Tom's Guide > Forum > Sécurité - Virus > AIDEZ MOI VIRUS plz
AIDEZ MOI VIRUS plz - Sécurité - Virus
TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Répondre
Mot :    Pseudo :           
 
pulco20   03-06-2008 à 14:12:27

bonjour a tous et a toute voila mon problème

j'ai choper un virus assez important qui ouvre iexplore et me fais télécharger sans que je puise le voir e des cheval de troie etc ...

je ne sais plus quoi faire je ne sais pas d'ou peux venir le probleme j'ai plusieurs svhost de actif mais je ne sais pas si c'est cela, j'ai déja fais des recherche mais rien ne concorde avec ma demande regarder mon scan hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:07, on 03/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://s2.cookingluck.com/?pid=6082&v=63
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: 818646 helper - {54192079-8E8A-43D8-BCBC-3874916159AF} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BC53E890-2693-4906-B6BD-BC2E293079F0} - C:\WINDOWS\system32\awtrQhEW.dll
O2 - BHO: 905757 helper - {E28F671C-3D83-4149-BA2F-546A67702B49} - (no file)
O2 - BHO: (no name) - {FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F} - C:\WINDOWS\system32\pmnMgfgg.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: atfxqogp - {C2DE8F08-2F3B-493D-A953-C9B6B3947555} - C:\WINDOWS\atfxqogp.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: awtrQhEW - C:\WINDOWS\SYSTEM32\awtrQhEW.dll
O21 - SSODL: AvpComponent - {a711a336-a82c-4e2f-97b8-dfda5e3f4857} - C:\WINDOWS\Resources\AvpComponent.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

--
End of file - 5506 bytes




merci de m'aider cela me fais peur j'ai trop de dossiers que je ne peut pas perdre !!!


Message édité par pulco20 le 03-06-2008 à 14:35:01
Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
XmichouX   03-06-2008 à 14:31:29
- 0 +

Bonjour,

Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.


Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
pulco20   03-06-2008 à 15:10:34
- 0 +

voila mon rapport

ComboFix 08-06-01.6 - Simon 2008-06-03 14:49:59.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.262 [GMT 2:00]
Endroit: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\iSecurity
C:\WINDOWS\atfxqogp.dll
C:\WINDOWS\resources\AvpComponent.dll
C:\WINDOWS\system32\818646
C:\WINDOWS\system32\818646\818646.dll
C:\WINDOWS\system32\905757\905757.dll
C:\WINDOWS\system32\awtrQhEW.dll
C:\WINDOWS\system32\ddcCULBu.dll
C:\WINDOWS\system32\ggfgMnmp.ini
C:\WINDOWS\system32\ggfgMnmp.ini2
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\prgjjmwj.ini
C:\WINDOWS\vregfwlx.dll
C:\WINDOWS\xmpstean.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-03 to 2008-06-03 ))))))))))))))))))))))))))))))))))))
.

