Sujet Précédent Sujet Suivant

Analyse Rapport Hijackthis SVP

Fermé
Profil bloqué - 23 sept. 2008 à 11:16
 Profil bloqué - 24 sept. 2008 à 17:46
Bonjour, pouvez vous analysez mon rapport hijackthis s.v.p car à chaque fois que je quitte Windows j'ai un son d' erreur mais aucun message...

Rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:50, on 23/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:

10 réponses

Réponse 1 / 10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 sept. 2008 à 11:58
slt le rapport est clean

as tu mis un nouveau logiciel ou materiel? si oui cela vient peut etre de là



sinon scan avec antivir et vois si tu es infecté et colle nous le rapport
-1
Réponse 2 / 10
Profil bloqué
23 sept. 2008 à 18:48
Voilà le rapport antivir :



Avira AntiVir Personal
Report file date: mardi 23 septembre 2008 18:23

Scanning for 1631183 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: VALOU-0504A5DF2

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 17:06:28
ANTIVIR3.VDF : 7.0.6.195 278016 Bytes 22/09/2008 17:06:11
Engineversion : 8.1.1.34
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.76 319867 Bytes 18/09/2008 17:06:38
AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49
AERDL.DLL : 8.1.1.2 438644 Bytes 18/09/2008 17:06:36
AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35
AEOFFICE.DLL : 8.1.0.25 196986 Bytes 18/09/2008 17:06:34
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 18/09/2008 17:06:32
AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48
AEGEN.DLL : 8.1.0.36 315764 Bytes 13/09/2008 17:06:33
AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21
AECORE.DLL : 8.1.1.11 172406 Bytes 13/09/2008 17:06:32
AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 13/09/2008 17:06:30
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 23 septembre 2008 18:23

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'NMSAccessU.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'ATKKBService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'SmartDoctor.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'SixEngine.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
36 processes with 36 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '54' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!


End of the scan: mardi 23 septembre 2008 18:43
Used time: 19:44 Minute(s)

The scan has been done completely.

3156 Scanning directories
163519 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
163517 Files not concerned
1548 Archives were scanned
2 Warnings
0 Notes
-1
Réponse 3 / 10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 sept. 2008 à 18:54
télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.


déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
-1
Réponse 4 / 10
Profil bloqué
23 sept. 2008 à 20:56
Voici le rapport de ComboFix :

ComboFix 08-09-22.03 - Azzano 2008-09-23 20:53:57.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1627 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Azzano\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-23 au 2008-09-23 ))))))))))))))))))))))))))))))))))))
.

