KGKILLER Profil : Inconnu(e) | synthexe a écrit :
Reu 
S'il te plait ... il nous faudrait vérifier tes rapports pour voir que tout s'est bien passé et qu'il n'y a pas de restes ... sans quoi tu risques la réinfection TRES rapidement ...
Poste donc le rapport de ComboFix que je te dise s'il reste des choses à faire ...
|
Voici le rapport de combofix concernant mon ordinateur
ComboFix 08-01-04.1 - lionel 2008-01-06 15:29:36.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1427 [GMT 0:00]
Running from: C:\Documents and Settings\lionel\Local Settings\Temporary Internet Files\Content.IE5\9G3EDKHY\ComboFix[1].exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\mrofinu2000382.exe
C:\WINDOWS\SYSTEM32\xyycf.ini
C:\WINDOWS\SYSTEM32\xyycf.ini2
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_NPF
-------\nm
-------\NPF
((((((((((((((((((((((((((((( Fichiers créés 2007-12-06 to 2008-01-06 ))))))))))))))))))))))))))))))))))))
.
2008-01-06 13:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-05 20:39 . 2008-01-05 20:39 12,353,905 --a------ C:\upload_moi_PCLIONEL.tar.gz
2008-01-05 20:07 . 2008-01-05 20:07 <REP> d-------- C:\Program Files\BroadJump
2008-01-05 20:07 . 2002-08-02 14:56 663,552 --a------ C:\WINDOWS\SYSTEM32\libeay32_1-1-0_DDR.dll
2008-01-05 20:07 . 2001-09-23 16:30 532,594 --a------ C:\WINDOWS\SYSTEM32\xerces-c_1_40_0_DDR.dll
2008-01-05 20:07 . 2001-09-23 15:41 524,377 --a------ C:\WINDOWS\SYSTEM32\stlport_4_0_0_DDR.dll
2008-01-05 20:07 . 2002-10-18 11:36 307,329 --a------ C:\WINDOWS\SYSTEM32\BJBase_2-2-2_DDR.dll
2008-01-05 20:07 . 2002-08-02 14:56 159,744 --a------ C:\WINDOWS\SYSTEM32\ssleay32_1-1-0_DDR.dll
2008-01-05 19:47 . 2008-01-05 19:47 268 --ah----- C:\sqmdata10.sqm
2008-01-05 19:47 . 2008-01-05 19:47 244 --ah----- C:\sqmnoopt10.sqm
2008-01-05 19:41 . 2008-01-05 19:41 <REP> d-------- C:\Documents and Settings\lionel\Application Data\Grisoft
2008-01-05 19:41 . 2008-01-05 19:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-05 17:29 . 2008-01-05 17:29 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2008-01-05 17:21 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2008-01-05 17:19 . 2008-01-05 19:41 <REP> d-------- C:\Program Files\CCleaner
2008-01-05 17:05 . 2008-01-05 17:05 323,072 --a------ C:\WINDOWS\SYSTEM32\6.tmp
2008-01-05 11:52 . 2008-01-05 11:52 323,072 --a------ C:\WINDOWS\SYSTEM32\5.tmp
2008-01-04 23:00 . 2008-01-05 17:06 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-04 23:00 . 2008-01-04 23:00 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-04 22:59 . 2008-01-05 17:06 114,688 --a------ C:\WINDOWS\SYSTEM32\igfxpers .exe
2008-01-04 22:59 . 2008-01-05 17:06 94,208 --a------ C:\WINDOWS\SYSTEM32\igfxtray .exe
2008-01-04 22:59 . 2008-01-05 17:06 77,824 --a------ C:\WINDOWS\SYSTEM32\hkcmd .exe
2008-01-04 22:51 . 2008-01-04 22:51 <REP> d-------- C:\Program Files\Motive
2008-01-04 22:50 . 2008-01-05 21:19 <REP> d-------- C:\Program Files\Club-Internet
2008-01-04 22:50 . 2008-01-04 22:50 <REP> d-------- C:\Documents and Settings\lionel\Application Data\Shareaza
2008-01-04 22:45 . 2008-01-04 22:45 <REP> d-------- C:\Program Files\FUJIFILM Digital Camera
2008-01-04 20:46 . 2008-01-04 20:46 <REP> d-------- C:\Program Files\Panda Security
2008-01-02 22:47 . 2008-01-02 22:47 3,584 --ahs---- C:\WINDOWS\SYSTEM32\Thumbs.db
2008-01-02 21:16 . 2008-01-04 22:41 <REP> d-------- C:\Program Files\Motive(2)
2008-01-01 19:05 . 2008-01-04 22:43 <REP> d-------- C:\Program Files\BroadJump(2)
2008-01-01 19:02 . 2008-01-04 22:43 <REP> d-------- C:\Program Files\Club-Internet(2)
2008-01-01 14:32 . 2008-01-04 22:44 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition(2)
2007-12-30 17:53 . 2008-01-04 22:48 <REP> d-------- C:\Program Files\Windows Live
2007-12-30 17:53 . 2008-01-04 22:48 <REP> d----c--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-30 17:52 . 2007-12-31 20:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-28 23:43 . 2002-08-06 07:52 376,832 --a------ C:\WINDOWS\SYSTEM32\dkcktkn.exe
2007-12-28 23:43 . 2002-07-24 19:02 102,400 --a------ C:\WINDOWS\SYSTEM32\dklog.exe
2007-12-28 23:43 . 2002-07-24 19:02 81,920 --a------ C:\WINDOWS\SYSTEM32\dklog.dll
2007-12-13 21:37 . 2007-12-13 21:37 2,146 --a------ C:\WINDOWS\SYSTEM32\81003203.dk1
2007-12-13 21:25 . 2007-12-13 21:25 2,146 --a------ C:\WINDOWS\SYSTEM32\81003203._k1
2007-12-13 21:22 . 2007-12-14 22:07 <REP> d-------- C:\Program Files\Rainbow Technologies
2007-12-13 21:22 . 2002-06-26 10:34 713 --------- C:\WINDOWS\SYSTEM32\DkConfig.ini
2007-12-13 21:17 . 2007-12-13 21:17 <REP> d-------- C:\Program Files\Foxit Software
2007-12-13 21:10 . 2007-12-13 21:11 22 --a------ C:\Program Files\FoxitReader22.zip
2007-12-08 21:11 . 2007-12-08 21:11 1,801 --a------ C:\WINDOWS\ST6UNST.001
2007-12-08 21:11 . 2007-12-08 21:11 334 --a------ C:\WINDOWS\ST6UNST.000
2007-12-08 21:10 . 2007-12-08 21:11 253,952 --------- C:\WINDOWS\Setup1.exe
2007-12-08 21:09 . 2007-12-08 21:11 74,752 --a------ C:\WINDOWS\ST6UNST.EXE
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-06 15:28 321,956 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-01-06 15:28 321,956 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-01-06 15:28 1,244 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-01-06 15:28 1,244 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-01-06 15:04 --------- d-----w C:\Program Files\MSN Messenger
2008-01-05 19:41 --------- d-----w C:\Program Files\iTunes
2008-01-05 19:41 --------- d-----w C:\Program Files\Dell Photo AIO Printer 922
2008-01-05 19:41 --------- d-----w C:\Program Files\Apoint
2008-01-05 18:42 --------- d-----w C:\Program Files\QuickTime
2008-01-04 23:08 --------- d-----w C:\Program Files\Java
2008-01-04 22:47 --------- d-----w C:\Program Files\DivX
2007-12-18 21:25 --------- d-----w C:\Program Files\Last.fm
2007-12-13 21:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-30 13:40 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-30 13:38 --------- d-----w C:\Program Files\Windows Live Favorites
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-09 16:05 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-11-06 22:29 --------- d-----w C:\Program Files\iPod
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-25 09:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-25 09:28 222,720 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wmasf.dll
2007-10-10 23:49 824,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-10-10 23:49 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-10-10 23:49 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2007-10-10 23:49 6,065,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-10-10 23:49 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2007-10-10 23:49 478,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-10-10 23:49 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2007-10-10 23:49 44,544 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
2007-10-10 23:49 384,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
2007-10-10 23:49 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-10-10 23:49 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-10-10 23:49 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2007-10-10 23:49 232,960 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
2007-10-10 23:49 230,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
2007-10-10 23:49 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-10-10 23:49 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-10-10 23:49 153,088 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
2007-10-10 23:49 132,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-10-10 23:49 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
2007-10-10 23:49 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
2007-10-10 23:49 102,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
2007-10-10 23:49 1,159,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-10-10 11:00 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2007-10-10 11:00 625,152 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2007-10-10 05:46 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2005-07-08 16:19 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2002-07-12 10:53 873,472 ----a-w C:\Program Files\OFFICEOneNotesv6.exe
.