2008-06-03 14:08 . 2008-06-03 14:08 <REP> d-------- C:\Program Files\Trend Micro
2008-06-03 07:43 . 2008-06-03 14:54 <REP> d-------- C:\WINDOWS\system32\905757
2008-06-01 23:18 . 2008-06-01 23:18 <REP> d----c--- C:\WatchNow
2008-05-31 13:55 . 2008-05-31 14:33 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Audacity
2008-05-30 17:04 . 2006-06-28 14:24 509,920 --a------ C:\WINDOWS\system32\SEGOEUI.TTF
2008-05-30 17:04 . 2006-06-28 14:24 490,852 --a------ C:\WINDOWS\system32\SEGOEUIB.TTF
2008-05-30 17:04 . 2006-06-28 14:24 393,068 --a------ C:\WINDOWS\system32\SEGOEUIZ.TTF
2008-05-30 17:04 . 2006-06-28 14:24 380,456 --a------ C:\WINDOWS\system32\SEGOEUII.TTF
2008-05-30 17:03 . 2008-05-30 17:03 <REP> d-------- C:\Program Files\EasyBanner 4
2008-05-30 16:39 . 2008-05-30 16:39 <REP> d-------- C:\Documents and Settings\Simon\Contacts
2008-05-30 16:34 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Simon\WINDOWS
2008-05-30 16:34 . 2008-05-30 19:51 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage r‚seau
2008-05-30 16:34 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage d'impression
2008-05-30 16:34 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Simon\ModŠles
2008-05-30 16:34 . 2008-05-31 11:07 <REP> dr------- C:\Documents and Settings\Simon\Mes documents
2008-05-30 16:34 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Simon\Menu D‚marrer
2008-05-30 16:34 . 2008-05-30 16:35 <REP> dr------- C:\Documents and Settings\Simon\Favoris
2008-05-30 16:34 . 2008-06-03 14:31 <REP> d-------- C:\Documents and Settings\Simon\Bureau
2008-05-30 16:34 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
2008-05-30 16:34 . 2008-05-31 10:27 <REP> d-------- C:\Documents and Settings\Simon
2008-05-30 14:22 . 2008-05-30 14:23 <REP> d-------- C:\Program Files\Paint.NET
2008-05-30 10:27 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-05-30 10:27 . 2003-09-01 08:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-05-30 10:27 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-05-30 10:27 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-05-30 10:27 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-05-30 10:27 . 2008-05-30 10:39 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-05-30 10:27 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
2008-05-30 10:27 . 2008-05-30 10:27 <REP> d-------- C:\Documents and Settings\Administrateur
2008-05-29 16:50 . 2008-05-29 12:42 94,208 --a------ C:\WINDOWS\enqf.exe
2008-05-29 16:49 . 2008-05-29 16:49 <REP> d-------- C:\Program Files\Guitar Pro 5
2008-05-28 21:03 . 2008-05-28 21:03 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-05-28 20:57 . 2008-05-28 21:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-27 14:03 . 2008-05-27 14:09 <REP> d-------- C:\Program Files\IMG-TXT 5
2008-05-27 13:18 . 2008-05-27 13:18 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\DivX
2008-05-26 23:26 . 2008-05-13 03:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-05-26 23:26 . 2008-05-13 03:53 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-05-26 23:26 . 2008-05-13 03:53 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-05-26 23:26 . 2008-05-13 03:53 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-26 23:26 . 2008-05-13 03:53 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-26 14:29 . 2008-05-26 23:27 <REP> d-------- C:\Program Files\DivX
2008-05-25 02:03 . 2008-05-25 02:03 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-24 22:52 . 2008-05-24 22:52 <REP> d-------- C:\Program Files\Veoh Networks
2008-05-24 20:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-24 20:01 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-24 19:22 . 2008-05-24 19:33 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-24 15:06 . 2008-05-28 20:57 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-05-24 15:03 . 2008-05-27 23:29 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\Audacity
2008-05-24 15:02 . 2008-05-24 15:03 <REP> d-------- C:\Program Files\Audacity 1.3 Beta
2008-05-24 13:58 . 2008-05-24 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-24 13:29 . 2008-05-24 13:28 42,496 -r-hs---- C:\WINDOWS\livemsngs.exe
2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-24 12:15 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
2008-05-24 12:15 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
2008-05-24 12:15 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
2008-05-24 12:15 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
2008-05-24 12:14 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
2008-05-24 12:14 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
2008-05-24 12:13 . 2008-04-14 04:33 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
2008-05-24 12:13 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll
2008-05-24 12:13 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
2008-05-24 12:13 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll
2008-05-24 12:13 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll
2008-05-24 12:13 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll
2008-05-24 12:13 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll
2008-05-24 12:13 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll
2008-05-24 12:13 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
2008-05-24 12:13 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-05-24 12:12 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll
2008-05-24 12:12 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe
2008-05-24 12:12 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll
2008-05-24 12:12 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
2008-05-24 12:12 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-05-24 12:12 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll
2008-05-24 12:12 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll
2008-05-24 12:10 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll
2008-05-24 12:09 . 2008-04-14 04:33 233,472 --------- C:\WINDOWS\system32\azroles.dll
2008-05-24 12:09 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-05-24 12:09 . 2008-04-14 04:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
2008-05-22 21:20 . 2008-05-22 21:20 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\vlc
2008-05-21 11:35 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-05-21 11:35 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-05-21 11:33 . 2008-05-21 11:34 <REP> d-------- C:\Program Files\Realtek AC97
2008-05-21 11:33 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-05-21 11:29 . 2004-04-13 15:25 110,592 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-21 11:29 . 2004-04-13 15:25 12,196 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-21 11:18 . 2008-05-28 15:13 <REP> d-------- C:\Program Files\ma-config.com
2008-05-21 11:18 . 2008-05-28 15:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-05-21 11:16 . 2008-05-21 11:24 <REP> d----c--- C:\NVIDIA
2008-05-21 10:57 . 2008-05-21 10:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-20 22:08 . 2008-05-21 11:11 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\SystemRequirementsLab
2008-05-20 21:24 . 2008-05-20 21:47 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\LimeWire
2008-05-20 21:15 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-20 21:08 . 2008-05-20 21:09 <REP> d-------- C:\Program Files\LimeWire
2008-05-20 10:37 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-20 10:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-20 10:37 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-20 10:37 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-20 10:37 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-20 10:37 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-20 10:37 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-20 10:37 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-20 10:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-20 10:36 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-05-20 10:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-05-20 10:00 . 2008-05-25 01:58 <REP> d-------- C:\Program Files\MSXML 4.0
2008-05-20 07:34 . 2008-05-20 07:34 <REP> d-------- C:\Documents and Settings\LocalService\Menu D‚marrer
2008-05-19 19:48 . 2008-05-19 19:48 <REP> d-------- C:\WINDOWS\provisioning
2008-05-19 19:48 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\peernet
2008-05-19 19:37 . 2008-05-24 13:00 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-19 19:12 . 2008-05-24 12:39 <REP> d-------- C:\WINDOWS\EHome
2008-05-19 18:52 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-05-19 18:52 . 2008-04-13 19:34 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
2008-05-19 18:52 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-05-19 18:52 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-05-19 18:41 . 2008-05-19 18:41 <REP> d-------- C:\Program Files\Alwil Software
2008-05-19 18:20 . 2008-05-19 18:20 <REP> d--hs---- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\UserData
2008-05-19 14:31 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-19 09:47 . 2008-05-19 09:47 <REP> d-------- C:\Program Files\Eidos
2008-05-18 22:33 . 2008-05-18 22:33 130,208 -r------- C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-31 13:25 --------- d-----w C:\Program Files\Windows Live
2008-05-31 10:13 --------- d-----w C:\Program Files\ScreenMates
2008-05-30 15:18 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
2008-05-25 20:37 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-24 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-24 17:14 --------- d-----w C:\Program Files\Creative
2008-05-20 19:15 --------- d-----w C:\Program Files\Java
2008-05-19 17:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
2008-05-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-05-18 20:24 --------- d-----w C:\Program Files\Logitech
2008-05-18 15:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-17 10:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-17 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-17 10:16 --------- d-----w C:\Program Files\GOTO
2008-05-17 10:16 --------- d-----w C:\Program Files\Club-Internet
2008-05-17 10:15 --------- d-----w C:\Program Files\InterActual
2008-05-17 10:12 --------- d-----w C:\Program Files\Motive
2008-05-17 09:56 --------- d-----w C:\Program Files\Wanadoo
2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 02:34 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 88,192 ----a-w C:\WINDOWS\system32\drivers\irda.sys
2008-04-13 18:54 22,016 ----a-w C:\WINDOWS\system32\drivers\msircomm.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F}]
C:\WINDOWS\system32\pmnMgfgg.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C2DE8F08-2F3B-493D-A953-C9B6B3947555}"= "C:\WINDOWS\atfxqogp.dll" [ ]

