A voir également:
- Speed monitor
- Fan speed - Télécharger - Informations & Diagnostic
- Hw monitor - Télécharger - Informations & Diagnostic
- CPUID HWmonitor Portable (32 & 64bit) - Télécharger - Informations & Diagnostic
- Need for speed: world - Télécharger - Jeux vidéo
- Security monitor pro - Télécharger - TV & Vidéo
3 réponses
anthony21
Messages postés
29
Date d'inscription
vendredi 2 novembre 2007
Statut
Membre
Dernière intervention
2 novembre 2007
2
2 nov. 2007 à 09:39
2 nov. 2007 à 09:39
telecharge SPYWARE DOCTOR :)
j'ai téléchargé spyware doctor qui a détecté 137 infections, qui dois-je faire pour désinfecter?
Merci
Merci
voilà le rapport de combofix :
ComboFix 07-11-08.1 - HUC Sabine 2007-11-14 18:54:57.1 - NTFSx86
Running from: C:\Documents and Settings\HUC Sabine\Local Settings\Temporary Internet Files\Content.IE5\BLB9R7CK\ComboFix[1].exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\QdrPack
C:\Program Files\QdrPack\dicts.gz
C:\Program Files\QdrPack\QdrPack9.exe
C:\Program Files\QdrPack\trgts.gz
C:\WINDOWS\b111.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\b148.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-14 to 2007-11-14 ))))))))))))))))))))))))))))))))))))
.
2007-11-14 18:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-14 15:08 <REP> dr------- C:\Documents and Settings\LocalService\Favoris
2007-11-04 11:09 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-11-03 09:49 <REP> d-------- C:\Program Files\QdrModule
2007-10-23 18:41 <REP> d-------- C:\Documents and Settings\HUC Sabine\Application Data\Pogo Games
2007-10-23 18:41 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-10-23 18:40 <REP> d-------- C:\Program Files\Pogo FR
2007-10-21 11:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2007-10-21 11:55 <REP> d-------- C:\Program Files\ReflexiveArcade
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-14 17:45 --------- d-----w C:\Program Files\Wanadoo
2007-11-06 14:50 --------- d-s---w C:\Program Files\Fichiers communs\Teknum Systems
2007-11-05 11:27 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2007-10-03 17:27 --------- d-----w C:\Documents and Settings\HUC Sabine\Application Data\DivX
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-20 13:38 16,384,512 ----a-w C:\WINDOWS\RTHDCPL.exe
2007-01-12 19:34 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]
C:\Program Files\ISM\BndDrive7.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 07:35]
"nwiz"="nwiz.exe" [2006-10-31 07:35 C:\WINDOWS\system32\nwiz.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-01-12 20:01]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-31 07:35]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 14:38 C:\WINDOWS\RTHDCPL.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-28 16:28]
"WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [2004-08-23 14:50]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"Update Service"="C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9dd049cf-0b86-11dc-bbc3-806d6172696f}]
\Shell\AutoRun\command - D:\Run.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c7f9a3-2f9e-11dc-9a33-00032f4613ba}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-01-12 22:53:40 C:\WINDOWS\Tasks\HDReg.job"
- C:\Program Files\HDReg\HDRegRem.exe
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-14 18:56:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-11-14 18:57:36
.
--- E O F ---
ComboFix 07-11-08.1 - HUC Sabine 2007-11-14 18:54:57.1 - NTFSx86
Running from: C:\Documents and Settings\HUC Sabine\Local Settings\Temporary Internet Files\Content.IE5\BLB9R7CK\ComboFix[1].exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\QdrPack
C:\Program Files\QdrPack\dicts.gz
C:\Program Files\QdrPack\QdrPack9.exe
C:\Program Files\QdrPack\trgts.gz
C:\WINDOWS\b111.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\b148.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-14 to 2007-11-14 ))))))))))))))))))))))))))))))))))))
.
2007-11-14 18:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-14 15:08 <REP> dr------- C:\Documents and Settings\LocalService\Favoris
2007-11-04 11:09 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-11-03 09:49 <REP> d-------- C:\Program Files\QdrModule
2007-10-23 18:41 <REP> d-------- C:\Documents and Settings\HUC Sabine\Application Data\Pogo Games
2007-10-23 18:41 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-10-23 18:40 <REP> d-------- C:\Program Files\Pogo FR
2007-10-21 11:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear
2007-10-21 11:55 <REP> d-------- C:\Program Files\ReflexiveArcade
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-14 17:45 --------- d-----w C:\Program Files\Wanadoo
2007-11-06 14:50 --------- d-s---w C:\Program Files\Fichiers communs\Teknum Systems
2007-11-05 11:27 46,080 ----a-w C:\WINDOWS\system32\ftp.exe
2007-10-03 17:27 --------- d-----w C:\Documents and Settings\HUC Sabine\Application Data\DivX
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-20 13:38 16,384,512 ----a-w C:\WINDOWS\RTHDCPL.exe
2007-01-12 19:34 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]
C:\Program Files\ISM\BndDrive7.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 07:35]
"nwiz"="nwiz.exe" [2006-10-31 07:35 C:\WINDOWS\system32\nwiz.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-01-12 20:01]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-31 07:35]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 14:38 C:\WINDOWS\RTHDCPL.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-28 16:28]
"WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [2004-08-23 14:50]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"Update Service"="C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9dd049cf-0b86-11dc-bbc3-806d6172696f}]
\Shell\AutoRun\command - D:\Run.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1c7f9a3-2f9e-11dc-9a33-00032f4613ba}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-01-12 22:53:40 C:\WINDOWS\Tasks\HDReg.job"
- C:\Program Files\HDReg\HDRegRem.exe
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-14 18:56:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-11-14 18:57:36
.
--- E O F ---
