Sujet Précédent Sujet Suivant

Virus a l aide

Résolu
darking -  
g!rly Messages postés 18462 Statut Contributeur -
Bonjour,
j ai un virus dans mon ordi qui fait de l adv et il arete l antivirus et tu ne peux po acceder a l antivirus windows update et il creer des fichiers autorun dans les disques voila le raport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:09, on 20/06/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wauc11.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\1.pif
C:\Documents and Settings\abdou.66DBCB54CC874C4\Bureau\HiJackThis.exe
C:\Program Files\11.pif
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.ma/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Menara
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AdPopup - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Fichiers communs\CPUSH\cpush0.dll
O2 - BHO: (no name) - {1AB1F65A-964F-4AE7-B254-05146A0E602E} - C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: apzhctde.dll - {3D698451-2015-6358-9871-2015987452D3} - C:\WINDOWS\system32\apzhctde.dll
O2 - BHO: (no name) - {56F9B9E2-1152-4DB9-93BE-4F5E848C7E60} - C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: mnmhgsrv.dll - {7C8D1401-A58D-A81C-CD24-A5915C4517C7} - C:\WINDOWS\system32\mnmhgsrv.dll
O2 - BHO: (no name) - {A45B2C37-01D0-4D3E-BE5E-CC119B17BE9E} - C:\Program Files\Internet Explorer\IEXPLORE32.win
O2 - BHO: (no name) - {E6C0D0E3-9E9A-489D-AE19-BBCFC7047A59} - C:\Program Files\Internet Explorer\IEXPLORE32.Sys
O2 - BHO: (no name) - {EE12D60D-AD9A-4095-B839-3BE6862679FD} - C:\Program Files\Internet Explorer\IEXPLORE32.Dat
O4 - HKLM\..\Run: [LUOM] C:\WINDOWS\system32\DLD.exe
O4 - HKLM\..\Run: [IEXPLORER] C:\WINDOWS\system32\iexplorer.exe
O4 - HKLM\..\Run: [HBmhly] "C:\WINDOWS\system32\HBmhly.exe" -r
O4 - HKLM\..\Policies\Explorer\Run: [kcomd] kcomd32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ֪ʶ¿â - {06926B30-424E-4f1c-8EE3-543CD96573DC} - http://blank.la/?h (file missing)
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D83E4BF-EB70-4298-9417-4B502CE88283}: NameServer = 212.217.1.17 212.217.0.3
O20 - AppInit_DLLs: tuker.dll,ujkwet.dll,asefry.dll,sdvj.dll,asfhjy.dll,hjukrt.dll,dhdhvv.dll,asfjthj.dll,hmsdvf.dll,jrhhh.dll,sdrfh.dll,vhsdfg.dll,dger.dll,hjdrg.dll,kergt.dll,gfcfg.dll,reger.dll,hrergh.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gnfctt.dll,xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,ghkrg.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.dll,yukevg.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ektvm.dll,ghthhh.dll,yjrfe.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,rgghjj.dll,ghjkdr.dll,hfther.dll,
O21 - SSODL: cliconfgzx - {00050005-0005-0005-0005-00050005BB15} - C:\WINDOWS\system32\cliconfgzx.dll
O21 - SSODL: csrsrvmy - {00150015-0015-0015-0015-00150015BB15} - C:\WINDOWS\system32\csrsrvmy.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
A voir également:

26 réponses

Précédent
  • 1
  • 2
Réponse 21 / 26
ivhan18 Messages postés 6 Statut Membre 2
 
ok merci g!rly
0
Réponse 22 / 26
g!rly Messages postés 18462 Statut Contributeur 406
 
;-) c´est juste qu´avec darking on a pas terminé, loin de la...
0
darking
 
ComboFix 08-06-19.2 - delta force 2008-06-30 8:07:28.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1256.212.1036.18.124 [GMT 0:00]
Endroit: C:\Documents and Settings\abdou.66DBCB54CC874C4\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\Documents and Settings\All Users.WINDOWS\Application Data\microsoft\pctools
C:\Documents and Settings\All Users.WINDOWS\Application Data\microsoft\pctools\pctools.dll
C:\Program Files\Fichiers communs\cpush
C:\Program Files\Fichiers communs\cpush\cpush0.dll
C:\Program Files\Fichiers communs\cpush\Uninst.exe
C:\Program Files\Internet Explorer\IEXPLORE32.Dat
C:\Program Files\Internet Explorer\IEXPLORE32.jmp
C:\Program Files\Internet Explorer\IEXPLORE32.Sys
C:\Program Files\Internet Explorer\IEXPLORE32.win
C:\Program Files\Internet Explorer\PLUGINS\Windows64.Jmp
C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))))))))
.