[HKEY_CLASSES_ROOT\clsid\{c2de8f08-2f3b-493d-a953-c9b6b3947555}]
[HKEY_CLASSES_ROOT\atfxqogp.1]
[HKEY_CLASSES_ROOT\TypeLib\{12DB6F8E-4A73-47E4-8228-D81B8F0A1CD1}]
[HKEY_CLASSES_ROOT\atfxqogp]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@={E4000AC4-5E5F-4956-807A-C5854405D64F}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-13 15:25 3309568]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^RAMASST.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk
backup=C:\WINDOWS\pss\RAMASST.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.32.lnk
backup=C:\WINDOWS\pss\Wireless Configuration Utility HW.32.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^BandeauTask.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\BandeauTask.lnk
backup=C:\WINDOWS\pss\BandeauTask.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^VirtualExpander.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\VirtualExpander.lnk
backup=C:\WINDOWS\pss\VirtualExpander.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\antiviirus]
C:\Program Files\antiviirus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2003-06-18 15:44 151552 C:\Program Files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]
C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
--a------ 2003-07-23 15:04 638976 C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEPOWER]
--a------ 2003-08-09 18:11 135168 C:\Program Files\TOSHIBA\Power Management\CePMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CplBTQ00]
--a------ 2003-06-27 19:33 708608 C:\Program Files\EzButton\CplBTQ00.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 04:33 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n Drop CD+DVD]
--------- 2003-07-08 21:21 1171456 C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series (Copie 1)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe]
C:\Program Files\Error Safe Free\ers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-05-18 22:34 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-07-19 17:32 221184 C:\WINDOWS\System32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSWiFiManager]
C:\Program Files\Club-Internet\Agent Wifi\AgentWifi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-04-13 15:25 3309568 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-04-13 15:25 782336 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POINTER]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2005-02-08 21:41 95960 C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
--a------ 2003-07-18 15:24 49152 C:\Program Files\TOSHIBA\TouchPad\TPTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-05-15 16:11 3644464 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmtalk]
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows MSN Live Messanger]
-r-hs---- 2008-05-24 13:28 42496 C:\WINDOWS\livemsngs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"UStorage Server Service"=2 (0x2)
"usnjsvc"=3 (0x3)
"SNDSrvc"=3 (0x3)
"ose"=3 (0x3)
"maconfservice"=3 (0x3)
"CeEPwrSvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 krdpdre;krdpdre;C:\DOCUME~1\simon\LOCALS~1\Temp\krdpdre.sys []
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 09:34]
S4 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-23 18:37]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 15:00:03
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-03 15:06:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-03 13:06:39

Pre-Run: 12,142,993,408 octets libres
Post-Run: 12,750,790,656 octets libres

413 --- E O F --- 2008-06-03 05:49:43

Répondre à pulco20
XmichouX   03-06-2008 à 15:28:32
- 0 +

Re,

Sélectionne l'intégralité du cadre ci-dessous :

Collect::
C:\WINDOWS\livemsngs.exe
C:\WINDOWS\system32\pmnMgfgg.dll

Driver::
krdpdre

Folder::
C:\PROGRA~1\MYWEBS~1
C:\Program Files\Error Safe Free
C:\Program Files\antiviirus.exe
C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
C:\WINDOWS\system32\905757

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB1A8B5B-0A71-4E7E-9BFD-55BC6F9B343F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C2DE8F08-2F3B-493D-A953-C9B6B3947555}"=-
[-HKEY_CLASSES_ROOT\clsid\{c2de8f08-2f3b-493d-a953-c9b6b3947555}]
[-HKEY_CLASSES_ROOT\atfxqogp.1]
[-HKEY_CLASSES_ROOT\TypeLib\{12DB6F8E-4A73-47E4-8228-D81B8F0A1CD1}]
[-HKEY_CLASSES_ROOT\atfxqogp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows MSN Live Messanger]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Error Safe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\antiviirus]



Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport ComboFix.txt.
S'il n'y a pas de rédémarrage, poste quand même le rapport.

  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

http://i266.photobucket.com/albums/ii277/sUBs_/CFScript.gif

  • Cela va relancer Combofix. Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
pulco20   03-06-2008 à 18:20:50
- 0 +

j'ai pas copris ^^ je vien de faire copier ce que ta mis dans le cadre et apres je sais pas dans quoi le coller
^^
tu peu réexpliquer stp ^^

Répondre à pulco20
XmichouX   03-06-2008 à 20:59:23
- 0 +

Tu copies tout ça dans le Bloc Notes qui se trouve dans démarrer\tous les prog\accessoires.

Tu enregistres sous le nom de CFScript.txt sur le bureau.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
pulco20   03-06-2008 à 22:50:20
- 0 +

salut il ma rendus un nouveau compte rendu



ComboFix 08-06-01.6 - Simon 2008-06-03 22:33:19.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.249 [GMT 2:00]
Endroit: C:\Documents and Settings\Simon\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Simon\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS
C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\First Type Book
C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\HEARTROADELSE
C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\PlanAxis2
C:\Documents and Settings\All Users\Application Data\FIND BALM SEEK BAGS\storenameflag
C:\WINDOWS\livemsngs.exe
C:\WINDOWS\system32\905757

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_KRDPDRE
-------\Service_krdpdre


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-03 to 2008-06-03 ))))))))))))))))))))))))))))))))))))
.

2008-06-03 14:08 . 2008-06-03 14:08 <REP> d-------- C:\Program Files\Trend Micro
2008-06-01 23:18 . 2008-06-01 23:18 <REP> d----c--- C:\WatchNow
2008-05-31 13:55 . 2008-05-31 14:33 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Audacity
2008-05-30 17:04 . 2006-06-28 14:24 509,920 --a------ C:\WINDOWS\system32\SEGOEUI.TTF
2008-05-30 17:04 . 2006-06-28 14:24 490,852 --a------ C:\WINDOWS\system32\SEGOEUIB.TTF
2008-05-30 17:04 . 2006-06-28 14:24 393,068 --a------ C:\WINDOWS\system32\SEGOEUIZ.TTF
2008-05-30 17:04 . 2006-06-28 14:24 380,456 --a------ C:\WINDOWS\system32\SEGOEUII.TTF
2008-05-30 17:03 . 2008-05-30 17:03 <REP> d-------- C:\Program Files\EasyBanner 4
2008-05-30 16:39 . 2008-05-30 16:39 <REP> d-------- C:\Documents and Settings\Simon\Contacts
2008-05-30 16:34 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Simon\WINDOWS
2008-05-30 16:34 . 2008-05-30 19:51 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage r‚seau
2008-05-30 16:34 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Simon\Voisinage d'impression
2008-05-30 16:34 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Simon\ModŠles
2008-05-30 16:34 . 2008-06-03 22:24 <REP> dr------- C:\Documents and Settings\Simon\Mes documents
2008-05-30 16:34 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Simon\Menu D‚marrer
2008-05-30 16:34 . 2008-05-30 16:35 <REP> dr------- C:\Documents and Settings\Simon\Favoris
2008-05-30 16:34 . 2008-06-03 22:33 <REP> d-------- C:\Documents and Settings\Simon\Bureau
2008-05-30 16:34 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
2008-05-30 16:34 . 2008-05-31 10:27 <REP> d-------- C:\Documents and Settings\Simon
2008-05-30 14:22 . 2008-05-30 14:23 <REP> d-------- C:\Program Files\Paint.NET
2008-05-30 10:27 . 2003-08-28 12:20 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-05-30 10:27 . 2003-09-01 08:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-05-30 10:27 . 2003-08-28 07:43 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-05-30 10:27 . 2003-08-28 06:48 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-05-30 10:27 . 2003-08-28 07:43 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-05-30 10:27 . 2003-08-28 06:58 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-05-30 10:27 . 2008-05-30 10:39 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-05-30 10:27 . 2003-08-28 11:10 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AdobeUM
2008-05-30 10:27 . 2008-05-30 10:27 <REP> d-------- C:\Documents and Settings\Administrateur
2008-05-29 16:50 . 2008-05-29 12:42 94,208 --a------ C:\WINDOWS\enqf.exe
2008-05-29 16:49 . 2008-05-29 16:49 <REP> d-------- C:\Program Files\Guitar Pro 5
2008-05-28 21:03 . 2008-05-28 21:03 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-05-28 20:57 . 2008-05-28 21:00 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-27 14:03 . 2008-05-27 14:09 <REP> d-------- C:\Program Files\IMG-TXT 5
2008-05-27 13:18 . 2008-05-27 13:18 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\DivX
2008-05-26 23:26 . 2008-05-13 03:53 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-05-26 23:26 . 2008-05-13 03:53 120,056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2008-05-26 23:26 . 2008-05-13 03:53 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2008-05-26 23:26 . 2008-05-13 03:53 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-26 23:26 . 2008-05-13 03:53 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-26 14:29 . 2008-05-26 23:27 <REP> d-------- C:\Program Files\DivX
2008-05-25 02:03 . 2008-05-25 02:03 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-24 22:52 . 2008-05-24 22:52 <REP> d-------- C:\Program Files\Veoh Networks
2008-05-24 20:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-24 20:01 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-24 19:22 . 2008-05-24 19:33 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-24 15:06 . 2008-05-28 20:57 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-05-24 15:03 . 2008-05-27 23:29 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\Audacity
2008-05-24 15:02 . 2008-05-24 15:03 <REP> d-------- C:\Program Files\Audacity 1.3 Beta
2008-05-24 13:58 . 2008-05-24 19:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-24 12:59 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-24 12:15 . 2008-04-14 04:33 712,704 --------- C:\WINDOWS\system32\windowscodecs.dll
2008-05-24 12:15 . 2008-04-14 04:33 346,112 --------- C:\WINDOWS\system32\windowscodecsext.dll
2008-05-24 12:15 . 2008-04-14 04:33 276,992 --------- C:\WINDOWS\system32\wmphoto.dll
2008-05-24 12:15 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
2008-05-24 12:14 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
2008-05-24 12:14 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
2008-05-24 12:13 . 2008-04-14 04:33 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
2008-05-24 12:13 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll
2008-05-24 12:13 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll
2008-05-24 12:13 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll
2008-05-24 12:13 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll
2008-05-24 12:13 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll
2008-05-24 12:13 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll
2008-05-24 12:13 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll
2008-05-24 12:13 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
2008-05-24 12:13 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-05-24 12:12 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-05-24 12:12 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll
2008-05-24 12:12 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe
2008-05-24 12:12 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll
2008-05-24 12:12 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll
2008-05-24 12:12 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-05-24 12:12 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll
2008-05-24 12:12 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll
2008-05-24 12:10 . 2008-04-14 04:33 651,264 --------- C:\WINDOWS\system32\dot3ui.dll
2008-05-24 12:09 . 2008-04-14 04:33 233,472 --------- C:\WINDOWS\system32\azroles.dll
2008-05-24 12:09 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-05-24 12:09 . 2008-04-14 04:33 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
2008-05-22 21:20 . 2008-05-22 21:20 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\vlc
2008-05-21 11:35 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-05-21 11:35 . 2006-08-01 15:02 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-05-21 11:33 . 2008-05-21 11:34 <REP> d-------- C:\Program Files\Realtek AC97
2008-05-21 11:33 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-05-21 11:29 . 2004-04-13 15:25 110,592 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-21 11:29 . 2004-04-13 15:25 12,196 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-21 11:18 . 2008-05-28 15:13 <REP> d-------- C:\Program Files\ma-config.com
2008-05-21 11:18 . 2008-05-28 15:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-05-21 11:16 . 2008-05-21 11:24 <REP> d----c--- C:\NVIDIA
2008-05-21 10:57 . 2008-05-21 10:57 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-20 22:08 . 2008-05-21 11:11 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\SystemRequirementsLab
2008-05-20 21:24 . 2008-05-20 21:47 <REP> d-------- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\Application Data\LimeWire
2008-05-20 21:15 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-20 21:08 . 2008-05-20 21:09 <REP> d-------- C:\Program Files\LimeWire
2008-05-20 10:37 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-20 10:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-20 10:37 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-20 10:37 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-20 10:37 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-20 10:37 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-20 10:37 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-20 10:37 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-20 10:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-20 10:36 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-05-20 10:28 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-05-20 10:00 . 2008-05-25 01:58 <REP> d-------- C:\Program Files\MSXML 4.0
2008-05-20 07:34 . 2008-05-20 07:34 <REP> d-------- C:\Documents and Settings\LocalService\Menu D‚marrer
2008-05-19 19:48 . 2008-05-19 19:48 <REP> d-------- C:\WINDOWS\provisioning
2008-05-19 19:48 . 2008-05-24 12:59 <REP> d-------- C:\WINDOWS\peernet
2008-05-19 19:37 . 2008-05-24 13:00 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-19 19:12 . 2008-05-24 12:39 <REP> d-------- C:\WINDOWS\EHome
2008-05-19 18:52 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-05-19 18:52 . 2008-04-13 19:34 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
2008-05-19 18:52 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-05-19 18:52 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-05-19 18:41 . 2008-05-19 18:41 <REP> d-------- C:\Program Files\Alwil Software
2008-05-19 18:20 . 2008-05-19 18:20 <REP> d--hs---- C:\Documents and Settings\Simon.YOUR-HW6EHCL50Y\UserData
2008-05-19 14:31 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-19 09:47 . 2008-05-19 09:47 <REP> d-------- C:\Program Files\Eidos
2008-05-18 22:33 . 2008-05-18 22:33 130,208 -r------- C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe
2008-05-18 22:27 . 2005-05-27 09:23 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2008-05-18 22:27 . 2005-05-27 09:32 1,317,152 --a------ C:\WINDOWS\system32\drivers\lvcm.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-31 13:25 --------- d-----w C:\Program Files\Windows Live
2008-05-31 10:13 --------- d-----w C:\Program Files\ScreenMates
2008-05-30 15:18 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
2008-05-25 20:37 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-24 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-24 17:14 --------- d-----w C:\Program Files\Creative
2008-05-20 19:15 --------- d-----w C:\Program Files\Java
2008-05-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-05-18 20:24 --------- d-----w C:\Program Files\Logitech
2008-05-18 15:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-17 10:35 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-05-17 10:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-17 10:16 --------- d-----w C:\Program Files\GOTO
2008-05-17 10:16 --------- d-----w C:\Program Files\Club-Internet
2008-05-17 10:15 --------- d-----w C:\Program Files\InterActual
2008-05-17 10:12 --------- d-----w C:\Program Files\Motive
2008-05-17 09:56 --------- d-----w C:\Program Files\Wanadoo
2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 02:34 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 88,192 ----a-w C:\WINDOWS\system32\drivers\irda.sys
2008-04-13 18:54 22,016 ----a-w C:\WINDOWS\system32\drivers\msircomm.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-03_15.06.20.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-03 12:57:22 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-03 20:38:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-03 20:38:58 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4c8.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@={E4000AC4-5E5F-4956-807A-C5854405D64F}

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-13 15:25 3309568]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^RAMASST.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk
backup=C:\WINDOWS\pss\RAMASST.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Wireless Configuration Utility HW.32.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Wireless Configuration Utility HW.32.lnk
backup=C:\WINDOWS\pss\Wireless Configuration Utility HW.32.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^BandeauTask.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\BandeauTask.lnk
backup=C:\WINDOWS\pss\BandeauTask.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=C:\WINDOWS\pss\Club Internet.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Marie^Menu Démarrer^Programmes^Démarrage^VirtualExpander.lnk]
path=C:\Documents and Settings\Marie\Menu Démarrer\Programmes\Démarrage\VirtualExpander.lnk
backup=C:\WINDOWS\pss\VirtualExpander.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2003-06-18 15:44 151552 C:\Program Files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]
C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
--a------ 2003-07-23 15:04 638976 C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEPOWER]
--a------ 2003-08-09 18:11 135168 C:\Program Files\TOSHIBA\Power Management\CePMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CplBTQ00]
--a------ 2003-06-27 19:33 708608 C:\Program Files\EzButton\CplBTQ00.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 04:33 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Drag'n Drop CD+DVD]
--------- 2003-07-08 21:21 1171456 C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C44 Series (Copie 1)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-05-18 22:34 91440 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
--a------ 2005-07-19 17:32 221184 C:\WINDOWS\System32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSWiFiManager]
C:\Program Files\Club-Internet\Agent Wifi\AgentWifi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-14 04:34 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-04-13 15:25 3309568 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-04-13 15:25 782336 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POINTER]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt]
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-03-25 04:28 144784 C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2005-02-08 21:41 95960 C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
--a------ 2003-07-18 15:24 49152 C:\Program Files\TOSHIBA\TouchPad\TPTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-05-15 16:11 3644464 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmtalk]
C:\Program Files\Fichiers communs\Talkway\vmtalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"UStorage Server Service"=2 (0x2)
"usnjsvc"=3 (0x3)
"SNDSrvc"=3 (0x3)
"ose"=3 (0x3)
"maconfservice"=3 (0x3)
"CeEPwrSvc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 09:34]
S4 maconfservice;Ma-Config Service;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-23 18:37]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 22:41:29
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-03 22:48:24 - machine was rebooted [Simon]
ComboFix-quarantined-files.txt 2008-06-03 20:48:18
ComboFix2.txt 2008-06-03 13:06:44

Pre-Run: 12,694,896,640 octets libres
Post-Run: 12,713,406,464 octets libres

400 --- E O F --- 2008-06-03 05:49:43




c'est grave ??

Répondre à pulco20
XmichouX   03-06-2008 à 22:51:56
- 0 +

Bien,

Supprime C:\WINDOWS\enqf.exe

Où en sont tes problèmes ?

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
pulco20   03-06-2008 à 23:11:33
- 0 +

c'est vrai sa va mieux niquel merci encore une derniere chose

je ne peux lire aucun cd audio, video, craver, dvd, jeux rien je ne sais pas si un virus peux bloquer le lecteur cd de mon ordi portable ou si c'est juste un bug du matos mais mes drivers sont ajour

vous n'auriez pas une idée ?

Répondre à pulco20
XmichouX   04-06-2008 à 07:05:04
- 0 +

Essaie de réparer Windows avec le cd correspondant.
Peut-être des pilotes altérés.

Puis poste un nouveau rapport HijackThis.

------------------------------ >> Centre de Formation Helpers <<
 Répondre à XmichouX
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > AIDEZ MOI VIRUS plz
Aller à :

Il y a 2153 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,238 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens