Sujet Précédent Sujet Suivant

Infecté par Conficker

Résolu/Fermé
hicham-studio Messages postés 37 Date d'inscription dimanche 20 décembre 2009 Statut Membre Dernière intervention 12 avril 2010 - 14 janv. 2010 à 15:29
fix200 Messages postés 3243 Date d'inscription dimanche 28 décembre 2008 Statut Contributeur sécurité Dernière intervention 7 février 2011 - 17 janv. 2010 à 20:31
Bonjour, depuis quelques jours j'ai des problemes sur mon pc ,alors j'ai fais un scan avec Avira Antivir et ça m'a donné W\Conficker.z je l'ai supprimé mais il se regénère sachant que j'ai utilisé aussi Malwarebytes'Anti-malware et l'outil de Bitdefender et celui de Nod32 . S'il vous plait aidez moi a le desinfecter , j'ai deux pc infectés connectés sur le meme router .

68 réponses

Précédent
Réponse 61 / 68
Utilisateur anonyme
16 janv. 2010 à 15:26
Fait un rapport DDS maintenant ;)
0
Réponse 62 / 68
Profil bloqué
16 janv. 2010 à 15:36
quel rapport je vais te donner dds.txt ou attach.txt
0
Réponse 63 / 68
Profil bloqué
16 janv. 2010 à 15:37
voila dds.txt
http://www.cijoint.fr/cjlink.php?file=cj201001/cijveBKYCS.txt
0
Réponse 64 / 68
fix200 Messages postés 3243 Date d'inscription dimanche 28 décembre 2008 Statut Contributeur sécurité Dernière intervention 7 février 2011 158
16 janv. 2010 à 15:43
Re,

J'ai oublié une autre daube ..

remplace le fichier CFScript qui est sur ton bureau par ceci:

KILLALL::

Driver::
qpbhwg
xlzjfsgx


re-suis les instructions de la manip' du CFScript ensuite et colle le rapport.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 68
Profil bloqué
16 janv. 2010 à 16:09
ComboFix 10-01-14.06 - Administrateur 16/01/2010 14:48:27.3.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.247.110 [GMT 0:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\moi.exe
Commutateurs utilisés :: c:\documents and settings\Administrateur\Bureau\CFScript.txt
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_QPBHWG
-------\Legacy_XLZJFSGX
-------\Service_qpbhwg
-------\Service_xlzjfsgx


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-16 au 2010-01-16 ))))))))))))))))))))))))))))))))))))
.