2008-06-17 08:59 . 2008-06-17 08:59 <REP> d--h----- C:\WINDOWS\PIF
2008-06-17 08:41 . 2008-06-17 08:41 <REP> d-------- C:\scripts
2008-06-17 08:41 . 2008-06-17 20:21 1,470,464 --a------ C:\EMPIRES.EXE
2008-06-17 08:41 . 2008-06-17 20:21 53,256 --a------ C:\Age.dll
2008-06-17 08:11 . 2008-06-17 08:11 <REP> d-------- C:\games
2008-06-16 12:17 . 2008-06-16 12:17 <REP> d-------- C:\scripts2
2008-06-16 12:17 . 2008-06-16 12:17 1,503,232 --a------ C:\EMPIRESX.EXE
2008-06-16 12:17 . 2008-06-16 12:17 53,256 --a------ C:\uage.dll
2008-06-16 11:07 . 2008-06-16 11:07 <REP> d-------- C:\Program Files\uTorrent
2008-06-16 11:07 . 2008-06-17 09:36 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Application Data\uTorrent
2008-06-15 20:21 . 2002-06-19 21:01 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Application Data\MSNInstaller
2008-06-15 18:13 . 2008-06-15 18:13 <REP> d-------- C:\Program Files\HP
2008-06-15 18:13 . 2008-06-15 18:30 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-06-15 18:05 . 2008-06-15 18:05 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Application Data\Sierra
2008-06-15 18:00 . 2008-06-15 18:00 <REP> d-------- C:\Program Files\Sierra
2008-06-15 17:44 . 2008-06-15 17:44 <REP> d-------- C:\Program Files\Microsoft Games
2008-06-15 17:44 . 2008-06-15 17:44 <REP> d-------- C:\Program Files\directx
2008-06-15 17:43 . 2008-06-15 17:43 <REP> d-------- C:\Program Files\MSXML 4.0
2008-06-13 19:23 . 2008-06-13 19:23 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Application Data\Malwarebytes
2008-06-13 19:22 . 2008-06-13 19:23 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-11 23:00 . 2008-06-11 23:00 <REP> d---s---- C:\Documents and Settings\abdou.66DBCB54CC874C4\UserData
2008-06-11 18:32 . 2002-06-30 07:40 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS
2008-06-11 17:27 . 2008-06-11 18:34 <REP> d--h----- C:\Documents and Settings\abdou.66DBCB54CC874C4\Voisinage réseau
2008-06-11 17:27 . 2008-06-11 18:34 <REP> d--h----- C:\Documents and Settings\abdou.66DBCB54CC874C4\Voisinage d'impression
2008-06-11 17:27 . 2008-06-11 17:08 <REP> d--h----- C:\Documents and Settings\abdou.66DBCB54CC874C4\Modèles
2008-06-11 17:27 . 2008-06-16 12:08 <REP> dr------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Mes documents
2008-06-11 17:27 . 2008-06-16 11:07 <REP> dr------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Menu Démarrer
2008-06-11 17:27 . 2002-06-20 11:32 <REP> dr------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Favoris
2008-06-11 17:27 . 2008-06-30 08:10 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4\Bureau
2008-06-11 17:27 . 2002-06-19 16:46 <REP> d-------- C:\Documents and Settings\abdou.66DBCB54CC874C4
2008-06-11 17:25 . 2002-06-19 17:01 <REP> d--hs---- C:\Documents and Settings\NetworkService.AUTORITE NT
2008-06-11 17:25 . 2002-06-19 16:48 <REP> d--hs---- C:\Documents and Settings\LocalService.AUTORITE NT
2008-06-11 17:11 . 2004-08-19 16:09 32,768 --a--c--- C:\WINDOWS\system32\dllcache\icwdl.dll
2008-06-05 19:28 . 2008-06-05 19:28 <REP> d-------- C:\Program Files\MegauploadToolbar
2008-06-05 19:28 . 2008-06-10 10:35 <REP> d-------- C:\Documents and Settings\abdou\Application Data\MegauploadToolbar
2008-06-05 18:55 . 2008-06-16 12:21 <REP> d-------- C:\Age Of Empires II
2008-06-05 11:19 . 2008-06-11 18:15 <REP> d-------- C:\WINDOWS\NOWPA
2008-06-04 22:24 . 2008-06-04 22:24 <REP> d-------- C:\Program Files\Avira
2008-05-29 22:58 . 2008-05-29 22:58 <REP> d-------- C:\Documents and Settings\abdou\Application Data\Thinstall
2008-05-29 22:23 . 2008-05-29 22:23 <REP> d-------- C:\Nouveau dossier
2008-05-29 22:17 . 2008-05-29 22:17 <REP> dr-h----- C:\MSOCache
2008-05-29 22:05 . 2008-05-29 22:05 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-05-28 21:42 . 2008-05-28 21:42 <REP> d--hs---- C:\Documents and Settings\abdou\Phone Browser
2008-05-28 19:11 . 2008-05-28 19:11 <REP> d-------- C:\Program Files\Sodes
2008-05-28 13:56 . 2002-06-20 09:13 <REP> d-------- C:\Program Files\GameSpy Arcade
2008-05-27 22:32 . 2008-06-04 21:39 <REP> d-------- C:\Program Files\SweetIM
2008-05-25 10:24 . 2008-06-05 21:25 <REP> d-------- C:\download
2008-05-23 21:26 . 2008-05-23 21:26 <REP> d-------- C:\Program Files\Google Hacks
2008-05-22 22:17 . 2008-05-22 22:17 <REP> d-------- C:\Program Files\VirtualDJ
2008-05-22 21:55 . 2008-05-22 21:55 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-05-22 21:55 . 2008-05-22 21:59 <REP> d-------- C:\Program Files\Ahead
2008-05-22 20:04 . 2008-04-26 22:02 216 --a------ C:\BOOT.BXP
2008-05-22 20:02 . 2008-05-22 20:03 <REP> d-------- C:\Program Files\BootXP2
2008-05-21 21:59 . 2008-05-21 21:59 <REP> d-------- C:\Program Files\Stardock
2008-05-21 21:59 . 2008-05-21 21:59 <REP> d-------- C:\Program Files\Fichiers communs\Stardock
2008-05-21 16:10 . 2008-06-04 21:37 <REP> d-------- C:\Program Files\Opera
2008-05-21 15:59 . 2008-05-21 15:59 <REP> d-------- C:\Program Files\Orca
2008-05-18 13:39 . 2008-05-18 13:39 <REP> d-------- C:\Program Files\Common Files
2008-05-17 14:46 . 2008-05-17 14:46 <REP> d-------- C:\Program Files\HHD Software
2008-05-17 12:36 . 2008-06-08 19:48 <REP> d-------- C:\Documents and Settings\abdou\Contacts
2008-05-16 22:38 . 2008-05-18 13:33 <REP> d-------- C:\Program Files\Yahoo!
2008-05-16 22:37 . 2008-05-29 23:00 <REP> d-------- C:\Program Files\CCleaner
2008-05-16 21:41 . 2008-05-16 21:41 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-15 21:19 . 2008-06-11 18:16 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-05-14 18:57 . 2008-06-04 21:43 <REP> d-------- C:\Program Files\Windows Live
2008-05-14 18:57 . 2008-05-14 19:10 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-14 18:43 . 2008-05-14 18:43 <REP> d-------- C:\Program Files\SeePassword
2008-05-13 21:21 . 2008-05-28 21:59 <REP> d-------- C:\Vieux Jeux
2008-05-12 21:23 . 2008-05-12 21:24 <REP> d-------- C:\ae691789d81de24516f1baab57633d
2008-05-11 20:01 . 2008-05-11 20:01 <REP> d-------- C:\WINDOWS\Sun
2008-05-11 19:30 . 2008-05-11 19:32 <REP> d-------- C:\Program Files\Java
2008-05-11 19:22 . 2008-05-11 19:22 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-05-11 16:24 . 2008-05-11 16:24 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-05-11 16:19 . 2008-05-11 16:19 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-05-11 16:19 . 2008-06-11 18:16 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-11 15:27 . 2008-06-11 18:16 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-11 15:27 . 2008-06-11 18:16 <REP> d-------- C:\WINDOWS\system32\bits
2008-05-11 15:27 . 2008-06-11 18:15 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-11 15:05 . 2008-05-11 15:30 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-11 14:40 . 2008-05-11 14:40 <REP> d-------- C:\Program Files\32Vegas Casino
2008-05-11 12:50 . 2002-06-30 08:08 <REP> d-------- C:\WINDOWS\EHome
2008-05-10 19:50 . 2008-05-10 19:50 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-05-10 19:11 . 2008-05-11 20:53 <REP> d-------- C:\Program Files\QURAN_MASS
2008-05-09 21:32 . 2008-05-09 21:32 <REP> d-------- C:\Program Files\GIF Movie Gear
2008-05-09 20:19 . 2008-06-11 18:16 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-05-04 21:28 . 2008-05-28 14:04 <REP> d-------- C:\downloads
2008-05-04 21:21 . 2008-05-11 10:17 <REP> d-------- C:\Program Files\InstantGet
2008-05-03 20:06 . 2008-05-03 20:06 <REP> d-------- C:\Program Files\TechSmith
2008-05-03 20:01 . 2008-05-03 20:01 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-03 17:44 . 2008-05-10 22:50 <REP> d-------- C:\Program Files\123 Free Solitaire
2008-05-03 17:44 . 2008-05-03 17:56 <REP> d-------- C:\Documents and Settings\abdou\Application Data\123 Free Solitaire

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 18:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-15 17:59 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-06-15 13:28 81,920 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-06-11 19:50 --------- d-----w C:\Program Files\Menara
2008-06-08 16:19 27,364 --sha-w C:\MSMS.PIF
2008-05-29 07:35 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-05-23 16:21 81,920 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-05-18 19:40 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
2008-05-18 09:52 --------- d-----w C:\Program Files\7-Zip
2008-05-16 22:32 --------- d-----w C:\Program Files\NOD32view
2008-05-15 21:48 --------- d-----w C:\Program Files\Microsoft Works
2008-05-11 13:40 --------- d-----w C:\Program Files\Ares
2008-04-30 21:39 --------- d-----w C:\Documents and Settings\abdou\Application Data\PC Suite
2008-04-30 20:47 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-29 21:30 --------- d-----w C:\Program Files\DIFX
2008-04-29 21:30 --------- d-----w C:\Documents and Settings\abdou\Application Data\Nokia
2008-04-29 21:28 --------- d-----w C:\Program Files\Nokia
2008-04-29 21:28 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2008-04-29 21:28 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2008-04-29 21:27 --------- d-----w C:\Program Files\PC Connectivity Solution
2002-06-20 12:26 183,722 ----a-w C:\Program Files\10.pif
2002-06-20 12:25 132,195 ----a-w C:\Program Files\9.pif
2002-06-20 12:24 144,874 ----a-w C:\Program Files\4.pif
2002-06-20 11:53 24,634 ----a-w C:\Program Files\11.pif
2002-06-20 11:51 32,381 ----a-w C:\Program Files\1.pif
2002-06-20 11:51 27,219 ----a-w C:\Program Files\[u]0/u.pif
2002-06-20 11:51 24,576 ----a-w C:\Program Files\2.pif
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R3 cirrus;cirrus;C:\WINDOWS\system32\DRIVERS\cirrus.sys [2001-08-17 21:57]
R3 ess;Pilote audio ESS (WDM);C:\WINDOWS\system32\drivers\ess.sys [2001-08-17 20:19]

*Newly Created Service* - BROWSER
*Newly Created Service* - CATCHME
*Newly Created Service* - FASTUSERSWITCHINGCOMPATIBILITY
*Newly Created Service* - FLTMGR
*Newly Created Service* - HELPSVC
*Newly Created Service* - IMAPISERVICE
*Newly Created Service* - LANMANSERVER
*Newly Created Service* - MSISERVER
*Newly Created Service* - NDISUIO
*Newly Created Service* - POLICYAGENT
*Newly Created Service* - RASACD
*Newly Created Service* - RASMAN
*Newly Created Service* - RDPCDD
*Newly Created Service* - RDPNP
*Newly Created Service* - SCHEDULE
*Newly Created Service* - SENS
*Newly Created Service* - SHELLHWDETECTION
*Newly Created Service* - SR
*Newly Created Service* - SRSERVICE
*Newly Created Service* - SRV
*Newly Created Service* - SSDPSRV
*Newly Created Service* - TERMSERVICE
*Newly Created Service* - THEMES
*Newly Created Service* - WUAUSERV
*Newly Created Service* - WZCSVC
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 08:10:18
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-30 8:11:58
ComboFix-quarantined-files.txt 2008-06-30 08:11:53

Pre-Run: 26,794,217,472 octets libres
Post-Run: 26,917,048,320 octets libres

198

raport combo fix
0
Réponse 23 / 26
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Et pendant ce temps, d'autres attendent ;;)
http://www.commentcamarche.net/forum/affich 6991718 virus a l aide
0
Réponse 24 / 26
darking
 
en plus je suis desole pour le retard longue histoire bref j ai reinstalle win xp m ais le virus et en excution
0
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re

Faut bien se mettre dans la tête, le formatage n'enlève pas le virus
On nettoie d'abord et éventuellement on formate par la suite si nécessaire.

A+

Bon courage
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 26
~draking~ Messages postés 59 Statut Membre 8
 
je sais mais je n ai po formate j ai des information que je ne ve o perdre j ai reinstale
0
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Ré-installé, en effet, scouzzi -- zépareil ;;))

Bon courage

Tu es en bonne main

0
Réponse 26 / 26
g!rly Messages postés 18462 Statut Contributeur 406
 
draking,

j´ai vu que tu avais un autre topik, donc je ferme celui ci...
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
a quoi sert softonic ?
durup1928 -
jacklyn -

25 réponses