Sujet Précédent Sujet Suivant

HELP pls rien marche, ça c viruss ???

Résolu
feshnou92 Messages postés 263 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
j'ai un gros probleme là
j'ai téléchargé un truc et quand j'ai ouvert 2 secondes apres ya une page bleue qui me dit que mon Pc a un truc qui va pas. et que genre si ça se reproduisait bah faut aller consulté du genre
g débranché yavait que ça à faire et g redémarré. depuis je peux plus rien ouvrir comme fichier sinan ça me marque " que c'est pas un fichier win32" c'est koi ça win32??:!
jpeux meme plus ouvrir hijackthis pour faire un scann. Antivir (pffff) je peux meme plus l'ouvrir.
ah ouais j'ai Sunbelt Kerio Firewall aussi qui s'ouvre pas et qui me marqur "echec initialisation KFE/driver not found"

là je suis bloqué .
si ya quelqu'un qui peux m'aider ici ce serait stylé.

g le son qui marche plus aussi

g reussi a retelecharger hijack o bout de 4 fois :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:19:36, on 25/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\BtUsrBdg.exe
C:\WINDOWS\system32\BTSetBootKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\FEUCHE\Bureau\HiJackThis(2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
End of file - 6879 bytes

merci merci

15 réponses

Réponse 1 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------

Fais DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure

----------

* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse

Si, dans le rapport,elibaga tu vois un texte semblable à celui-ci

Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24
a "virus@satinfo.es". Gracias;

envoie ce(s) fichier(s) (dans l'exemple C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24 ) à l'adresse e-mail indiquée (virus@satinfo.es).

et ils mettront a jour elibaga dans les 48 heures ce qui permettra de virer le virus que tu as!!!

------------

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
2
feshnou92 Messages postés 263 Statut Membre 12
 
tout d'abord merci pour ton aide, tu me dépanne vraiment car je n'ai pas sù trouvé de soluce par moi meme sur le net..

j'ai fais une analyse combofix et apres un redemarrage auto voici le rapport

ComboFix 08-05-24.1 - FEUCHE 2008-05-25 16:50:32.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.280 [GMT 2:00]
Endroit: C:\Documents and Settings\FEUCHE\Bureau\killBagle.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\FEUCHE\Application Data\m
C:\Documents and Settings\FEUCHE\Application Data\m\data.oct
C:\Documents and Settings\FEUCHE\Application Data\m\list.oct
C:\Documents and Settings\FEUCHE\Application Data\m\shared
C:\Documents and Settings\FEUCHE\Application Data\m\shared\2Aquarium_Real_Life_2_1.0_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\3D_Pond_screensaver_1.1_(Key+Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\3DLinX ActiveX Rendering Engine 1.6 sp2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AB-Edit 1.2.1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Abac Camera 1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AdminLnk_1.1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Alt_Clock_Synchronizer_1.5.016_[Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Antivirus.Nod32.-Xp.Y.Win.98-.Con.Cracks.-Ok-.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ArtCine_NFO_Creator_2.0.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AShop Deluxe 4.1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ASPThumb_1.30.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AutoCAD_DXF_to_PDF_Converter_2006_3.223_[Patch].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Balder_Multiboot_2.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\BigMother 2.12 [Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Birds_of_the_Prairie_3D_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Call_RecordWare_pro_1.0.1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Chevrolet Camaro Screensaver 2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Chilkat_Crypt_.NET_7.8.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Client_Server_Security_for_SMB_3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Color Scheme Designer 1.0b.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Convert for .NET 2.5.2195.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Data_Conversion_Tool_1.0_Cracked.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Digital_DJ_Studio_4_4.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Doppelganger XP 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Easy HTML Autorun Builder 1.6.0 build 059.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyBMPtoAVI Movie Creator 0.55.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyCert 70-290 Exam Simulator 007.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyDesktop 8.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EF_Multi_File_Renamer_XP_1.10_(Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\eLearn.Fiat.Nouvo.Panda.Workshop.Manual.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ElectricBlue bluetooth stack 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\eMapZone 4.3.0.21.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EtherBoss_Monitor_(ICQ_Sniffer)_1.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EZ Scheduler 1.2a.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EzSearch 3.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Fair Winds Screensaver 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Fast_Destination_Finder²_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Flamin_HTML_Builder_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\free live sport toolbar for IE 4.5.132.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GearVox_3.0.6.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GenoSwatch 2.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Gnutella Donkey 1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Gold Calculator Gold 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GoToWebinar_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Helpart 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Helpinator Pro 1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\HTML_2_PHP_Convertor_4.0.0.807.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\HXTT Excel 1.0.003 (Crack).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\IndyCar_Racing_II_Windows_95.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\InnerSoft CAD for AutoCAD 2006 1.2b.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\InstallAware Setup Squeezer for MSI 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Jvw_Google_rank_and_pagerank_finder_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LangPad_-_Spanish_Characters.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Le_Lanceur_1.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LeadMan_2.3.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Light Web Searcher 1.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Thai 4.0.22.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2007 Polish - Chinese Mandarin Simplified 1.1.20.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Links_Organizer_2.1.157_(Cracked).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Magnificent_Moose_1.3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MainType_2.1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mask Surf Lite 2.2.3 (Patch).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mechanical_Clock_3D_Screensaver_1.0_build_5.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Medlin Budgeting 3.9.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MELMS_Pro_1.1_(With_Crack).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Microsoft Antigen for SMTP Gateways 9.1.1097.0 with Antigen Spam Manager 9.0 with SP 1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MicroSurfer Plus Edition 2.3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MP3 Audio Batch Converter 3.00.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Multipanes_1.0_(Key+Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mundo 95cinco 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MZKey 3 pre-release 1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\NCN Messenger 2.1.0218.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\nod32.2.70.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Object Spy 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\OfficeView_Pro_3.5_[Patch].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\OptimAccess_Dial_3.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PDF-File PDF Converter 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PE Reader 0.1.0.112 Beta.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Personal_Advisor_0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PhotoWarp 2.5.4.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Pic_Cutter_2.0_Key.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Picture_Doctor_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PostCast Server Free Edition 2.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Power Meter Plus 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PowerMapper 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Professor PageCraft 2.0.2009.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PWF_NewsWire_2.1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Qube_Desktop_Client_2.0.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Quick.Heal.Anti.Virus.v7.00.XGEN-FULL.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\QuikCalc_Mortgage_&_Loan_Manager_Personal_Edition_4.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Radiotracker_3.0.62.0_(Cracked).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Resource_Builder_2.6.2.0_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SBHistogram_1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Script_Editor_2.1.12_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Sea_Survival_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Secure2sign_2.5_Key+Serial.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Serp_EasySurf_1.1.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\seTimer 1.0.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SIGamp_Plug-In_for_Rhapsody_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Simple Calculator 1.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Simple Mortgage Calculator 1.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SkypeTransfer_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SpamBurner_1.67.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\StartupMonitor 1.0.50807.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\STGuru_Standard_Edition_2.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Sunflowers - Animated Screensaver 5.07.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Super DVD Copier 5.6.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Symantec.Antivirus.for.Handhelds.Corporate.Edition.v3.5.PalmOS.PPC.Retail-rGPDA.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\The Promise Of Ages 1.0.6.2634.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ThumbaWumba_2.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\TimeTraker1 1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Tom_Clancy's_Rainbow_Six_3_Raven_Shield_Closed_Security_Lodge_Map.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\TrafficTravis_2.0_[Key+Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Validator 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Vcard_Studio_Express_1.0.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Vista_Navigation_Bar_1.0.0_[Cracked].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Wings As Eagles 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Workspace_Macro_4.6.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\xCAT - Metro Reader 2.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\XK0-002_CompTIA_Linux+_8.05.05_Cracked.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\XMLPad_3.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\YahooSearch 2.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Yellow Buttercup Screensaver 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\srvlist.oct
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\100984.exe
C:\WINDOWS\system32\drivers\downld\102750.exe
C:\WINDOWS\system32\drivers\downld\105890.exe
C:\WINDOWS\system32\drivers\downld\106078.exe
C:\WINDOWS\system32\drivers\downld\111156.exe
C:\WINDOWS\system32\drivers\downld\114828.exe
C:\WINDOWS\system32\drivers\downld\120921.exe
C:\WINDOWS\system32\drivers\downld\121656.exe
C:\WINDOWS\system32\drivers\downld\124781.exe
C:\WINDOWS\system32\drivers\downld\127609.exe
C:\WINDOWS\system32\drivers\downld\129875.exe
C:\WINDOWS\system32\drivers\downld\131062.exe
C:\WINDOWS\system32\drivers\downld\133093.exe
C:\WINDOWS\system32\drivers\downld\138281.exe
C:\WINDOWS\system32\drivers\downld\139015.exe
C:\WINDOWS\system32\drivers\downld\143562.exe
C:\WINDOWS\system32\drivers\downld\143765.exe
C:\WINDOWS\system32\drivers\downld\148953.exe
C:\WINDOWS\system32\drivers\downld\155437.exe
C:\WINDOWS\system32\drivers\downld\156484.exe
C:\WINDOWS\system32\drivers\downld\158875.exe
C:\WINDOWS\system32\drivers\downld\173390.exe
C:\WINDOWS\system32\drivers\downld\176546.exe
C:\WINDOWS\system32\drivers\downld\179265.exe
C:\WINDOWS\system32\drivers\downld\1848312.exe
C:\WINDOWS\system32\drivers\downld\1865187.exe
C:\WINDOWS\system32\drivers\downld\1871187.exe
C:\WINDOWS\system32\drivers\downld\187890.exe
C:\WINDOWS\system32\drivers\downld\193640.exe
C:\WINDOWS\system32\drivers\downld\199156.exe
C:\WINDOWS\system32\drivers\downld\279312.exe
C:\WINDOWS\system32\drivers\downld\317343.exe
C:\WINDOWS\system32\drivers\downld\325781.exe
C:\WINDOWS\system32\drivers\downld\329015.exe
C:\WINDOWS\system32\drivers\downld\332390.exe
C:\WINDOWS\system32\drivers\downld\336703.exe
C:\WINDOWS\system32\drivers\downld\361796.exe
C:\WINDOWS\system32\drivers\downld\369250.exe
C:\WINDOWS\system32\drivers\downld\373468.exe
C:\WINDOWS\system32\drivers\downld\386546.exe
C:\WINDOWS\system32\drivers\downld\396453.exe
C:\WINDOWS\system32\drivers\downld\400734.exe
C:\WINDOWS\system32\drivers\downld\94093.exe
C:\WINDOWS\system32\drivers\downld\95562.exe
C:\WINDOWS\system32\drivers\downld\98531.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-25 to 2008-05-25 ))))))))))))))))))))))))))))))))))))
.

