Pub : trop c'est trop - Page 2

Précédent
  • 1
  • 2
  1. manucool2 Messages postés 16 Statut Membre
     
    le voici ...

    ComboFix 08-08-21.02 - Propriétaire 2008-08-22 20:50:40.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.250 [GMT 2:00]
    Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\Downloaded Program Files\Temp
    C:\WINDOWS\smdat32m.sys
    C:\WINDOWS\system32\MSINET.oca
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-07-22 to 2008-08-22 ))))))))))))))))))))))))))))))))))))
    .

    2008-08-22 20:27 . 2008-08-22 20:27 <REP> d-------- C:\Program Files\Téléchargement PHOTOWAYS
    2008-08-22 14:22 . 2008-08-22 14:22 <REP> d-------- C:\WINDOWS\LastGood
    2008-08-20 21:08 . 2008-08-20 21:11 <REP> d-------- C:\Lop SD
    2008-08-19 12:26 . 2008-08-19 12:26 164 --a------ C:\install.dat
    2008-08-18 13:01 . 2008-08-18 13:01 <REP> d-------- C:\Program Files\MSXML 4.0
    2008-08-18 10:51 . 2008-08-18 10:51 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-18 10:51 . 2008-08-18 10:51 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-08-18 10:51 . 2008-08-18 10:51 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-08-18 10:51 . 2008-08-18 10:51 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-08-18 10:51 . 2008-08-18 10:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-18 10:51 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-08-18 10:51 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-16 08:21 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-08-16 08:20 . 2008-04-11 20:51 683,520 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-08-16 08:20 . 2008-05-01 16:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
    2008-08-15 09:45 . 2006-06-02 21:32 33,792 -----c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2008-08-15 09:41 . 2008-08-15 09:42 <REP> d-------- C:\71332eb2285d5109bfcb
    2008-08-14 13:29 . 2008-08-14 13:29 <REP> d-------- C:\WINDOWS\provisioning
    2008-08-14 13:27 . 2008-08-14 13:27 <REP> d-------- C:\WINDOWS\ServicePackFiles
    2008-08-14 13:19 . 2008-08-14 13:19 <REP> d-------- C:\WINDOWS\EHome
    2008-08-08 23:07 . 2008-08-18 10:34 <REP> d-------- C:\Program Files\Spyware Terminator
    2008-08-08 23:07 . 2008-08-18 10:34 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Spyware Terminator
    2008-08-08 23:07 . 2008-08-18 10:34 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Spyware Terminator
    2008-08-08 23:07 . 2008-08-18 10:34 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Spyware Terminator
    2008-08-08 23:07 . 2008-08-12 23:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
    2008-08-08 23:07 . 2008-08-08 23:07 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    2008-08-08 23:02 . 2008-08-08 23:02 <REP> d-------- C:\Program Files\ToniArts
    2008-08-07 21:59 . 2008-08-07 21:59 <REP> d-------- C:\Program Files\Candleworks
    2008-08-04 20:28 . 2008-08-08 08:16 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\U3
    2008-08-04 20:28 . 2008-08-08 08:16 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\U3
    2008-08-04 20:28 . 2008-08-08 08:16 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\U3
    2008-08-02 21:42 . 2004-08-04 07:41 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
    2008-08-02 21:39 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-08-22 18:28 --------- d---a-w C:\Program Files\Fichiers communs\Symantec Shared
    2008-08-21 18:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-08-20 18:22 --------- d-----w C:\Program Files\Navilog1
    2008-08-19 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-19 10:29 82,432 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
    2008-08-19 10:29 2,022,912 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
    2008-08-18 10:57 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-08-13 21:48 2,008,064 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
    2008-08-13 21:48 13,312 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
    2008-08-13 21:45 2,008,064 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
    2008-08-13 21:45 13,312 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
    2008-08-13 21:41 2,777,600 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
    2008-08-13 21:41 2,008,064 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2008-08-08 21:04 --------- d---a-w C:\Program Files\Norton AntiVirus
    2008-08-08 21:04 --------- d-----w C:\Program Files\emule
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Calendrier Xtra
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Calendrier Xtra
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Calendrier Xtra
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-08-08 21:04 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-08-04 19:09 --------- d-----w C:\Program Files\Mindscape
    2008-07-18 20:56 70,088 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
    2008-07-18 20:56 70,088 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
    2008-07-18 20:56 70,088 -c--a-w C:\Documents and Settings\Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 19:13 --------- d---a-w C:\Program Files\Java
    2008-07-16 21:01 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ZipGenius
    2008-07-16 21:01 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ZipGenius
    2008-07-16 21:01 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\ZipGenius
    2008-07-16 17:47 --------- d-----w C:\Program Files\Fnac
    2008-07-16 17:46 --------- d-----w C:\Program Files\Yahoo!
    2008-07-16 17:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\NewsLeecher
    2008-07-16 17:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\NewsLeecher
    2008-07-16 17:36 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\NewsLeecher
    2008-07-13 14:00 91,744 -c--a-w C:\WINDOWS\BPMNT.dll
    2008-07-13 14:00 71,749 -c--a-w C:\WINDOWS\HCExtOutput.dll
    2008-07-13 14:00 69,689 -c--a-w C:\WINDOWS\UNZIP.DLL
    2008-07-13 14:00 507,904 -c--a-w C:\WINDOWS\TMUPDATE.DLL
    2008-07-13 14:00 333,576 -c--a-w C:\WINDOWS\tsc.exe
    2008-07-13 14:00 286,720 -c--a-w C:\WINDOWS\PATCH.EXE
    2008-07-13 14:00 1,213,784 -c--a-w C:\WINDOWS\vsapi32.dll
    2008-07-12 18:59 --------- d-----w C:\Program Files\Common Files
    2008-07-12 18:45 --------- d-----w C:\Program Files\CCleaner
    2008-07-12 18:43 --------- d-----w C:\Program Files\Trend Micro
    2008-07-09 19:02 --------- d-----w C:\Program Files\PagesConso Toolbar
    2008-07-09 19:02 --------- d-----w C:\Program Files\mp3
    2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-07-03 20:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Grisoft
    2008-07-03 20:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Grisoft
    2008-07-03 20:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Grisoft
    2008-07-03 20:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
    2008-07-03 20:19 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0
    2008-07-03 20:19 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0
    2008-07-03 20:19 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\gtk-2.0
    2008-07-03 20:02 --------- d-----w C:\Program Files\Inkscape
    2008-07-03 19:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Inkscape
    2008-07-03 19:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Inkscape
    2008-07-03 19:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Inkscape
    2008-07-03 19:45 --------- d-----w C:\Program Files\PDF Editor Objects 2
    2008-07-03 19:41 74,752 ----a-w C:\WINDOWS\cadkasdeinst01e.exe
    2008-07-03 18:12 --------- d---a-w C:\Program Files\Fichiers communs\Adobe
    2008-06-30 12:09 --------- d-----w C:\Program Files\DM Softwares
    2008-06-30 11:22 --------- d-----w C:\Program Files\RegCleaner
    2008-06-30 11:16 165 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
    2008-06-30 09:10 --------- d-----w C:\Program Files\Executive Software
    2008-06-30 08:42 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Emjysoft
    2008-06-30 08:42 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Emjysoft
    2008-06-30 08:42 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Emjysoft
    2008-06-28 20:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic
    2008-06-27 20:44 364,565 ----a-w C:\Documents and Settings\Propriétaire\Application Data\mdbu.bin
    2008-06-27 20:44 364,565 ----a-w C:\Documents and Settings\Propriétaire\Application Data\mdbu.bin
    2008-06-27 20:44 364,565 ----a-w C:\Documents and Settings\Propriétaire\Application Data\mdbu.bin
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-23 15:40 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
    2004-08-19 21:05 61 -csh--w C:\WINDOWS\cnerolf.dat
    2005-01-14 19:21 21 -csh--w C:\WINDOWS\dpwtddxp.dll
    2005-01-01 21:55 14 -csh--w C:\WINDOWS\dpwtpdxp.dll
    2004-01-25 18:23 32 -csha-w C:\WINDOWS\{4D6F5508-DFB8-4576-92BC-B7D3B891AB89}.dat
    2003-01-01 19:32 32 -csha-w C:\WINDOWS\{5D266292-3C9C-4B24-908F-60F0EABB3CA7}.dat
    2005-01-01 21:55 21 -csh--w C:\WINDOWS\system32\dpwtdaxp.dll
    2005-01-01 21:55 14 -csh--w C:\WINDOWS\system32\dpwtpaxp.dll
    2005-03-28 09:22 10,022 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
    2005-01-14 19:21 12 -csh--w C:\WINDOWS\system32\spwtpaxp.dll
    2003-01-01 19:32 32 --sha-w C:\WINDOWS\system32\{341822E4-5E56-41AA-9824-4CA7B1C80AA1}.dat
    2004-01-25 18:23 32 -csha-w C:\WINDOWS\system32\{3D1DEF9E-123D-4CB3-B553-194218865DFF}.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
    "NVIEW"="nview.dll" [2003-05-03 07:19 835654 C:\WINDOWS\system32\nview.dll]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-05-03 07:19 4640768]
    "KBD"="C:\HP\KBD\KBD.EXE" [2003-02-12 04:02 61440]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 00:04 52736]
    "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-04-07 15:07 114688]
    "ccRegVfy"="c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" [2003-07-15 14:42 60344]
    "ccApp"="c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2003-07-15 14:36 54512]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-07-19 22:10 335872]
    "Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-09-22 21:22 714000]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-14 19:42 155648]
    "ATIModeChange"="Ati2mdxx.exe" [2001-09-05 08:24 28672 C:\WINDOWS\system32\Ati2mdxx.exe]
    "AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 04:35 50176 C:\WINDOWS\ALCXMNTR.EXE]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2004-08-24 12:22 263280]
    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 09:52 218232]

    C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
    mod_sm.lnk - C:\hp\bin\cloaker.exe [1999-11-07 15:11:14 27136]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=sockspy.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= l3codecp.acm
    "VIDC.NTN1"= NUVision.ax

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL 8.0 Icône AOL.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOL 8.0 Icône AOL.lnk
    backup=C:\WINDOWS\pss\AOL 8.0 Icône AOL.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Gestionnaire de APM.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Gestionnaire de APM.lnk
    backup=C:\WINDOWS\pss\Gestionnaire de APM.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Gestionnaire de lancement d'application fax.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Gestionnaire de lancement d'application fax.lnk
    backup=C:\WINDOWS\pss\Gestionnaire de lancement d'application fax.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
    backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinScheduler.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinScheduler.lnk
    backup=C:\WINDOWS\pss\InterVideo WinScheduler.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NkvMon.exe.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NkvMon.exe.lnk
    backup=C:\WINDOWS\pss\NkvMon.exe.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PyGrenouille.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\PyGrenouille.lnk
    backup=C:\WINDOWS\pss\PyGrenouille.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^ubisoft register.lnk]
    path=C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\ubisoft register.lnk
    backup=C:\WINDOWS\pss\ubisoft register.lnkStartup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
    C:\WINDOWS\system32\dumprep 0 -k [X]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
    C:\WINDOWS\system32\dumprep 0 -u [X]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
    --a------ 2007-06-11 11:25 6731312 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2008-06-12 02:38 34672 C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsWnd]
    --------- 2007-07-31 20:37 815104 C:\Program Files\Brownie\BrStsWnd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cld2000.exe]
    --a------ 2007-10-03 17:22 3080704 C:\Program Files\Calendrier\Cld2000.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Grenouille]
    --a------ 2001-06-10 11:32 557056 C:\Program Files\Grenouille.com\Grenouille\Grenouil.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Quick Launch]
    --a------ 2003-02-08 10:50 481264 C:\Program Files\Netscape\Netscape\Netscp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-08-20 01:09 1667584 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2006-07-29 20:34 5354792 C:\Program Files\MSN Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a--c--- 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2007-06-14 19:42 155648 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
    --a------ 2002-09-14 05:42 212992 C:\WINDOWS\SMINST\Recguard.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
    --a------ 2003-02-13 16:01 155648 C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
    --a------ 2005-01-05 14:57 95456 C:\PROGRA~1\SYMNET~1\SNDMon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    --a------ 2003-05-03 07:19 323584 C:\WINDOWS\system32\nwiz.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
    --a--c--- 2003-05-08 08:32 36864 C:\WINDOWS\system32\VTTimer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "G6FTPServer"=2 (0x2)
    "XCOMM"=2 (0x2)
    "bdss"=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=

    R2 RTETAPIService;RTE : Partage TAPI;c:\fotowin\RTETPISv.exe [2000-05-25 20:23]
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 07:58]
    S1 tvtool;tvtool;C:\Program Files\TVTool 9.6.1\tvtool.sys []
    S2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender Professional Edition\filespy.sys []
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 12:35]
    S3 NUVision;NUVision II Video Service;C:\WINDOWS\system32\DRIVERS\nuvvid2.sys [2001-10-28 23:34]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
    S4 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2006-04-11 21:19]

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

    2008-08-22 C:\WINDOWS\Tasks\Symantec NetDetect.job
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 12:22]
    .
    - - - - ORPHANS REMOVED - - - -

    ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)
    MSConfigStartUp-AltnetPointsManager - c:\program files\altnet\points manager\points manager.exe
    MSConfigStartUp-avgnt - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    MSConfigStartUp-BDNewsAgent - C:\Program Files\Softwin\BitDefender Professional Edition\bdnagent.exe
    MSConfigStartUp-ChrisTV Agent - C:\TV2\ChrisTV_Agent.exe
    MSConfigStartUp-DAEMON Tools-1033 - C:\D-Tools\daemon.exe
    MSConfigStartUp-fnacVOD - C:\Program Files\fnacVOD\fnacVOD.exe
    MSConfigStartUp-KAZAA - C:\Program Files\Kazaa\kazaa.exe
    MSConfigStartUp-NetAppel - C:\Program Files\NetAppel\NetAppel.exe
    MSConfigStartUp-New - C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL
    MSConfigStartUp-P2P Networking - C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
    MSConfigStartUp-RealTray - C:\Program Files\Real\RealPlayer\RealPlay.exe
    MSConfigStartUp-Skype - C:\Skype\Phone\Skype.exe
    MSConfigStartUp-Snappy Fax - C:\Program Files\Snappy Fax Version 4\sf4.exe
    MSConfigStartUp-TkBellExe - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    MSConfigStartUp-TomTomHOME - C:\Program Files\TomTom HOME 2\HOMERunner.exe
    MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe
    MSConfigStartUp-WINSOS VERIFY - C:\Program Files\Winsos\WINSOS.EXE

    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\yeyytcji.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npaudio.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npavi32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPBeatSP.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npdrmv2.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npdsplay.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPJava11.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPJava12.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPJava13.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPJava32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPJPI141_02.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPMetaStream3.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npnul32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPOJI610.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\nppdf32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin2.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin3.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin4.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin5.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin6.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npqtplugin7.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPSVG3.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\NPSWF32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npvcal32.dll
    FF -: plugin - C:\PROGRA~1\Netscape\COMMUN~1\Program\Plugins\npwmsdrm.dll
    FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
    FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
    FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPNd2fn.dll
    FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-08-22 20:54:05
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\sockspy.dll

    PROCESS: C:\WINDOWS\system32\lsass.exe
    -> C:\WINDOWS\system32\sockspy.dll
    .
    Temps d'accomplissement: 2008-08-22 20:56:35
    ComboFix-quarantined-files.txt 2008-08-22 18:56:04

    Pre-Run: 17,934,839,808 octets libres
    Post-Run: 17,937,108,992 octets libres

    346 --- E O F --- 2008-08-18 11:05:50
    0
  2. E..T Messages postés 6565 Statut Contributeur 437
     
    Bonsoir,
    Poste un rapport hijackthis.
    ++
    0
  3. manucool2 Messages postés 16 Statut Membre
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:32, on 2008-08-22
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    c:\Program Files\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Norton Personal Firewall\NISUM.EXE
    c:\fotowin\RTETPISv.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\HP\KBD\KBD.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.hpe.com/h41271/404D.aspx?cc=us&ll=en&url=http://domainredirects.ext.hpe.com/qfr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.boursorama.com/"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\ic10xhhw.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\ic10xhhw.slt\prefs.js)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .vcs: C:\PROGRA~1\Netscape\COMMUN~1\Program\PLUGINS\npvcal32.dll
    O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
    O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/024ab0f3e7c9b9e6ee16/netzip/RdxIE601_fr.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} - http://www.pixdiscount.fr/clients/ImageUploader3.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: RTE : Partage TAPI (RTETAPIService) - RTE Software - c:\fotowin\RTETPISv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  4. varfendell Messages postés 3259 Date d'inscription   Statut Membre Dernière intervention   707
     
    et bien ton rapport est clean, tu ne devrait plus avoir de problemes ^^

    nettoie un petit coup ton ordi et c'est bon:

    télécharge ccleaner (tutoriel ici par VIRUS_KILLER ou en voici un autre)
    passe un bon coup de balais sur ton ordi:
    -effectue plusieurs fois le nettoyage avec le nettoyeur
    -idem avec la fonction registre
    -supprime les programmes au démarrage qui sont inutile.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. E..T Messages postés 6565 Statut Contributeur 437
     
    Bonsoir,

    Connais tu ceci >> c:\fotowin\RTETPISv.exe ??

    Met à jour internet explorer
    >> https://support.microsoft.com/fr-fr/allproducts
    Pourquoi le laisser à jour >> [https://forum.malekal.com/viewtopic.php?f=45&t=12405&p=95936#p95936 ICI

    Vérifie JAVA >> ICI c'est une chose importante aussi.
    Installe la dernière version de adobe >> Ici

    Une foi que les nouvelles versions sont installées virent les anciennes.

    Ensuite tu vas fixer ces lignes avec hijackthis, comme suit
    Tu réouvres hijack
    Tu refais un scan en choisissant >> Do a system scan and loge and file
    Et après tu verras une option Fix checked coche la ligne et valides. Seulement celles la.

    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/024ab0f3e7c9b9e6ee16/netzip/RdxIE601_fr.cab

    Redémarre un coup ton pc et dis nous comment il se comporte ?

    Et poste un dernier rapport hijackthis.

    @++
    0
  7. manucool2 Messages postés 16 Statut Membre
     
    RAS

    voici le rapport
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:26, on 2008-08-23
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\HP\KBD\KBD.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    c:\Program Files\Norton AntiVirus\navapsvc.exe
    c:\Program Files\Norton Personal Firewall\NISUM.EXE
    c:\fotowin\RTETPISv.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qfr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qfr9.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    N3 - Netscape 7: user_pref("browser.startup.homepage", "https://www.boursorama.com/"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\ic10xhhw.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\PROPRIÉTAIRE\Application Data\Mozilla\Profiles\default\ic10xhhw.slt\prefs.js)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O12 - Plugin for .vcs: C:\PROGRA~1\Netscape\COMMUN~1\Program\PLUGINS\npvcal32.dll
    O12 - Plugin for .wmv: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
    O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - https://support.norton.com/sp/en/us/home/current/info
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
    O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} - http://www.pixdiscount.fr/clients/ImageUploader3.cab
    O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: RTE : Partage TAPI (RTETAPIService) - RTE Software - c:\fotowin\RTETPISv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  8. E..T Messages postés 6565 Statut Contributeur 437
     
    Bonjour

    Message25 >> Connais tu ceci >> c:\fotowin\RTETPISv.exe ??

    Met à jour internet explorer
    >> https://support.microsoft.com/fr-fr/allproducts
    Pourquoi le laisser à jour >> ICI


    Vérifie JAVA >> ICI c'est une chose importante aussi.
    Installe la dernière version de adobe >> Ici

    Une foi que les nouvelles versions sont installées virent les anciennes.

    Tu ne l'as pas fait ? pourquoi ? Il faut le faire c'est important!

    +++
    0
  9. Utilisateur anonyme
     
    Salut ,
    De passage ,

    Dans le rapport Combofix :
    
    2004-08-19 21:05 61 -csh--w C:\WINDOWS\cnerolf.dat
    2005-01-14 19:21 21 -csh--w C:\WINDOWS\dpwtddxp.dll
    2005-01-01 21:55 14 -csh--w C:\WINDOWS\dpwtpdxp.dll
    2004-01-25 18:23 32 -csha-w C:\WINDOWS\{4D6F5508-DFB8-4576-92BC-B7D3B891AB89}.dat
    2003-01-01 19:32 32 -csha-w C:\WINDOWS\{5D266292-3C9C-4B24-908F-60F0EABB3CA7}.dat
    2005-01-01 21:55 21 -csh--w C:\WINDOWS\system32\dpwtdaxp.dll
    2005-01-01 21:55 14 -csh--w C:\WINDOWS\system32\dpwtpaxp.dll
    2005-01-14 19:21 12 -csh--w C:\WINDOWS\system32\spwtpaxp.dll
    2003-01-01 19:32 32 --sha-w C:\WINDOWS\system32\{341822E4-5E56-41AA-9824-4CA7B1C80AA1}.dat
    2004-01-25 18:23 32 -csha-w C:\WINDOWS\system32\{3D1DEF9E-123D-4CB3-B553-194218865DFF}.dat 

    Faudrait s'y intéresser.

    ++
    0
  10. E..T Messages postés 6565 Statut Contributeur 437
     
    Bonsoir

    Analyses ces fichiers sur Virus total :
    https://www.virustotal.com/gui/

    C:\WINDOWS\cnerolf.dat
    C:\WINDOWS\dpwtddxp.dll
    C:\WINDOWS\dpwtpdxp.dll
    C:\WINDOWS\{4D6F5508-DFB8-4576-92BC-B7D3B891AB89}.dat
    C:\WINDOWS\{5D266292-3C9C-4B24-908F-60F0EABB3CA7}.dat
    C:\WINDOWS\system32\dpwtdaxp.dll
    C:\WINDOWS\system32\dpwtpaxp.dll
    C:\WINDOWS\system32\spwtpaxp.dll
    C:\WINDOWS\system32\{341822E4-5E56-41AA-9824-4CA7B1C80AA1}.d­­at
    C:\WINDOWS\system32\{3D1DEF9E-123D-4CB3-B553-194218865DFF}.d­­at

    Envoi les rapports.

    ++
    0
Précédent
  • 1
  • 2