Erreur 1303
astrololo
-
astrololo -
astrololo -
Bonjour,
Mon ordi me fait quelque chose d'étrange que je ne parviens pas à résoudre.
Alors que j'essaie d'installer adobe acrobat pro, l'installation bloque à cause d'un message d'erreur qui dit:
error 1303. The installer has insufficient privileges to acces this directory: C:/documents and settings/allusers/documents/adobe pdf. The installation cannot continue. Log on as an administrator or contact your system administrator.
De plus, lorsque je vais dans mon poste de travail, il m'est possible d'ouvrir le dossier Documents, l'accès est refusé.
Je crois que mon problème vient de là.
J'ai utilisé les programmes que je connais dont Ccleaner, Adaware, registrysmart mais rien n'y fait, quelqu'un a une idée svp?
Je possède Windows XP édition familiale et je suis le seul administrateur.
J'ai attrapé aussi dcads auparavant mais normalement, c'est réglé... peut être est ce à cause de ça?
Merci d'avance.
Laurent
Mon ordi me fait quelque chose d'étrange que je ne parviens pas à résoudre.
Alors que j'essaie d'installer adobe acrobat pro, l'installation bloque à cause d'un message d'erreur qui dit:
error 1303. The installer has insufficient privileges to acces this directory: C:/documents and settings/allusers/documents/adobe pdf. The installation cannot continue. Log on as an administrator or contact your system administrator.
De plus, lorsque je vais dans mon poste de travail, il m'est possible d'ouvrir le dossier Documents, l'accès est refusé.
Je crois que mon problème vient de là.
J'ai utilisé les programmes que je connais dont Ccleaner, Adaware, registrysmart mais rien n'y fait, quelqu'un a une idée svp?
Je possède Windows XP édition familiale et je suis le seul administrateur.
J'ai attrapé aussi dcads auparavant mais normalement, c'est réglé... peut être est ce à cause de ça?
Merci d'avance.
Laurent
A voir également:
- Erreur 1303
- Erreur t32 ✓ - Forum Livebox
- Une erreur s'est produite instagram ✓ - Forum Instagram
- Erreur 3000 france tv - Forum Lecteurs et supports vidéo
- Erreur 0x80070643 - Accueil - Windows
- Erreur 0x80070643 Windows 10 : comment résoudre le problème de la mise à jour KB5001716 - Accueil - Windows
5 réponses
Bonjour
Tu as probablement perdu une partie de tes droits d'administrateur, fais ceci :
Télécharge ComboFix
---> http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
Ferme ton navigateur web et tous les programmes ouverts avant d'exécuter ce programme.
Double-clic dessus et appuye sur "1" pour continuer
Attends quelques minutes..
Un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
Tu peux jeter le programme dès que c'est fait.
Tu as probablement perdu une partie de tes droits d'administrateur, fais ceci :
Télécharge ComboFix
---> http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
Ferme ton navigateur web et tous les programmes ouverts avant d'exécuter ce programme.
Double-clic dessus et appuye sur "1" pour continuer
Attends quelques minutes..
Un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
Tu peux jeter le programme dès que c'est fait.
Bonjour,
Merci pour ta réponse, je t'avoue que ça me casse les pieds cette histoire car je prends du retard dans mon boulot.
J'ai essayé le lien que tu me donnes mais lorsque je lance le programme, il me dit que ce n'est pas une application win32 valide???
Dois je télécharger une autre version?
Si tu veux un scan de mon ordi, est ce que hijackthis peut t'aider à m'aider?
Merci pour tout.
Merci pour ta réponse, je t'avoue que ça me casse les pieds cette histoire car je prends du retard dans mon boulot.
J'ai essayé le lien que tu me donnes mais lorsque je lance le programme, il me dit que ce n'est pas une application win32 valide???
Dois je télécharger une autre version?
Si tu veux un scan de mon ordi, est ce que hijackthis peut t'aider à m'aider?
Merci pour tout.
Non, ne fait pas hijackthis pour le moment.
Fais ce scan anti-virus en ligne avec Bitdefender et colle le rapport ici dès qu'il a terminé.
Tout est expliqué sur le lien ci-dessous
----> https://kerio.probb.fr/t673-bitdefender-antivirus-en-ligne
A++
Fais ce scan anti-virus en ligne avec Bitdefender et colle le rapport ici dès qu'il a terminé.
Tout est expliqué sur le lien ci-dessous
----> https://kerio.probb.fr/t673-bitdefender-antivirus-en-ligne
A++
coucou,
Finalement, j'ai téléchargé combofix à partir d'un autre lien et cela fonctionne. J'ai scané deux fois l'ordi avec ce programme.
La première fois, je n'ai pas eu de rapport par contre. Windows a redémarré aussi.
Voici le rapport:
Merci pour ton aide, c'est sympa.
ComboFix 08-01-20.1 - Lolo 2008-01-21 18:24:45.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.263 [GMT -6:00]
Running from: C:\Documents and Settings\Lolo\Bureau\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\SYSTEM32\rtvwa.ini
C:\WINDOWS\SYSTEM32\rtvwa.ini2
.
---- Previous Run -------
.
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\WINDOWS\Fonts\a.zip
C:\WINDOWS\pppatc~1
C:\WINDOWS\system32\wcpsvcc.exe
C:\WINDOWS\ymante~1
C:\x.dat
C:\z.dat
C:\WINDOWS\Fonts\'
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\nm
((((((((((((((((((((((((((((( Fichiers créés 2007-12-22 to 2008-01-22 ))))))))))))))))))))))))))))))))))))
.
2008-01-21 16:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-21 13:07 . 2008-01-21 13:07 <REP> d-------- C:\Documents and Settings\Invité\Application Data\HP
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-21 13:06 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-21 13:06 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-21 13:06 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-21 13:06 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-21 13:06 . 2005-06-13 19:19 <REP> d-------- C:\Documents and Settings\Invité\Application Data\Symantec
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-01-21 11:00 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-21 11:00 . 2005-06-13 19:19 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-01-20 20:07 . 2008-01-20 20:14 <REP> d-------- C:\Program Files\RegCure
2008-01-20 19:26 . 2008-01-20 19:30 <REP> d-------- C:\Program Files\RegistrySmart
2008-01-20 18:48 . 2008-01-20 19:22 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\Thinstall
2008-01-20 18:24 . 2008-01-20 18:43 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\RegistrySmart
2008-01-20 14:19 . 2008-01-20 14:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-01-20 14:18 . 2008-01-20 20:07 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\Azureus
2008-01-20 14:14 . 2008-01-20 14:15 <REP> d-------- C:\Program Files\Azureus
2008-01-17 23:29 . 2008-01-17 23:29 <REP> d-------- C:\Program Files\PDFCreator
2008-01-17 23:29 . 1998-07-13 02:08 141,312 --a------ C:\WINDOWS\SYSTEM32\MSCMCFR.DLL
2008-01-17 23:29 . 1998-06-24 01:00 137,000 --a------ C:\WINDOWS\SYSTEM32\MSMAPI32.OCX
2008-01-17 23:29 . 2001-10-28 17:42 116,224 --a------ C:\WINDOWS\SYSTEM32\pdfcmnnt.dll
2008-01-17 23:29 . 1998-07-13 02:08 59,904 --a------ C:\WINDOWS\SYSTEM32\MSCC2FR.DLL
2008-01-17 23:29 . 1998-07-06 01:00 23,552 --a------ C:\WINDOWS\SYSTEM32\MSMPIDE.DLL
2008-01-17 15:36 . 2008-01-20 17:59 <REP> d-------- C:\Program Files\Acro Software
2008-01-08 20:17 . 2008-01-20 20:39 <REP> d-------- C:\Program Files\a-squared Free
2008-01-08 19:14 . 2008-01-08 19:14 <REP> d-------- C:\Program Files\CCleaner
2008-01-08 18:39 . 2008-01-08 18:40 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\PrevxCSI
2008-01-08 18:39 . 2008-01-08 18:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2007-12-30 21:19 . 2007-12-30 21:21 <REP> d-------- C:\WINDOWS\SYSTEM32\fr-fr
2007-12-30 21:12 . 2007-10-10 17:49 6,065,664 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-12-30 21:12 . 2007-10-10 17:49 383,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-12-30 16:49 . 2007-12-30 16:49 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio
2007-12-30 15:28 . 2007-12-30 15:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-30 15:20 . 2007-12-30 15:20 <REP> d-------- C:\Program Files\Bonjour