2008-05-25 06:50 . 2008-05-25 06:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-25 06:50 . 2008-05-25 06:50 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-25 06:48 . 2008-05-25 06:48 <REP> d-------- C:\Program Files\Trend Micro
2008-05-05 22:45 . 2008-05-05 22:45 <REP> d-------- C:\Program Files\AusLogics Disk Defrag
2008-05-05 13:45 . 2008-05-05 13:45 <REP> d-------- C:\Program Files\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-25 04:45 --------- d-----w C:\Program Files\eMule
2008-05-25 01:51 --------- d-----w C:\Program Files\CleanUp!
2008-05-22 01:45 254,869 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-05-22 00:25 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\AdobeUM
2008-05-16 06:42 --------- d-----w C:\Program Files\Google
2008-05-15 21:57 --------- d-----w C:\Program Files\a-squared Free
2008-05-07 07:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 21:07 --------- d-----w C:\Program Files\SpywareBlaster
2008-05-05 11:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-04-21 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 12:19 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-21 12:13 --------- d-----w C:\Program Files\Java
2008-04-21 12:12 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-04-21 11:41 --------- d-----w C:\Program Files\Pidgin
2008-04-21 11:40 --------- d-----w C:\Program Files\IKEA HomePlanner
2008-04-21 11:40 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-21 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-20 17:45 --------- d-----w C:\Program Files\WM Recorder 10.2
2008-04-20 17:43 737,280 -c--a-w C:\WINDOWS\iun6002.exe
2008-04-16 23:05 --------- d-----w C:\Program Files\Apple Software Update
2008-04-12 21:27 --------- d-----w C:\Program Files\Windows Live
2008-04-11 23:38 --------- d-----w C:\Program Files\MSN Messenger
2008-04-11 23:32 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-11 23:27 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-09 07:13 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Canon
2008-04-01 17:09 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-28 11:07 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Apple Computer
2008-03-26 21:31 --------- d-----w C:\Program Files\Safari
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-03-30 23:36 25,980,320 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-30 23:36 2,874,926 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2007-03-01 05:53 2,310 -c--a-w C:\Program Files\stefan.txt
2007-02-22 00:39 374 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb6334.dat
2007-02-21 19:13 538 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb8467.dat
2007-02-21 19:13 18,432 ----a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb41.dat
2007-02-18 18:15 7 -c--a-w C:\Program Files\nomutil.txt
2004-06-18 10:05 45,056 ----a-w C:\WINDOWS\inf\Slntinst.exe
2003-08-22 10:09 45,056 ----a-w C:\WINDOWS\inf\slntinst_staticW2k.exe
2002-09-30 04:00 12,800 ----a-w C:\Documents and Settings\FEUCHE\cnmss Canon MP700 Printer (Copie 1) (Local).exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14:36 14854144 C:\WINDOWS\RTHDCPL.exe]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 07:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 07:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"BTUSRBDG"="BtUsrBdg.exe" [2003-11-05 23:21 53248 C:\WINDOWS\system32\BtUsrBdg.exe]
"BTSETBOOTKEY"="BTSetBootKey.exe" [2003-04-15 11:48 36864 C:\WINDOWS\system32\BTSetBootKey.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-25 16:55 262401]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^BJ Status Monitor Canon MP700 Printer (Copie 1).lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\BJ Status Monitor Canon MP700 Printer (Copie 1).lnk
backup=C:\WINDOWS\pss\BJ Status Monitor Canon MP700 Printer (Copie 1).lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AspireService]
--a------ 2006-06-09 12:24 110592 C:\Program Files\Acer\Acer eMode Management\AspireService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-13 16:57 5308416 C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-29 21:50 143360 C:\Program Files\Acer TV-FM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"=
"C:\\Program Files\\Acer TV-FM\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\TEMP\\CI_HITACHI\\MAJ_Hitachi.exe"=
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 09:00]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 10:56]
R3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2004-09-28 17:19]
R3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 12:31]
R3 sfr0901;SFR Connexion Adapter V9;C:\WINDOWS\system32\DRIVERS\sfr0901.sys [2007-11-08 20:29]
R3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [2005-04-13 18:02]
S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;C:\WINDOWS\system32\Drivers\athwpn.sys []
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 12:10]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 07:00]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]
S4 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 10:56]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-16 20:34:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-25 17:08:04
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-25 17:11:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-25 15:11:27

