Virus malveillant securité suite [résolu]
Dernière réponse : dans Le monde de Windows
Bonsoir à tous, je viens vers vous afin d'éradiquer ce petit logiciel bien sympa qui me bloque tout l'ordinateur, tous les .exe, même les navigateurs internet. Je ne peux pas non plus suivre les étapes indiquées par le site Internet pcthreat.
Comment puis je faire sans supprimer et réinstallé le système?
Merci de votre aide
Comment puis je faire sans supprimer et réinstallé le système?
Merci de votre aide
Autres pages sur : virus malveillant securite suite resolu
Lassé par la pub ? Créez un compte
Voici le rapport ComboFix
ComboFix 10-09-04.06 - Administrateur 06/09/2010 13:51:56.1.2 - x86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1682 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn\nekdqdpshdw.exe
c:\windows\system32\scrrnfr.dll
c:\windows\system32\systeminfo3.dll
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-06 au 2010-09-06 ))))))))))))))))))))))))))))))))))))
.
2010-09-06 08:35 . 2010-09-06 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-06 08:35 . 2010-09-06 08:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-06 07:48 . 2010-09-06 07:48 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2010-09-06 07:48 . 2010-09-06 07:48 -------- d-----w- c:\program files\Enigma Software Group
2010-09-06 07:47 . 2010-09-06 08:22 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-09-06 07:47 . 2010-09-06 07:47 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2010-09-05 12:35 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-05 12:35 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-05 01:00 . 2010-09-05 01:01 -------- d-----w- C:\01e6b559076abdb1ad9a
2010-08-19 19:47 . 2010-08-19 19:47 -------- d-----w- c:\program files\Conduit
2010-08-19 19:47 . 2010-08-19 19:47 -------- d-----w- c:\program files\Softonic_France
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 07:48 . 2009-04-15 17:38 68968 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-09-04 10:29 . 2004-01-01 20:53 601786 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-04 10:29 . 2004-01-01 20:53 108084 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-01 15:21 . 2010-04-13 08:07 -------- d-----w- c:\program files\Pvm
2010-08-31 03:33 . 2010-07-03 12:51 -------- d-----w- c:\program files\uTorrent
2010-08-23 22:29 . 2009-03-21 18:06 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2010-08-23 22:29 . 2009-03-21 18:05 -------- d-----w- c:\program files\AVS4YOU
2010-07-27 17:32 . 2010-05-22 11:09 -------- d-----w- c:\program files\PhotoScape
2010-07-26 11:41 . 2010-07-26 11:41 -------- d-----w- c:\program files\CDBurnerXP
2010-07-12 15:44 . 2010-07-12 14:23 -------- d-----w- c:\program files\Orange
2010-07-12 15:44 . 2009-01-29 14:36 -------- d-----w- c:\program files\Securitoo
2010-07-12 15:34 . 2010-07-12 14:22 -------- d-----w- c:\program files\Fichiers communs\France Telecom
2010-07-12 14:48 . 2004-01-01 16:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-12 14:24 . 2009-01-29 14:40 -------- d-----w- c:\program files\Wanadoo
2010-07-10 15:10 . 2010-07-10 15:10 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-06-30 12:32 . 2004-01-01 20:53 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:17 . 2004-01-01 20:53 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:17 . 2004-01-01 20:53 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:17 . 2004-01-01 20:53 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-01-01 20:53 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-01-01 20:53 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-01-01 20:53 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-01-01 13:04 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-01-01 20:53 1172480 ----a-w- c:\windows\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\Softonic_France\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2004-05-20 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 73728]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-24 339968]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-06 2550272]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Microsoft Works Update Detection"="c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 50688]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-01-01 98304]
"ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LUMIX Simple Viewer.lnk
backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 17:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2004-05-10 23:48 286720 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2003-06-18 11:00 204800 ----a-w- c:\program files\Microsoft Money\System\mnyexpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 --sha-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-12-23 19:18 2642168 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [01/01/2004 16:29 350282]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [01/12/2009 20:16 233472]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [28/01/2009 14:04 17149]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [01/12/2009 20:16 36608]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [12/07/2010 18:27 402432]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [01/12/2009 20:27 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [01/12/2009 20:27 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [01/12/2009 20:27 121856]
.
Contenu du dossier 'Tâches planifiées'
2010-02-13 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-06-21 20:19]
.
.
------- Examen supplémentaire -------
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\g07s3g3p.default\
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-fpxhgnsu - c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn\nekdqdpshdw.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 13:56
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2010-09-06 13:59:02
ComboFix-quarantined-files.txt 2010-09-06 11:59
Avant-CF: 158 769 164 288 octets libres
Après-CF: 170 627 686 400 octets libres
- - End Of File - - 451A8CB48AB14232E59946CC9A2F5494
Il est mega grand je trouve
ComboFix 10-09-04.06 - Administrateur 06/09/2010 13:51:56.1.2 - x86 NETWORK
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1682 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn\nekdqdpshdw.exe
c:\windows\system32\scrrnfr.dll
c:\windows\system32\systeminfo3.dll
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-06 au 2010-09-06 ))))))))))))))))))))))))))))))))))))
.
2010-09-06 08:35 . 2010-09-06 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-06 08:35 . 2010-09-06 08:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-06 07:48 . 2010-09-06 07:48 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2010-09-06 07:48 . 2010-09-06 07:48 -------- d-----w- c:\program files\Enigma Software Group
2010-09-06 07:47 . 2010-09-06 08:22 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-09-06 07:47 . 2010-09-06 07:47 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2010-09-05 12:35 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-05 12:35 . 2010-09-05 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-05 12:35 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-05 01:00 . 2010-09-05 01:01 -------- d-----w- C:\01e6b559076abdb1ad9a
2010-08-19 19:47 . 2010-08-19 19:47 -------- d-----w- c:\program files\Conduit
2010-08-19 19:47 . 2010-08-19 19:47 -------- d-----w- c:\program files\Softonic_France
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 07:48 . 2009-04-15 17:38 68968 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-09-04 10:29 . 2004-01-01 20:53 601786 ----a-w- c:\windows\system32\perfh00C.dat
2010-09-04 10:29 . 2004-01-01 20:53 108084 ----a-w- c:\windows\system32\perfc00C.dat
2010-09-01 15:21 . 2010-04-13 08:07 -------- d-----w- c:\program files\Pvm
2010-08-31 03:33 . 2010-07-03 12:51 -------- d-----w- c:\program files\uTorrent
2010-08-23 22:29 . 2009-03-21 18:06 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2010-08-23 22:29 . 2009-03-21 18:05 -------- d-----w- c:\program files\AVS4YOU
2010-07-27 17:32 . 2010-05-22 11:09 -------- d-----w- c:\program files\PhotoScape
2010-07-26 11:41 . 2010-07-26 11:41 -------- d-----w- c:\program files\CDBurnerXP
2010-07-12 15:44 . 2010-07-12 14:23 -------- d-----w- c:\program files\Orange
2010-07-12 15:44 . 2009-01-29 14:36 -------- d-----w- c:\program files\Securitoo
2010-07-12 15:34 . 2010-07-12 14:22 -------- d-----w- c:\program files\Fichiers communs\France Telecom
2010-07-12 14:48 . 2004-01-01 16:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-12 14:24 . 2009-01-29 14:40 -------- d-----w- c:\program files\Wanadoo
2010-07-10 15:10 . 2010-07-10 15:10 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-06-30 12:32 . 2004-01-01 20:53 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:17 . 2004-01-01 20:53 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:17 . 2004-01-01 20:53 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:17 . 2004-01-01 20:53 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-01-01 20:53 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-01-01 20:53 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-01-01 20:53 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-01-01 13:04 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-01-01 20:53 1172480 ----a-w- c:\windows\system32\msxml3.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-06-13 17:10 2734688 ----a-w- c:\program files\Softonic_France\tbSoft.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-06-13 2734688]
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2004-05-20 249856]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 73728]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-06-24 339968]
"AlcWzrd"="ALCWZRD.EXE" [2004-07-06 2550272]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"Microsoft Works Update Detection"="c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 50688]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2004-01-01 98304]
"ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\LUMIX Simple Viewer.lnk
backup=c:\windows\pss\LUMIX Simple Viewer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 17:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2004-05-10 23:48 286720 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
2003-06-18 11:00 204800 ----a-w- c:\program files\Microsoft Money\System\mnyexpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:34 1695232 --sha-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-12-23 19:18 2642168 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver;c:\windows\system32\drivers\PCTELSAP.SYS [01/01/2004 16:29 350282]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [01/12/2009 20:16 233472]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [28/01/2009 14:04 17149]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [01/12/2009 20:16 36608]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [12/07/2010 18:27 402432]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [01/12/2009 20:27 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [01/12/2009 20:27 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [01/12/2009 20:27 121856]
.
Contenu du dossier 'Tâches planifiées'
2010-02-13 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-06-21 20:19]
.
.
------- Examen supplémentaire -------
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q404&bd=pavilion&pf=desktop
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\g07s3g3p.default\
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-fpxhgnsu - c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\yucuqpunn\nekdqdpshdw.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 13:56
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2010-09-06 13:59:02
ComboFix-quarantined-files.txt 2010-09-06 11:59
Avant-CF: 158 769 164 288 octets libres
Après-CF: 170 627 686 400 octets libres
- - End Of File - - 451A8CB48AB14232E59946CC9A2F5494
Il est mega grand je trouve
Lassé par la pub ? Créez un compte
- Contenus similaires :
- benchmarkVirus -ultimate cleaner résolu
- ForumPartitionner suite a un virus
- ForumPeripheriques endommages suite a virus
- ForumPb reseau suite virus
- ForumProbleme lenteur suite a un virus
- ForumSoucis a la suite dun virus
- ForumMeilleurs suite anti virus
- ForumPhotos endommagees suite a un virus
- ForumXp deconne suite a virus
- ForumPerte de données suite à un virus.
- Voir plus