2007-12-30 15:09 . 2007-12-30 15:09 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-30 15:04 . 2007-12-30 15:06 <REP> d-------- C:\Documents and Settings\Adobe Fireworks CS3\Adobe CS3
2007-12-29 14:32 . 2007-12-29 14:32 <REP> d-------- C:\Program Files\Windows Sidebar
2007-12-29 14:29 . 2007-12-30 12:51 <REP> d-------- C:\Program Files\Norton Internet Security
2007-12-29 14:25 . 2007-12-30 12:39 10,740 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.CAT
2007-12-29 14:25 . 2007-12-30 12:39 805 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.INF
2007-12-22 11:38 . 2007-12-22 11:38 <REP> d-------- C:\Program Files\Avira
2007-12-22 11:38 . 2007-12-22 11:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-12-22 11:29 . 2007-12-22 11:29 40 --a------ C:\WINDOWS\TSC.INI
2007-12-22 11:28 . 2007-12-22 11:28 <REP> d-------- C:\WINDOWS\AU_Temp
2007-12-22 11:28 . 2007-12-22 11:28 <REP> d-------- C:\WINDOWS\AU_Log
2007-12-22 11:28 . 2007-12-22 11:28 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-12-22 11:28 . 2007-12-22 11:28 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-12-22 11:28 . 2007-12-22 11:28 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-12-22 11:28 . 2007-12-22 11:28 170 --a------ C:\WINDOWS\GetServer.ini
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 22:20 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-21 22:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-15 19:40 --------- d-----w C:\Program Files\Pop-Up
2008-01-09 01:20 --------- d-----w C:\Program Files\Microsoft AntiSpyware
2007-12-31 03:38 39,936 ----a-w C:\WINDOWS\mrofinu1188.exe.tmp
2007-12-31 03:34 --------- d-----w C:\Program Files\Ad-Aware
2007-12-30 21:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-30 18:51 --------- d-----w C:\Program Files\QuickTime
2007-12-30 18:39 60,800 ----a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2007-12-30 18:39 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-30 18:39 --------- d-----w C:\Program Files\Symantec
2007-12-29 20:40 --------- d-----w C:\Documents and Settings\Lolo\Application Data\Symantec
2007-12-29 20:09 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-26 18:57 --------- d-----w C:\Program Files\Diablo II
2007-12-26 18:55 --------- d-----w C:\Program Files\Astrocycle3
2007-12-22 18:05 --------- d-----w C:\Program Files\Calendrier
2007-12-22 16:07 94,208 ----a-w C:\WINDOWS\SYSTEM32\igfxtray .exe
2007-12-22 16:07 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd .exe
2007-12-22 16:07 114,688 ----a-w C:\WINDOWS\SYSTEM32\igfxpers .exe
2007-12-21 00:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-21 00:09 147,456 ----a-w C:\WINDOWS\SYSTEM32\vbzip10.dll
2007-12-21 00:06 134 ----a-w C:\n.bat
2007-12-20 23:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
2007-12-20 23:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-20 23:02 --------- d-----w C:\Program Files\Fichiers communs\Macromedia Shared
2007-12-20 23:02 --------- d-----w C:\Program Files\Fichiers communs\Macromedia
2007-12-20 23:02 --------- d-----w C:\Program Files\Dreamweaver
2007-12-20 23:00 --------- d-----w C:\Program Files\Dreamweaver MX 2004
2007-12-11 19:03 --------- d-----w C:\Documents and Settings\Lolo\Application Data\Calendrier Xtra
2007-12-07 22:34 150,016 ----a-w C:\WINDOWS\SYSTEM32\mpegdll.dll
2007-12-06 16:27 --------- d-----w C:\Documents and Settings\Lolo\Application Data\DivX
2007-12-04 02:05 --------- d-----w C:\Program Files\DivX
2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\SYSTEM32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll
2007-10-31 10:53 3,590,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-25 15:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-25 15:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wmasf.dll
.
[code]<pre>
----a-w 35,840 2007-12-22 16:08:03 C:\Documents and Settings\Lolo\Application Data\Microsoft\Windows\wsmuran .exe
----a-w 3,082,752 2007-12-22 16:07:55 C:\Program Files\Calendrier\Cld2000 .exe
----a-w 180,269 2007-12-22 16:07:37 C:\Program Files\Fichiers communs\Real\Update_OB\realsched .exe
----a-w 51,048 2007-12-30 17:25:37 C:\Program Files\Fichiers communs\Symantec Shared\ccApp .exe
----a-w 607,624 2007-12-29 20:45:33 C:\Program Files\Fichiers communs\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW .exe
----a-w 49,152 2007-12-30 17:25:46 C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w 132,496 2007-12-22 16:07:43 C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
----a-w 714,608 2007-12-29 20:45:40 C:\Program Files\Norton Internet Security\osCheck .exe
----a-w 536,576 2007-12-30 17:25:58 C:\Program Files\Pop-Up\PSFree .exe
----a-w 536,576 2007-12-30 18:58:33 C:\Program Files\Pop-Up\PSFree .exe
----a-w 98,304 2007-12-30 18:56:33 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:02 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:06 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:14 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:22 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:27 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:35 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:38 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:49 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:51 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:52 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:55 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:57 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:01 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:03 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:06 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:09 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:11 C:\Program Files\QuickTime\qttask .exe
----a-w 77,824 2007-12-22 16:07:43 C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w 114,688 2007-12-22 16:07:39 C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w 94,208 2007-12-22 16:07:38 C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>[/code]
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11716DF7-C66F-483D-84E9-7EDC72E98945}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2007-08-24 13:51 316784 --a------ C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2007-12-29 14:31 116088 --a------ C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 13:51 316784]
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-12-30 12:56 51048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [2007-12-30 12:56 98304]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-12-30 12:57 49152]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-12-30 12:57 714608]
"RegistrySmart"="C:\Program Files\RegistrySmart\RegistrySmart.exe" [2006-08-25 13:01 6443008]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 11:00 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2007-12-30 12:56 51048 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 11:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a------ 2005-03-04 10:26 606208 C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2005-05-31 04:33 122941 C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-01-27 00:02 86016 C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-02-23 15:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
--a------ 2005-07-12 14:35 473928 C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-27 15:50 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-27 15:50 81920 C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
--a------ 2004-12-09 12:58 86016 C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2003-11-19 16:48 32881 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2004-05-13 18:35 536576 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-05-13 04:23 98304 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" [2007-08-24 15:07]
R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 10:27]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2007-05-29 13:55]
S3 DCamUSBNW800;D-Link CIF Webcam;C:\WINDOWS\system32\DRIVERS\pcam800.sys [2002-09-10 23:22]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 10:27]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-29 20:53:18 C:\WINDOWS\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Lolo.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
"2008-01-21 23:00:00 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-01-21 02:08:31 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-01-21 01:15:29 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 18:29:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-21 18:30:58
ComboFix-quarantined-files.txt 2008-01-22 00:30:43
.
2008-01-09 15:03:09 --- E O F ---
Finalement, j'ai téléchargé combofix à partir d'un autre lien et cela fonctionne. J'ai scané deux fois l'ordi avec ce programme.
La première fois, je n'ai pas eu de rapport par contre. Windows a redémarré aussi.
Voici le rapport:
Merci pour ton aide, c'est sympa.
ComboFix 08-01-20.1 - Lolo 2008-01-21 18:24:45.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.263 [GMT -6:00]
Running from: C:\Documents and Settings\Lolo\Bureau\ComboFix.exe
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\SYSTEM32\rtvwa.ini
C:\WINDOWS\SYSTEM32\rtvwa.ini2
.
---- Previous Run -------
.
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\WINDOWS\Fonts\a.zip
C:\WINDOWS\pppatc~1
C:\WINDOWS\system32\wcpsvcc.exe
C:\WINDOWS\ymante~1
C:\x.dat
C:\z.dat
C:\WINDOWS\Fonts\'
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\nm
((((((((((((((((((((((((((((( Fichiers créés 2007-12-22 to 2008-01-22 ))))))))))))))))))))))))))))))))))))
.
2008-01-21 16:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-21 13:07 . 2008-01-21 13:07 <REP> d-------- C:\Documents and Settings\Invité\Application Data\HP
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-21 13:06 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-21 13:06 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-21 13:06 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-21 13:06 . 2008-01-21 13:07 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-21 13:06 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-21 13:06 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-21 13:06 . 2005-06-13 19:19 <REP> d-------- C:\Documents and Settings\Invité\Application Data\Symantec
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-21 11:00 . 2005-06-13 18:52 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-01-21 11:00 . 2005-06-13 18:52 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-01-21 11:00 . 2005-06-13 19:16 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-21 11:00 . 2005-06-13 19:19 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2008-01-20 20:07 . 2008-01-20 20:14 <REP> d-------- C:\Program Files\RegCure
2008-01-20 19:26 . 2008-01-20 19:30 <REP> d-------- C:\Program Files\RegistrySmart
2008-01-20 18:48 . 2008-01-20 19:22 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\Thinstall
2008-01-20 18:24 . 2008-01-20 18:43 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\RegistrySmart
2008-01-20 14:19 . 2008-01-20 14:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-01-20 14:18 . 2008-01-20 20:07 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\Azureus
2008-01-20 14:14 . 2008-01-20 14:15 <REP> d-------- C:\Program Files\Azureus
2008-01-17 23:29 . 2008-01-17 23:29 <REP> d-------- C:\Program Files\PDFCreator
2008-01-17 23:29 . 1998-07-13 02:08 141,312 --a------ C:\WINDOWS\SYSTEM32\MSCMCFR.DLL
2008-01-17 23:29 . 1998-06-24 01:00 137,000 --a------ C:\WINDOWS\SYSTEM32\MSMAPI32.OCX
2008-01-17 23:29 . 2001-10-28 17:42 116,224 --a------ C:\WINDOWS\SYSTEM32\pdfcmnnt.dll
2008-01-17 23:29 . 1998-07-13 02:08 59,904 --a------ C:\WINDOWS\SYSTEM32\MSCC2FR.DLL
2008-01-17 23:29 . 1998-07-06 01:00 23,552 --a------ C:\WINDOWS\SYSTEM32\MSMPIDE.DLL
2008-01-17 15:36 . 2008-01-20 17:59 <REP> d-------- C:\Program Files\Acro Software
2008-01-08 20:17 . 2008-01-20 20:39 <REP> d-------- C:\Program Files\a-squared Free
2008-01-08 19:14 . 2008-01-08 19:14 <REP> d-------- C:\Program Files\CCleaner
2008-01-08 18:39 . 2008-01-08 18:40 <REP> d-------- C:\Documents and Settings\Lolo\Application Data\PrevxCSI
2008-01-08 18:39 . 2008-01-08 18:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2007-12-30 21:19 . 2007-12-30 21:21 <REP> d-------- C:\WINDOWS\SYSTEM32\fr-fr
2007-12-30 21:12 . 2007-10-10 17:49 6,065,664 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-12-30 21:12 . 2007-10-10 17:49 383,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-12-30 16:49 . 2007-12-30 16:49 <REP> d-------- C:\Program Files\Fichiers communs\SWF Studio
2007-12-30 15:28 . 2007-12-30 15:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-30 15:20 . 2007-12-30 15:20 <REP> d-------- C:\Program Files\Bonjour
2007-12-30 15:09 . 2007-12-30 15:09 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-12-30 15:04 . 2007-12-30 15:06 <REP> d-------- C:\Documents and Settings\Adobe Fireworks CS3\Adobe CS3
2007-12-29 14:32 . 2007-12-29 14:32 <REP> d-------- C:\Program Files\Windows Sidebar
2007-12-29 14:29 . 2007-12-30 12:51 <REP> d-------- C:\Program Files\Norton Internet Security
2007-12-29 14:25 . 2007-12-30 12:39 10,740 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.CAT
2007-12-29 14:25 . 2007-12-30 12:39 805 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.INF
2007-12-22 11:38 . 2007-12-22 11:38 <REP> d-------- C:\Program Files\Avira
2007-12-22 11:38 . 2007-12-22 11:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-12-22 11:29 . 2007-12-22 11:29 40 --a------ C:\WINDOWS\TSC.INI
2007-12-22 11:28 . 2007-12-22 11:28 <REP> d-------- C:\WINDOWS\AU_Temp
2007-12-22 11:28 . 2007-12-22 11:28 <REP> d-------- C:\WINDOWS\AU_Log
2007-12-22 11:28 . 2007-12-22 11:28 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-12-22 11:28 . 2007-12-22 11:28 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-12-22 11:28 . 2007-12-22 11:28 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-12-22 11:28 . 2007-12-22 11:28 170 --a------ C:\WINDOWS\GetServer.ini
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-21 22:20 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-21 22:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-15 19:40 --------- d-----w C:\Program Files\Pop-Up
2008-01-09 01:20 --------- d-----w C:\Program Files\Microsoft AntiSpyware
2007-12-31 03:38 39,936 ----a-w C:\WINDOWS\mrofinu1188.exe.tmp
2007-12-31 03:34 --------- d-----w C:\Program Files\Ad-Aware
2007-12-30 21:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-30 18:51 --------- d-----w C:\Program Files\QuickTime
2007-12-30 18:39 60,800 ----a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2007-12-30 18:39 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-30 18:39 --------- d-----w C:\Program Files\Symantec
2007-12-29 20:40 --------- d-----w C:\Documents and Settings\Lolo\Application Data\Symantec
2007-12-29 20:09 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-26 18:57 --------- d-----w C:\Program Files\Diablo II
2007-12-26 18:55 --------- d-----w C:\Program Files\Astrocycle3
2007-12-22 18:05 --------- d-----w C:\Program Files\Calendrier
2007-12-22 16:07 94,208 ----a-w C:\WINDOWS\SYSTEM32\igfxtray .exe
2007-12-22 16:07 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd .exe
2007-12-22 16:07 114,688 ----a-w C:\WINDOWS\SYSTEM32\igfxpers .exe
2007-12-21 00:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-21 00:09 147,456 ----a-w C:\WINDOWS\SYSTEM32\vbzip10.dll
2007-12-21 00:06 134 ----a-w C:\n.bat
2007-12-20 23:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Macrovision
2007-12-20 23:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-20 23:02 --------- d-----w C:\Program Files\Fichiers communs\Macromedia Shared
2007-12-20 23:02 --------- d-----w C:\Program Files\Fichiers communs\Macromedia
2007-12-20 23:02 --------- d-----w C:\Program Files\Dreamweaver
2007-12-20 23:00 --------- d-----w C:\Program Files\Dreamweaver MX 2004
2007-12-11 19:03 --------- d-----w C:\Documents and Settings\Lolo\Application Data\Calendrier Xtra
2007-12-07 22:34 150,016 ----a-w C:\WINDOWS\SYSTEM32\mpegdll.dll
2007-12-06 16:27 --------- d-----w C:\Documents and Settings\Lolo\Application Data\DivX
2007-12-04 02:05 --------- d-----w C:\Program Files\DivX
2007-12-01 05:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys
2007-12-01 05:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys
2007-12-01 05:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat
2007-12-01 05:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat
2007-12-01 05:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat
2007-12-01 05:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf
2007-12-01 05:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf
2007-12-01 05:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\SYSTEM32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll
2007-10-31 10:53 3,590,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-25 15:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-25 15:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wmasf.dll
.
[code]<pre>
----a-w 35,840 2007-12-22 16:08:03 C:\Documents and Settings\Lolo\Application Data\Microsoft\Windows\wsmuran .exe
----a-w 3,082,752 2007-12-22 16:07:55 C:\Program Files\Calendrier\Cld2000 .exe
----a-w 180,269 2007-12-22 16:07:37 C:\Program Files\Fichiers communs\Real\Update_OB\realsched .exe
----a-w 51,048 2007-12-30 17:25:37 C:\Program Files\Fichiers communs\Symantec Shared\ccApp .exe
----a-w 607,624 2007-12-29 20:45:33 C:\Program Files\Fichiers communs\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW .exe
----a-w 49,152 2007-12-30 17:25:46 C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w 132,496 2007-12-22 16:07:43 C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
----a-w 714,608 2007-12-29 20:45:40 C:\Program Files\Norton Internet Security\osCheck .exe
----a-w 536,576 2007-12-30 17:25:58 C:\Program Files\Pop-Up\PSFree .exe
----a-w 536,576 2007-12-30 18:58:33 C:\Program Files\Pop-Up\PSFree .exe
----a-w 98,304 2007-12-30 18:56:33 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:02 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:06 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:14 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:22 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:27 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:35 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:38 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:49 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:51 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:52 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:55 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:16:57 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:01 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:03 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:06 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:09 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-01-09 04:17:11 C:\Program Files\QuickTime\qttask .exe
----a-w 77,824 2007-12-22 16:07:43 C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w 114,688 2007-12-22 16:07:39 C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w 94,208 2007-12-22 16:07:38 C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>[/code]
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11716DF7-C66F-483D-84E9-7EDC72E98945}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
2007-08-24 13:51 316784 --a------ C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2007-12-29 14:31 116088 --a------ C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E015787-B1E3-404a-95DE-3E71E1FA0305}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 13:51 316784]
[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-12-30 12:56 51048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [2007-12-30 12:56 98304]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-12-30 12:57 49152]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-12-30 12:57 714608]
"RegistrySmart"="C:\Program Files\RegistrySmart\RegistrySmart.exe" [2006-08-25 13:01 6443008]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 11:00 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 20:40:10 210520]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2007-12-30 12:56 51048 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2004-08-05 11:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a------ 2005-03-04 10:26 606208 C:\Program Files\Dell\QuickSet\quickset.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2005-05-31 04:33 122941 C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-01-27 00:02 86016 C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-02-23 15:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
--a------ 2005-07-12 14:35 473928 C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-07-27 15:50 221184 C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-07-27 15:50 81920 C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
--a------ 2004-12-09 12:58 86016 C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2003-11-19 16:48 32881 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2004-05-13 18:35 536576 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
--a------ 2004-05-13 04:23 98304 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" [2007-08-24 15:07]
R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 10:27]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2007-05-29 13:55]
S3 DCamUSBNW800;D-Link CIF Webcam;C:\WINDOWS\system32\DRIVERS\pcam800.sys [2002-09-10 23:22]
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys [2007-08-09 10:27]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
*Newly Created Service* - COMHOST
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-29 20:53:18 C:\WINDOWS\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Lolo.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
"2008-01-21 23:00:00 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-01-21 02:08:31 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-01-21 01:15:29 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-21 18:29:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-21 18:30:58
ComboFix-quarantined-files.txt 2008-01-22 00:30:43
.
2008-01-09 15:03:09 --- E O F ---
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
C'est encore moi, j'ai quand même fait une analyse avec le dernier lien que tu m'as donné, voici le rapport:
<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >
<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Rapport d'analyse généré à: Mon, Jan 21, 2008 - 19:30:12</b></span></font></p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Voie d'analyse: </b></span><span style="font-size:10pt;">C:\DRIVERS;C:\Program Files;C:\WINDOWS;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistiques</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Temps</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">00:35:54</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">254349</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Directoires</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">4843</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Secteurs de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">4</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">773</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14898</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Résultats</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus identifiés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers infectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers suspects</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Désinfectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers effacés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Info sur les moteurs</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Définition virus</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">892734</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Version des moteurs</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">38</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">7</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Système plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Paramètres d'analyse</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Première action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Désinfecté</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Seconde Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristique</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Acceptez les avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Extensions analysées</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Excludez les extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse d'emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyser paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan=2>
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Fichier analysé</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Statut</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Downloader.Agent.YXR</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr>
</table>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
</table>
<p> </p>
</body>
</html>
<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >
<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Rapport d'analyse généré à: Mon, Jan 21, 2008 - 19:30:12</b></span></font></p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Voie d'analyse: </b></span><span style="font-size:10pt;">C:\DRIVERS;C:\Program Files;C:\WINDOWS;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistiques</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Temps</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">00:35:54</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">254349</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Directoires</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">4843</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Secteurs de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">4</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">773</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14898</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Résultats</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus identifiés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers infectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers suspects</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Désinfectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers effacés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Info sur les moteurs</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Définition virus</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">892734</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Version des moteurs</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">38</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">7</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Système plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Paramètres d'analyse</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Première action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Désinfecté</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Seconde Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristique</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Acceptez les avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Extensions analysées</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">*;</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Excludez les extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse d'emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyser paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan=2>
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Fichier analysé</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Statut</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Downloader.Agent.YXR</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\WINDOWS\mrofinu1188.exe.tmp</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr>
</table>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
</table>
<p> </p>
</body>
</html>
