Pb Pub Cid sur mon portable

zooz73 -  
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,

J'ai un probleme avec la pub Cid sur mon portable . Jai comme systeme d'exploitation Vista.
Comme vous indiquiez auparavant jai installé ad Fix et je l'ai executé.
Le rapport est le suivant :

Ad-Fix v0.101e
by gchris

OPTION 1 (Scan) :

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Démarré à :

22:31:55,91 12/03/2008

Executé depuis :

C:\Users\Utilisateur\Downloads\hisjackthis\Ad-Fix

Os :

Microsoft Windows [version 6.0.6000]

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Recherche de fichier manquant

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Recherche de fichiers cachés (pas forcément mauvais)

Fichiers cachés à la racine du disque système :

bootmgr
F3Sr.BIN
hiberfil.sys
pagefile.sys
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm

Fichiers cachés dans le répertoire Windows :

WindowsShell.Manifest

Fichiers cachés dans le répertoire System32 :

7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
desktop.ini

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Analyse du registre

---------- USER AGENT -- POST PLATFORM

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SIMBAR={7977A2C8-52B5-4B08-BD20-C15101BACC02}"=""

----------

---------- AppInit_DLLs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000000

----------
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\media-motor.net Détecté !
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\contentmatch.net Détecté !
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com Détecté !

Complete!

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Recherche de fichiers et dossiers

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Terminé à 22:33:50,41

Que doit je faire après !!!!

Merci
Configuration: Windows Vista
Internet Explorer 7.0

5 réponses

  1. zooz73
     
    Mon Rapport avec le logiciel Hijackthis .
    Que dois je faire ?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:56:39, on 12/03/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUS\ATK Media\DMedia.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Windows\system32\conime.exe
    C:\Windows\notepad.exe
    C:\Windows\regedit.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Users\Utilisateur\Downloads\hisjackthis\eden.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [memo glue] "C:\ProgramData\Obj Dog Dog.tukfzh"
    O4 - HKLM\..\Run: [locks tick title proc] "C:\ProgramData\bat flag meet.alg2nkm"
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
    0
  2. zooz73
     
    Mon rapport avec combofix !!!!

    ComboFix 08-03-10.1 - Utilisateur 2008-03-13 22:26:15.1 - NTFSx86 MINIMAL
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1721 [GMT 1:00]
    Endroit: C:\Users\Utilisateur\Desktop\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\p4p
    C:\Program Files\p4p\Bookmark.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-13 20:47 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\OpenOffice.org2
    2008-03-12 21:28 --------- d-----w C:\Program Files\Lopxp
    2008-03-12 20:27 --------- d-----w C:\Program Files\Windows Mail
    2008-03-10 21:24 --------- d-----w C:\Program Files\Soccer-Trainer Démonstration
    2008-02-24 20:01 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\Intel
    2008-02-23 23:32 --------- d-----w C:\ProgramData\FAST IDOL REMOTE
    2008-02-23 23:32 --------- d-----w C:\ProgramData\bags readme locks tick
    2008-02-23 23:31 --------- d-----w C:\Program Files\FAST IDOL REMOTE
    2008-02-13 23:01 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-02-13 23:01 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
    2008-02-13 23:01 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 23:01 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 23:01 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 23:01 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 23:01 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-02-13 23:01 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
    2008-02-13 23:01 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
    2008-02-13 23:01 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 23:01 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
    2008-02-13 23:01 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
    2008-02-13 23:00 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 23:00 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 23:00 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 23:00 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 23:00 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 23:00 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 22:59 824,832 ----a-w C:\Windows\System32\wininet.dll
    2008-02-13 22:59 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-13 22:59 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-13 22:59 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-05 21:08 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\Sports Interactive
    2008-02-05 20:43 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
    2008-02-05 20:43 --------- d--h--r C:\Users\Utilisateur\AppData\Roaming\SecuROM
    2008-02-04 21:45 --------- d-----w C:\Program Files\Macrogaming
    2008-02-04 21:42 --------- d--h--w C:\Program Files\Zero G Registry
    2008-02-04 21:40 --------- d-----w C:\Program Files\Sports Interactive
    2008-02-04 20:47 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\Ahead
    2008-02-04 20:47 --------- d-----w C:\ProgramData\LightScribe
    2008-01-17 17:00 --------- d-----w C:\Program Files\Common Files\LightScribe
    2008-01-17 16:59 --------- d-----w C:\Program Files\Common Files\Ahead
    2008-01-17 16:58 --------- d-----w C:\ProgramData\Nero
    2008-01-17 16:52 --------- d-----w C:\Program Files\MSECache
    2008-01-17 16:36 --------- d-----w C:\Program Files\OpenOffice.org 2.3
    2008-01-17 16:33 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-01-17 16:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-01-17 16:10 --------- d-----w C:\Program Files\Alwil Software
    2008-01-17 16:08 174 --sha-w C:\Program Files\desktop.ini
    2008-01-17 16:04 --------- d-----w C:\Program Files\Windows Sidebar
    2008-01-17 16:04 --------- d-----w C:\Program Files\Windows Calendar
    2008-01-17 16:02 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-01-17 16:00 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
    2008-01-17 16:00 7,680 ----a-w C:\Windows\System32\spwmp.dll
    2008-01-17 16:00 4,096 ----a-w C:\Windows\System32\dxmasf.dll
    2008-01-17 16:00 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
    2008-01-17 15:58 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
    2008-01-17 15:57 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-01-17 15:57 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-01-17 15:57 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-01-17 15:55 84,480 ----a-w C:\Windows\System32\INETRES.dll
    2008-01-17 15:55 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
    2008-01-17 15:55 737,792 ----a-w C:\Windows\System32\inetcomm.dll
    2008-01-17 15:55 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
    2008-01-17 15:55 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-01-17 15:54 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
    2008-01-17 15:54 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
    2008-01-17 15:54 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
    2008-01-17 15:54 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
    2008-01-17 15:54 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
    2008-01-17 15:53 750,080 ----a-w C:\Windows\System32\qmgr.dll
    2008-01-17 15:53 5,120 ----a-w C:\Windows\System32\wmi.dll
    2008-01-17 15:53 152,576 ----a-w C:\Windows\System32\imagehlp.dll
    2008-01-17 15:53 12,800 ----a-w C:\Windows\system32\drivers\fs_rec.sys
    2008-01-17 15:47 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-01-17 15:45 --------- d-----w C:\Program Files\Java
    2008-01-17 15:45 --------- d-----w C:\Program Files\Common Files\Java
    2008-01-17 15:45 --------- d-----w C:\Program Files\CCleaner
    2008-01-17 15:44 --------- d-----w C:\Program Files\DivX
    2008-01-17 15:29 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-01-17 15:29 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-01-17 15:29 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-01-17 15:29 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-01-17 15:29 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-01-17 15:29 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-01-17 15:29 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-01-17 15:28 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-01-17 15:28 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-17 15:18 --------- d-----w C:\Program Files\ASUS
    2008-01-17 15:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-17 14:59 45,056 ----a-w C:\Windows\System32\acovcnt.exe
    2008-01-17 14:52 --------- d-----w C:\ProgramData\Microsoft Help
    2008-01-17 14:45 --------- d-----w C:\ProgramData\Symantec
    2008-01-17 14:43 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-01-17 14:29 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\ATI
    2008-01-17 14:19 --------- d-----w C:\Users\Utilisateur\AppData\Roaming\InstallShield
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 20:15 103712]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 04:06 4669440 C:\Windows\RtHDVCpl.exe]
    "Skytel"="Skytel.exe" [2007-06-15 09:45 1826816 C:\Windows\SkyTel.exe]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 13:37 174872]
    "SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-24 18:31 630784]
    "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 07:36 36864]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-02 22:24 857648]
    "ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 17:27 61440]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "memo glue"="C:\ProgramData\Obj Dog Dog.li7q9ud" [2008-03-13 22:02 270352]
    "locks tick title proc"="C:\ProgramData\bat flag meet.alg2nkm" [2008-02-24 00:32 114704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "GrpConv"="grpconv -o" []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKLM\~\startupfolder\C:^Users^Utilisateur^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.3.lnk]
    path=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk
    backup=C:\Windows\pss\OpenOffice.org 2.3.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
    --a------ 2007-11-06 07:04 37232 C:\Windows\ASScrProlog.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
    --a------ 2007-11-06 07:05 33136 C:\Windows\ASScrPro.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    --a------ 2007-06-20 12:49 451872 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
    --a------ 2006-11-10 21:35 90112 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    --a------ 2007-11-06 05:52 1006264 C:\Program Files\Windows Defender\MSASCui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-516294018-1651630959-2007581978-1000]
    "EnableNotificationsRef"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{C16EFEAE-32AC-4B8F-AB3E-43A6F8A5CDE3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
    "{6BAD9FFA-BA0C-43BA-900A-CA9BB4A50CC2}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
    "{CAF56C94-146B-4C3C-990F-070506AC0DC1}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
    "TCP Query User{9DB09DBB-6CF1-449F-833F-D52FF5DF9622}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
    "UDP Query User{D570ECFA-03D9-42EF-AF97-DF955EA5F5D1}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    S2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 03:13]
    S2 ASMMAP;ASMMAP;C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 20:09]
    S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
    S2 ATKGFNEXSrv;ATKGFNEX Service;C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-06-11 20:30]
    S2 ghaio;ghaio;C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 09:17]
    S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\l160x86.sys [2007-06-27 06:00]
    S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-06-13 08:28]
    S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 08:30]
    S3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-06-21 13:51]
    S3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 08:30]
    S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC);C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-05-25 03:15]
    S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys [2006-11-02 10:50]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    *Newly Created Service* - ECACHE

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-13 22:27:45
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-13 22:28:04
    ComboFix-quarantined-files.txt 2008-03-13 21:28:03
    .
    2008-03-12 20:25:42 --- E O F ---

    Que dois je faire apres.
    Merci de m'aider .
    0
  3. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    Salut

    * Télécharger Lopxp : (by Moe) : http://sosvirus.changelog.fr/Green_day/Lopxpsetup
    * Double cliquer sur Lopxpsetup.exe pour lancer l'installation
    * Au menu, choisir l'option 1
    * Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
    * Le contenu du rapport est situé dans : C:\Programfiles\Lopxp\cid.txt

    ==> poste le stp
    ++
    0
  4. zooz73
     
    j'arrive pas éxecuter votre fichier !!!
    je l'enregistre mais ça a pas l'air d'etre un .exe
    merci de m'aider
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 166
     
    un message d'erreur ??

    ++
    0