Code :
- <pre>
- ----a-w 155,648 2008-01-05 17:05:21 C:\Program Files\Apoint\Apoint .exe
- ----a-w 610,304 2008-01-05 13:10:08 C:\Program Files\Dell\QuickSet\Quickset .exe
- ----a-w 290,816 2008-01-05 17:05:29 C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr .exe
- ----a-w 488,984 2008-01-05 17:06:28 C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper .exe
- ----a-w 180,269 2008-01-05 17:05:31 C:\Program Files\Fichiers communs\Real\Update_OB\realsched .exe
- ----a-w 110,592 2008-01-05 17:05:23 C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray .exe
- ----a-w 86,016 2008-01-05 17:05:21 C:\Program Files\Intel\NCS\PROSet\PRONoMgr .exe
- ----a-w 267,048 2008-01-05 17:06:27 C:\Program Files\iTunes\iTunesHelper .exe
- ----a-w 132,496 2008-01-04 22:59:24 C:\Program Files\Java\jre1.6.0_02\bin\jusched .exe
- ----a-w 286,720 2008-01-04 22:59:56 C:\Program Files\QuickTime\QTTask .exe
- ----a-w 241,664 2008-01-05 17:06:29 C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkAutoReg .exe
- ----a-w 217,088 2008-01-05 17:06:27 C:\Program Files\Rainbow Technologies\iKey 2000 Series Software\DkStartup .exe
- ----a-w 77,824 2008-01-05 17:06:17 C:\WINDOWS\SYSTEM32\hkcmd .exe
- ----a-w 114,688 2008-01-05 17:06:27 C:\WINDOWS\SYSTEM32\igfxpers .exe
- ----a-w 94,208 2008-01-05 17:06:16 C:\WINDOWS\SYSTEM32\igfxtray .exe
- ----a-w 127,035 2008-01-05 17:05:26 C:\WINDOWS\SYSTEM32\dla\tfswctrl .exe
- </pre>
|
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68E90C23-DBAE-4F91-8A8C-A5845F18A153}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 12:00 110592 C:\WINDOWS\SYSTEM32\BTHPROPS.CPL]
"StandardInstall"="" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [2008-01-04 22:59 286720]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 17:16 376912]
"Motive SmartBridge"="C:\PROGRA~1\CLUB-I~2\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 15:41 438359]
"Club-Internet_McciTrayApp"="C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe" [2005-11-15 16:46 543232]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]
C:\Documents and Settings\lionel\Menu D‚marrer\Programmes\D‚marrage\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-08-03 12:41:05]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-03-09 12:28:18]
LE COMPAGNON CLUB.lnk - C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe [2007-05-11 13:54:57]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-09 16:17:12]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\SYSTEM32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcaaxy]
ddcaaxy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\system32\LgNotify.dll 2004-01-12 06:55 110592 C:\WINDOWS\SYSTEM32\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NDAS Device Ma |
![[:jeroma:3]](/images/perso/3/jeroma.gif "[:jeroma:3]")
a+
ou Jeroma mais il commence à se faire vieux 
pour plus de détail sur la manière d'operer.
![[:zacker:1]](/images/perso/1/zacker.gif "[:zacker:1]")
