[RESOLU] Win32 : TratBHO (Trojan)
Forum Sécurité - Virus : [RESOLU] Win32 : TratBHO (Trojan)
Voila le rapport de CompoFix, dsl ma soeur me casse les ****** avec ça ! ^^
Merci de m'aider 
ComboFix 08-05-01.3 - Filou 2008-05-03 12:38:49.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.69 [GMT 2:00]
Endroit: C:\Documents and Settings\Filou\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\AbaIOqru.ini
C:\WINDOWS\system32\AbaIOqru.ini2
C:\WINDOWS\system32\csapjrst.ini
C:\WINDOWS\system32\ddcYOFus.dll
C:\WINDOWS\system32\fccyvUno.dll
C:\WINDOWS\system32\hsgniaoh.ini
C:\WINDOWS\system32\hvjqvitj.ini
C:\WINDOWS\system32\hyjglwud.dll
C:\WINDOWS\system32\iuaqrpho.dll
C:\WINDOWS\system32\ivuxihll.dll
C:\WINDOWS\system32\jtivqjvh.dll
C:\WINDOWS\system32\kmrjelnu.ini
C:\WINDOWS\system32\ltqkptyj.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mlJArool.dll
C:\WINDOWS\system32\pkhvjjvv.ini
C:\WINDOWS\system32\plmgxter.dll
C:\WINDOWS\system32\pskill.exe
C:\WINDOWS\system32\qdvmjblw.ini
C:\WINDOWS\system32\qoMfcARI.dll
C:\WINDOWS\system32\regpvwuq.ini
C:\WINDOWS\system32\salbsyjq.dll
C:\WINDOWS\system32\tinaudir.dll
C:\WINDOWS\system32\ttELnUvw.ini
C:\WINDOWS\system32\wmrlgyvb.ini
C:\WINDOWS\system32\wudjwnot.ini
C:\WINDOWS\system32\xhcbjsmq.dll
C:\WINDOWS\system32\xxywXRll.dll
C:\WINDOWS\system32\xxyxWNGY.dll
C:\WINDOWS\system32\ydgosqtr.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-03 to 2008-05-03 ))))))))))))))))))))))))))))))))))))
.
2008-05-03 12:45 . 2008-05-03 12:45 <REP> d-------- C:\WINDOWS\system32\xircom
2008-05-03 12:45 . 2008-05-03 12:45 <REP> d-------- C:\WINDOWS\system32\oobe
2008-05-03 12:45 . 2008-05-03 12:45 <REP> d-------- C:\WINDOWS\srchasst
2008-05-03 12:45 . 2008-05-03 12:45 <REP> d-------- C:\WINDOWS\msagent
2008-05-03 12:45 . 2008-05-03 12:45 <REP> d-------- C:\Program Files\microsoft frontpage
2008-05-02 10:55 . 2008-05-02 10:55 <REP> d-------- C:\Program Files\Trend Micro
2008-04-29 21:26 . 2008-04-29 21:29 269 --a------ C:\WINDOWS\wininit.ini
2008-04-29 20:36 . 2008-04-29 20:36 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-29 20:36 . 2008-04-29 20:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-29 19:36 . 2008-04-29 19:36 <REP> d-------- C:\WINDOWS\Sun
2008-04-28 18:57 . 2008-04-28 18:57 <REP> d-------- C:\Program Files\Alwil Software
2008-04-26 20:29 . 2008-04-26 20:29 <REP> d-------- C:\Program Files\InstallShield Installation Information
2008-04-26 20:28 . 2008-04-26 20:28 <REP> d-------- C:\Program Files\Symantec
2008-04-26 20:06 . 2008-04-26 20:06 1,505,859 ---hs---- C:\WINDOWS\system32\wmrlgyvb.tmp
2008-04-26 20:05 . 2008-04-26 20:05 106,048 --------- C:\WINDOWS\system32\gpogrcdb.dll_old
2008-04-24 19:10 . 2008-02-20 08:52 282,624 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2008-04-24 19:07 . 2008-03-01 14:34 6,067,712 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-24 19:07 . 2008-03-01 14:34 3,593,216 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-24 19:07 . 2008-03-01 14:34 827,392 --------- C:\WINDOWS\system32\dllcache\wininet.dll
2008-04-24 19:07 . 2008-03-01 14:34 347,136 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll
2008-04-24 19:07 . 2008-03-01 14:34 214,528 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll
2008-04-24 19:07 . 2008-02-20 07:20 147,968 --------- C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-04-24 19:07 . 2008-02-20 20:50 45,568 --------- C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-04-24 19:06 . 2008-04-24 19:10 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-04-24 19:06 . 2008-03-20 09:56 1,846,016 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-04-24 18:48 . 2008-04-29 18:52 109,738 --a------ C:\WINDOWS\BMc7bbc78a.xml