Pre-Run: 493,162,496 octets libres
Post-Run: 509,136,896 octets libres

359 --- E O F --- 2008-05-16 22:02:09






je continu ensuite ce que tu m'as dit de faire demarrer,exectuter mrt etc... je te tiens au courant
0
Réponse 2 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok
et vire tout tes crack...

a plus
0
feshnou92 Messages postés 263 Statut Membre 12
 
ok je te remercie pour tout
ça à l'air de fonctionner beaucoup mieux

sinon qu'est ce que tu entends par" vire tous tes crack "??


et vu que antivir et sunbelt kerio firewall ont pas été tres efficace tu peux me conseiller un bon antivirus? sinon je crois que je vais remettre avast que j'avais auparavent


merci
0
Réponse 3 / 15
feshnou92 Messages postés 263 Statut Membre 12
 
Sun May 25 17:19:04 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun May 25 21:45:40 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun May 25 21:45:43 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\138281.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\143562.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 7367
Nº Total de Ficheros: 73579
Nº de Ficheros Analizados: 10501
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados: 2

Sun May 25 21:49:59 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 7367
Nº Total de Ficheros: 73577
Nº de Ficheros Analizados: 10499
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sun May 25 21:51:19 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 7367
Nº Total de Ficheros: 73577
Nº de Ficheros Analizados: 10499
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sun May 25 21:53:35 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun May 25 21:53:38 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 7367
Nº Total de Ficheros: 73577
Nº de Ficheros Analizados: 10499
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sun May 25 21:54:22 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun May 25 21:54:26 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\

Nº Total de Directorios: 268
Nº Total de Ficheros: 8050
Nº de Ficheros Analizados: 0
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sun May 25 21:54:36 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\

Nº Total de Directorios: 268
Nº Total de Ficheros: 8050
Nº de Ficheros Analizados: 0
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
0
feshnou92 Messages postés 263 Statut Membre 12
 
o 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.atdmt.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.tradedoubler.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.fastclick.net/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.mediaplex.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Cookies\karl@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Cookies\feuche@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[fe.lea.lycos.fr/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.bs.serving-sys.com/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[statse.webtrendslive.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.overture.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.zedo.com/]
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.metriweb.be/]
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.metriweb.be/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.bluestreak.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.go.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067786.exe[327882R2FWJFW\NirCmdC.cfexe]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067785.exe[327882R2FWJFW\NirCmdC.cfexe]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\Documents and Settings\FEUCHE\Bureau\killBagle.exe[327882R2FWJFW\NirCmdC.cfexe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067789.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067773.sys
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\catchme2008-05-25_165835,32.zip[wintems.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067732.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067734.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\catchme2008-05-25_165835,32.zip[mdelk.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067771.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067772.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067781.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP469\A0067656.exe
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\1848312.exe.vir
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes Yes C:\System Vo
0
Réponse 4 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

________________
remets tes protection : antivir.... (colle un rapport antivir)
0
feshnou92 Messages postés 263 Statut Membre 12
 
0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.atdmt.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.tradedoubler.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.fastclick.net/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.mediaplex.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Cookies\karl@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Cookies\feuche@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[fe.lea.lycos.fr/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.bs.serving-sys.com/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[fl01.ct2.comclick.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[statse.webtrendslive.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.overture.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.zedo.com/]
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.metriweb.be/]
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.metriweb.be/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.bluestreak.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt.old[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\FEUCHE\Application Data\Mozilla\Firefox\Profiles\p8gj04l0.default\cookies.txt[.adultfriendfinder.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.go.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Karl\Application Data\Mozilla\Firefox\Profiles\9558yuce.default\cookies.txt[.smartadserver.com/]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067786.exe[327882R2FWJFW\NirCmdC.cfexe]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067785.exe[327882R2FWJFW\NirCmdC.cfexe]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\Documents and Settings\FEUCHE\Bureau\killBagle.exe[327882R2FWJFW\NirCmdC.cfexe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067789.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067773.sys
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\catchme2008-05-25_165835,32.zip[wintems.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067732.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067734.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\catchme2008-05-25_165835,32.zip[mdelk.exe]
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067771.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067772.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP470\A0067781.exe
02898934 W32/Bagle.RP.worm Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP469\A0067656.exe
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes Yes C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\1848312.exe.vir
02913360 W32/Bagle.SP.worm Virus/Worm No 1 Yes Yes C:\System Vo
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok

vire ce qui est dans le dossier quarantine en allant dans poste de travail puis

C:\QooBox\Quarantine

____________________

utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
____________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans
puis redemare ton ordi
puis réactive là :
https://www.informatruc.com

________________

reinstalle antivir et colle un rapport avec
0
feshnou92 Messages postés 263 Statut Membre 12
 
je crois avoir tout fait mais g merdé au moment de restaurer et redemarrer. là g créé un point de restauration puis je fais une analyse minutieuse avast.
il me detecte pleins de virus et vers et cheval de troie. je les met en quarantaine .
jsais pas si c tres normal tout ça . tu sais ce ke jdois faire a present
merci pour ton aide jlp
0
Réponse 6 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu as remis avast ou antivir?

déjà si il marche c'est bon signe!
______________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans
puis redemare ton ordi
puis réactive là :
https://www.informatruc.com

_______________

scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

_______________

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
0
feshnou92 Messages postés 263 Statut Membre 12
 
je peux recommencer toute l'operation depuis le debut??

depuis combofix?
0
Réponse 7 / 15
feshnou92 Messages postés 263 Statut Membre 12
 
g recommencé, voici le rapport :

ComboFix 08-05-25.5 - FEUCHE 2008-05-26 17:01:36.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.269 [GMT 2:00]
Endroit: C:\Documents and Settings\FEUCHE\Bureau\killbagleeeee.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-26 to 2008-05-26 ))))))))))))))))))))))))))))))))))))
.

2008-05-25 23:25 . 2008-03-27 18:26 15,024 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
2008-05-25 22:16 . 2008-05-25 22:16 <REP> d-------- C:\Program Files\Panda Security
2008-05-25 17:11 . 2008-05-25 17:11 <REP> d-------- C:\Documents and Settings\Invité
2008-05-25 16:46 . 2008-05-25 17:11 <REP> d----c--- C:\killBagle
2008-05-25 06:48 . 2008-05-25 06:48 <REP> d-------- C:\Program Files\Trend Micro
2008-05-05 22:45 . 2008-05-05 22:45 <REP> d-------- C:\Program Files\AusLogics Disk Defrag

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-25 23:03 --------- d-----w C:\Program Files\eMule
2008-05-25 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-05-25 01:51 --------- d-----w C:\Program Files\CleanUp!
2008-05-22 01:45 254,869 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-05-22 00:25 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\AdobeUM
2008-05-16 06:42 --------- d-----w C:\Program Files\Google
2008-05-15 21:57 --------- d-----w C:\Program Files\a-squared Free
2008-05-07 07:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 21:07 --------- d-----w C:\Program Files\SpywareBlaster
2008-04-21 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 12:19 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-21 12:13 --------- d-----w C:\Program Files\Java
2008-04-21 12:12 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-04-21 11:41 --------- d-----w C:\Program Files\Pidgin
2008-04-21 11:40 --------- d-----w C:\Program Files\IKEA HomePlanner
2008-04-21 11:40 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-21 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-20 17:45 --------- d-----w C:\Program Files\WM Recorder 10.2
2008-04-20 17:43 737,280 -c--a-w C:\WINDOWS\iun6002.exe
2008-04-16 23:05 --------- d-----w C:\Program Files\Apple Software Update
2008-04-12 21:27 --------- d-----w C:\Program Files\Windows Live
2008-04-11 23:38 --------- d-----w C:\Program Files\MSN Messenger
2008-04-11 23:32 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-11 23:27 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-09 07:13 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Canon
2008-04-01 17:09 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-28 11:07 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Apple Computer
2008-03-26 21:31 --------- d-----w C:\Program Files\Safari
2007-03-30 23:36 25,980,320 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-30 23:36 2,874,926 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2007-03-01 05:53 2,310 -c--a-w C:\Program Files\stefan.txt
2007-02-22 00:39 374 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb6334.dat
2007-02-21 19:13 538 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb8467.dat
2007-02-21 19:13 18,432 ----a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb41.dat
2007-02-18 18:15 7 -c--a-w C:\Program Files\nomutil.txt
2002-09-30 04:00 12,800 ----a-w C:\Documents and Settings\FEUCHE\cnmss Canon MP700 Printer (Copie 1) (Local).exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-25_17.10.19.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-25 15:00:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 15:06:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2007-08-09 18:31:05 3,653 -c--a-w C:\WINDOWS\mozver.dat
+ 2008-05-25 20:16:16 5,009 -c--a-w C:\WINDOWS\mozver.dat
+ 2008-05-15 23:24:43 1,152,888 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-05-15 23:12:36 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-05-15 23:13:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:16:06 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-05-15 23:18:33 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-05-15 23:15:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:20:32 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-05-15 23:14:11 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-05-26 15:07:10 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_134.dat
+ 2008-05-25 22:41:38 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_6a8.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14:36 14854144 C:\WINDOWS\RTHDCPL.exe]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 07:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 07:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"BTUSRBDG"="BtUsrBdg.exe" [2003-11-05 23:21 53248 C:\WINDOWS\system32\BtUsrBdg.exe]
"BTSETBOOTKEY"="BTSetBootKey.exe" [2003-04-15 11:48 36864 C:\WINDOWS\system32\BTSetBootKey.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^BJ Status Monitor Canon MP700 Printer (Copie 1).lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\BJ Status Monitor Canon MP700 Printer (Copie 1).lnk
backup=C:\WINDOWS\pss\BJ Status Monitor Canon MP700 Printer (Copie 1).lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AspireService]
--a------ 2006-06-09 12:24 110592 C:\Program Files\Acer\Acer eMode Management\AspireService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-13 16:57 5308416 C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-29 21:50 143360 C:\Program Files\Acer TV-FM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"=
"C:\\Program Files\\Acer TV-FM\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\TEMP\\CI_HITACHI\\MAJ_Hitachi.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 09:00]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2004-09-28 17:19]
R3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 12:31]
R3 sfr0901;SFR Connexion Adapter V9;C:\WINDOWS\system32\DRIVERS\sfr0901.sys [2007-11-08 20:29]
R3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [2005-04-13 18:02]
S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;C:\WINDOWS\system32\Drivers\athwpn.sys []
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 12:10]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 07:00]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-16 20:34:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-26 17:11:54
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-26 17:14:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-26 15:14:28
ComboFix2.txt 2008-05-25 15:11:37

Pre-Run: 1,330,221,056 octets libres
Post-Run: 1,368,776,704 octets libres

186 --- E O F --- 2008-05-16 22:02:09
0
Réponse 8 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
fais le message 11
0
feshnou92 Messages postés 263 Statut Membre 12
 
ok je te remerci, g remis avast vu que antivir m'a servi a rien

il me reste plus que l'etape del'analyse anti virus en ligne,executer , mrt m'a rien trouvé de malveillant et eliblaga nan plus..
Mon May 26 18:53:12 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Mon May 26 18:53:21 2008
EliBagle v11.41 (c)2008 S.G.H. / Satinfo S.L. (Modificado el 22 de Mayo del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 7266
Nº Total de Ficheros: 73188
Nº de Ficheros Analizados: 10541
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
0
feshnou92 Messages postés 263 Statut Membre 12
 
BitDefender Online Scanner





je passe a l'etape 8 maintenant ??





Rapport d'analyse généré à: Mon, May 26, 2008 - 19:37:19









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;















Statistiques

Temps


00:18:03

Fichiers


75638

Directoires


7569

Secteurs de boot


4

Archives


1366

Paquets programmes


5421







Résultats

Virus identifiés


3

Fichiers infectés


5

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


5







Info sur les moteurs

Définition virus


1240074

Version des moteurs


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins


16

Archive des plugins


42

Unpack des plugins


7

E-mail plugins


6

Système plugins


5







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\Documents and Settings\FEUCHE\Mes documents\Ma musique\HIP-HOP\FRENCH\Freko - Atk' lan Solo - 2003 !! ATK !! (Retail) By Ra2To\Freko - Atk' lan Solo - 2003\Freko\Tous Mes Albums Son La\Le Logiciel\Son Crack\CRACK\WhereIsIt.exe


Infecté par: Backdoor.Bot.15122

C:\Documents and Settings\FEUCHE\Mes documents\Ma musique\HIP-HOP\FRENCH\Freko - Atk' lan Solo - 2003 !! ATK !! (Retail) By Ra2To\Freko - Atk' lan Solo - 2003\Freko\Tous Mes Albums Son La\Le Logiciel\Son Crack\CRACK\WhereIsIt.exe


Supprimé

C:\Program Files\eMule\Incoming\Auto Maintenance Plus 6.2\Auto Maintenance Plus 6.2.exe


Infecté par: Trojan.Downloader.Bagle.IJ

C:\Program Files\eMule\Incoming\Auto Maintenance Plus 6.2\Auto Maintenance Plus 6.2.exe


Supprimé

C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe


Infecté par: Trojan.Generic.91432

C:\Program Files\Fichiers communs\GTK\2.0\uninst.exe


Supprimé

C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP4\A0000130.exe


Infecté par: Trojan.Downloader.Bagle.IJ

C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP4\A0000130.exe


Supprimé

C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP4\A0000131.exe


Infecté par: Trojan.Generic.91432

C:\System Volume Information\_restore{787DC6C3-51B9-452C-97E3-A31D31627396}\RP4\A0000131.exe


Supprimé



























ComboFix 08-05-24.1 - FEUCHE 2008-05-25 16:50:32.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.280 [GMT 2:00]
Endroit: C:\Documents and Settings\FEUCHE\Bureau\killBagle.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\FEUCHE\Application Data\m
C:\Documents and Settings\FEUCHE\Application Data\m\data.oct
C:\Documents and Settings\FEUCHE\Application Data\m\list.oct
C:\Documents and Settings\FEUCHE\Application Data\m\shared
C:\Documents and Settings\FEUCHE\Application Data\m\shared\2Aquarium_Real_Life_2_1.0_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\3D_Pond_screensaver_1.1_(Key+Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\3DLinX ActiveX Rendering Engine 1.6 sp2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AB-Edit 1.2.1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Abac Camera 1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AdminLnk_1.1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Alt_Clock_Synchronizer_1.5.016_[Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Antivirus.Nod32.-Xp.Y.Win.98-.Con.Cracks.-Ok-.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ArtCine_NFO_Creator_2.0.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AShop Deluxe 4.1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ASPThumb_1.30.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\AutoCAD_DXF_to_PDF_Converter_2006_3.223_[Patch].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Balder_Multiboot_2.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\BigMother 2.12 [Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Birds_of_the_Prairie_3D_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Call_RecordWare_pro_1.0.1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Chevrolet Camaro Screensaver 2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Chilkat_Crypt_.NET_7.8.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Client_Server_Security_for_SMB_3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Color Scheme Designer 1.0b.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Convert for .NET 2.5.2195.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Data_Conversion_Tool_1.0_Cracked.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Digital_DJ_Studio_4_4.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Doppelganger XP 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Easy HTML Autorun Builder 1.6.0 build 059.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyBMPtoAVI Movie Creator 0.55.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyCert 70-290 Exam Simulator 007.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EasyDesktop 8.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EF_Multi_File_Renamer_XP_1.10_(Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\eLearn.Fiat.Nouvo.Panda.Workshop.Manual.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ElectricBlue bluetooth stack 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\eMapZone 4.3.0.21.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EtherBoss_Monitor_(ICQ_Sniffer)_1.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EZ Scheduler 1.2a.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\EzSearch 3.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Fair Winds Screensaver 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Fast_Destination_Finder²_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Flamin_HTML_Builder_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\free live sport toolbar for IE 4.5.132.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GearVox_3.0.6.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GenoSwatch 2.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Gnutella Donkey 1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Gold Calculator Gold 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\GoToWebinar_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Helpart 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Helpinator Pro 1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\HTML_2_PHP_Convertor_4.0.0.807.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\HXTT Excel 1.0.003 (Crack).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\IndyCar_Racing_II_Windows_95.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\InnerSoft CAD for AutoCAD 2006 1.2b.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\InstallAware Setup Squeezer for MSI 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Jvw_Google_rank_and_pagerank_finder_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LangPad_-_Spanish_Characters.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Le_Lanceur_1.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LeadMan_2.3.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Light Web Searcher 1.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Thai 4.0.22.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2007 Polish - Chinese Mandarin Simplified 1.1.20.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Links_Organizer_2.1.157_(Cracked).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Magnificent_Moose_1.3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MainType_2.1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mask Surf Lite 2.2.3 (Patch).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mechanical_Clock_3D_Screensaver_1.0_build_5.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Medlin Budgeting 3.9.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MELMS_Pro_1.1_(With_Crack).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Microsoft Antigen for SMTP Gateways 9.1.1097.0 with Antigen Spam Manager 9.0 with SP 1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MicroSurfer Plus Edition 2.3.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MP3 Audio Batch Converter 3.00.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Multipanes_1.0_(Key+Serial).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Mundo 95cinco 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\MZKey 3 pre-release 1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\NCN Messenger 2.1.0218.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\nod32.2.70.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Object Spy 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\OfficeView_Pro_3.5_[Patch].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\OptimAccess_Dial_3.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PDF-File PDF Converter 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PE Reader 0.1.0.112 Beta.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Personal_Advisor_0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PhotoWarp 2.5.4.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Pic_Cutter_2.0_Key.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Picture_Doctor_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PostCast Server Free Edition 2.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Power Meter Plus 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PowerMapper 3.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Professor PageCraft 2.0.2009.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\PWF_NewsWire_2.1.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Qube_Desktop_Client_2.0.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Quick.Heal.Anti.Virus.v7.00.XGEN-FULL.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\QuikCalc_Mortgage_&_Loan_Manager_Personal_Edition_4.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Radiotracker_3.0.62.0_(Cracked).zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Resource_Builder_2.6.2.0_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SBHistogram_1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Script_Editor_2.1.12_KeyGen.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Sea_Survival_1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Secure2sign_2.5_Key+Serial.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Serp_EasySurf_1.1.6.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\seTimer 1.0.4.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SIGamp_Plug-In_for_Rhapsody_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Simple Calculator 1.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Simple Mortgage Calculator 1.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SkypeTransfer_1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\SpamBurner_1.67.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\StartupMonitor 1.0.50807.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\STGuru_Standard_Edition_2.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Sunflowers - Animated Screensaver 5.07.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Super DVD Copier 5.6.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Symantec.Antivirus.for.Handhelds.Corporate.Edition.v3.5.PalmOS.PPC.Retail-rGPDA.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\The Promise Of Ages 1.0.6.2634.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\ThumbaWumba_2.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\TimeTraker1 1.2.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Tom_Clancy's_Rainbow_Six_3_Raven_Shield_Closed_Security_Lodge_Map.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\TrafficTravis_2.0_[Key+Serial].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Validator 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Vcard_Studio_Express_1.0.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Vista_Navigation_Bar_1.0.0_[Cracked].zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Wings As Eagles 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Workspace_Macro_4.6.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\xCAT - Metro Reader 2.01.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\XK0-002_CompTIA_Linux+_8.05.05_Cracked.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\XMLPad_3.0.1.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\YahooSearch 2.0.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\shared\Yellow Buttercup Screensaver 1.0.zip
C:\Documents and Settings\FEUCHE\Application Data\m\srvlist.oct
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\100984.exe
C:\WINDOWS\system32\drivers\downld\102750.exe
C:\WINDOWS\system32\drivers\downld\105890.exe
C:\WINDOWS\system32\drivers\downld\106078.exe
C:\WINDOWS\system32\drivers\downld\111156.exe
C:\WINDOWS\system32\drivers\downld\114828.exe
C:\WINDOWS\system32\drivers\downld\120921.exe
C:\WINDOWS\system32\drivers\downld\121656.exe
C:\WINDOWS\system32\drivers\downld\124781.exe
C:\WINDOWS\system32\drivers\downld\127609.exe
C:\WINDOWS\system32\drivers\downld\129875.exe
C:\WINDOWS\system32\drivers\downld\131062.exe
C:\WINDOWS\system32\drivers\downld\133093.exe
C:\WINDOWS\system32\drivers\downld\138281.exe
C:\WINDOWS\system32\drivers\downld\139015.exe
C:\WINDOWS\system32\drivers\downld\143562.exe
C:\WINDOWS\system32\drivers\downld\143765.exe
C:\WINDOWS\system32\drivers\downld\148953.exe
C:\WINDOWS\system32\drivers\downld\155437.exe
C:\WINDOWS\system32\drivers\downld\156484.exe
C:\WINDOWS\system32\drivers\downld\158875.exe
C:\WINDOWS\system32\drivers\downld\173390.exe
C:\WINDOWS\system32\drivers\downld\176546.exe
C:\WINDOWS\system32\drivers\downld\179265.exe
C:\WINDOWS\system32\drivers\downld\1848312.exe
C:\WINDOWS\system32\drivers\downld\1865187.exe
C:\WINDOWS\system32\drivers\downld\1871187.exe
C:\WINDOWS\system32\drivers\downld\187890.exe
C:\WINDOWS\system32\drivers\downld\193640.exe
C:\WINDOWS\system32\drivers\downld\199156.exe
C:\WINDOWS\system32\drivers\downld\279312.exe
C:\WINDOWS\system32\drivers\downld\317343.exe
C:\WINDOWS\system32\drivers\downld\325781.exe
C:\WINDOWS\system32\drivers\downld\329015.exe
C:\WINDOWS\system32\drivers\downld\332390.exe
C:\WINDOWS\system32\drivers\downld\336703.exe
C:\WINDOWS\system32\drivers\downld\361796.exe
C:\WINDOWS\system32\drivers\downld\369250.exe
C:\WINDOWS\system32\drivers\downld\373468.exe
C:\WINDOWS\system32\drivers\downld\386546.exe
C:\WINDOWS\system32\drivers\downld\396453.exe
C:\WINDOWS\system32\drivers\downld\400734.exe
C:\WINDOWS\system32\drivers\downld\94093.exe
C:\WINDOWS\system32\drivers\downld\95562.exe
C:\WINDOWS\system32\drivers\downld\98531.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\UpMedia
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-25 to 2008-05-25 ))))))))))))))))))))))))))))))))))))
.

2008-05-25 06:50 . 2008-05-25 06:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-25 06:50 . 2008-05-25 06:50 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-25 06:48 . 2008-05-25 06:48 <REP> d-------- C:\Program Files\Trend Micro
2008-05-05 22:45 . 2008-05-05 22:45 <REP> d-------- C:\Program Files\AusLogics Disk Defrag
2008-05-05 13:45 . 2008-05-05 13:45 <REP> d-------- C:\Program Files\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-25 04:45 --------- d-----w C:\Program Files\eMule
2008-05-25 01:51 --------- d-----w C:\Program Files\CleanUp!
2008-05-22 01:45 254,869 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-05-22 00:25 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\AdobeUM
2008-05-16 06:42 --------- d-----w C:\Program Files\Google
2008-05-15 21:57 --------- d-----w C:\Program Files\a-squared Free
2008-05-07 07:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 21:07 --------- d-----w C:\Program Files\SpywareBlaster
2008-05-05 11:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-04-21 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 12:19 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-21 12:13 --------- d-----w C:\Program Files\Java
2008-04-21 12:12 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-04-21 11:41 --------- d-----w C:\Program Files\Pidgin
2008-04-21 11:40 --------- d-----w C:\Program Files\IKEA HomePlanner
2008-04-21 11:40 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-21 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-20 17:45 --------- d-----w C:\Program Files\WM Recorder 10.2
2008-04-20 17:43 737,280 -c--a-w C:\WINDOWS\iun6002.exe
2008-04-16 23:05 --------- d-----w C:\Program Files\Apple Software Update
2008-04-12 21:27 --------- d-----w C:\Program Files\Windows Live
2008-04-11 23:38 --------- d-----w C:\Program Files\MSN Messenger
2008-04-11 23:32 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-11 23:27 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-09 07:13 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Canon
2008-04-01 17:09 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-28 11:07 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Apple Computer
2008-03-26 21:31 --------- d-----w C:\Program Files\Safari
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-03-30 23:36 25,980,320 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-30 23:36 2,874,926 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2007-03-01 05:53 2,310 -c--a-w C:\Program Files\stefan.txt
2007-02-22 00:39 374 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb6334.dat
2007-02-21 19:13 538 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb8467.dat
2007-02-21 19:13 18,432 ----a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb41.dat
2007-02-18 18:15 7 -c--a-w C:\Program Files\nomutil.txt
2004-06-18 10:05 45,056 ----a-w C:\WINDOWS\inf\Slntinst.exe
2003-08-22 10:09 45,056 ----a-w C:\WINDOWS\inf\slntinst_staticW2k.exe
2002-09-30 04:00 12,800 ----a-w C:\Documents and Settings\FEUCHE\cnmss Canon MP700 Printer (Copie 1) (Local).exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14:36 14854144 C:\WINDOWS\RTHDCPL.exe]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 07:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 07:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"BTUSRBDG"="BtUsrBdg.exe" [2003-11-05 23:21 53248 C:\WINDOWS\system32\BtUsrBdg.exe]
"BTSETBOOTKEY"="BTSetBootKey.exe" [2003-04-15 11:48 36864 C:\WINDOWS\system32\BTSetBootKey.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-25 16:55 262401]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^BJ Status Monitor Canon MP700 Printer (Copie 1).lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\BJ Status Monitor Canon MP700 Printer (Copie 1).lnk
backup=C:\WINDOWS\pss\BJ Status Monitor Canon MP700 Printer (Copie 1).lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AspireService]
--a------ 2006-06-09 12:24 110592 C:\Program Files\Acer\Acer eMode Management\AspireService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-13 16:57 5308416 C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-29 21:50 143360 C:\Program Files\Acer TV-FM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"=
"C:\\Program Files\\Acer TV-FM\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\TEMP\\CI_HITACHI\\MAJ_Hitachi.exe"=
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 09:00]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 10:56]
R3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2004-09-28 17:19]
R3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [2003-03-18 12:31]
R3 sfr0901;SFR Connexion Adapter V9;C:\WINDOWS\system32\DRIVERS\sfr0901.sys [2007-11-08 20:29]
R3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [2005-04-13 18:02]
S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;C:\WINDOWS\system32\Drivers\athwpn.sys []
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 12:10]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 07:00]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]
S4 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 10:56]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-16 20:34:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-25 17:08:04
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\fxssvc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-25 17:11:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-25 15:11:27

Pre-Run: 493,162,496 octets libres
Post-Run: 509,136,896 octets libres

359 --- E O F --- 2008-05-16 22:02:09
0
Réponse 9 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire tous les cracks de ton ordi . Puis désactive la restauration , redémare et réactive la . Puis recolle un rapport bitdefender et combofix et hijackthis et dis tes soucis
0
Réponse 10 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire tous les cracks de ton ordi . Puis désactive la restauration , redémare et réactive la . Puis recolle un rapport bitdefender et combofix et hijackthis et dis tes soucis
0
feshnou92 Messages postés 263 Statut Membre 12
 
d'accord.. g fais analyse avast apparament ya rien de special


par contre je sais pas comment on vire les cracks je sais pas ce ke c'est k'un crack



merci à toi de m'avoir pris en charge
0
feshnou92 Messages postés 263 Statut Membre 12
 
d'accord.. g fais analyse avast apparament ya rien de special


par contre je sais pas comment on vire les cracks je sais meme pas ce ke c'est k'un crack



merci à toi de m'avoir pris en charge
0
Réponse 11 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
les cracks sont les fichier que tu as du télécharger sur émule. Ceux trouvés par bitdefender et ceux dans la partie suppression de combofix
0
feshnou92 Messages postés 263 Statut Membre 12
 
comment je supprime tout ça?
0
Réponse 12 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
bon c'est pas gagné

refais un rapport combofix et bitdefender en ligne pour verifier et recolle un rapport hijakckthis
0
feshnou92 Messages postés 263 Statut Membre 12
 
j'essai de pas perdre espoir mais bon...

j'ai localisé le fichier qui m'a tout chamboulé, c'était un document zip téléchargé sur emule qui se nommait "auto maintenance plus" ou quelqchse comme ça..
la premiere chose que j'ai faite c'est de le supprimer avant de venir sur ce forum.


voilà sinan hier j'ai recommencé toutes les étapes une par une et voici les rapports:






ComboFix 08-05-27.4 - FEUCHE 2008-05-28 21:31:11.3 - NTFSx86
Endroit: C:\Documents and Settings\FEUCHE\Bureau\kill92360.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))))))))
.

2008-05-28 21:28 . 2008-05-28 21:29 <REP> d----c--- C:\327882R2FWJFW
2008-05-28 21:28 . 2004-08-05 07:00 400,896 --a------ C:\WINDOWS\system32\CF8634.exe
2008-05-28 09:16 . 2008-05-28 09:16 <REP> d-------- C:\WINDOWS\LastGood
2008-05-27 02:48 . 2008-05-27 02:57 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-27 01:25 . 2008-05-27 01:25 <REP> d-------- C:\Program Files\BitDefender
2008-05-27 01:25 . 2008-05-27 01:25 <REP> d-------- C:\Documents and Settings\FEUCHE\Application Data\Bitdefender
2008-05-27 01:25 . 2008-05-27 01:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-05-27 01:24 . 2008-05-27 01:25 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-05-26 19:17 . 2008-05-26 19:37 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-05-25 23:25 . 2008-03-27 18:26 15,024 --a------ C:\WINDOWS\system32\drivers\RkPavProc.sys
2008-05-25 22:16 . 2008-05-27 01:12 <REP> d-------- C:\Program Files\Panda Security
2008-05-25 17:11 . 2008-05-25 17:11 <REP> d-------- C:\Documents and Settings\InvitÚ
2008-05-25 16:46 . 2008-05-25 17:11 <REP> d----c--- C:\killBagle
2008-05-25 06:48 . 2008-05-25 06:48 <REP> d-------- C:\Program Files\Trend Micro
2008-05-05 22:45 . 2008-05-05 22:45 <REP> d-------- C:\Program Files\AusLogics Disk Defrag

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 23:14 --------- d-----w C:\Program Files\WM Recorder 10.2
2008-05-26 23:09 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-05-26 19:05 --------- d-----w C:\Program Files\eMule
2008-05-25 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-05-25 01:51 --------- d-----w C:\Program Files\CleanUp!
2008-05-22 01:45 254,869 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-05-22 00:25 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\AdobeUM
2008-05-16 06:42 --------- d-----w C:\Program Files\Google
2008-05-15 21:57 --------- d-----w C:\Program Files\a-squared Free
2008-05-07 07:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-05 21:07 --------- d-----w C:\Program Files\SpywareBlaster
2008-04-21 12:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-21 12:19 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-04-21 12:13 --------- d-----w C:\Program Files\Java
2008-04-21 12:12 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-04-21 11:41 --------- d-----w C:\Program Files\Pidgin
2008-04-21 11:40 --------- d-----w C:\Program Files\IKEA HomePlanner
2008-04-21 11:40 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-04-21 11:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-20 17:43 737,280 -c--a-w C:\WINDOWS\iun6002.exe
2008-04-16 23:05 --------- d-----w C:\Program Files\Apple Software Update
2008-04-12 21:27 --------- d-----w C:\Program Files\Windows Live
2008-04-11 23:38 --------- d-----w C:\Program Files\MSN Messenger
2008-04-11 23:32 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-11 23:27 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-04-09 07:13 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Canon
2008-04-01 17:09 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-03-28 11:07 --------- d-----w C:\Documents and Settings\FEUCHE\Application Data\Apple Computer
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:28 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-03-30 23:36 25,980,320 -c--a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-03-30 23:36 2,874,926 -c--a-w C:\Program Files\FLV PlayerRCATSetup.exe
2007-03-01 05:53 2,310 -c--a-w C:\Program Files\stefan.txt
2007-02-22 00:39 374 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb6334.dat
2007-02-21 19:13 538 -c--a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb8467.dat
2007-02-21 19:13 18,432 ----a-w C:\Documents and Settings\FEUCHE\Application Data\internaldb41.dat
2007-02-18 18:15 7 -c--a-w C:\Program Files\nomutil.txt
2002-09-30 04:00 12,800 ----a-w C:\Documents and Settings\FEUCHE\cnmss Canon MP700 Printer (Copie 1) (Local).exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-25_17.10.19.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-26 17:17:31 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-05-26 17:17:31 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-05-26 17:17:31 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-05-26 17:17:33 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-05-26 17:17:33 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-05-26 17:17:31 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
- 2008-05-25 15:00:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-27 01:05:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
+ 2008-05-26 23:26:16 61,440 ----a-r C:\WINDOWS\Installer\{4A56DAB1-2680-4B8A-AD84-77EECFB94D7B}\helpicon.exe
+ 2008-05-26 23:26:16 32,768 ----a-r C:\WINDOWS\Installer\{4A56DAB1-2680-4B8A-AD84-77EECFB94D7B}\maintenance_icon.exe
+ 2008-05-26 23:26:16 22,486 ----a-r C:\WINDOWS\Installer\{4A56DAB1-2680-4B8A-AD84-77EECFB94D7B}\register_icon.exe
+ 2008-05-26 23:26:16 57,344 ----a-r C:\WINDOWS\Installer\{4A56DAB1-2680-4B8A-AD84-77EECFB94D7B}\texticon.exe
- 2007-08-09 18:31:05 3,653 -c--a-w C:\WINDOWS\mozver.dat
+ 2008-05-25 20:16:16 5,009 -c--a-w C:\WINDOWS\mozver.dat
+ 2008-05-15 23:24:43 1,152,888 ----a-w C:\WINDOWS\system32\aswBoot.exe
+ 2008-05-15 23:12:36 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
+ 2008-05-15 23:13:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
+ 2008-05-15 23:16:06 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys
+ 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
+ 2008-05-15 23:18:33 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
+ 2008-05-15 23:15:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
+ 2008-05-15 23:20:32 78,416 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys
+ 2008-05-15 23:14:11 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
+ 2008-01-07 15:41:34 196,368 ----a-w C:\WINDOWS\system32\drivers\bdfsfltr.sys
+ 2002-01-05 00:48:16 974,848 ----a-w C:\WINDOWS\system32\mfc70.dll
+ 2002-01-05 00:36:38 964,608 ----a-w C:\WINDOWS\system32\mfc70u.dll
- 2003-03-18 21:20:00 1,060,864 ----a-w C:\WINDOWS\system32\MFC71.dll
+ 2003-03-18 18:20:00 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
- 2006-02-22 09:19:46 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
+ 2003-03-18 18:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
+ 2002-01-05 00:38:38 54,784 ----a-w C:\WINDOWS\system32\msvci70.dll
+ 2002-01-05 00:40:20 487,424 ----a-w C:\WINDOWS\system32\msvcp70.dll
- 2003-03-18 21:14:52 499,712 ----a-r C:\WINDOWS\system32\msvcp71.dll
+ 2003-03-18 17:14:52 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
+ 2002-01-04 23:37:28 344,064 ----a-w C:\WINDOWS\system32\msvcr70.dll
- 2003-02-21 03:42:22 348,160 ----a-r C:\WINDOWS\system32\msvcr71.dll
+ 2003-02-21 01:42:22 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
+ 2007-11-27 14:46:24 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
+ 2007-01-31 11:50:32 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
+ 2008-05-27 01:06:41 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_3e8.dat
+ 2008-05-27 01:05:59 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_6a8.dat
- 2006-12-01 20:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 19:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
- 2006-12-01 20:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 19:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
- 2006-12-01 20:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 19:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 21:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 21:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 21:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 21:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 21:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 21:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 21:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 21:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 21:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 21:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 21:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14:36 14854144 C:\WINDOWS\RTHDCPL.exe]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 07:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 07:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 07:00 455168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-16 17:45 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"@"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer WLAN 11g USB Dongle.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk
backup=C:\WINDOWS\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^BJ Status Monitor Canon MP700 Printer (Copie 1).lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\BJ Status Monitor Canon MP700 Printer (Copie 1).lnk
backup=C:\WINDOWS\pss\BJ Status Monitor Canon MP700 Printer (Copie 1).lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^FEUCHE^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\FEUCHE\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AspireService]
--a------ 2006-06-09 12:24 110592 C:\Program Files\Acer\Acer eMode Management\AspireService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-13 16:57 5308416 C:\Program Files\eMule\emule.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-02-19 14:10 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2006-03-29 21:50 143360 C:\Program Files\Acer TV-FM\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-01 00:13 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"=
"C:\\Program Files\\Acer TV-FM\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\TEMP\\CI_HITACHI\\MAJ_Hitachi.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 m5287;m5287;C:\WINDOWS\system32\drivers\m5287.sys [2005-02-05 09:00]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 sfr0901;SFR Connexion Adapter V9;C:\WINDOWS\system32\DRIVERS\sfr0901.sys [2007-11-08 20:29]
S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;C:\WINDOWS\system32\Drivers\athwpn.sys []
S3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [2004-09-28 17:19]
S3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys []
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\DNINDIS5.SYS [2003-07-24 12:10]
S3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 07:00]
S3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys []
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\WINDOWS\system32\DRIVERS\WPN111.sys []
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 11:38]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

*Newly Created Service* - 0361A75D
*Newly Created Service* - 2161A75D
*Newly Created Service* - CATCHME
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-16 20:34:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-28 21:34:51
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-28 21:35:51
ComboFix-quarantined-files.txt 2008-05-28 19:35:42
ComboFix2.txt 2008-05-26 15:14:33
ComboFix3.txt 2008-05-25 15:11:37

Pre-Run: 1,150,726,144 octets libres
Post-Run: 1,195,606,016 octets libres

239 --- E O F --- 2008-05-16 22:02:09













Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:43, on 28/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\CF8634.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 13 / 15
feshnou92 Messages postés 263 Statut Membre 12
 
BitDefender Online Scanner - Rapport virus en temps réel

Généré à: Thu, May 29, 2008 - 03:00:23

Info d'analyse

Fichiers scannés

79489

Infectés Fichiers

0

Virus Détectés

Aucun virus trouvé.

Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
0
Réponse 14 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

________________
encore des soucis??
0
feshnou92 Messages postés 263 Statut Membre 12
 
MalwareByte's Anti-Malware m'a apparament rien trouvé. je pense donc que tout est ok

mon pc tourné au ralenti mais depuis que j'ai retiré bit defender tout est revenu normal..

j'aimerai juste un conseil pour bien protéger mon pc car antivir à pas servi agrand chose ce coup là



Merci pour tout

Stephan









Malwarebytes' Anti-Malware 1.12
Version de la base de données: 722

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 119027
Temps écoulé: 45 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 15 / 15
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
pour protéger gratos ton ordi

securite

mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions:

MALWAREBYTES + SPYBOT

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
zonealarm

-----------

CCLEANER pour effacer les traces de surf
------------
naviguer de preference avec firefox ou opera ou safari et non internet explorer
0