Vundo virtumonde
lionel7301
Messages postés
195
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour à tous,
je pense etre infecté par ce trojan, pouriez vous verifier,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:43:23, on 18/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Download with TrueDownloader! - C:\Program Files\TrueDownloader\TrueDownloader.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} - http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
je pense etre infecté par ce trojan, pouriez vous verifier,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:43:23, on 18/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Download with TrueDownloader! - C:\Program Files\TrueDownloader\TrueDownloader.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} - http://www.1-click.com/common/files/installer-hidden-test.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin9.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
6 réponses
slt,
scan avec
MalwareByte's Anti-Malware en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
scan avec
MalwareByte's Anti-Malware en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
voila
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1409
Windows 5.1.2600 Service Pack 3
18/11/2008 19:39:09
mbam-log-2008-11-18 (19-39-09).txt
Type de recherche: Examen rapide
Eléments examinés: 53304
Temps écoulé: 6 minute(s), 35 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1409
Windows 5.1.2600 Service Pack 3
18/11/2008 19:39:09
mbam-log-2008-11-18 (19-39-09).txt
Type de recherche: Examen rapide
Eléments examinés: 53304
Temps écoulé: 6 minute(s), 35 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
voila
ComboFix 08-11-18.02 - HP_Propriétaire 2008-11-18 20:55:03.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.233 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-18 au 2008-11-18 ))))))))))))))))))))))))))))))))))))
.
2008-11-18 19:28 . 2008-11-18 19:29 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-18 19:28 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-18 19:28 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-16 22:39 . 2003-04-03 15:00 122,880 --a------ c:\windows\system32\P1130Vfw.dll
2008-11-16 22:39 . 2003-06-11 15:00 90,229 --a------ c:\windows\system32\drivers\P1130Vid.sys
2008-11-16 22:39 . 2003-03-20 15:00 69,632 --a------ c:\windows\system32\P1130Sti.dll
2008-11-16 22:39 . 2003-08-12 15:01 69,632 --a------ c:\windows\system32\P1130Ext.ax
2008-11-16 22:39 . 2003-04-03 15:00 53,248 --a------ c:\windows\P1130Cfg.exe
2008-11-16 22:39 . 2004-04-21 01:01 49,152 --a------ c:\windows\system32\P1130Hwx.dll
2008-11-16 22:39 . 2003-03-21 15:00 24,576 --a------ c:\windows\system32\P1130Cfg.crl
2008-11-16 22:39 . 2003-08-12 15:01 20,480 --a------ c:\windows\system32\P1130Ext.crl
2008-11-16 22:39 . 2003-08-13 05:42 4,746 --a------ c:\windows\Pd1130.uns
2008-11-16 22:31 . 2008-11-16 22:39 <REP> d-------- c:\windows\CtDrvInstall
2008-11-16 22:31 . 2008-11-16 22:39 <REP> d-------- C:\WebCamNXPro
2008-11-16 22:31 . 2004-04-22 01:02 36,864 --a------ c:\windows\system32\P1130Pin.dll
2008-11-16 22:31 . 2003-03-21 15:00 24,576 --a------ c:\windows\system32\P1130Pin.crl
2008-11-16 22:31 . 2004-04-12 01:00 20,480 --a------ c:\windows\system32\P1130Srv.exe
2008-11-16 22:08 . 2008-11-16 22:08 <REP> d-------- C:\Webcam
2008-11-16 22:08 . 2008-11-16 22:22 <REP> d-------- C:\CtDriverInstTemp
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:36 . 2008-11-16 21:36 <REP> d-------- c:\program files\Camfrog
2008-11-16 16:17 . 2008-11-16 16:17 <REP> d-------- c:\program files\VS Revo Group
2008-11-15 15:33 . 2008-11-15 15:33 <REP> d-------- c:\program files\Oxemis
2008-11-13 13:22 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-13 13:21 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 02:06 . 2008-11-12 02:06 38 --a------ c:\windows\avisplitter.INI
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:04 . 2008-11-10 23:04 <REP> d-------- c:\program files\FileZilla Client
2008-11-10 18:03 . 2008-11-10 18:07 <REP> d-------- C:\Lop SD
2008-11-10 15:47 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-11-10 15:13 . 2008-11-16 16:24 81,984 --a------ c:\windows\system32\bdod.bin
2008-11-10 15:06 . 2008-11-10 16:04 <REP> d-------- c:\program files\Fichiers communs\Softwin
2008-11-09 16:28 . 2008-11-17 17:54 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-09 16:28 . 2008-11-09 16:28 1,409 --a------ c:\windows\QTFont.for
2008-11-06 03:25 . 2008-11-06 03:25 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-06 01:20 . 2008-11-06 13:33 <REP> d-------- c:\program files\Trend Micro
2008-11-06 01:01 . 2008-11-06 01:01 <REP> d--hs---- c:\documents and settings\HP_Propriétaire\PrivacIE
2008-11-06 01:01 . 2008-11-06 01:01 <REP> d--hs---- c:\documents and settings\HP_Propriétaire\PrivacIE
2008-11-06 00:43 . 2008-11-06 00:44 <REP> d--h-c--- c:\windows\ie8
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-05 21:23 . 2008-11-05 21:23 <REP> d-------- C:\rsit
2008-11-05 15:22 . 2008-11-05 15:28 <REP> d-------- c:\program files\Windows Live Safety Center
2008-11-05 01:59 . 2008-11-05 01:59 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-11-05 01:53 . 2007-02-20 16:04 2,463,976 --a------ c:\windows\system32\NPSWF32.dll
2008-11-05 01:53 . 2007-02-20 16:04 190,696 --a------ c:\windows\system32\NPSWF32_FlashUtil.exe
2008-11-05 01:52 . 2008-11-05 01:52 <REP> d-------- c:\program files\Bonjour
2008-11-05 01:44 . 2008-11-05 01:44 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared
2008-11-04 23:52 . 2008-11-04 23:52 <REP> d-------- c:\documents and settings\HP_Propriétaire\amaya
2008-11-04 23:52 . 2008-11-04 23:52 <REP> d-------- c:\documents and settings\HP_Propriétaire\amaya
2008-11-04 17:45 . 2008-11-04 17:45 2,672 --a------ c:\windows\system32\settings.aaw
2008-11-04 17:45 . 2008-11-04 17:45 1,072 --a------ c:\windows\system32\history.aaw
2008-11-04 07:11 . 2008-11-04 07:11 <REP> d-------- c:\program files\Macromedia
2008-11-02 16:40 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-02 16:39 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-02 16:38 . 2008-05-07 06:11 1,294,336 -----c--- c:\windows\system32\dllcache\quartz.dll
2008-11-02 16:38 . 2008-04-11 20:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-11-02 16:38 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-02 16:38 . 2008-06-14 18:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-02 16:38 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-11-02 16:38 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-01 23:58 . 2008-11-06 00:45 3,749 --a------ c:\windows\system32\spupdsvc.inf
2008-11-01 23:56 . 2008-11-01 23:56 <REP> d-------- c:\windows\system32\bits
2008-11-01 23:48 . 2008-11-01 23:48 <REP> d-------- c:\windows\EHome
2008-10-31 15:01 . 2008-11-03 15:29 <REP> d-------- c:\program files\TuneUp Utilities 2008
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-31 15:01 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-30 23:19 . 2008-11-02 00:36 146 --a------ c:\windows\mix-fx.ini
2008-10-27 22:44 . 2008-11-10 20:48 128 --a------ c:\windows\lionel.P&R
2008-10-27 19:17 . 2008-11-10 20:27 60 --a------ c:\windows\Name.P&R
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-25 23:13 . 2008-11-02 00:26 <REP> d-------- c:\program files\HTML Direct
2008-10-25 22:09 . 2008-10-25 22:10 <REP> d-------- c:\program files\Jasc Software Inc
2008-10-24 08:43 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-22 13:19 . 2008-10-23 19:45 <REP> d-------- c:\program files\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-21 17:45 . 2008-04-13 19:46 121,984 --------- c:\windows\system32\drivers\usbvideo.sys