2008-04-22 22:21 . 2008-04-22 22:21 <REP> d-------- C:\Program Files\Easy Gif Animator Extension
2008-04-22 22:21 . 2008-04-22 22:21 <REP> d-------- C:\Program Files\Easy GIF Animator
2008-04-22 22:21 . 2008-04-22 22:21 231,872 --a------ C:\WINDOWS\EasyGifAnimator_Toolbar_Uninstaller_9093.exe
2008-04-13 19:07 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-04-13 19:07 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-04-13 19:07 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-04-13 19:07 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-04-13 19:07 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-04-13 19:07 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-04-13 19:07 . 2003-11-04 15:11 159,744 --a------ C:\WINDOWS\system32\lfpng13n.dll
2008-04-13 19:07 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-04-13 19:07 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-04-11 16:39 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-11 16:28 . 2001-08-23 17:47 126,976 --a------ C:\WINDOWS\system32\hpgt34tk.dll
2008-04-11 16:28 . 2001-08-23 17:47 101,376 --a------ C:\WINDOWS\system32\hpgt34.dll
2008-04-11 16:28 . 2001-08-23 17:47 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
2008-04-11 16:28 . 2001-08-23 17:47 32,768 --a------ C:\WINDOWS\system32\hpgtmcro.dll
2008-04-11 16:28 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-04-10 23:32 . 2008-04-10 23:32 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-04-10 23:32 . 2000-12-04 12:21 331,776 --a------ C:\WINDOWS\system32\ipebase12.dll
2008-04-10 23:32 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-04-10 23:32 . 1999-06-02 01:02 77,824 --a------ C:\WINDOWS\system32\ipeapi12.dll
2008-04-10 23:31 . 2008-04-10 23:31 <REP> d-------- C:\sj657
2008-04-05 12:32 . 2008-04-05 12:32 <REP> d-------- C:\Program Files\LimeWire Turbo Accelerator
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-28 16:38 --------- d-----w C:\Program Files\Paint.NET
2008-04-26 19:34 90,112 ----a-w C:\WINDOWS\DUMP63ca.tmp
2008-04-26 18:25 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-04-24 17:05 --------- d-----w C:\Program Files\Windows Trust
2008-04-20 14:38 98,304 ----a-w C:\WINDOWS\DUMP924d.tmp
2008-04-02 19:18 --------- d-----w C:\Documents and Settings\Filou\Application Data\gtk-2.0
2008-04-02 18:56 --------- d-----w C:\Program Files\GIMP-2.0
2008-04-02 17:06 --------- d-----w C:\Program Files\Google
2008-04-01 19:58 --------- d-----w C:\Program Files\Shareaza
2008-04-01 19:57 --------- d-----w C:\Documents and Settings\Filou\Application Data\Shareaza
2008-03-30 10:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-03-29 18:36 --------- d-----w C:\Program Files\MSN Messenger
2008-03-29 18:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-29 18:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Part title burn dvd
2008-03-28 19:48 160,288 ----a-w C:\WINDOWS\nod32_v3.0.621.0_Fr Uninstaller.exe
2008-03-28 19:46 --------- d-----w C:\Program Files\ESET
2008-03-28 19:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-03-28 19:45 --------- d-----w C:\Program Files\Notepad++
2008-03-28 19:25 --------- d-----w C:\Program Files\ma-config.com
2008-03-28 19:25 --------- d-----w C:\Documents and Settings\Filou\Application Data\ma-config.com
2008-03-28 18:57 --------- d-----w C:\Program Files\Java
2008-03-28 18:56 --------- d-----w C:\Program Files\VistaDriveStatus
2008-03-28 18:56 --------- d-----w C:\Program Files\LClock
2008-03-28 18:56 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-03-28 18:56 --------- d-----w C:\Program Files\CCleaner
2008-03-28 18:54 --------- d-----w C:\Program Files\Windows Live
2008-03-28 18:51 --------- d-----w C:\Program Files\WTInstaller
2008-03-28 18:30 --------- d-----w C:\Program Files\Unlocker
2008-03-20 07:56 1,846,016 ----a-w C:\WINDOWS\system32\win32k.sys
2008-02-22 09:40 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 09:39 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 09:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 18:50 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-17 00:47 453,632 ----a-w C:\WINDOWS\system32\themeui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-02-13 20:00 86,073 ----a-w C:\WINDOWS\system32\usrfaxa.dll
2008-02-13 19:55 96,256 ----a-w C:\WINDOWS\system32\sigverif.exe
2008-02-13 19:54 973,072 ----a-w C:\WINDOWS\system32\calc.exe
2008-02-13 19:53 69,632 ----a-w C:\WINDOWS\system32\wshext.dll
2008-02-13 19:52 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll
2008-02-13 19:51 1,358,192 ----a-w C:\WINDOWS\system32\d3dcompiler_35.dll
2008-02-13 19:51 1,124,720 ----a-w C:\WINDOWS\system32\d3dcompiler_34.dll
2008-02-13 19:51 1,123,696 ----a-w C:\WINDOWS\system32\d3dcompiler_33.dll
2008-02-12 22:35 1,548,288 ----a-w C:\WINDOWS\system32\sfcfiles.dll
2008-02-12 22:27 1,005,056 ----a-w C:\WINDOWS\system32\syssetup.dll
2008-02-12 22:25 95,744 ----a-w C:\WINDOWS\system32\mqsec.dll
2008-02-12 22:25 733,696 ----a-w C:\WINDOWS\system32\lsasrv.dll
2008-02-12 22:25 660,992 ----a-w C:\WINDOWS\system32\mqqm.dll
2008-02-12 22:25 551,936 ----a-w C:\WINDOWS\system32\oleaut32.dll
2008-02-12 22:25 527,360 ----a-w C:\WINDOWS\system32\mqutil.dll
2008-02-12 22:25 48,640 ----a-w C:\WINDOWS\system32\mqupgrd.dll
2008-02-12 22:25 47,104 ----a-w C:\WINDOWS\system32\mqdscli.dll
2008-02-12 22:25 177,152 ----a-w C:\WINDOWS\system32\mqrt.dll
2008-02-12 22:25 16,896 ----a-w C:\WINDOWS\system32\mqise.dll
2008-02-12 22:25 138,240 ----a-w C:\WINDOWS\system32\mqad.dll
2008-02-12 22:25 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-02-12 22:24 582,656 ----a-w C:\WINDOWS\system32\rpcrt4.dll
2008-02-12 22:24 24,576 ----a-w C:\WINDOWS\system32\nlsdl.dll
2008-02-12 22:24 23,552 ----a-w C:\WINDOWS\system32\normaliz.dll
2008-02-12 22:22 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll
2008-02-12 22:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2008-02-12 22:14 500,278 ----a-w C:\WINDOWS\system32\dxmasf.dll
2008-02-12 22:14 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll
2008-02-12 22:14 246,814 ----a-w C:\WINDOWS\system32\strmdll.dll
2008-02-12 22:14 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2008-02-12 22:14 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll
2008-02-12 22:14 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2008-02-12 22:14 1,104,896 ----a-w C:\WINDOWS\system32\msxml3.dll
2008-02-12 22:13 981,760 ----a-w C:\WINDOWS\system32\mfc42u.dll
2008-02-12 22:13 927,504 ----a-w C:\WINDOWS\system32\mfc40u.dll
2008-02-12 22:13 716,800 ----a-w C:\WINDOWS\system32\sxs.dll
2008-02-12 22:13 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2008-02-12 22:13 343,040 ----a-w C:\WINDOWS\system32\msvcrt.dll
2008-02-12 22:13 124,928 ----a-w C:\WINDOWS\system32\oledlg.dll
2008-02-12 22:12 65,536 ----a-w C:\WINDOWS\system32\nwwks.dll
2008-02-12 22:12 64,000 ----a-w C:\WINDOWS\system32\nwapi32.dll
2008-02-12 22:12 384,000 ----a-w C:\WINDOWS\system32\wzcdlg.dll
2008-02-12 22:12 23,040 ----a-w C:\WINDOWS\system32\fltMc.exe
2008-02-12 22:12 16,896 ----a-w C:\WINDOWS\system32\fltlib.dll
2008-02-12 22:12 145,920 ----a-w C:\WINDOWS\system32\nwprovau.dll
2008-02-12 22:12 132,096 ----a-w C:\WINDOWS\system32\wkssvc.dll
2008-02-12 22:12 100,352 ----a-w C:\WINDOWS\system32\6to4svc.dll
2008-02-12 22:11 72,704 ----a-w C:\WINDOWS\system32\hlink.dll
2008-02-12 22:09 838,360 ----a-w C:\WINDOWS\system32\mswdat10.dll
2008-02-12 22:09 80,896 ----a-w C:\WINDOWS\system32\fontsub.dll
2008-02-12 22:09 621,272 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-02-12 22:09 197,632 ----a-w C:\WINDOWS\system32\netman.dll
2008-02-12 22:09 19,968 ----a-w C:\WINDOWS\system32\linkinfo.dll
2008-02-12 22:09 124,928 ----a-w C:\WINDOWS\system32\umpnpmgr.dll
2008-02-12 22:09 117,760 ----a-w C:\WINDOWS\system32\t2embed.dll
2008-02-12 22:09 1,097,728 ----a-w C:\WINDOWS\system32\esent.dll
2008-02-12 22:07 96,768 ----a-w C:\WINDOWS\system32\srvsvc.dll
2008-02-12 22:07 62,464 ----a-w C:\WINDOWS\system32\authz.dll
2008-02-12 22:07 26,624 ----a-w C:\WINDOWS\system32\verifier.dll
2008-02-12 22:07 1,852,928 ----a-w C:\WINDOWS\AppPatch\AcGenral.dll
2008-02-12 22:05 586,240 ----a-w C:\WINDOWS\system32\mlang.dll
2008-02-12 22:05 244,736 ----a-w C:\WINDOWS\AppPatch\AcSpecfc.dll
2008-02-12 22:05 2,068,480 ----a-w C:\WINDOWS\system32\cdosys.dll
.
------- Sigcheck -------
2008-02-13 21:55 594432 825349199887e3086c4164a9a96258e0 C:\WINDOWS\system32\user32.dll
2008-02-13 21:55 360832 ce3ec03c9f65302e44af5c452d20a86f C:\WINDOWS\system32\drivers\tcpip.sys
2008-02-13 21:55 506368 afe97d09b55d4e93a189c3b8371a2474 C:\WINDOWS\system32\winlogon.exe
2008-02-13 22:01 2201216 c41e3b982f07d4b94872f2edc3831f2f C:\WINDOWS\system32\ntkrnlpa.exe
2008-02-13 21:55 2323968 a88162b925cd1fb2dfe6c585e76a2b38 C:\WINDOWS\system32\ntoskrnl.exe
2008-02-13 21:54 1411072 6b9a6f17970ba9732891b3241b750ba0 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-19 20:27 65536]
"msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Vistadrv"="C:\Program Files\VistaDriveStatus\vsdrv.exe" [2006-07-30 03:37 121089]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"HideRunAsVerb"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoNetConnectDisconnect"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoInstrumentation"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccyvUno]
fccyvUno.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-23 19:47]
R3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\system32\DRIVERS\ptserlp.sys [2001-08-17 23:28]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
*Newly Created Service* - BROWSER
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-03 12:46:53
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 2
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-03 12:51:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-03 10:51:26
Pre-Run: 6,941,786,112 octets libres
Post-Run: 6,885,789,696 octets libres
295
Re,
Télécharge ZebRestore
Dézippe-le. Ouvre le dossier, lance le en double cliquant sur l’exe.
Coche :
- Policies
******
Sélectionne l'intégralité du cadre ci-dessous :
Collect::
|
Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport ComboFix.txt.
S'il n'y a pas de rédémarrage, poste quand même le rapport.
- Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
- Enregistre le sous sur ton bureau sous le nom de CFScript.txt
- Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :
- Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.
Répondre à XmichouX
Tu n'as pas répondu à ma question 
Répondre à XmichouX
Ok, à plus tard
Répondre à XmichouX
Non ba c'est bon j'ai refait une autre analyse de Spybot mais il a rien trouvé !
Je vous remercie pour le temps passé a m'aider !