2010-01-15 15:33 . 2010-01-15 17:31 -------- d-----w- C:\ToolBar SD
2010-01-14 18:07 . 2010-01-14 18:07 -------- d-----w- c:\windows\ServicePackFiles
2010-01-14 16:58 . 2010-01-14 22:31 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-01-14 16:49 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-14 16:49 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys
2010-01-14 16:49 . 2009-10-15 17:21 82432 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-14 16:48 . 2009-03-06 14:46 286208 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-14 16:48 . 2009-02-09 10:20 473088 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-14 16:48 . 2009-02-06 16:39 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-14 16:48 . 2005-07-26 04:39 60416 -c----w- c:\windows\system32\dllcache\colbact.dll
2010-01-14 16:48 . 2009-02-09 10:20 399360 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-14 16:48 . 2009-02-09 10:08 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-14 16:48 . 2009-02-06 16:54 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2010-01-14 16:48 . 2009-02-09 10:20 685056 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-14 16:48 . 2009-02-09 10:20 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-14 16:48 . 2009-02-09 10:20 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-14 16:48 . 2009-06-21 22:06 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-01-14 16:46 . 2008-05-08 12:28 202752 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-14 16:46 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-01-14 16:46 . 2008-12-11 11:57 333184 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-14 16:46 . 2008-05-01 14:31 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-01-14 16:46 . 2009-07-10 13:41 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-14 16:46 . 2008-04-11 18:51 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-01-14 16:45 . 2009-08-04 17:05 2138112 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-14 16:45 . 2009-08-04 17:05 2059776 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-14 16:45 . 2009-08-04 17:05 2182400 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-01-14 16:45 . 2009-08-04 17:05 2017792 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-14 16:45 . 2009-06-05 07:46 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2010-01-14 16:45 . 2008-12-16 12:49 351232 -c----w- c:\windows\system32\dllcache\winhttp.dll
2010-01-14 16:45 . 2009-07-31 04:58 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-01-14 16:37 . 2008-07-09 07:40 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-14 16:36 . 2009-11-21 16:42 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-14 16:26 . 2010-01-14 16:26 1024 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\WindowsXP-KB835935-SP2-FRA_148\WindowsXP-KB835935-SP2-FRA.exe
2010-01-14 16:25 . 2008-02-26 12:00 294912 -c----w- c:\windows\system32\dllcache\msctf.dll
2010-01-14 16:24 . 2010-01-14 18:28 -------- d--h--w- c:\windows\$hf_mig$
2010-01-14 16:24 . 2008-10-15 16:59 332800 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-14 14:55 . 2010-01-14 15:56 -------- d-----w- C:\UsbFix
2010-01-14 14:42 . 2010-01-15 18:12 -------- d-----w- c:\program files\trend micro
2010-01-14 14:42 . 2010-01-14 14:51 -------- d-----w- C:\rsit
2010-01-14 14:35 . 2010-01-14 14:40 -------- d-----w- c:\documents and settings\Administrateur\Application Data\BitDefender Deployment Tool
2010-01-14 14:33 . 2010-01-14 14:33 -------- d-----w- c:\program files\BitDefender
2010-01-14 14:32 . 2010-01-14 14:32 -------- d-----w- c:\program files\Fichiers communs\BitDefender
2010-01-13 22:18 . 2010-01-13 22:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2010-01-13 22:18 . 2010-01-07 16:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-13 22:18 . 2010-01-14 17:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-13 22:18 . 2010-01-13 22:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-13 22:18 . 2010-01-07 16:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-13 18:21 . 2007-09-11 10:03 57344 ----a-w- c:\windows\system32\RACServerLogon2.dll
2010-01-13 18:21 . 2007-09-11 10:03 57344 ----a-w- c:\windows\system32\RACServerLogon.dll
2010-01-13 18:21 . 2010-01-13 18:21 -------- d-----w- c:\program files\PCNetSoftware
2010-01-13 17:53 . 2008-12-09 06:52 357376 ----a-w- c:\program files\regsearch.exe
2010-01-13 16:56 . 2010-01-13 16:56 -------- d-----w- c:\program files\AWinstall
2010-01-13 14:58 . 2010-01-15 17:50 -------- d-----w- C:\Lyrics
2010-01-13 14:55 . 2010-01-15 17:50 -------- d-----w- c:\program files\Minilyrics
2010-01-13 12:51 . 2010-01-13 12:51 -------- d-----w- c:\program files\NeoTrace Express
2010-01-13 12:36 . 2007-09-20 12:04 114688 ----a-w- c:\windows\system32\btcamvideosource.dll
2010-01-13 12:36 . 2010-01-13 12:37 -------- d-----w- c:\program files\Mobiola Web Camera 2 for S60 3rd Edition
2010-01-12 20:50 . 2010-01-13 16:07 -------- d-----w- c:\program files\UPX Shell
2010-01-12 19:46 . 2010-01-12 19:46 41888 ----a-w- c:\windows\system32\drivers\Oreans.sys
2010-01-12 19:46 . 2010-01-12 19:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MimarSinan
2010-01-12 14:19 . 2010-01-12 14:57 14336 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\76n0mnyw.default\extensions\playbox@toolbar\components\toolbarhomewmp.dll
2010-01-12 14:03 . 2010-01-12 14:06 -------- d-----w- c:\documents and settings\Administrateur\Application Data\IconChanger
2010-01-12 14:00 . 2010-01-12 14:00 -------- d-----w- c:\program files\IconChanger
2010-01-11 14:13 . 2010-01-11 14:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LogMeIn Rescue
2010-01-11 14:02 . 2010-01-11 14:02 -------- d-----w- c:\program files\MSN Password Recovery
2010-01-11 12:19 . 2010-01-11 12:19 -------- d-----w- c:\program files\MyLanViewer
2010-01-10 22:41 . 2010-01-10 22:41 -------- d-----w- c:\program files\Panasonic
2010-01-10 22:41 . 2006-02-27 11:45 36864 ----a-w- c:\windows\system32\SDDEVMGR.dll
2010-01-10 21:34 . 2010-01-10 21:34 -------- d-----w- c:\program files\Hotmail Popper
2010-01-10 21:34 . 2004-03-19 16:58 356352 ----a-w- c:\windows\bkuninst.exe
2010-01-10 21:31 . 2010-01-10 21:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Esteem Technology
2010-01-10 21:30 . 2010-01-10 21:30 -------- d-----w- c:\program files\Break Reminder 3
2010-01-08 20:46 . 2010-01-08 20:46 -------- d-----w- c:\program files\ElcomSoft
2010-01-08 20:32 . 2010-01-08 20:32 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Avira
2010-01-08 20:30 . 2010-01-08 20:30 -------- d-----w- c:\program files\SuperScan
2010-01-08 20:08 . 2010-01-14 22:57 -------- d-----w- c:\program files\Power Email Harvester
2010-01-02 10:45 . 2010-01-02 10:45 -------- d-----w- C:\found.001
2009-12-28 17:04 . 2001-08-23 17:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-27 14:36 . 2009-12-27 14:36 52263 ----a-w- c:\windows\BricoPackUninst.cmd
2009-12-27 14:32 . 2009-12-27 14:36 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-12-27 14:32 . 2009-12-27 14:32 -------- d-----w- c:\windows\BricoPacks
2009-12-27 14:16 . 2009-12-27 14:16 -------- d-----w- c:\windows\system32\VIRepair
2009-12-27 13:50 . 2009-12-27 13:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ViStart
2009-12-27 13:50 . 2009-12-27 14:12 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ViSplore
2009-12-27 13:50 . 2009-12-27 13:50 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ViGlance
2009-12-27 13:45 . 2009-09-09 21:19 146412 ----a-w- c:\windows\system32\vilaunch.exe
2009-12-27 13:38 . 2009-12-27 14:18 -------- d-----w- c:\windows\system32\VITrans
2009-12-27 13:38 . 2009-12-27 13:49 -------- d-----w- C:\VTPFiles
2009-12-27 13:38 . 2006-12-03 17:15 111104 ----a-w- c:\windows\system32\Uharc.exe
2009-12-27 13:38 . 2006-12-03 17:15 19968 ----a-w- c:\windows\system32\reico.exe
2009-12-27 13:38 . 2006-12-03 17:15 69632 ----a-w- c:\windows\system32\moveex.exe
2009-12-27 13:38 . 2006-12-03 17:14 8636 ----a-w- c:\windows\system32\modifype.exe
2009-12-27 13:38 . 2004-11-27 19:00 94208 ----a-w- c:\windows\system32\pskill.exe
2009-12-27 13:36 . 2009-03-23 17:39 20480 ----a-w- c:\windows\system32\scrnrdr.exe
2009-12-27 10:42 . 2009-12-27 10:42 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-27 10:41 . 2009-12-27 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2009-12-27 10:40 . 2009-12-27 11:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ICQ
2009-12-27 10:37 . 2010-01-11 16:53 -------- d-----w- c:\program files\ICQ6.5
2009-12-27 00:35 . 2009-12-27 00:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc
2009-12-26 23:03 . 2009-12-26 23:03 -------- d-----w- c:\program files\VideoLAN
2009-12-26 19:21 . 2009-12-26 19:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TeamViewer
2009-12-26 19:20 . 2009-12-26 19:20 -------- d-----w- c:\program files\TeamViewer
2009-12-26 19:19 . 2009-12-26 19:19 -------- d-----w- c:\documents and settings\Administrateur\temp
2009-12-26 19:03 . 2009-12-26 19:04 198064 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-12-26 19:01 . 2010-01-12 21:09 -------- d-----w- c:\program files\Internet Download Manager
2009-12-26 18:43 . 2009-12-27 10:33 -------- d-----w- c:\documents and settings\Administrateur\Application Data\IDM
2009-12-25 21:39 . 2009-12-25 21:41 -------- d-----w- c:\program files\EasyPHP 3.0
2009-12-25 21:05 . 2009-12-25 21:05 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-12-25 18:51 . 2004-08-17 20:52 219648 -c--a-w- c:\windows\system32\dllcache\uxtheme.dll
2009-12-25 16:09 . 2009-12-25 16:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Passware
2009-12-25 15:52 . 2009-12-25 15:55 -------- d-----w- c:\program files\Unlocker
2009-12-25 15:23 . 2009-12-25 15:23 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Thinstall
2009-12-25 15:23 . 2009-12-25 15:23 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Thinstall
2009-12-25 14:01 . 2009-12-25 15:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-24 23:08 . 2009-12-24 23:08 -------- d-----w- c:\program files\UxTheme Multipatcher Fr
2009-12-24 22:43 . 2009-12-24 22:43 -------- d-----w- c:\program files\HDDGURU LLF Tool
2009-12-24 16:33 . 2009-12-24 16:36 -------- d-----w- c:\program files\ophcrack
2009-12-24 13:07 . 2009-12-27 13:52 46048 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-24 13:06 . 2009-12-24 13:07 -------- d-----w- c:\documents and settings\Administrateur\Application Data\BACS.exe
2009-12-23 23:35 . 2007-10-30 12:42 74240 ----a-w- c:\windows\system32\DWRCST.EXE
2009-12-23 23:23 . 2009-12-23 23:23 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DWMRCMSI
2009-12-23 23:14 . 2009-12-23 23:26 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DameWare Development
2009-12-23 15:26 . 2009-12-23 15:26 -------- d-----w- c:\program files\PhotoInstrument
2009-12-23 13:08 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-12-23 12:17 . 2009-12-23 12:17 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Ahead

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-16 15:01 . 2009-12-02 18:50 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DMCache
2010-01-16 15:00 . 2009-12-03 13:02 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
2010-01-14 17:28 . 2010-01-14 16:40 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-13 17:55 . 2010-01-13 17:55 686 ----a-w- c:\program files\RegSearch.txt
2010-01-12 19:27 . 2009-12-02 17:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-11 14:10 . 2010-01-11 14:10 -------- d-----w- c:\program files\LogMeIn Rescue
2010-01-10 11:40 . 2009-12-14 17:31 -------- d-----w- c:\program files\Universal Share Downloader
2010-01-03 14:01 . 2009-12-02 18:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype
2010-01-03 12:40 . 2009-12-02 18:22 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM
2009-12-29 13:47 . 2009-12-03 13:02 -------- d-----w- c:\program files\uTorrent
2009-12-27 13:48 . 2009-12-17 00:32 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Hamachi
2009-12-20 15:41 . 2009-12-13 20:49 -------- d-----w- c:\program files\Driver Genius
2009-12-20 14:36 . 2009-12-06 16:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DAEMON Tools Pro
2009-12-20 13:51 . 2009-12-13 16:34 -------- d-----w- c:\program files\CCleaner
2009-12-19 20:10 . 2009-12-02 18:15 -------- d-----w- c:\program files\Winamp
2009-12-19 18:04 . 2004-08-04 00:54 428032 ----a-w- c:\windows\system32\cmd.exe
2009-12-19 17:59 . 2009-12-11 02:08 1212080 ----a-w- c:\documents and settings\Administrateur\Application Data\GameRanger\GameRanger\GameRanger.exe
2009-12-19 17:40 . 2009-12-14 14:27 308224 ----a-w- c:\windows\IsUn040c.exe
2009-12-19 16:17 . 2009-12-02 17:40 118272 ----a-w- c:\windows\system32\calc.exe
2009-12-19 16:17 . 2009-12-02 17:40 444928 ----a-w- c:\windows\system32\mspaint.exe
2009-12-19 16:17 . 2009-12-02 17:40 411648 ----a-w- c:\windows\system32\mstsc.exe
2009-12-19 16:17 . 2001-08-28 14:00 152576 ----a-w- c:\windows\system32\sndvol32.exe
2009-12-19 16:17 . 2009-12-02 17:40 182272 ----a-w- c:\windows\system32\sndrec32.exe
2009-12-19 16:16 . 2004-08-04 00:55 1230848 ----a-w- c:\windows\system32\ntbackup.exe
2009-12-19 16:16 . 2009-12-02 17:40 80896 ----a-w- c:\windows\system32\charmap.exe
2009-12-19 16:13 . 2009-12-02 17:40 128000 ----a-w- c:\windows\system32\mshearts.exe
2009-12-19 16:13 . 2009-12-02 17:40 119808 ----a-w- c:\windows\system32\WINmine.exe
2009-12-19 16:13 . 2009-12-02 17:40 55808 ----a-w- c:\windows\system32\freecell.exe
2009-12-19 16:08 . 2009-12-02 17:40 57344 ----a-w- c:\windows\system32\sol.exe
2009-12-19 16:08 . 2009-12-02 17:40 539136 ----a-w- c:\windows\system32\spider.exe
2009-12-19 16:03 . 2004-08-04 00:55 32768 ----a-w- c:\windows\system32\odbcad32.exe
2009-12-17 12:15 . 2009-12-17 12:08 -------- d-----w- c:\program files\AMT Media Manager
2009-12-17 00:32 . 2009-12-17 00:29 16224 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-12-17 00:29 . 2009-12-17 00:29 -------- d-----w- c:\program files\Hamachi
2009-12-16 13:24 . 2009-12-16 13:24 -------- d-----w- c:\program files\Activision
2009-12-15 16:39 . 2009-12-05 12:40 -------- d-----w- c:\program files\EA GAMES
2009-12-15 12:21 . 2009-12-15 12:21 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-12-14 20:28 . 2009-12-02 17:46 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-12-14 14:31 . 2009-12-13 23:30 -------- d-----w- c:\program files\InterVideo
2009-12-14 14:31 . 2009-12-13 23:51 -------- d-----w- c:\program files\ChrisTV Lite
2009-12-14 14:31 . 2009-12-10 23:23 -------- d-----w- c:\program files\BitSpirit
2009-12-13 23:36 . 2009-12-13 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\InterVideo
2009-12-13 23:30 . 2009-12-13 23:30 -------- d-----w- c:\program files\Fichiers communs\InterVideo
2009-12-13 21:50 . 2009-12-13 21:50 -------- d-----w- c:\program files\Intel
2009-12-13 21:48 . 2009-12-02 17:46 -------- d-----w- c:\program files\CyberLink
2009-12-13 19:59 . 2009-12-13 19:58 -------- d-----w- c:\program files\ma-config.com
2009-12-13 19:58 . 2009-12-13 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-12-11 21:28 . 2009-12-03 17:52 -------- d-----w- c:\program files\Dofus
2009-12-10 23:24 . 2009-12-10 23:24 -------- d-----w- c:\documents and settings\Administrateur\Application Data\BitSpirit
2009-12-10 15:48 . 2009-12-10 15:48 -------- d-----w- c:\documents and settings\Administrateur\Application Data\AdobeUM
2009-12-10 15:48 . 2009-12-10 15:47 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-12-10 13:52 . 2009-12-10 13:52 -------- d-----w- c:\program files\IObit
2009-12-09 13:48 . 2009-12-02 20:45 -------- d-----w- c:\documents and settings\Administrateur\Application Data\GameRanger
2009-12-08 21:26 . 2009-12-08 21:26 155312 ----a-w- c:\documents and settings\Administrateur\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
2009-12-08 21:26 . 2009-12-08 21:26 48816 ----a-w- c:\documents and settings\Administrateur\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
2009-12-08 11:07 . 2009-12-08 11:07 -------- d-----w- c:\program files\Microsoft.NET
2009-12-06 17:16 . 2009-12-02 18:15 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Winamp
2009-12-06 16:59 . 2009-12-06 16:59 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-06 13:27 . 2009-12-06 13:27 -------- d-----w- c:\program files\Common Files
2009-12-06 13:07 . 2009-12-06 13:07 -------- d-----w- c:\program files\SystemRequirementsLab
2009-12-06 13:07 . 2009-12-06 13:07 -------- d-----w- c:\documents and settings\Administrateur\Application Data\SystemRequirementsLab
2009-12-06 13:07 . 2009-12-06 13:07 138240 ----a-w- c:\documents and settings\Administrateur\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-12-06 13:07 . 2009-12-06 13:07 138240 ----a-w- c:\documents and settings\Administrateur\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-12-06 13:07 . 2009-12-06 13:07 138240 ----a-w- c:\documents and settings\Administrateur\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-12-06 13:07 . 2009-12-06 13:07 138240 ----a-w- c:\documents and settings\Administrateur\Application Data\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-12-06 00:49 . 2009-12-06 00:48 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Media Player Classic
2009-12-06 00:27 . 2009-12-06 00:27 -------- d-----w- c:\program files\DDD Pool_at
2009-12-06 00:24 . 2009-12-06 00:24 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-12-03 20:52 . 2009-12-02 17:44 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-02 20:13 . 2009-12-02 20:13 -------- d-----w- c:\program files\Microsoft Games
2009-12-02 19:49 . 2009-12-02 19:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-02 19:48 . 2009-12-02 19:48 -------- d-----w- c:\program files\Java
2009-12-02 19:46 . 2009-12-02 19:46 152576 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-02 19:45 . 2009-12-02 19:45 79488 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-02 19:05 . 2009-12-02 19:05 -------- d-----w- c:\program files\Windows Live
2009-12-02 18:28 . 2009-12-02 18:28 -------- d-----w- c:\program files\Alwil Software
2009-12-02 18:22 . 2009-12-02 18:22 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-02 18:18 . 2009-12-02 18:18 -------- d-----r- c:\program files\Skype
2009-12-02 18:18 . 2009-12-02 18:18 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-12-02 18:18 . 2009-12-02 18:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-12-02 18:09 . 2009-12-02 18:09 0 ----a-w- c:\windows\nsreg.dat
2009-12-02 17:58 . 2009-12-02 17:58 -------- d-----w- c:\program files\Analog Devices
2009-12-02 17:57 . 2009-12-02 17:56 -------- d-----w- c:\program files\Broadcom
2009-12-02 17:47 . 2009-12-02 17:47 -------- d-----w- c:\program files\Ahead
2009-12-02 17:47 . 2009-12-02 17:47 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-12-02 17:46 . 2009-12-02 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-12-02 17:43 . 2009-12-02 17:43 -------- d-----w- c:\program files\Services en ligne
2009-12-02 17:41 . 2009-12-02 17:41 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-30 19:37 . 2009-11-30 19:37 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-21 16:42 . 2004-08-04 00:54 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2007-06-03 18:35 . 2010-01-13 17:53 2560 ----a-w- c:\program files\History.txt
2007-06-03 18:31 . 2010-01-13 17:53 916 ----a-w- c:\program files\Options.txt
.

------- Sigcheck -------

[-] 2008-04-14 . C4153F037157C7BE7C54FD88887F027D . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\mshtml.dll
[-] 2004-08-04 . 5FBFB9097AD849CEDA0B34F8407ADCEE . 3444224 . . [6.00.2900.2180] . . c:\windows\system32\mshtml.dll

[-] 2008-04-14 . 4A6E04EA20F48D750D9BFED8600D516B . 670208 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\wininet.dll
[-] 2004-08-04 . F6AD4C0F992B3B51C044AD74D9E2E854 . 694784 . . [6.00.2900.2180] . . c:\windows\system32\wininet.dll

[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe
[-] 2004-08-04 . 9F3B76C8CF787449A47F05ABAB4E13E6 . 978432 . . [6.00.2900.2180] . . c:\windows\explorer.exe

[-] 2008-04-14 . 02DA31AB433A6C1110A736C85701DECA . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\wscntfy.exe

[-] 2008-04-14 . E17C85D5B5CF477638433B851A98499E . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfcfiles.dll
[-] 2004-10-31 16:59 . AB3D62010AF342203FFA60C2D94DBC68 . 8704 . . [1] . . c:\windows\system32\sfcfiles.dll

[-] 2008-04-14 . E598D81197E2E0EC42A0C55772BB00E8 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\regsvc.dll

c:\windows\System32\wscntfy.exe ... manque !!
c:\windows\System32\regsvc.dll ... manque !!
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-19 289584]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-09-16 5724184]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-12-26 3118512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows\system32\sti_ci.dll" [2004-08-04 138240]

c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RACServerLogon]
2007-09-11 10:03 57344 ----a-w- c:\windows\system32\RACServerLogon2.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvLsnr]
2003-05-08 11:34 69632 ------w- c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2009-12-26 19:03 3118512 ----a-w- c:\program files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-09-20 10:32 77824 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-09-20 10:36 114688 ----a-w- c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-09-20 10:35 94208 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-09-16 13:14 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]
2003-05-05 08:57 143360 ----a-w- c:\program files\Analog Devices\SoundMAX\SMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Threat Defender]
2009-07-01 22:43 1215488 ----a-w- d:\djinn\utdefender.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrateur\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Sierra\\SWAT 4\\Content\\System\\Swat4.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\PCNetSoftware\\RAC Server\\RACs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"6129:TCP"= 6129:TCP:DameWare Mini Remote Control Service

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [19/12/2009 20:39 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [19/12/2009 20:39 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [19/12/2009 20:39 434945]
R2 PCNetSoftware RAC Server;PCNetSoftware RAC Server;c:\program files\PCNetSoftware\RAC Server\RACs.exe [13/01/2010 18:21 3186688]
R2 RACDriver;RAC driver;c:\program files\PCNetSoftware\RAC Server\RACDriver.sys [13/01/2010 18:21 8208]
S3 FlyPCI;FlyPCI;c:\windows\system32\drivers\FlyPCI.sys [13/12/2009 21:31 4134]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [11/12/2009 15:43 238960]
S3 VMHybrid;VMHybrid service;c:\windows\system32\DRIVERS\VMHybrid.sys --> c:\windows\system32\DRIVERS\VMHybrid.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06/12/2009 16:59 722416]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\76n0mnyw.default\
FF - component: c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\76n0mnyw.default\extensions\playbox@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\76n0mnyw.default\extensions\TechnicianConsole@logmeinrescue.com\platform\WINNT\plugins\npRescue.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-16 15:01
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):e1,d5,7b,e1,e2,0c,ee,3b,96,e4,fd,85,5d,aa,5c,c2,e7,96,bb,6d,c9,
33,de,b4,52,a3,dd,0d,a8,95,0a,aa,f8,96,db,4f,84,59,85,09,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{df34106b-868d-46da-a605-948c31a16a21}]
@Denied: (Full) (Everyone)
"Model"=dword:00000166
"Therad"=dword:00000018
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\RACServerLogon2.dll

- - - - - - - > 'lsass.exe'(776)
c:\program files\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(2504)
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\ntshrui.dll
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Heure de fin: 2010-01-16 15:06:25 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-16 15:06
ComboFix2.txt 2010-01-16 14:21
ComboFix3.txt 2010-01-15 13:06

Avant-CF: 5 193 891 840 octets libres
Après-CF: 5 175 406 592 octets libres

- - End Of File - - E589ECB686854F4ABFD0FF31F8347C84
0
Réponse 66 / 68
fix200 Messages postés 3243 Date d'inscription dimanche 28 décembre 2008 Statut Contributeur sécurité Dernière intervention 7 février 2011 158
16 janv. 2010 à 20:08
Re,

Tu n'a pas fait la manip' de sfc /scannow ...
Fais-la maintenant, c'est important.

+
0
Réponse 67 / 68
Profil bloqué
16 janv. 2010 à 22:06
J'ai prêté mon cd windows a un ami je vais le récupérer demain et je vais faire la manipulation . merci pour ton aide.
0
Réponse 68 / 68
fix200 Messages postés 3243 Date d'inscription dimanche 28 décembre 2008 Statut Contributeur sécurité Dernière intervention 7 février 2011 158
17 janv. 2010 à 20:31
Ok ;)
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
y a t'il des virus qu'avast ne detecte pas
davivid -
Utilisateur anonyme -

24 réponses
Mon ordinateur a été infecté par un virus ou
henry4002 -
jorginho67 -

6 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses