Win32:adware-gen(adw)

d'abord mille merci de te pencher sur mobn problème. avant de me lancer sur tes conseils, je suis allée vérifier que je n'avais pas de parefeu mais j'ai pourtant bien un parefeu windows d'activé. Ce n'est pas nsuffisant? et honte à moi mais qu'est-ce qu'une protection résidente?

ComboFix 08-06-20.4 - Estelle 2008-06-26 0:34:10.1 - NTFSx86
Endroit: C:\Documents and Settings\Estelle\Mes documents\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Estelle\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-25 to 2008-06-25 ))))))))))))))))))))))))))))))))))))
.

2008-06-26 00:18 . 2008-06-26 00:29 <REP> d-------- C:\Program Files\Trend Micro
2008-06-25 23:32 . 2006-08-21 11:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-06-25 23:32 . 2006-08-21 11:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-06-25 23:32 . 2006-08-21 14:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-06-25 23:27 . 2008-06-25 23:27 <REP> d-------- C:\Program Files\MSXML 4.0
2008-06-25 16:00 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-25 15:58 . 2007-07-09 15:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-06-25 12:00 . 2008-06-25 12:00 <REP> d-------- C:\Program Files\Alwil Software
2008-06-24 20:15 . 2008-06-24 20:15 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\Icone
2008-06-24 19:43 . 2008-06-24 19:43 <REP> d-------- C:\Documents and Settings\LocalService.AUTORITE NT\Menu Démarrer
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\provisioning
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\peernet
2008-06-24 18:26 . 2008-06-24 18:26 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-06-24 18:17 . 2008-06-24 18:17 <REP> d-------- C:\WINDOWS\EHome
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Starcraft
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Montparnasse Multimedia - France Télécom
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Inca Ball
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Gamenext
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Chicken Chase
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\ACSI Camping cdrom Europe 2004
2008-06-24 12:17 . 2008-06-24 12:17 <REP> d---s---- C:\Documents and Settings\Estelle\UserData
2008-06-23 19:11 . 2008-06-24 18:11 <REP> d-------- C:\Program Files\Google
2008-06-22 22:29 . 2008-06-22 22:29 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\vlc
2008-06-22 22:28 . 2008-06-22 22:28 <REP> d-------- C:\Program Files\VideoLAN
2008-06-22 21:56 . 2008-06-22 21:56 <REP> d-------- C:\Affichage IP Setup
2008-06-22 19:06 . 2008-06-26 00:05 <REP> d-------- C:\Program Files\eMule
2008-06-21 13:43 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-06-21 13:43 . 2004-08-19 16:10 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2008-06-21 13:43 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-06-21 13:43 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-06-21 13:25 . 2005-10-21 00:25 1,097,728 --a------ C:\WINDOWS\system32\esent.dll
2008-06-21 13:06 . 2008-06-21 13:06 <REP> d-------- C:\WINDOWS\system32\bits
2008-06-21 13:05 . 2008-06-25 23:38 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-06-21 13:05 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-21 13:03 . 2004-08-20 01:09 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2008-06-21 13:03 . 2004-08-20 01:09 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-06-21 13:03 . 2004-08-20 01:09 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-06-21 13:03 . 2004-08-20 01:09 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\MSN6
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-06-20 15:35 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-06-20 15:35 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-06-20 15:35 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-06-20 15:35 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-06-20 15:35 . 2004-08-03 14:00 187,160 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-06-20 15:35 . 2004-08-03 13:59 170,776 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-06-20 15:35 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 09:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\QuickTime
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 19:59 --------- d-----w C:\Program Files\Philips
2008-05-07 19:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-02 16:51 73,216 -c--a-w C:\WINDOWS\ST6UNST.EXE
2008-05-02 16:51 286,720 -c----w C:\WINDOWS\Setup1.exe
2008-05-02 16:51 --------- d-----w C:\Program Files\Hero Editor
2008-05-02 16:48 --------- d-----w C:\Program Files\Diablo II
2008-05-02 09:16 21,840 -c--atw C:\WINDOWS\system32\SIntfNT.dll
2008-05-02 09:16 17,212 -c--atw C:\WINDOWS\system32\SIntf32.dll
2008-05-02 09:16 12,067 -c--atw C:\WINDOWS\system32\SIntf16.dll
2008-04-21 07:02 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2006-06-27 11:04 20 -c-h--w C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLec.DAT
2006-03-18 14:35 56,240 -c--a-w C:\Documents and Settings\Estelle\Application Data\GDIPFONTCACHEV1.DAT
2004-08-11 14:32 805 -c--a-w C:\Program Files\INSTALL.LOG
2004-08-01 15:44 10,240 -c--a-w C:\Program Files\VirtualDJ v2.01 - Crack.exe
2004-03-23 19:16 201,120 -c--a-w C:\Documents and Settings\f\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus D120 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCE.EXE" [2007-03-12 08:00 182272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 22:11 57344]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2002-11-18 15:15 4243456]
"nwiz"="nwiz.exe" [2002-11-18 15:15 315392 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2002-11-19 22:01 46592 C:\WINDOWS\SOUNDMAN.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-13 11:51 1450096]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-27 13:01 98304]
"mouseElf"="C:\PROGRA~1\LUXEMA~1\MouseElf.EXE" [2005-03-01 03:51 184320]
"Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16 139264]
"DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 13:36 280064]
"PivotSoftware"="C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 13:17 694008]
"Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 18:36 28672]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\f\Menu D‚marrer\Programmes\D‚marrage\
Ic“ne AOL.lnk - C:\AOL 6.0\aoltray.exe [2003-04-17 21:21:30 28742]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-27 23:45:01 98304]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 Pivot;Pivot;C:\WINDOWS\system32\drivers\pivot.sys [2007-02-09 13:17]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-01-13 11:25]
S2 Ca533av;Dual Mode Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-21 12:37]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver;C:\WINDOWS\system32\drivers\pivotmou.sys [2007-02-09 13:17]
S3 SunkFilt6;Alcor Micro Corp - 6360;C:\WINDOWS\System32\Drivers\sunkfilt6.sys []
S3 SunkFilt62;Alcor Micro Corp - 6362;C:\WINDOWS\System32\Drivers\sunkfilt62.sys [2004-07-23 14:55]
S3 USBCamera;Dual Mode Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys [2002-12-04 15:38]

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 00:40:11
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-26 0:44:00
ComboFix-quarantined-files.txt 2008-06-25 22:43:56

Pre-Run: 32,604,078,080 octets libres
Post-Run: 35,824,209,920 octets libres

150 --- E O F --- 2008-06-25 21:38:41

Je viens de refaire l'étape du glisser/déposé de CFScript sur ComboFix. et pas de problème, penche toi sur la question quand tu en auras le temps. Merci.




ComboFix 08-06-20.4 - Estelle 2008-06-26 14:19:47.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.93 [GMT 2:00]
Endroit: C:\Documents and Settings\Estelle\Mes documents\ComboFix.exe
Command switches used :: C:\Documents and Settings\Estelle\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Program Files\VirtualDJ v2.01 - Crack.exe
C:\WINDOWS\ST6UNST.EXE
C:\WINDOWS\system32\drivers\rmcast.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\VirtualDJ v2.01 - Crack.exe
C:\WINDOWS\ST6UNST.EXE
C:\WINDOWS\system32\drivers\rmcast.sys

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-26 to 2008-06-26 ))))))))))))))))))))))))))))))))))))
.

2008-06-26 00:18 . 2008-06-26 00:29 <REP> d-------- C:\Program Files\Trend Micro
2008-06-25 23:32 . 2006-08-21 11:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-06-25 23:32 . 2006-08-21 11:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-06-25 23:32 . 2006-08-21 14:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-06-25 23:27 . 2008-06-25 23:27 <REP> d-------- C:\Program Files\MSXML 4.0
2008-06-25 16:00 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-25 15:58 . 2007-07-09 15:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-06-25 12:00 . 2008-06-25 12:00 <REP> d-------- C:\Program Files\Alwil Software
2008-06-24 20:15 . 2008-06-24 20:15 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\Icone
2008-06-24 19:43 . 2008-06-24 19:43 <REP> d-------- C:\Documents and Settings\LocalService.AUTORITE NT\Menu Démarrer
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\provisioning
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\peernet
2008-06-24 18:26 . 2008-06-24 18:26 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-06-24 18:17 . 2008-06-24 18:17 <REP> d-------- C:\WINDOWS\EHome
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Starcraft
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Montparnasse Multimedia - France Télécom
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Inca Ball
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Gamenext
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Chicken Chase
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\ACSI Camping cdrom Europe 2004
2008-06-24 12:17 . 2008-06-24 12:17 <REP> d---s---- C:\Documents and Settings\Estelle\UserData
2008-06-23 19:11 . 2008-06-24 18:11 <REP> d-------- C:\Program Files\Google
2008-06-22 22:29 . 2008-06-22 22:29 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\vlc
2008-06-22 22:28 . 2008-06-22 22:28 <REP> d-------- C:\Program Files\VideoLAN
2008-06-22 21:56 . 2008-06-22 21:56 <REP> d-------- C:\Affichage IP Setup
2008-06-22 19:06 . 2008-06-26 13:39 <REP> d-------- C:\Program Files\eMule
2008-06-21 13:43 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-06-21 13:43 . 2004-08-19 16:10 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2008-06-21 13:43 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-06-21 13:43 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-06-21 13:25 . 2005-10-21 00:25 1,097,728 --a------ C:\WINDOWS\system32\esent.dll
2008-06-21 13:06 . 2008-06-21 13:06 <REP> d-------- C:\WINDOWS\system32\bits
2008-06-21 13:05 . 2008-06-25 23:38 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-06-21 13:05 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-21 13:03 . 2004-08-20 01:09 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2008-06-21 13:03 . 2004-08-20 01:09 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-06-21 13:03 . 2004-08-20 01:09 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-06-21 13:03 . 2004-08-20 01:09 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\MSN6
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-06-20 15:35 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-06-20 15:35 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-06-20 15:35 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-06-20 15:35 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-06-20 15:35 . 2004-08-03 14:00 187,160 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-06-20 15:35 . 2004-08-03 13:59 170,776 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-06-20 15:35 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 09:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\QuickTime
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 19:59 --------- d-----w C:\Program Files\Philips
2008-05-07 19:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-02 16:51 286,720 -c----w C:\WINDOWS\Setup1.exe
2008-05-02 16:51 --------- d-----w C:\Program Files\Hero Editor
2008-05-02 16:48 --------- d-----w C:\Program Files\Diablo II
2008-05-02 09:16 21,840 -c--atw C:\WINDOWS\system32\SIntfNT.dll
2008-05-02 09:16 17,212 -c--atw C:\WINDOWS\system32\SIntf32.dll
2008-05-02 09:16 12,067 -c--atw C:\WINDOWS\system32\SIntf16.dll
2008-04-21 07:02 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2006-06-27 11:04 20 -c-h--w C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLec.DAT
2006-03-18 14:35 56,240 -c--a-w C:\Documents and Settings\Estelle\Application Data\GDIPFONTCACHEV1.DAT
2004-08-11 14:32 805 -c--a-w C:\Program Files\INSTALL.LOG
2004-03-23 19:16 201,120 -c--a-w C:\Documents and Settings\f\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot@2008-06-26_ 0.43.46.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-25 21:29:54 1,257,472 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-26 11:32:56 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-06-25 21:29:57 1,224,704 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-26 11:32:57 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-26 11:33:21 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3f340b3a\CustomMarshalers.dll
+ 2008-06-26 11:34:05 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_cc046b28\mscorlib.dll
+ 2008-06-26 11:33:53 1,466,368 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7ae89afe\System.Design.dll
+ 2008-06-26 11:33:29 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3feeeac5\System.Drawing.Design.dll
+ 2008-06-26 11:33:58 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_703958c1\System.Drawing.dll
+ 2008-06-26 11:33:37 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_37b24a9e\System.Windows.Forms.dll
+ 2008-06-26 11:33:43 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3f32b030\System.Xml.dll
+ 2008-06-26 11:33:19 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4bc08327\System.dll
- 2008-06-25 21:42:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-26 11:36:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 19:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-14 23:49:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 19:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 18:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 18:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 18:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 22:33:04 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 18:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 18:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 77,824 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 18:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 18:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 18:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 14:20:00 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 14:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_aspnet_isapi.dll
+ 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_CORPerfMonExt.dll
+ 2004-07-14 22:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_fusion.dll
+ 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorjit.dll
+ 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorsn.dll
+ 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorsvr.dll
+ 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_msvcr71.dll
+ 2004-07-14 22:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_PerfCounter.dll
- 2004-07-15 12:31:16 1,224,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 19:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-07-15 12:29:00 1,257,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 19:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-06-25 21:38:43 15,256 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{489055FF-15E2-43B8-AFAC-4EC7362181BC}.bin
+ 2008-06-26 11:35:44 2,550 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{489055FF-15E2-43B8-AFAC-4EC7362181BC}.bin
- 2004-07-14 22:24:50 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 10:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 11:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\[u]0[/u]409\mscorees.dll
+ 2008-06-26 11:36:50 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_690.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus D120 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCE.EXE" [2007-03-12 08:00 182272]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 22:11 57344]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2002-11-18 15:15 4243456]
"nwiz"="nwiz.exe" [2002-11-18 15:15 315392 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2002-11-19 22:01 46592 C:\WINDOWS\SOUNDMAN.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-13 11:51 1450096]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-27 13:01 98304]
"mouseElf"="C:\PROGRA~1\LUXEMA~1\MouseElf.EXE" [2005-03-01 03:51 184320]
"Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16 139264]
"DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 13:36 280064]
"PivotSoftware"="C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 13:17 694008]
"Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 18:36 28672]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\f\Menu D‚marrer\Programmes\D‚marrage\
Ic“ne AOL.lnk - C:\AOL 6.0\aoltray.exe [2003-04-17 21:21:30 28742]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-27 23:45:01 98304]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 Pivot;Pivot;C:\WINDOWS\system32\drivers\pivot.sys [2007-02-09 13:17]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-01-13 11:25]
S2 Ca533av;Dual Mode Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-21 12:37]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver;C:\WINDOWS\system32\drivers\pivotmou.sys [2007-02-09 13:17]
S3 SunkFilt6;Alcor Micro Corp - 6360;C:\WINDOWS\System32\Drivers\sunkfilt6.sys []
S3 SunkFilt62;Alcor Micro Corp - 6362;C:\WINDOWS\System32\Drivers\sunkfilt62.sys [2004-07-23 14:55]
S3 USBCamera;Dual Mode Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys [2002-12-04 15:38]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 14:23:19
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-26 14:27:04
ComboFix-quarantined-files.txt 2008-06-26 12:27:00
ComboFix2.txt 2008-06-26 11:08:32
ComboFix3.txt 2008-06-25 22:44:01

Pre-Run: 36,496,248,832 octets libres
Post-Run: 36,499,529,728 octets libres

217 --- E O F --- 2008-06-26 11:33:31

apparement le PC se comporte de façon normale mais d'après ce que je viens de lirer sur le rapport BitDifender, mon PC est toujours infecté. Ceci dit comme je n'y comprend rien!... Voici le résultat:

ComboFix 08-06-20.4 - Estelle 2008-06-26 14:19:47.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.93 [GMT 2:00]
Endroit: C:\Documents and Settings\Estelle\Mes documents\ComboFix.exe
Command switches used :: C:\Documents and Settings\Estelle\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Program Files\VirtualDJ v2.01 - Crack.exe
C:\WINDOWS\ST6UNST.EXE
C:\WINDOWS\system32\drivers\rmcast.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\VirtualDJ v2.01 - Crack.exe
C:\WINDOWS\ST6UNST.EXE
C:\WINDOWS\system32\drivers\rmcast.sys

.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-26 to 2008-06-26 ))))))))))))))))))))))))))))))))))))
.

2008-06-26 00:18 . 2008-06-26 00:29 <REP> d-------- C:\Program Files\Trend Micro
2008-06-25 23:32 . 2006-08-21 11:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-06-25 23:32 . 2006-08-21 11:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-06-25 23:32 . 2006-08-21 14:26 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-06-25 23:27 . 2008-06-25 23:27 <REP> d-------- C:\Program Files\MSXML 4.0
2008-06-25 16:00 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-25 15:58 . 2007-07-09 15:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-06-25 12:00 . 2008-06-25 12:00 <REP> d-------- C:\Program Files\Alwil Software
2008-06-24 20:15 . 2008-06-24 20:15 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\Icone
2008-06-24 19:43 . 2008-06-24 19:43 <REP> d-------- C:\Documents and Settings\LocalService.AUTORITE NT\Menu Démarrer
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\provisioning
2008-06-24 18:29 . 2008-06-24 18:29 <REP> d-------- C:\WINDOWS\peernet
2008-06-24 18:26 . 2008-06-24 18:26 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-06-24 18:17 . 2008-06-24 18:17 <REP> d-------- C:\WINDOWS\EHome
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Starcraft
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Montparnasse Multimedia - France Télécom
2008-06-24 12:54 . 2008-06-24 12:54 <REP> d-------- C:\Program Files\Inca Ball
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Gamenext
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\Chicken Chase
2008-06-24 12:53 . 2008-06-24 12:53 <REP> d-------- C:\Program Files\ACSI Camping cdrom Europe 2004
2008-06-24 12:17 . 2008-06-24 12:17 <REP> d---s---- C:\Documents and Settings\Estelle\UserData
2008-06-23 19:11 . 2008-06-24 18:11 <REP> d-------- C:\Program Files\Google
2008-06-22 22:29 . 2008-06-22 22:29 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\vlc
2008-06-22 22:28 . 2008-06-22 22:28 <REP> d-------- C:\Program Files\VideoLAN
2008-06-22 21:56 . 2008-06-22 21:56 <REP> d-------- C:\Affichage IP Setup
2008-06-22 19:06 . 2008-06-26 13:39 <REP> d-------- C:\Program Files\eMule
2008-06-21 13:43 . 2002-04-15 21:11 67,866 --------- C:\WINDOWS\system32\drivers\netwlan5.img
2008-06-21 13:43 . 2004-08-19 16:10 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2008-06-21 13:43 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-06-21 13:43 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-06-21 13:25 . 2005-10-21 00:25 1,097,728 --a------ C:\WINDOWS\system32\esent.dll
2008-06-21 13:06 . 2008-06-21 13:06 <REP> d-------- C:\WINDOWS\system32\bits
2008-06-21 13:05 . 2008-06-25 23:38 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-06-21 13:05 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-21 13:03 . 2004-08-20 01:09 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2008-06-21 13:03 . 2004-08-20 01:09 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-06-21 13:03 . 2004-08-20 01:09 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-06-21 13:03 . 2004-08-20 01:09 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\Estelle\Application Data\MSN6
2008-06-20 16:33 . 2008-06-20 16:33 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-06-20 15:35 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-06-20 15:35 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-06-20 15:35 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-06-20 15:35 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-06-20 15:35 . 2004-08-03 14:00 187,160 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-06-20 15:35 . 2004-08-03 13:59 170,776 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-06-20 15:35 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 09:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\QuickTime
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 19:59 --------- d-----w C:\Program Files\Philips
2008-05-07 19:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-02 16:51 286,720 -c----w C:\WINDOWS\Setup1.exe
2008-05-02 16:51 --------- d-----w C:\Program Files\Hero Editor
2008-05-02 16:48 --------- d-----w C:\Program Files\Diablo II
2008-05-02 09:16 21,840 -c--atw C:\WINDOWS\system32\SIntfNT.dll
2008-05-02 09:16 17,212 -c--atw C:\WINDOWS\system32\SIntf32.dll
2008-05-02 09:16 12,067 -c--atw C:\WINDOWS\system32\SIntf16.dll
2008-04-21 07:02 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2006-06-27 11:04 20 -c-h--w C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLec.DAT
2006-03-18 14:35 56,240 -c--a-w C:\Documents and Settings\Estelle\Application Data\GDIPFONTCACHEV1.DAT
2004-08-11 14:32 805 -c--a-w C:\Program Files\INSTALL.LOG
2004-03-23 19:16 201,120 -c--a-w C:\Documents and Settings\f\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot@2008-06-26_ 0.43.46.64 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-25 21:29:54 1,257,472 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-06-26 11:32:56 1,265,664 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-06-25 21:29:57 1,224,704 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-26 11:32:57 1,232,896 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-06-26 11:33:21 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3f340b3a\CustomMarshalers.dll
+ 2008-06-26 11:34:05 3,391,488 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_cc046b28\mscorlib.dll
+ 2008-06-26 11:33:53 1,466,368 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7ae89afe\System.Design.dll
+ 2008-06-26 11:33:29 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_3feeeac5\System.Drawing.Design.dll
+ 2008-06-26 11:33:58 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_703958c1\System.Drawing.dll
+ 2008-06-26 11:33:37 3,018,752 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_37b24a9e\System.Windows.Forms.dll
+ 2008-06-26 11:33:43 2,088,960 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3f32b030\System.Xml.dll
+ 2008-06-26 11:33:19 1,966,080 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4bc08327\System.dll
- 2008-06-25 21:42:42 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-26 11:36:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 19:30:52 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-14 23:49:22 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 19:30:52 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 18:57:52 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 18:57:58 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 18:56:30 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 22:33:04 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 18:58:00 102,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 18:50:46 2,142,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 18:09:18 77,824 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 18:58:02 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 18:57:00 2,523,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 18:57:28 2,514,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 14:20:00 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 14:11:26 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-14 23:49:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_aspnet_isapi.dll
+ 2004-07-14 22:32:22 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_CORPerfMonExt.dll
+ 2004-07-14 22:24:30 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_fusion.dll
+ 2004-07-14 22:25:06 315,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorjit.dll
+ 2004-07-15 12:29:02 2,138,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorlib.dll
+ 2003-02-20 18:09:18 77,824 -c--a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorsn.dll
+ 2004-07-14 22:26:52 2,510,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorsvr.dll
+ 2004-07-14 22:28:34 2,502,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_mscorwks.dll
+ 2003-02-21 03:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_msvcr71.dll
+ 2004-07-14 22:34:50 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SHADOW3008\_PerfCounter.dll
- 2004-07-15 12:31:16 1,224,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 19:35:38 1,232,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-07-15 12:29:00 1,257,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 19:35:46 1,265,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-06-25 21:38:43 15,256 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{489055FF-15E2-43B8-AFAC-4EC7362181BC}.bin
+ 2008-06-26 11:35:44 2,550 ----a-w C:\WINDOWS\SoftwareDistribution\EventCache\{489055FF-15E2-43B8-AFAC-4EC7362181BC}.bin
- 2004-07-14 22:24:50 155,648 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 10:28:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2006-12-22 11:02:36 6,144 ----a-w C:\WINDOWS\system32\mui\[u]0[/u]409\mscorees.dll
+ 2008-06-26 11:36:50 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_690.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus D120 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCE.EXE" [2007-03-12 08:00 182272]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-14 22:11 57344]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2002-11-18 15:15 4243456]
"nwiz"="nwiz.exe" [2002-11-18 15:15 315392 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2002-11-19 22:01 46592 C:\WINDOWS\SOUNDMAN.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-13 11:51 1450096]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-27 13:01 98304]
"mouseElf"="C:\PROGRA~1\LUXEMA~1\MouseElf.EXE" [2005-03-01 03:51 184320]
"Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [2004-09-03 17:16 139264]
"DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 13:36 280064]
"PivotSoftware"="C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 13:17 694008]
"Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-18 18:36 28672]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2008-03-01 15:38 155648]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\f\Menu D‚marrer\Programmes\D‚marrage\
Ic“ne AOL.lnk - C:\AOL 6.0\aoltray.exe [2003-04-17 21:21:30 28742]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-12-27 23:45:01 98304]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R1 Pivot;Pivot;C:\WINDOWS\system32\drivers\pivot.sys [2007-02-09 13:17]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-01-13 11:25]
S2 Ca533av;Dual Mode Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys [2002-10-21 12:37]
S3 pivotmou;Pivot Mouse/Pointers Filter Driver;C:\WINDOWS\system32\drivers\pivotmou.sys [2007-02-09 13:17]
S3 SunkFilt6;Alcor Micro Corp - 6360;C:\WINDOWS\System32\Drivers\sunkfilt6.sys []
S3 SunkFilt62;Alcor Micro Corp - 6362;C:\WINDOWS\System32\Drivers\sunkfilt62.sys [2004-07-23 14:55]
S3 USBCamera;Dual Mode Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys [2002-12-04 15:38]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-26 14:23:19
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-06-26 14:27:04
ComboFix-quarantined-files.txt 2008-06-26 12:27:00
ComboFix2.txt 2008-06-26 11:08:32
ComboFix3.txt 2008-06-25 22:44:01

Pre-Run: 36,496,248,832 octets libres
Post-Run: 36,499,529,728 octets libres

217 --- E O F --- 2008-06-26 11:33:31

BitDefender Online Scanner



Rapport d'analyse généré à: Thu, Jun 26, 2008 - 17:05:31





Voie d'analyse: A:\;C:\;D:\;E:\;F:\;







Statistiques

Temps
00:56:30

Fichiers
84708

Directoires
7060

Secteurs de boot
4

Archives
1211

Paquets programmes
5492




Résultats

Virus identifiés
8

Fichiers infectés
12

Fichiers suspects
0

Avertissements
0

Désinfectés
0

Fichiers effacés
12




Info sur les moteurs

Définition virus
1263638

Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Analyse des plugins
16

Archive des plugins
42

Unpack des plugins
7

E-mail plugins
6

Système plugins
5




Paramètres d'analyse

Première action
Désinfecté

Seconde Action
Supprimé

Heuristique
Oui

Acceptez les avertissements
Oui

Extensions analysées
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Excludez les extensions


Analyse d'emails
Oui

Analyse des Archives
Oui

Analyser paquets programmes
Oui

Analyse des fichiers
Oui

Analyse de boot
Oui




Fichier analysé
Statut

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052646.exe=>(VISE Installer s)=>Gain_Trickler.exe
Détecté avec: Adware.Gator.C

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052646.exe=>(VISE Installer s)=>Gain_Trickler.exe
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052646.exe=>(VISE Installer s)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0004
Détecté avec: Adware.Hotbar.FW

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0004
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0007
Détecté avec: Adware.Zango.AU

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0007
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0031
Détecté avec: Adware.Generic.12861

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0031
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0032
Détecté avec: Adware.Zango.AN

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0032
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)=>lzma_solid_nsis0004
Détecté avec: Adware.Hotbar.FW

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)=>lzma_solid_nsis0004
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)=>lzma_solid_nsis0007
Détecté avec: Adware.Zango.AU

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)=>lzma_solid_nsis0007
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0039=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0041
Détecté avec: Adware.Zango.SC

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0041
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0045
Détecté avec: Adware.Generic.12747

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)=>lzma_solid_nsis0045
Supprimé

C:\System Volume Information\_restore{55C55D2A-FD4E-4B0D-B05B-6B9938B61941}\RP362\A0052789.exe=>(NSIS o)
Echec de la mise à jour

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP115\A0031368.exe
Détecté avec: Application.Dialer.Generic

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP115\A0031368.exe
Echec de la désinfection

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP115\A0031368.exe
Supprimé

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039804.exe
Détecté avec: Application.Dialer.Generic

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039804.exe
Echec de la désinfection

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039804.exe
Supprimé

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039951.exe
Détecté avec: Application.Dialer.Generic

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039951.exe
Echec de la désinfection

C:\System Volume Information\_restore{B48BF184-4E23-4D1F-9212-04230E03A3A7}\RP139\A0039951.exe
Supprimé

Il ne m'annonce plus de messages bizarres en tout cas! un grand merci même si les manipulations ne se font pas en 5 mn! j'espère que tout ça ne lui aura pas fait de mal. MERCI...

J'ai seulement réussi à installer antivir mais pas moyen d'executer toolscleaner et cclreaner... Je crois que j'ai fait une connerie en installant internet explorer 7 car ça à pris des heures pour se mettre en place et en plus je reconnais plus rien, pas l'habitude de la barre google. De plus je crois qu'eMule n'a pas du tout aimé car eD2k ne veux plus se connecter... Bref je suis pas au bout de mes peines. Je te poste quand même le rapport antivir et je vais me coucher!!!! d'attaque pour me replonger dedans demain!!! Merci pour ton temps.



Avira AntiVir Personal
Report file date: vendredi 27 juin 2008 01:26

Scanning for 1165085 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: Estelle
Computer name: SALON

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 19:12:34
ANTIVIR3.VDF : 7.0.3.68 57856 Bytes 25/03/2008 08:27:50
Engineversion : 8.1.0.28
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.19 229754 Bytes 07/04/2008 15:34:44
AESCN.DLL : 8.1.0.12 115060 Bytes 07/04/2008 15:34:44
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.0 364918 Bytes 18/03/2008 11:20:42
AEOFFICE.DLL : 8.1.0.15 192889 Bytes 07/04/2008 15:34:44
AEHEUR.DLL : 8.1.0.15 1147253 Bytes 07/04/2008 15:34:44
AEHELP.DLL : 8.1.0.11 115061 Bytes 07/04/2008 15:34:43
AEGEN.DLL : 8.1.0.15 299379 Bytes 07/04/2008 15:34:43
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.25 168309 Bytes 08/04/2008 09:58:32
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Windows System Directory
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\setupprf.dat
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 27 juin 2008 01:26

The scan of running processes will be started
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'UpdateChecker.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'Floater.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'HookManager.exe' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'wpCtrl.exe' - '1' Module(s) have been scanned
Scan process 'EMouse.exe' - '1' Module(s) have been scanned
Scan process 'dthtml.exe' - '1' Module(s) have been scanned
Scan process 'shwicon2k.exe' - '1' Module(s) have been scanned
Scan process 'MouseElf.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'InCD.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'lxbbbmon.exe' - '1' Module(s) have been scanned
Scan process 'lxbbbmgr.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'slserv.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'DTSRVC.exe' - '1' Module(s) have been scanned
Scan process 'mscorsvw.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
50 processes with 50 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '39' files ).


Starting the file scan:

Begin scan in 'C:\WINDOWS\system32'


End of the scan: vendredi 27 juin 2008 01:34
Used time: 08:13 min

The scan has been done completely.

262 Scanning directories
6029 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
6029 Files not concerned
12 Archives were scanned
0 Warnings
0 Notes

bonjour! que signifie ce message lorsque j'allume mon PC : Input string was not in a correct format ?