 14:42 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-06-24 14:42 . 2009-02-09 11:23 111104 c:\windows\system32\dllcache\cache\services.exe
+ 2009-06-24 14:42 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-06-24 14:42 . 2008-04-14 02:33 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 176640 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-06-24 14:42 . 2009-02-09 11:23 2147328 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-06-24 14:42 . 2009-02-09 11:23 2025984 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-06-24 14:42 . 2009-03-21 14:07 1054720 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 1037824 c:\windows\system32\dllcache\cache\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-03-19 778240]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-16 1630208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-03 18085888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe [2009-3-31 929870]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\System32\\ftp.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
R3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [31/03/2009 22:32 117785]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [21/04/2009 11:57 145544]
S2 gupdate1c9b9b0fb2941dc;Service Google Update (gupdate1c9b9b0fb2941dc);c:\program files\Google\Update\GoogleUpdate.exe [10/04/2009 09:50 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16/06/2009 02:20 1684736]
S3 GT680xNT;ColorPage-Vivid 4X;c:\windows\system32\drivers\gt680x.sys [20/05/2009 22:16 17376]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23/05/2009 00:57 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23/05/2009 00:57 8320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8CD3B31D-716D-5F87-05D4-10885C63CAA1}]
c:\windows\system32\winxp.exe
.
Contenu du dossier 'Tâches planifiées'
2009-06-24 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 07:50]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = iexplore
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {166335DB-58D3-477D-84D1-9AE536B2E1D6} = 41.221.20.4 193.251.169.165
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-24 17:14
Windows 5.1.2600 Service Pack 3 FAT NTAPI
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1c,80,9e,66,26,86,d0,29,ef,0f,59,57,65,74,aa,ae,13,0b,ac,f9,f1,0b,3c,
bc,a4,62,d1,0e,ed,4f,8b,9d,a4,e0,e1,4d,85,5c,b4,d7,df,5b,4c,88,6e,30,e4,7e,\
"??"=hex:32,bf,6b,1d,d4,7b,96,c2,b5,a4,f2,69,d3,56,fd,26
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e5,07,34,21,5f,b4,0b,26,2b,40,da,fb,fa,28,a2,59,09,15,fc,7e,83,
31,10,ad,6f,f8,d0,02,24,8d,d1,2c,f5,83,47,11,04,df,46,15,db,5d,55,ae,99,29,\
"rkeysecu"=hex:46,ff,bb,81,33,3d,2c,e7,0f,bd,b1,88,db,8a,f9,e5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1912)
c:\program files\FlashGet\fgmgr.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-06-24 17:16
ComboFix-quarantined-files.txt 2009-06-24 15:16
ComboFix2.txt 2009-06-24 14:45
Avant-CF: 12 043 354 112 octets libres
Après-CF: 12 030 590 976 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
311 --- E O F --- 2009-06-15 01:07
voila le rapport de comboFix:
ComboFix 09-06-23.01 - espace deco 24/06/2009 17:09.2 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1606 [GMT 2:00]
Lancé depuis: c:\documents and settings\espace deco\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-06-24 ))))))))))))))))))))))))))))))))))))
.
2009-06-24 14:42 . 2009-06-24 14:42 -------- d-----w- c:\windows\system32\dllcache\cache
2009-06-24 13:11 . 2009-06-24 13:11 -------- d-----w- c:\program files\Java
2009-06-24 13:11 . 2009-06-24 13:11 152576 ----a-w- c:\documents and settings\espace deco\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-24 10:29 . 2009-06-24 10:29 -------- d-sh--w- C:\FOUND.000
2009-06-23 22:27 . 2009-06-23 22:27 -------- d-----w- c:\program files\Ad-remover
2009-06-23 21:53 . 2009-06-23 21:53 -------- d-----w- C:\rsit
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\documents and settings\espace deco\Application Data\Malwarebytes
2009-06-23 21:18 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-23 21:18 . 2009-06-23 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-23 21:18 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-23 15:54 . 2009-06-23 15:54 -------- d-----w- C:\UsbFix
2009-06-23 13:43 . 2009-06-23 13:43 -------- d-----w- c:\program files\Vilma
2009-06-21 13:28 . 2009-06-21 13:28 4096 ----a-w- c:\windows\d3dx.dat
2009-06-21 13:18 . 2009-06-21 13:18 -------- d-----w- c:\program files\directx
2009-06-20 19:57 . 2009-06-20 19:57 -------- d-----w- c:\program files\LimeWire
2009-06-19 22:08 . 2009-06-19 22:08 -------- d-----w- c:\program files\City Interactive
2009-06-17 22:19 . 2009-06-17 22:19 -------- d-----w- C:\ProgramData
2009-06-17 22:19 . 2009-06-17 22:19 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Downloaded Installations
2009-06-17 14:30 . 2008-10-10 02:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-06-17 14:30 . 2008-10-10 02:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-06-17 14:30 . 2008-10-10 02:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-06-17 13:58 . 2009-06-17 13:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\RapidTyping
2009-06-17 12:00 . 2009-06-17 12:00 -------- d-----w- c:\program files\RapidTyping
2009-06-17 12:00 . 2009-06-17 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidTyping
2009-06-16 01:39 . 2009-06-16 01:39 -------- d-----w- c:\documents and settings\espace deco\Application Data\PipeMania
2009-06-16 01:23 . 2009-06-16 01:23 297 ----a-w- c:\windows\EReg072.dat
2009-06-16 01:13 . 2009-06-16 01:13 -------- d-----w- c:\program files\Firaxis Games
2009-06-16 01:04 . 2009-06-16 01:04 -------- d-----w- c:\documents and settings\espace deco\Application Data\ValuSoft
2009-06-16 01:00 . 2009-06-16 01:00 -------- d-----w- c:\program files\Prison Tycoon 4
2009-06-16 00:47 . 2009-06-16 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-06-16 00:22 . 2009-06-16 00:22 -------- d-----w- c:\windows\system32\RTCOM
2009-06-15 23:31 . 2009-06-15 23:31 -------- d-----w- C:\NVIDIA
2009-06-15 23:29 . 2009-06-15 23:29 -------- d-----w- c:\program files\Intel
2009-06-15 23:29 . 2009-04-09 07:47 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-15 23:21 . 2009-06-15 23:21 -------- d-----w- C:\Intel
2009-06-15 23:19 . 2009-06-15 23:19 -------- d-----w- c:\program files\Marvell
2009-06-15 22:55 . 2009-06-15 22:55 -------- d--h--w- c:\windows\PIF
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\program files\ma-config.com
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-06-15 22:36 . 2009-06-15 22:36 -------- d-----w- c:\program files\Setup Files
2009-06-15 22:31 . 2009-06-15 22:31 -------- d-----w- c:\program files\MSI
2009-06-15 21:26 . 2009-06-15 21:26 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Electronic Arts
2009-06-15 00:19 . 2009-06-24 14:23 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\documents and settings\espace deco\Application Data\BitDefender
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\program files\BitDefender
2009-06-14 10:32 . 2009-06-14 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-06-14 10:31 . 2009-06-14 10:31 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2009-06-14 10:03 . 2009-06-14 10:03 -------- d-----w- c:\windows\BDOSCAN8
2009-06-12 13:28 . 2001-08-17 19:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-06-12 13:28 . 2001-08-17 19:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-06-11 22:35 . 2009-06-11 22:35 -------- d-----w- c:\documents and settings\espace deco\Temp
2009-06-09 22:23 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-08 18:14 . 2009-06-08 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-06-04 11:19 . 2009-06-04 11:19 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-04 11:19 . 2009-06-04 11:19 -------- d-----w- c:\documents and settings\espace deco\Application Data\DAEMON Tools
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\windows\system32\drivers\umdf
2009-06-04 11:11 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2009-06-04 11:11 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2009-06-04 11:11 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-06-04 11:11 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\windows\system32\xlive
2009-06-04 11:11 . 2009-06-04 11:11 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-06-03 22:33 . 2009-06-03 22:34 -------- d-----w- c:\program files\GetTubeVideo
2009-06-02 00:45 . 2008-12-16 12:31 354304 ------w- c:\windows\system32\dllcache\winhttp.dll
2009-06-02 00:42 . 2008-04-14 02:33 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\wbem\Repository.001
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\l2schemas
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\fr
2009-06-02 00:33 . 2009-06-02 00:33 -------- d-----w- c:\windows\system32\bits
2009-06-02 00:32 . 2009-06-02 00:32 -------- d-----w- c:\windows\ServicePackFiles
2009-06-01 17:48 . 2009-06-01 17:48 -------- d-----w- c:\documents and settings\espace deco\Application Data\Inkscape
2009-05-31 22:09 . 2009-05-31 22:09 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Seven Zip
2009-05-31 20:50 . 2009-05-31 20:50 -------- d-----w- c:\documents and settings\espace deco\Application Data\GrabPro
2009-05-31 20:50 . 2009-05-31 20:50 -------- d-----w- c:\documents and settings\espace deco\Application Data\Orbit
2009-05-30 20:08 . 2009-05-30 20:08 -------- d-----w- c:\program files\Email Subscriber Pro
2009-05-30 19:44 . 2009-05-30 19:44 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Xenocode
2009-05-30 19:31 . 1997-07-28 10:34 32256 ----a-w- c:\windows\system32\CmDlgFR.dll
2009-05-30 19:31 . 1997-07-28 10:33 100352 ----a-w- c:\windows\system32\CmCtlFR.dll
2009-05-30 19:31 . 1997-02-26 22:00 78608 ----a-w- c:\windows\system32\VB5DB.dll
2009-05-30 19:31 . 1997-02-26 22:00 403216 ----a-w- c:\windows\system32\MsRepl35.dll
2009-05-30 19:31 . 1997-02-26 22:00 251664 ----a-w- c:\windows\system32\MSRD2x35.dll
2009-05-30 19:31 . 1997-02-26 22:00 23552 ----a-w- c:\windows\system32\CmCt2FR.dll
2009-05-30 19:31 . 1997-02-26 22:00 1039360 ----a-w- c:\windows\system32\MSJet35.dll
2009-05-30 19:31 . 1997-02-26 22:00 41232 ----a-w- c:\windows\system32\MSJInt35.dll
2009-05-30 19:31 . 1997-02-26 22:00 34816 ----a-w- c:\windows\system32\DBGrdFR.dll
2009-05-30 19:31 . 1997-02-26 22:00 24336 ----a-w- c:\windows\system32\MSJtEr35.dll
2009-05-30 19:29 . 1997-07-30 16:43 96256 ----a-w- c:\windows\system32\VB5FR.dll
2009-05-30 19:29 . 1997-02-26 22:00 73216 ----a-w- c:\windows\ST5UNST.EXE
2009-05-30 19:29 . 1997-02-26 22:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2009-05-29 22:12 . 2009-05-29 22:12 -------- d-----w- c:\documents and settings\espace deco\Local Settings\Application Data\Identities
2009-05-27 06:58 . 2009-05-27 06:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\TuneUp Software
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-05-27 06:57 . 2009-05-27 06:57 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-26 17:37 . 2009-05-26 17:37 -------- d-----w- c:\documents and settings\espace deco\Application Data\WarZone
2009-05-26 17:30 . 2008-03-23 05:15 499200 ----a-w- c:\windows\system32\WZDPlay.dll
2009-05-26 17:20 . 2009-05-26 17:20 -------- d-----w- c:\program files\WarZone
2009-05-25 21:19 . 2009-05-25 21:19 -------- d--h--r- c:\documents and settings\espace deco\Application Data\SecuROM
2009-05-25 16:29 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 13:11 . 2009-03-31 21:09 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-16 21:16 . 2009-04-21 09:57 145544 ----a-w- c:\windows\system32\drivers\bdfm.sys
2009-06-16 00:20 . 2009-06-16 00:20 -------- d-----w- c:\program files\Realtek
2009-06-15 23:21 . 2002-09-06 22:00 79872 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-15 23:21 . 2002-09-06 22:00 497554 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-04 23:48 . 2009-04-05 22:15 2869760 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-06-02 00:44 . 2009-03-31 21:11 186032 ----a-w- c:\documents and settings\espace deco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-02 00:35 . 2009-03-31 20:18 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-25 12:25 . 2009-05-25 12:25 -------- d-----w- c:\program files\Raven
2009-05-24 20:03 . 2009-05-24 20:03 -------- d-----w- c:\documents and settings\espace deco\Application Data\InstallShield
2009-05-22 23:05 . 2009-05-22 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-05-22 23:04 . 2009-05-22 23:04 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-05-22 23:04 . 2009-05-22 23:04 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-05-22 23:04 . 2009-05-22 23:04 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-05-22 22:59 . 2009-05-22 22:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-05-22 22:59 . 2009-05-22 22:59 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\PC Suite
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\espace deco\Application Data\Nokia
2009-05-22 22:58 . 2009-05-22 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Fichiers communs\PCSuite
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Fichiers communs\Nokia
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\DIFX
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-22 22:57 . 2009-05-22 22:57 -------- d-----w- c:\program files\Nokia
2009-05-22 22:56 . 2009-05-22 22:56 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-22 22:56 . 2009-05-22 22:56 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-22 22:56 . 2009-05-22 22:56 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-22 22:55 . 2009-05-22 22:56 34227512 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_fre.exe
2009-05-22 22:22 . 2009-05-22 22:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-05-22 22:22 . 2009-05-22 23:05 24392896 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_fr.exe
2009-05-22 14:30 . 2009-05-22 14:30 -------- d-----w- c:\program files\Wages of War
2009-05-21 17:00 . 2009-05-21 17:00 -------- d-----w- c:\program files\Alwil Software
2009-05-21 11:45 . 2009-05-21 11:45 -------- d-----w- c:\program files\Lost on the Path
2009-05-20 20:16 . 2009-05-20 20:16 -------- d-----w- c:\program files\ScannerU
2009-05-20 12:11 . 2009-05-20 12:11 -------- d-----w- c:\documents and settings\espace deco\Application Data\Autodesk
2009-05-20 12:07 . 2009-05-20 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2009-05-20 12:06 . 2009-05-20 12:06 -------- d-----w- c:\program files\Autodesk
2009-05-16 20:37 . 2009-05-16 20:37 -------- d-----w- c:\program files\Haysoft
2009-05-16 01:56 . 2009-05-16 01:56 -------- d-----w- c:\program files\CCleaner
2009-05-14 20:34 . 2009-05-14 20:34 -------- d-----w- c:\program files\Windows Sidebar
2009-05-12 19:46 . 2009-05-12 19:46 -------- d-----w- c:\documents and settings\espace deco\Application Data\NeroVision
2009-05-12 19:46 . 2009-05-12 19:46 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-05-09 11:23 . 2009-05-09 11:23 -------- d-----w- c:\program files\ColorPage-SF600
2009-05-07 23:18 . 2009-05-07 23:18 -------- d-----w- c:\program files\Common Files
2009-05-07 23:18 . 2009-05-07 23:18 -------- d-----w- c:\program files\Fichiers communs\comscan
2009-05-07 15:33 . 2004-08-04 02:54 348672 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:34 . 2004-08-04 02:54 670720 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:34 . 2004-08-04 02:54 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-21 08:09 . 2009-04-21 08:09 297344 ----a-w- c:\windows\system32\drivers\yk51x86.sys
2009-04-21 08:09 . 2009-04-21 08:09 282624 ----a-w- c:\windows\system32\yk51x86.dll
2009-04-19 19:50 . 2004-08-04 02:45 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-16 15:23 . 2009-06-16 00:20 540672 ----a-w- c:\windows\RtlExUpd.dll
2009-04-15 14:53 . 2004-08-04 02:54 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-06 14:44 . 2009-04-06 14:44 266376 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 3
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 2
2009-04-02 20:44 . 2009-04-02 20:44 -------- d-----w- c:\windows\Fonts\Font Pack 1
2009-03-31 20:16 . 2009-03-31 20:16 21892 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-06-24_14.41.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-24 14:42 . 2008-10-16 12:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-06-24 14:42 . 2008-04-14 02:33 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 26624 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-06-24 14:42 . 2008-04-14 02:33 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-06-24 14:42 . 2008-04-14 02:05 25216 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-06-24 14:42 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-06-24 14:42 . 2008-04-14 02:34 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-06-24 14:42 . 2008-04-14 02:34 512000 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-24 14:42 . 2009-04-29 04:34 670720 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 579584 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 297984 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-06-24 14:42 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-06-24 14:42 . 2009-02-09 11:23 111104 c:\windows\system32\dllcache\cache\services.exe
+ 2009-06-24 14:42 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-06-24 14:42 . 2008-04-14 02:33 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 176640 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-06-24 14:42 . 2008-04-14 02:33 1571840 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-06-24 14:42 . 2009-02-09 11:23 2147328 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-06-24 14:42 . 2009-02-09 11:23 2025984 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-06-24 14:42 . 2009-03-21 14:07 1054720 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-06-24 14:42 . 2008-04-14 02:34 1037824 c:\windows\system32\dllcache\cache\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-03-19 778240]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-16 1630208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-03 18085888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - c:\program files\Huawei Technologies\Huawei SmartAX MT810\dslmon.exe [2009-3-31 929870]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\System32\\ftp.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
R3 adiusbae;USB ADSL LAN Adapter;c:\windows\system32\drivers\adiusbae.sys [31/03/2009 22:32 117785]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [21/04/2009 11:57 145544]
S2 gupdate1c9b9b0fb2941dc;Service Google Update (gupdate1c9b9b0fb2941dc);c:\program files\Google\Update\GoogleUpdate.exe [10/04/2009 09:50 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16/06/2009 02:20 1684736]
S3 GT680xNT;ColorPage-Vivid 4X;c:\windows\system32\drivers\gt680x.sys [20/05/2009 22:16 17376]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [23/05/2009 00:57 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [23/05/2009 00:57 8320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8CD3B31D-716D-5F87-05D4-10885C63CAA1}]
c:\windows\system32\winxp.exe
.
Contenu du dossier 'Tâches planifiées'
2009-06-24 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-10 07:50]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = iexplore
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {166335DB-58D3-477D-84D1-9AE536B2E1D6} = 41.221.20.4 193.251.169.165
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-24 17:14
Windows 5.1.2600 Service Pack 3 FAT NTAPI
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1c,80,9e,66,26,86,d0,29,ef,0f,59,57,65,74,aa,ae,13,0b,ac,f9,f1,0b,3c,
bc,a4,62,d1,0e,ed,4f,8b,9d,a4,e0,e1,4d,85,5c,b4,d7,df,5b,4c,88,6e,30,e4,7e,\
"??"=hex:32,bf,6b,1d,d4,7b,96,c2,b5,a4,f2,69,d3,56,fd,26
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e5,07,34,21,5f,b4,0b,26,2b,40,da,fb,fa,28,a2,59,09,15,fc,7e,83,
31,10,ad,6f,f8,d0,02,24,8d,d1,2c,f5,83,47,11,04,df,46,15,db,5d,55,ae,99,29,\
"rkeysecu"=hex:46,ff,bb,81,33,3d,2c,e7,0f,bd,b1,88,db,8a,f9,e5
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(1912)
c:\program files\FlashGet\fgmgr.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Heure de fin: 2009-06-24 17:16
ComboFix-quarantined-files.txt 2009-06-24 15:16
ComboFix2.txt 2009-06-24 14:45
Avant-CF: 12 043 354 112 octets libres
Après-CF: 12 030 590 976 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
311 --- E O F --- 2009-06-15 01:07
je voudrais vous remercier de votre aide destrio5, j espere vous retrouver un autre jour ! encore une fois merci !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
je vais suivre tes conseils, le probleme est que je n'ai pas le cd win xp sp3, parcontre j'ai win xp pro sp1 (Bootable).
es que je peut formater avec ce dernier ? si oui comment je procede.
PS: je veut le formater moi meme sans passer par un technicien de chez nous ;) commça je dormirais moin con aujourd'hui.
es que je peut formater avec ce dernier ? si oui comment je procede.
PS: je veut le formater moi meme sans passer par un technicien de chez nous ;) commça je dormirais moin con aujourd'hui.
je ne pense pas qu'il soit de marque ce pc ! c'est marqué DKCOMmeme pas une reference sur le boitier et selon ma-config.com j'ai ça:
Version du plugin 3.5.1 build 0
Version de la base 10
Date de la détection 24/06/2009 20:42
Nom de la machine com-34767b9c4e0
Carte mère SMBios version 2.3
Gigabyte Technology Co., Ltd. 8I945GZME-RH x.x
Bios: Award Software International, Inc. F6 08/29/2006 taille: 512Kb
Version du plugin 3.5.1 build 0
Version de la base 10
Date de la détection 24/06/2009 20:42
Nom de la machine com-34767b9c4e0
Carte mère SMBios version 2.3
Gigabyte Technology Co., Ltd. 8I945GZME-RH x.x
Bios: Award Software International, Inc. F6 08/29/2006 taille: 512Kb
salut tout le monde, ben voila j'ai un petit probléme , j'ai le pc infécté comme j'ai chopé le win jpg.jpg et la il me fatigue des fois l'ordi s'éteint seul, des fois il me ferme les programes que j'éxecute .
j'ai formaté mon pc mais il est toujour présent aparament donc j'ai télécharger j'ai scanner avec le MALWAREBYTES et j'ai eu quelques fichiers inféctés je vous transmet les résultats si quelqu'un peut m'aider je lui serais étérnellement reconnaissant .
merci d'avance
le premier rapport:
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 2
29/12/2009 19:53:20
mbam-log-2009-12-29 (19-53-20).txt
Type de recherche: Examen complet (A:\|D:\|E:\|F:\|)
Eléments examinés: 89875
Temps écoulé: 3 minute(s), 46 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
C:\Documents and Settings\Friy\Local Settings\Temp\winnliy.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Friy\Local Settings\Temp\winnliy.exe (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\wuaucIt.exe (Trojan.Agent) -> Delete on reboot.
le 2éme :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 2
29/12/2009 20:03:12
mbam-log-2009-12-29 (20-03-11).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 102582
Temps écoulé: 6 minute(s), 18 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
j'ai formaté mon pc mais il est toujour présent aparament donc j'ai télécharger j'ai scanner avec le MALWAREBYTES et j'ai eu quelques fichiers inféctés je vous transmet les résultats si quelqu'un peut m'aider je lui serais étérnellement reconnaissant .
merci d'avance
le premier rapport:
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 2
29/12/2009 19:53:20
mbam-log-2009-12-29 (19-53-20).txt
Type de recherche: Examen complet (A:\|D:\|E:\|F:\|)
Eléments examinés: 89875
Temps écoulé: 3 minute(s), 46 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
C:\Documents and Settings\Friy\Local Settings\Temp\winnliy.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Friy\Local Settings\Temp\winnliy.exe (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\wuaucIt.exe (Trojan.Agent) -> Delete on reboot.
le 2éme :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 2
29/12/2009 20:03:12
mbam-log-2009-12-29 (20-03-11).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 102582
Temps écoulé: 6 minute(s), 18 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)