2008-09-23 19:07 . 2008-09-23 19:07 <REP> d-------- C:\CrashRpt
2008-09-23 19:07 . 2008-09-23 19:07 <REP> d-------- C:\CrashReport
2008-09-23 18:49 . 2008-09-23 20:48 <REP> d-------- C:\Program Files\Runes of Magic
2008-09-23 11:14 . 2008-09-23 11:14 <REP> d-------- C:\Program Files\Trend Micro
2008-09-22 19:10 . 2008-09-22 19:10 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\YuLeech
2008-09-21 15:04 . 2008-09-21 15:04 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-09-21 14:01 . 2008-09-21 14:01 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-09-20 19:03 . 2008-09-20 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
2008-09-20 18:30 . 2008-09-20 18:30 <REP> d-------- C:\Program Files\Microsoft Games
2008-09-20 18:29 . 2008-09-20 18:29 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-09-20 18:27 . 2008-09-20 18:27 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\DAEMON Tools
2008-09-20 18:27 . 2008-09-20 18:27 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-09-20 16:40 . 2008-09-20 16:40 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\Auslogics
2008-09-20 00:07 . 2008-09-20 00:07 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-09-19 21:47 . 2008-09-19 21:47 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-09-19 21:47 . 2008-09-19 21:47 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-09-19 21:46 . 2008-09-19 21:46 <REP> d-------- C:\WINDOWS\system32\Futuremark
2008-09-19 21:46 . 2004-10-25 20:02 21,664 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2008-09-19 21:46 . 1999-11-02 10:01 6,173 --a------ C:\WINDOWS\system32\drivers\Entech.vxd
2008-09-19 21:46 . 2004-06-22 15:44 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2008-09-19 21:46 . 2001-11-19 19:05 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys
2008-09-19 19:39 . 2008-09-19 19:39 <REP> d-------- C:\Program Files\MSECache
2008-09-19 11:45 . 2008-09-19 11:45 <REP> d-------- C:\Program Files\MSXML 4.0
2008-09-18 23:30 . 2008-09-18 23:30 <REP> d-------- C:\Program Files\Common Files
2008-09-18 23:29 . 2003-07-20 20:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-09-18 23:29 . 2005-01-04 11:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-09-18 21:09 . 2008-09-18 21:09 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\Samsung
2008-09-18 21:04 . 2008-09-18 21:04 <REP> d-------- C:\Program Files\Samsung
2008-09-18 18:54 . 2008-04-13 20:45 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-09-18 11:17 . 2008-09-18 11:20 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-09-15 23:28 . 2008-09-20 15:46 <REP> d-------- C:\Program Files\CDBurnerXP
2008-09-15 23:15 . 2008-09-15 23:15 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\Canneverbe_Limited
2008-09-15 19:23 . 2008-09-21 14:03 <REP> d-------- C:\Program Files\GUILD WARS
2008-09-14 23:46 . 2008-09-14 23:46 <REP> d-------- C:\WINDOWS\Sun
2008-09-14 13:38 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-14 13:38 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-14 13:37 . 2008-09-14 13:37 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-09-14 12:33 . 2008-09-14 13:41 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\AdobeUM
2008-09-14 12:04 . 2008-09-14 12:03 12,288 --a------ C:\WINDOWS\system32\drivers\EIO64_xp.sys
2008-09-14 00:18 . 2008-09-14 00:18 <REP> d-------- C:\Program Files\DirectX
2008-09-14 00:08 . 2008-09-14 00:08 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-09-13 22:36 . 2008-04-13 20:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-09-13 22:36 . 2008-04-13 20:45 60,032 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2008-09-13 22:33 . 2005-06-08 16:45 86,016 --a------ C:\WINDOWS\system32\vatee.ax
2008-09-13 22:32 . 2008-09-13 22:32 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-09-13 22:32 . 2005-05-27 11:23 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2008-09-13 22:32 . 2005-05-27 11:32 1,317,152 --a------ C:\WINDOWS\system32\drivers\lvcm.sys
2008-09-13 22:32 . 2005-05-27 11:36 372,736 --a------ C:\WINDOWS\system32\LVUI2RC.dll
2008-09-13 22:32 . 2005-05-27 11:29 204,800 --a------ C:\WINDOWS\system32\LVUI2.dll
2008-09-13 22:32 . 2005-05-27 11:26 204,800 --a------ C:\WINDOWS\system32\lvcodec2.dll
2008-09-13 22:32 . 2005-05-27 11:19 106,496 --a------ C:\WINDOWS\system32\lvcoinst.dll
2008-09-13 22:32 . 2005-07-19 17:31 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2008-09-13 22:32 . 2005-05-27 11:31 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-09-13 22:32 . 2005-05-27 11:10 9,255 --a------ C:\WINDOWS\system32\lvcoinst.ini
2008-09-13 22:31 . 1998-11-13 14:16 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2008-09-13 22:31 . 2008-09-13 22:31 264 --a------ C:\WINDOWS\_delis32.ini
2008-09-13 22:27 . 2008-09-13 22:27 <REP> d-------- C:\WINDOWS\system32\AGEIA
2008-09-13 22:27 . 2008-09-13 22:28 <REP> d-------- C:\WINDOWS\NV16922832.TMP
2008-09-13 22:27 . 2008-09-13 22:27 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-13 22:27 . 2008-09-13 22:27 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-09-13 22:12 . 2008-09-20 16:48 <REP> d-------- C:\Program Files\LimeWire
2008-09-13 22:02 . 2008-09-20 16:49 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\LimeWire
2008-09-13 21:54 . 2008-09-13 21:54 <REP> d-------- C:\Program Files\Lavalys
2008-09-13 21:32 . 2008-09-20 16:47 <REP> d-------- C:\Program Files\eMule
2008-09-13 21:29 . 2008-09-13 21:35 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-13 21:29 . 2008-09-23 18:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-13 21:27 . 2008-09-21 18:17 <REP> d-------- C:\Documents and Settings\Azzano\Contacts
2008-09-13 21:26 . 2008-09-13 21:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-13 21:25 . 2008-09-23 18:31 <REP> d-------- C:\Downloads
2008-09-13 21:25 . 2008-09-13 21:25 268 --ah----- C:\sqmdata01.sqm
2008-09-13 21:25 . 2008-09-13 21:25 244 --ah----- C:\sqmnoopt01.sqm
2008-09-13 21:24 . 2008-09-13 21:24 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-09-13 21:24 . 2008-09-13 21:24 268 --ah----- C:\sqmdata00.sqm
2008-09-13 21:24 . 2008-09-13 21:24 244 --ah----- C:\sqmnoopt00.sqm
2008-09-13 20:50 . 2008-09-13 20:54 <REP> d-------- C:\Program Files\Windows Live
2008-09-13 20:50 . 2008-09-18 21:05 <REP> d-------- C:\Program Files\Free Download Manager
2008-09-13 20:50 . 2008-09-13 20:52 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-09-13 20:50 . 2008-09-23 19:44 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\Free Download Manager
2008-09-13 20:50 . 2008-09-13 20:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-13 20:50 . 2008-09-13 20:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-09-13 20:38 . 2008-09-13 20:39 <REP> d-------- C:\WINDOWS\NV36643548.TMP
2008-09-13 20:38 . 2008-08-02 12:20 198,941 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-09-13 20:37 . 2008-09-13 22:40 <REP> d-------- C:\Program Files\uTorrent
2008-09-13 20:37 . 2008-09-13 20:37 <REP> d-------- C:\NVIDIA
2008-09-13 20:37 . 2008-09-23 20:34 <REP> d-------- C:\Documents and Settings\Azzano\Application Data\uTorrent
2008-09-13 20:31 . 2008-09-13 20:31 <REP> d-------- C:\Program Files\AusLogics Disk Defrag
2008-09-13 20:28 . 2008-09-13 20:28 <REP> d-------- C:\Program Files\Microsoft IntelliPoint
2008-09-13 20:28 . 2008-06-10 13:04 31,048 --a------ C:\WINDOWS\system32\drivers\point32.sys
2008-09-13 20:26 . 2008-09-13 20:26 <REP> d-------- C:\Program Files\ma-config.com
2008-09-13 20:26 . 2008-09-13 20:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-09-13 20:11 . 2008-09-13 20:11 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-09-13 20:10 . 2008-09-13 23:23 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-09-13 20:10 . 2008-09-13 20:11 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-09-13 20:04 . 2008-04-14 04:33 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-09-13 20:04 . 2001-08-17 23:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-09-13 20:03 . 2008-04-14 03:57 58,752 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-09-13 20:03 . 2001-08-17 23:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d--h----- C:\Documents and Settings\Default User\Voisinage r‚seau
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d--h----- C:\Documents and Settings\Default User\Voisinage d'impression
2008-09-13 20:01 . 2008-09-13 18:06 <REP> d--h----- C:\Documents and Settings\Default User\ModŠles
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d-------- C:\Documents and Settings\Default User\Mes documents
2008-09-13 20:01 . 2008-09-13 20:01 <REP> dr------- C:\Documents and Settings\Default User\Menu D‚marrer
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d-------- C:\Documents and Settings\Default User\Favoris
2008-09-13 20:01 . 2008-09-13 18:17 <REP> d-------- C:\Documents and Settings\Default User\Bureau
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d--h----- C:\Documents and Settings\All Users\ModŠles
2008-09-13 20:01 . 2008-09-15 19:23 <REP> dr------- C:\Documents and Settings\All Users\Menu D‚marrer
2008-09-13 20:01 . 2008-09-13 20:01 <REP> d-------- C:\Documents and Settings\All Users\Favoris
2008-09-13 20:01 . 2008-09-13 18:21 <REP> dr------- C:\Documents and Settings\All Users\Documents
2008-09-13 20:01 . 2008-09-21 10:44 <REP> d-------- C:\Documents and Settings\All Users\Bureau
2008-09-13 20:01 . 2004-08-10 21:00 176,157 --a--c--- C:\WINDOWS\system32\dllcache\dgrpsetu.dll
2008-09-13 20:00 . 2005-07-26 07:06 33,676 -ra------ C:\WINDOWS\SET34.tmp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-23 16:49 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin
2008-09-20 17:15 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-13 18:02 9,388 ----a-w C:\WINDOWS\system32\drivers\iaStor.PNF
2008-09-13 18:02 7,280 ----a-w C:\WINDOWS\system32\drivers\viamraid.PNF
2008-09-13 18:02 63,240 ----a-w C:\WINDOWS\system32\drivers\Si3112r.PNF
2008-09-13 18:02 6,984 ----a-w C:\WINDOWS\system32\drivers\SiSRaid.PNF
2008-09-13 18:02 20,152 ----a-w C:\WINDOWS\system32\drivers\INFCACHE.1
2008-09-13 18:02 12,432 ----a-w C:\WINDOWS\system32\drivers\adpu320.PNF
2008-09-13 18:02 12,204 ----a-w C:\WINDOWS\system32\drivers\nvraid.PNF
2008-09-13 18:02 10,828 ----a-w C:\WINDOWS\system32\drivers\iaAHCI.PNF
2008-09-13 17:44 --------- d-----w C:\Program Files\ASUS
2008-09-13 17:24 --------- d-----w C:\Program Files\CCleaner
2008-09-13 17:05 --------- d-----w C:\Program Files\Avira
2008-09-13 17:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-13 17:03 --------- d-----w C:\Program Files\Java
2008-09-13 16:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-13 16:45 --------- d-----w C:\Program Files\Marvell
2008-09-13 16:43 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-09-13 16:43 --------- d-----w C:\Program Files\Realtek
2008-09-13 16:31 --------- d-----w C:\Program Files\Intel
2008-09-13 16:18 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-13 16:16 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-09-13 16:11 --------- d-----w C:\Program Files\Services en ligne
2008-09-13 16:08 --------- d-----w C:\Program Files\Windows Plus
2008-08-01 09:05 70,936 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
2008-07-29 16:05 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-07-25 08:34 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-07-25 08:34 683,520 ----a-w C:\WINDOWS\system32\divx.dll
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll
2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2006-06-24 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
.

((((((((((((((((((((((((((((( snapshot@2008-09-23_20.51.26.98 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-23 07:27:49 62,480 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-09-23 18:54:20 62,480 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-09-23 07:27:49 75,506 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-09-23 18:54:20 75,506 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-09-23 07:27:49 401,200 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-23 18:54:20 401,200 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-09-23 07:27:49 468,490 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-09-23 18:54:20 468,490 ----a-w C:\WINDOWS\system32\perfh00C.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"ASUS SmartDoctor"="C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe" [2008-07-09 1150976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 64512]
"Six Engine"="C:\Program Files\ASUS\Six Engine\SixEngine.exe" [2008-06-03 5964800]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-08-02 13570048]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-08-02 86016]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 221184]
"nwiz"="nwiz.exe" [2008-08-02 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2008-07-09 11:17 1150976 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2007-09-13 15:54 380928 C:\Program Files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-24 17:02 490952 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2008-06-10 12:56 1406024 c:\Program Files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2008-05-16 08:39 16862720 C:\WINDOWS\RTHDCPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Documents and Settings\\Azzano\\Bureau\\YuLeech-Runes_of_Magic_EN-en.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"49200:TCP"= 49200:TCP:µtorrent

R0 mv61xx;mv61xx;C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2008-06-24 150568]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 ASUSVRC;ASUSTeK Virtual Capture Device;C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-09-13 10752]
S3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller;C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-02-02 36864]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Azzano\Application Data\Mozilla\Firefox\Profiles\u9bgqn88.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-23 20:54:32
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-09-23 20:55:05
ComboFix-quarantined-files.txt 2008-09-23 18:55:03
ComboFix2.txt 2008-09-23 18:51:44

Avant-CF: 290ÿ167ÿ296ÿ000 octets libres
Après-CF: 290,151,759,872 octets libres

262 --- E O F --- 2008-09-20 10:54:15
-1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 sept. 2008 à 21:21
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
-1
Utilisateur anonyme
23 sept. 2008 à 21:40
bonsoir jlp
peux tu voir ceci....
infection bagle je pense....
tu me diras
je ne m en sent pas capable...
http://www.commentcamarche.net/forum/affich 8564199 virus se generalisant
a+
-1
Réponse 6 / 10
Profil bloqué
23 sept. 2008 à 22:35
Voilà le rapport :

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1200
Windows 5.1.2600 Service Pack 3

23/09/2008 22:35:12
mbam-log-2008-09-23 (22-35-12).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 69857
Temps écoulé: 14 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
-1
Réponse 7 / 10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
23 sept. 2008 à 22:38
ok

absolument rien d'infectieux....

depuis quand as tu ceci?
-1
Réponse 8 / 10
Profil bloqué
24 sept. 2008 à 11:52
Euh je sais plus trop..
-1
Réponse 9 / 10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 sept. 2008 à 13:56
dommage car cela peut venir d'un nouveau logiciel ou materiel



sinon

essaye de réparer windows:

https://www.pcastuces.com/pratique/windows/xp/default.htm
-1
Réponse 10 / 10
Profil bloqué
24 sept. 2008 à 17:46
Ok merci, je test sa
-1

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse
écrire un rapport de travail
asi -
REGINALD -

3 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses