Merci de ton aide, je vois que tu réponds rapidement =)
Je vais veiller à ne plus télécharger sur des plateforme de p2p.
Voilà le nouveau rapport :
ComboFix 08-06-20.4 - Julien 2008-06-28 21:59:12.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.649 [GMT 2:00]
Endroit: D:\Documents and Settings\Julien\Bureau\ComboFix.exe
Command switches used :: D:\Documents and Settings\Julien\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
FILE ::
D:\sqmdata04.sqm
D:\sqmdata05.sqm
D:\sqmdata06.sqm
D:\sqmdata07.sqm
D:\sqmdata08.sqm
D:\sqmdata09.sqm
D:\sqmdata10.sqm
D:\sqmdata11.sqm
D:\sqmdata12.sqm
D:\sqmnoopt04.sqm
D:\sqmnoopt05.sqm
D:\sqmnoopt06.sqm
D:\sqmnoopt07.sqm
D:\sqmnoopt08.sqm
D:\sqmnoopt09.sqm
D:\sqmnoopt10.sqm
D:\sqmnoopt11.sqm
D:\sqmnoopt12.sqm
D:\WINDOWS\system32\actskn45.ocx
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\sqmdata04.sqm
D:\sqmdata05.sqm
D:\sqmdata06.sqm
D:\sqmdata07.sqm
D:\sqmdata08.sqm
D:\sqmdata09.sqm
D:\sqmdata10.sqm
D:\sqmdata11.sqm
D:\sqmdata12.sqm
D:\sqmnoopt04.sqm
D:\sqmnoopt05.sqm
D:\sqmnoopt06.sqm
D:\sqmnoopt07.sqm
D:\sqmnoopt08.sqm
D:\sqmnoopt09.sqm
D:\sqmnoopt10.sqm
D:\sqmnoopt11.sqm
D:\sqmnoopt12.sqm
D:\WINDOWS\system32\actskn45.ocx
.
((((((((((((((((((((((((((((( Fichiers créés 2008-05-28 to 2008-06-28 ))))))))))))))))))))))))))))))))))))
.
2008-06-28 14:12 . 2003-07-17 20:17 5,174 --a------ D:\WINDOWS\system32\nppt9x.vxd
2008-06-28 14:12 . 2005-01-01 11:43 4,682 --a------ D:\WINDOWS\system32\npptNT2.sys
2008-06-28 14:11 . 2008-06-28 14:11 <REP> d-------- D:\Program Files\Common Files
2008-06-28 14:07 . 2008-06-28 14:07 <REP> d-------- D:\Program Files\GOA
2008-06-23 12:27 . 2008-06-23 12:27 268 --ah----- D:\sqmdata13.sqm
2008-06-23 12:27 . 2008-06-23 12:27 244 --ah----- D:\sqmnoopt13.sqm
2008-06-21 14:42 . 2008-06-22 10:38 <REP> d-------- D:\Program Files\Super macro
2008-06-20 19:42 . 2008-06-20 19:42 <REP> d-------- D:\Program Files\Notepad++
2008-06-20 19:42 . 2008-06-20 19:42 <REP> d-------- D:\Documents and Settings\Julien\Application Data\Notepad++
2008-06-19 18:41 . 2008-06-19 18:41 0 --a------ D:\WINDOWS\nsreg.dat
2008-06-18 23:08 . 2008-06-28 15:18 318 --a------ D:\WINDOWS\WPE PRO.INI
2008-06-18 22:40 . 2008-06-18 22:40 <REP> d--h----- D:\WINDOWS\PIF
2008-06-18 21:29 . 2008-06-21 13:17 <REP> d-------- D:\Program Files\eMule
2008-06-18 11:11 . 2008-06-18 11:19 <REP> d-------- D:\!KillBox
2008-06-18 10:48 . 2008-06-18 10:48 <REP> d-------- D:\Program Files\BearShare Applications
2008-06-16 21:08 . 2008-06-16 21:24 <REP> d-------- D:\Program Files\Yahoo!
2008-06-16 20:56 . 2008-06-16 20:56 <REP> d-------- D:\Documents and Settings\Julien\Application Data\Lavasoft
2008-06-15 22:28 . 2008-06-18 15:29 110 --a------ D:\WINDOWS\GMouse.ini
2008-06-15 17:10 . 2008-06-15 17:10 <REP> d--h----- D:\Program Files\Zero G Registry
2008-06-15 17:10 . 2008-06-15 17:24 <REP> d-------- D:\Program Files\ANtsP2P
2008-06-15 17:10 . 2008-06-15 17:10 <REP> d--h----- D:\Documents and Settings\Julien\InstallAnywhere
2008-06-14 23:00 . 2003-06-19 01:31 17,920 --a------ D:\WINDOWS\system32\mdimon.dll
2008-06-14 22:59 . 2008-06-14 22:59 <REP> d-------- D:\Program Files\Microsoft.NET
2008-06-11 17:37 . 2008-04-14 17:52 272,768 --------- D:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 17:37 . 2008-04-14 17:52 272,768 -----c--- D:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 20:06 . 2008-06-15 17:23 <REP> d-------- D:\Program Files\EuroKiddies
2008-06-07 17:59 . 2008-06-07 17:59 <REP> d-------- D:\WINDOWS\Sun
2008-06-05 22:50 . 2008-06-16 20:21 <REP> d-------- D:\Program Files\BarreDeSurf
2008-06-01 14:38 . 2008-06-01 14:47 <REP> d-------- D:\WINDOWS\system32\Adobe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-28 17:59 --------- d-----w D:\Program Files\FlashGet
2008-06-25 15:47 --------- d-----w D:\Program Files\Sun Of Midgard
2008-05-20 16:09 --------- d-----w D:\Program Files\Java
2008-05-18 20:48 --------- d-----w D:\Documents and Settings\Julien\Application Data\Skype
2008-05-18 17:38 --------- d-----w D:\Documents and Settings\Julien\Application Data\skypePM
2008-05-09 20:16 --------- d-----w D:\Program Files\vdp
2008-05-09 19:43 --------- d-----w D:\Documents and Settings\Julien\Application Data\ALLCapture
2008-05-09 19:36 --------- d-----w D:\Program Files\ALLCapture 3.0 Trial
2008-05-08 12:28 202,752 ----a-w D:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w D:\WINDOWS\system32\quartz.dll
2008-05-04 19:14 --------- d-----w D:\Documents and Settings\Julien\Application Data\Windows Live Writer
2008-05-04 17:38 --------- d-----w D:\Program Files\Teamspeak2_RC2
2008-05-04 17:38 --------- d-----w D:\Documents and Settings\Julien\Application Data\teamspeak2
2008-05-04 17:11 --------- d-----w D:\Documents and Settings\Parents\Application Data\vlc
2008-04-30 22:05 --------- d-----w D:\Documents and Settings\Julien\Application Data\vlc
2008-04-30 21:59 --------- d-----w D:\Program Files\VideoLAN
2008-04-23 04:16 826,368 ----a-w D:\WINDOWS\system32\wininet.dll
2008-04-20 16:11 32 ----a-w D:\Documents and Settings\All Users\Application Data\ezsid.dat
.
[code]<pre>
----a-w 1,088,512 2005-08-18 00:54:44 D:\Documents and Settings\Julien\Mes documents\Tcheat\CRACK POUR PRO EVOLUTION 8\HACK EUROBARRE (Pars des profesionnels !)\Hack Eurobarre - v1.0 FR .exe
</pre>/code
------- Sigcheck -------
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2004-08-05 14:00 359040 9f4b36614a0fc234525ba224957de55c D:\WINDOWS\$NtUninstallKB941644_0$\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 D:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 18:53 360832 21b001a7135418aa06ff73d85c4169c9 D:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-28_20.08.41.98 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2005-01-20 21:04 77824 D:\WINDOWS\SOUNDMAN.EXE]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"D:\\Program Files\\FlashGet\\flashget.exe"=
"D:\\Program Files\\Skype\\Phone\\Skype.exe"=
"D:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"D:\\Program Files\\eMule\\emule.exe"=
"D:\\Documents and Settings\\Julien\\Mes documents\\Tcheat\\Handy Cache\\HandyCache\\HandyCache.exe"=
"D:\\Documents and Settings\\Julien\\Mes documents\\Tcheat\\CRACK POUR PRO EVOLUTION 8\\combines prizee\\Tricher a prizee - Logiciel\\PrizeeSoft.exe"=
"C:\\PrizeeSoft.exe"=
"D:\\Program Files\\GOA\\Gunbound\\GunBound.gme"=
R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-28 21:59:58
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-06-28 22:01:12
ComboFix-quarantined-files.txt 2008-06-28 20:00:35
ComboFix2.txt 2008-06-28 18:09:30
Pre-Run: 27,488,026,624 octets libres
Post-Run: 27,489,325,056 octets libres
159 --- E O F --- 2008-06-16 15:41:18
Anti virus gratuit