2008-10-21 17:45 . 2008-04-13 19:36 44,672 --------- c:\windows\system32\drivers\uagp35.sys
2008-10-21 17:45 . 2008-04-13 19:36 42,240 --------- c:\windows\system32\drivers\viaagp.sys
2008-10-21 17:45 . 2004-08-03 21:29 25,471 --------- c:\windows\system32\drivers\watv10nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 22,271 --------- c:\windows\system32\drivers\watv06nt.sys
2008-10-21 17:45 . 2008-04-13 19:43 14,208 --------- c:\windows\system32\drivers\wacompen.sys
2008-10-21 17:45 . 2008-04-13 19:56 12,800 --------- c:\windows\system32\drivers\usb8023x.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,935 --------- c:\windows\system32\drivers\wadv11nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,871 --------- c:\windows\system32\drivers\wadv09nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,807 --------- c:\windows\system32\drivers\wadv07nt.sys
2008-10-21 17:45 . 2008-04-14 03:33 11,325 --------- c:\windows\system32\drivers\vchnt5.dll
2008-10-21 17:45 . 2004-08-03 21:29 11,295 --------- c:\windows\system32\drivers\wadv08nt.sys
2008-10-21 17:43 . 2008-04-14 03:33 1,888,992 --------- c:\windows\system32\ati3duag.dll
2008-10-20 08:36 . 2008-04-14 03:33 109,568 --a------ c:\windows\system32\evntagnt.dll
2008-10-20 08:35 . 2008-04-14 03:33 33,792 --a------ c:\windows\system32\lmmib2.dll
2008-10-20 08:35 . 2004-08-04 20:00 33,792 --a------ c:\windows\system32\lmmib2(2).dll
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-18 09:13 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-17 17:00 --------- d-----w c:\program files\LimeWire
2008-11-16 21:23 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-14 05:02 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-09 08:53 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-09 00:15 --------- d-----w c:\program files\Anuman Interactive
2008-11-09 00:09 --------- d-----w c:\program files\Yahoo!
2008-11-06 02:25 --------- d-----w c:\program files\Java
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-05 00:54 --------- d-----w c:\program files\QuickTime
2008-11-05 00:52 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-04 14:16 1,152 --sha-w C:\nlejaw3o.sys
2008-10-31 14:00 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2008-10-30 20:07 --------- d-----w c:\program files\Microsoft Picture It! 9
2008-10-28 20:19 --------- d-----w c:\program files\CDDC-MahJongg
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\netapi32(2)(2).dll
2008-10-04 09:25 --------- d-----w c:\documents and settings\All Users\Application Data\Microgaming
2008-10-04 09:25 --------- d-----w c:\documents and settings\All Users\Application Data\MGS
2008-10-01 09:56 --------- d-----w c:\program files\Glary Utilities
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:16 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-22 02:08 878,592 ----a-w c:\windows\system32\wininet.dll
2008-08-22 02:08 43,008 ----a-w c:\windows\system32\licmgr10.dll
2008-08-22 02:07 18,944 ----a-w c:\windows\system32\corpol.dll
2008-08-22 02:06 72,704 ----a-w c:\windows\system32\admparse.dll
2008-08-22 02:06 71,680 ----a-w c:\windows\system32\iesetup.dll
2008-08-22 02:06 434,176 ----a-w c:\windows\system32\vbscript.dll
2008-08-22 02:05 48,640 ------w c:\windows\system32\PrivacIE.dll
2008-08-22 02:05 48,128 ----a-w c:\windows\system32\mshtmler.dll
2008-08-22 02:05 35,840 ----a-w c:\windows\system32\imgutil.dll
2008-08-22 02:04 45,568 ----a-w c:\windows\system32\mshta.exe
2008-08-22 01:57 156,160 ----a-w c:\windows\system32\msls31.dll
2008-08-20 05:37 663,552 ----a-w c:\windows\system32\wininet(2).dll
2008-08-20 05:37 617,984 ----a-w c:\windows\system32\urlmon(2).dll
2008-08-20 05:37 474,624 ----a-w c:\windows\system32\shlwapi(2).dll
2008-08-20 05:37 16,384 ----a-w c:\windows\system32\jsproxy(3).dll
2008-08-20 05:37 1,024,000 ----a-w c:\windows\system32\browseui(3).dll
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
.
((((((((((((((((((((((((((((( snapshot@2008-11-18_20.41.07,79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-18 19:46:14 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_138.dat
+ 2008-11-18 19:46:21 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_230.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-01 4112384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-06 136600]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
--a------ 2004-01-01 17:55 159744 c:\progra~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
--a------ 2005-10-19 17:19 49152 c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
--a------ 2003-06-26 03:02 184320 c:\program files\Creative\Shared Files\CamTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
--a------ 2008-05-20 16:27 2474031 c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
--a------ 2004-06-07 18:43 659456 c:\windows\system32\hphmon06.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
--a------ 2004-06-07 18:53 49152 c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 1998-05-07 16:04 52736 c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2003-05-16 00:41 163840 c:\program files\Microsoft IntelliPoint\point32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2003-02-11 20:02 61440 c:\hp\KBD\kbd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
--a------ 2003-06-10 17:49 50688 c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
--a------ 2004-08-13 17:41 86016 c:\program files\MSN Apps\Updater\[u]0/u1.02.3000.1001\fr\msnappau.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 10:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-07-01 23:12 4112384 c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2004-01-01 17:45 98304 c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2004-04-14 20:43 233472 c:\windows\SMINST\Recguard.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
--a------ 2004-05-20 09:47 249856 c:\windows\system32\Keyhook.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32]
--a------ 2003-05-16 00:45 114688 c:\program files\Microsoft IntelliType Pro\type32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 17:06 88363 c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-07-01 23:12 843776 c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"SysmonLog"=3 (0x3)
"Schedule"=2 (0x2)
"SamSs"=2 (0x2)
"iPodService"=3 (0x3)
"Fax"=2 (0x2)
"Bonjour Service"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-01-01 14336]
R2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe -k netsvcs [2004-01-01 14336]
R3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\DRIVERS\P1130Vid.sys [2008-11-16 90229]
S2 USBHSB;GeneLink File Transfer Driver;c:\windows\system32\Drivers\usbhsb.sys []
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);c:\windows\system32\DRIVERS\archbus.sys [2005-12-10 52480]
S3 archmdfl;NEC WMC USB_BJ1 Modem Filter;c:\windows\system32\DRIVERS\archmdfl.sys [2005-12-10 6032]
S3 archmdm;NEC WMC USB_BJ1 Modem Drivers;c:\windows\system32\DRIVERS\archmdm.sys [2005-12-10 87360]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-31 355584]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2004-12-28 379456]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2005-03-26 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-06-21 21:19]
2008-11-05 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
2008-11-05 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 11:22]
2008-11-14 c:\windows\Tasks\User_Feed_Synchronization-{277F3B68-F459-42AB-8AB1-13869C27AFDF}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\w7k9fjsq.default\
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-18 20:58:02
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-18 21:00:33
ComboFix-quarantined-files.txt 2008-11-18 20:00:05
ComboFix2.txt 2008-11-18 19:42:40
Avant-CF: 98 054 619 136 octets libres
Après-CF: 98,039,484,416 octets libres
330 --- E O F --- 2008-11-14 05:04:20
ComboFix 08-11-18.02 - HP_Propriétaire 2008-11-18 20:55:03.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.233 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-18 au 2008-11-18 ))))))))))))))))))))))))))))))))))))
.
2008-11-18 19:28 . 2008-11-18 19:29 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-18 19:28 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-18 19:28 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-16 22:39 . 2003-04-03 15:00 122,880 --a------ c:\windows\system32\P1130Vfw.dll
2008-11-16 22:39 . 2003-06-11 15:00 90,229 --a------ c:\windows\system32\drivers\P1130Vid.sys
2008-11-16 22:39 . 2003-03-20 15:00 69,632 --a------ c:\windows\system32\P1130Sti.dll
2008-11-16 22:39 . 2003-08-12 15:01 69,632 --a------ c:\windows\system32\P1130Ext.ax
2008-11-16 22:39 . 2003-04-03 15:00 53,248 --a------ c:\windows\P1130Cfg.exe
2008-11-16 22:39 . 2004-04-21 01:01 49,152 --a------ c:\windows\system32\P1130Hwx.dll
2008-11-16 22:39 . 2003-03-21 15:00 24,576 --a------ c:\windows\system32\P1130Cfg.crl
2008-11-16 22:39 . 2003-08-12 15:01 20,480 --a------ c:\windows\system32\P1130Ext.crl
2008-11-16 22:39 . 2003-08-13 05:42 4,746 --a------ c:\windows\Pd1130.uns
2008-11-16 22:31 . 2008-11-16 22:39 <REP> d-------- c:\windows\CtDrvInstall
2008-11-16 22:31 . 2008-11-16 22:39 <REP> d-------- C:\WebCamNXPro
2008-11-16 22:31 . 2004-04-22 01:02 36,864 --a------ c:\windows\system32\P1130Pin.dll
2008-11-16 22:31 . 2003-03-21 15:00 24,576 --a------ c:\windows\system32\P1130Pin.crl
2008-11-16 22:31 . 2004-04-12 01:00 20,480 --a------ c:\windows\system32\P1130Srv.exe
2008-11-16 22:08 . 2008-11-16 22:08 <REP> d-------- C:\Webcam
2008-11-16 22:08 . 2008-11-16 22:22 <REP> d-------- C:\CtDriverInstTemp
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:37 . 2008-11-16 21:37 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Camfrog
2008-11-16 21:36 . 2008-11-16 21:36 <REP> d-------- c:\program files\Camfrog
2008-11-16 16:17 . 2008-11-16 16:17 <REP> d-------- c:\program files\VS Revo Group
2008-11-15 15:33 . 2008-11-15 15:33 <REP> d-------- c:\program files\Oxemis
2008-11-13 13:22 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-13 13:21 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 02:06 . 2008-11-12 02:06 38 --a------ c:\windows\avisplitter.INI
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:05 . 2008-11-16 00:47 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\FileZilla
2008-11-10 23:04 . 2008-11-10 23:04 <REP> d-------- c:\program files\FileZilla Client
2008-11-10 18:03 . 2008-11-10 18:07 <REP> d-------- C:\Lop SD
2008-11-10 15:47 . 2007-01-18 13:00 3,968 --a------ c:\windows\system32\drivers\AvgArCln.sys
2008-11-10 15:13 . 2008-11-16 16:24 81,984 --a------ c:\windows\system32\bdod.bin
2008-11-10 15:06 . 2008-11-10 16:04 <REP> d-------- c:\program files\Fichiers communs\Softwin
2008-11-09 16:28 . 2008-11-17 17:54 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-09 16:28 . 2008-11-09 16:28 1,409 --a------ c:\windows\QTFont.for
2008-11-06 03:25 . 2008-11-06 03:25 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-06 01:20 . 2008-11-06 13:33 <REP> d-------- c:\program files\Trend Micro
2008-11-06 01:01 . 2008-11-06 01:01 <REP> d--hs---- c:\documents and settings\HP_Propriétaire\PrivacIE
2008-11-06 01:01 . 2008-11-06 01:01 <REP> d--hs---- c:\documents and settings\HP_Propriétaire\PrivacIE
2008-11-06 00:43 . 2008-11-06 00:44 <REP> d--h-c--- c:\windows\ie8
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Malwarebytes
2008-11-05 21:50 . 2008-11-05 21:50 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-05 21:23 . 2008-11-05 21:23 <REP> d-------- C:\rsit
2008-11-05 15:22 . 2008-11-05 15:28 <REP> d-------- c:\program files\Windows Live Safety Center
2008-11-05 01:59 . 2008-11-05 01:59 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-11-05 01:53 . 2007-02-20 16:04 2,463,976 --a------ c:\windows\system32\NPSWF32.dll
2008-11-05 01:53 . 2007-02-20 16:04 190,696 --a------ c:\windows\system32\NPSWF32_FlashUtil.exe
2008-11-05 01:52 . 2008-11-05 01:52 <REP> d-------- c:\program files\Bonjour
2008-11-05 01:44 . 2008-11-05 01:44 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared
2008-11-04 23:52 . 2008-11-04 23:52 <REP> d-------- c:\documents and settings\HP_Propriétaire\amaya
2008-11-04 23:52 . 2008-11-04 23:52 <REP> d-------- c:\documents and settings\HP_Propriétaire\amaya
2008-11-04 17:45 . 2008-11-04 17:45 2,672 --a------ c:\windows\system32\settings.aaw
2008-11-04 17:45 . 2008-11-04 17:45 1,072 --a------ c:\windows\system32\history.aaw
2008-11-04 07:11 . 2008-11-04 07:11 <REP> d-------- c:\program files\Macromedia
2008-11-02 16:40 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-02 16:40 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-02 16:39 . 2008-09-15 16:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-02 16:38 . 2008-05-07 06:11 1,294,336 -----c--- c:\windows\system32\dllcache\quartz.dll
2008-11-02 16:38 . 2008-04-11 20:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-11-02 16:38 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-02 16:38 . 2008-06-14 18:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-02 16:38 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-11-02 16:38 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-02 11:29 . 2008-11-02 11:29 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Talkback
2008-11-01 23:58 . 2008-11-06 00:45 3,749 --a------ c:\windows\system32\spupdsvc.inf
2008-11-01 23:56 . 2008-11-01 23:56 <REP> d-------- c:\windows\system32\bits
2008-11-01 23:48 . 2008-11-01 23:48 <REP> d-------- c:\windows\EHome
2008-10-31 15:01 . 2008-11-03 15:29 <REP> d-------- c:\program files\TuneUp Utilities 2008
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-31 15:01 . 2008-10-31 15:01 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-10-31 15:01 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll
2008-10-30 23:19 . 2008-11-02 00:36 146 --a------ c:\windows\mix-fx.ini
2008-10-27 22:44 . 2008-11-10 20:48 128 --a------ c:\windows\lionel.P&R
2008-10-27 19:17 . 2008-11-10 20:27 60 --a------ c:\windows\Name.P&R
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-27 11:23 . 2008-10-27 11:23 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\Jasc
2008-10-25 23:13 . 2008-11-02 00:26 <REP> d-------- c:\program files\HTML Direct
2008-10-25 22:09 . 2008-10-25 22:10 <REP> d-------- c:\program files\Jasc Software Inc
2008-10-24 08:43 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-22 13:19 . 2008-10-23 19:45 <REP> d-------- c:\program files\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-22 13:19 . 2008-10-30 14:09 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\KompoZer
2008-10-21 17:45 . 2008-04-13 19:46 121,984 --------- c:\windows\system32\drivers\usbvideo.sys
2008-10-21 17:45 . 2008-04-13 19:36 44,672 --------- c:\windows\system32\drivers\uagp35.sys
2008-10-21 17:45 . 2008-04-13 19:36 42,240 --------- c:\windows\system32\drivers\viaagp.sys
2008-10-21 17:45 . 2004-08-03 21:29 25,471 --------- c:\windows\system32\drivers\watv10nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 22,271 --------- c:\windows\system32\drivers\watv06nt.sys
2008-10-21 17:45 . 2008-04-13 19:43 14,208 --------- c:\windows\system32\drivers\wacompen.sys
2008-10-21 17:45 . 2008-04-13 19:56 12,800 --------- c:\windows\system32\drivers\usb8023x.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,935 --------- c:\windows\system32\drivers\wadv11nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,871 --------- c:\windows\system32\drivers\wadv09nt.sys
2008-10-21 17:45 . 2004-08-03 21:29 11,807 --------- c:\windows\system32\drivers\wadv07nt.sys
2008-10-21 17:45 . 2008-04-14 03:33 11,325 --------- c:\windows\system32\drivers\vchnt5.dll
2008-10-21 17:45 . 2004-08-03 21:29 11,295 --------- c:\windows\system32\drivers\wadv08nt.sys
2008-10-21 17:43 . 2008-04-14 03:33 1,888,992 --------- c:\windows\system32\ati3duag.dll
2008-10-20 08:36 . 2008-04-14 03:33 109,568 --a------ c:\windows\system32\evntagnt.dll
2008-10-20 08:35 . 2008-04-14 03:33 33,792 --a------ c:\windows\system32\lmmib2.dll
2008-10-20 08:35 . 2004-08-04 20:00 33,792 --a------ c:\windows\system32\lmmib2(2).dll
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
2008-10-18 13:48 . 2008-10-19 08:57 <REP> d-------- c:\documents and settings\HP_Propriétaire\Application Data\uTorrent
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-18 09:13 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-18 08:12 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\LimeWire
2008-11-17 17:00 --------- d-----w c:\program files\LimeWire
2008-11-16 21:23 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-15 03:55 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\Free Download Manager
2008-11-14 05:02 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-09 08:53 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-09 00:15 --------- d-----w c:\program files\Anuman Interactive
2008-11-09 00:09 --------- d-----w c:\program files\Yahoo!
2008-11-06 02:25 --------- d-----w c:\program files\Java
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-06 01:05 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\CamfrogWEB
2008-11-05 00:54 --------- d-----w c:\program files\QuickTime
2008-11-05 00:52 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-11-04 14:16 1,152 --sha-w C:\nlejaw3o.sys
2008-10-31 14:00 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2008-10-30 20:07 --------- d-----w c:\program files\Microsoft Picture It! 9
2008-10-28 20:19 --------- d-----w c:\program files\CDDC-MahJongg
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:59 332,800 ----a-w c:\windows\system32\netapi32(2)(2).dll
2008-10-04 09:25 --------- d-----w c:\documents and settings\All Users\Application Data\Microgaming
2008-10-04 09:25 --------- d-----w c:\documents and settings\All Users\Application Data\MGS
2008-10-01 09:56 --------- d-----w c:\program files\Glary Utilities
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-10-01 09:33 --------- d-----w c:\documents and settings\HP_Propriétaire\Application Data\GlarySoft
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:16 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-22 02:08 878,592 ----a-w c:\windows\system32\wininet.dll
2008-08-22 02:08 43,008 ----a-w c:\windows\system32\licmgr10.dll
2008-08-22 02:07 18,944 ----a-w c:\windows\system32\corpol.dll
2008-08-22 02:06 72,704 ----a-w c:\windows\system32\admparse.dll
2008-08-22 02:06 71,680 ----a-w c:\windows\system32\iesetup.dll
2008-08-22 02:06 434,176 ----a-w c:\windows\system32\vbscript.dll
2008-08-22 02:05 48,640 ------w c:\windows\system32\PrivacIE.dll
2008-08-22 02:05 48,128 ----a-w c:\windows\system32\mshtmler.dll
2008-08-22 02:05 35,840 ----a-w c:\windows\system32\imgutil.dll
2008-08-22 02:04 45,568 ----a-w c:\windows\system32\mshta.exe
2008-08-22 01:57 156,160 ----a-w c:\windows\system32\msls31.dll
2008-08-20 05:37 663,552 ----a-w c:\windows\system32\wininet(2).dll
2008-08-20 05:37 617,984 ----a-w c:\windows\system32\urlmon(2).dll
2008-08-20 05:37 474,624 ----a-w c:\windows\system32\shlwapi(2).dll
2008-08-20 05:37 16,384 ----a-w c:\windows\system32\jsproxy(3).dll
2008-08-20 05:37 1,024,000 ----a-w c:\windows\system32\browseui(3).dll
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-11-27 08:29 24,044 -c--a-w c:\documents and settings\HP_Propriétaire\Application Data\wklnhst.dat
.
((((((((((((((((((((((((((((( snapshot@2008-11-18_20.41.07,79 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-18 19:46:14 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_138.dat
+ 2008-11-18 19:46:21 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_230.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-01 4112384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-06 136600]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
--a------ 2004-01-01 17:55 159744 c:\progra~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 01:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
--a------ 2005-10-19 17:19 49152 c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
--a------ 2003-06-26 03:02 184320 c:\program files\Creative\Shared Files\CamTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
--a------ 2008-05-20 16:27 2474031 c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06]
--a------ 2004-06-07 18:43 659456 c:\windows\system32\hphmon06.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
--a------ 2004-06-07 18:53 49152 c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 1998-05-07 16:04 52736 c:\windows\system\hpsysdrv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2003-05-16 00:41 163840 c:\program files\Microsoft IntelliPoint\point32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2003-02-11 20:02 61440 c:\hp\KBD\kbd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
--a------ 2003-06-10 17:49 50688 c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
--a------ 2004-08-13 17:41 86016 c:\program files\MSN Apps\Updater\[u]0/u1.02.3000.1001\fr\msnappau.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 10:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-07-01 23:12 4112384 c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2004-01-01 17:45 98304 c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2004-04-14 20:43 233472 c:\windows\SMINST\Recguard.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook]
--a------ 2004-05-20 09:47 249856 c:\windows\system32\Keyhook.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
-rahs---- 2008-09-16 12:16 1833296 c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\type32]
--a------ 2003-05-16 00:45 114688 c:\program files\Microsoft IntelliType Pro\type32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 17:06 88363 c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-07-01 23:12 843776 c:\windows\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"SysmonLog"=3 (0x3)
"Schedule"=2 (0x2)
"SamSs"=2 (0x2)
"iPodService"=3 (0x3)
"Fax"=2 (0x2)
"Bonjour Service"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
R2 NwSapAgent;Agent SAP;c:\windows\system32\svchost.exe -k netsvcs [2004-01-01 14336]
R2 UxTuneUp;TuneUp Extension de thème;c:\windows\System32\svchost.exe -k netsvcs [2004-01-01 14336]
R3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\DRIVERS\P1130Vid.sys [2008-11-16 90229]
S2 USBHSB;GeneLink File Transfer Driver;c:\windows\system32\Drivers\usbhsb.sys []
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);c:\windows\system32\DRIVERS\archbus.sys [2005-12-10 52480]
S3 archmdfl;NEC WMC USB_BJ1 Modem Filter;c:\windows\system32\DRIVERS\archmdfl.sys [2005-12-10 6032]
S3 archmdm;NEC WMC USB_BJ1 Modem Drivers;c:\windows\system32\DRIVERS\archmdm.sys [2005-12-10 87360]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-10-31 355584]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\DRIVERS\WlanUIG.sys [2004-12-28 379456]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2005-03-26 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-06-21 21:19]
2008-11-05 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]
2008-11-05 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 11:22]
2008-11-14 c:\windows\Tasks\User_Feed_Synchronization-{277F3B68-F459-42AB-8AB1-13869C27AFDF}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\w7k9fjsq.default\
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-18 20:58:02
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-18 21:00:33
ComboFix-quarantined-files.txt 2008-11-18 20:00:05
ComboFix2.txt 2008-11-18 19:42:40
Avant-CF: 98 054 619 136 octets libres
Après-CF: 98,039,484,416 octets libres
330 --- E O F --- 2008-11-14 05:04:20
c est de pire en pire, mon pc a bugué lors d unr premiere analyse j ai pu voir vite fait qu il avait effacé 2 fichiers mais j ai pas eu le temps d e voir avec precision, en olus j ai failli ne jamais me reconnecter, gros debit de paquets sortants et moins de rentrants
ce pc va me rendre dingue
merci de m aider
ce pc va me rendre dingue
merci de m aider
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
slt pas d'infection vundo!!!
c'est quoi le souci?
c'est quoi le souci?
comme expliqué au dessus plein de trucs bizares mais surtout tres lent sur le net, tre souvent obligé de rafraichir pour que les pages s affichent et c est de pire en pire, sans compter que si je clic sur une icone du bureau une fenetre "explorer.exe" aparait me disant qu il a trouvé une erreur et qu il doit arreter propose deboguer ou fermer et quoique je fasse je perds systematiquement l image du bureau. souvent l image se fige et obligé de debrancher pour que sa reparte voila en gros les plus frequents
rien pour le moment
____________
antivir ne trouve rien?
___________
limewire marche en permanence?
________________
as tu essayé de restaurer ton ordi avant le souci?
http://www.infoprat.net/astuces/windows2k_xp/astuces/divers_004.php
____________
antivir ne trouve rien?
___________
limewire marche en permanence?
________________
as tu essayé de restaurer ton ordi avant le souci?
http://www.infoprat.net/astuces/windows2k_xp/astuces/divers_004.php
