Comment Ca Marche

re
g fait comme vous m'avez dit mais des que le scan a commencé en mode sans echec le programme a afficher ce message(impossible de charger le support ipx/spx) :s mais quand g redemarré mon ordi en mode normal le programme a commencé le scan et il a créé le rapport suivant:
Rebooting

[b]Checking Files /b:

No Trojan Files Found

Removing Temp Files

[b]ADS Check /b:

[b]Final Check /b:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-10 14:23:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:6d61dbea
"s1"=dword:290bcd21
"s2"=dword:41ed2b71
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,ea,24,e6,3a,95,70,37,d8,85,28,e8,09,4c,b4,eb,df,5f,1d,29,f6,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,bd,6f,67,64,0a,de,64,1c,95,19,c9,9c,6b,b8,32,5d,c3,..
"khjeh"=hex:fb,b0,22,11,10,67,51,60,78,eb,41,1a,4f,a0,b5,20,d5,5d,23,12,f4,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c5,19,50,a7,4b,7a,51,28,da,b3,6c,f1,99,27,65,ad,34,9a,36,f2,ed,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:0c,ea,24,e6,3a,95,70,37,d8,85,28,e8,09,4c,b4,eb,df,5f,1d,29,f6,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,bd,6f,67,64,0a,de,64,1c,95,19,c9,9c,6b,b8,32,5d,c3,..
"khjeh"=hex:fb,b0,22,11,10,67,51,60,78,eb,41,1a,4f,a0,b5,20,d5,5d,23,12,f4,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:c5,19,50,a7,4b,7a,51,28,da,b3,6c,f1,99,27,65,ad,34,9a,36,f2,ed,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services /b:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Toshiba\\ConfigFree\\CFXFER.exe"="C:\\Program Files\\Toshiba\\ConfigFree\\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMuleMorphXT"
"C:\\Program Files\\Wengo\\wengophone.exe"="C:\\Program Files\\Wengo\\wengophone.exe:*:Disabled:WengoPhone"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\aMSN\\bin\\wish.exe"="C:\\Program Files\\aMSN\\bin\\wish.exe:*:Disabled:Wish Application"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Enabled:TVAnts"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\cygwin\\usr\\X11R6\\bin\\XWin.exe"="C:\\cygwin\\usr\\X11R6\\bin\\XWin.exe:*:Enabled:XWin"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\WINDOWS\\AdobeR.exe"="C:\\WINDOWS\\AdobeR.exe:*:Enabled:AdobeR"
"G:\\AdobeR.exe"="G:\\AdobeR.exe:*:Enabled:AdobeR"
"F:\\AdobeR.exe"="F:\\AdobeR.exe:*:Enabled:AdobeR"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"
"C:\\Program Files\\adslTV\\adsltv.exe"="C:\\Program Files\\adslTV\\adsltv.exe:*:Enabled:adsltv"
"C:\\Program Files\\adslTV\\vlc.exe"="C:\\Program Files\\adslTV\\vlc.exe:*:Enabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files /b:

[b]Files with Hidden Attributes /b:

Fri 4 Jul 2008 112,824 ..SHR --- "C:\00hoeav.com"
Fri 4 Jul 2008 112,824 ..SHR --- "C:\WINDOWS\system32\amvo.exe"
Thu 10 Jul 2008 77,312 ..SHR --- "C:\WINDOWS\system32\amvo0.dll"
Fri 4 Jul 2008 77,312 ..SHR --- "C:\WINDOWS\system32\amvo1.dll"
Tue 17 Jun 2008 41,472 ..SHR --- "C:\WINDOWS\system32\msnclicfg.exe"
Sun 5 Nov 2006 24,064 ...H. --- "C:\Documents and Settings\EL KHAOUDI\Mes documents\~WRL3574.tmp"
Fri 4 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP407\A0225505.sys"
Fri 4 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP407\A0225576.sys"
Sat 5 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP407\A0226577.sys"
Sat 5 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP407\A0226601.sys"
Sat 5 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP407\A0226617.sys"
Sat 5 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP410\A0228741.sys"
Sat 5 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0229741.sys"
Sun 6 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0229756.sys"
Sun 6 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0229776.sys"
Sun 6 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0230776.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0231776.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP412\A0231792.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0232794.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0233792.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0233809.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0234809.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0234822.sys"
Mon 7 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0234864.sys"
Tue 8 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP416\A0234884.sys"
Tue 8 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0235883.sys"
Tue 8 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0235903.sys"
Wed 9 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0235939.sys"
Wed 9 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0236939.sys"
Wed 9 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0236952.sys"
Wed 9 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0237971.sys"
Wed 9 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0238972.sys"
Thu 10 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0238989.sys"
Thu 10 Jul 2008 168 A..H. --- "C:\System Volume Information\_restore{626D9BD5-11D8-49A1-B657-D272D1F6275E}\RP417\A0242007.sys"
Thu 10 Jul 2008 29,184 A..H. --- "C:\Documents and Settings\EL KHAOUDI\Local Settings\Temp\t.dll"
Fri 4 Jul 2008 29,184 A..H. --- "C:\Documents and Settings\EL KHAOUDI\Local Settings\Temp\yut.dll"
Thu 10 Jul 2008 168 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
Wed 9 Apr 2008 8,348,280 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0d73c5f11656cfb2872f8f4bb0b3a716\BIT23.tmp"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\BIT2.tmp"
Sun 5 Nov 2006 20,992 ...H. --- "C:\Documents and Settings\EL KHAOUDI\Application Data\Microsoft\Word\~WRL2853.tmp"
Sat 28 Apr 2007 11,116 A.SH. --- "C:\Documents and Settings\EL KHAOUDI\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Fri 20 Oct 2006 28,672 A..H. --- "C:\Documents and Settings\EL KHAOUDI\Atwach\kichk\Nouveau dossier\Nouveau dossier (2)\~WRL0698.tmp"
Fri 20 Oct 2006 21,504 A..H. --- "C:\Documents and Settings\EL KHAOUDI\Atwach\kichk\Nouveau dossier\Nouveau dossier (2)\~WRL0788.tmp"
Fri 20 Oct 2006 34,816 A..H. --- "C:\Documents and Settings\EL KHAOUDI\Atwach\kichk\Nouveau dossier\Nouveau dossier (2)\~WRL2691.tmp"

[b]Finished!/b

Merci

benurrr	juil. 08
badraux	juil. 08
badraux	juil. 08
benurrr	juil. 08
badraux	juil. 08
benurrr	juil. 08
badraux	juil. 08
benurrr	juil. 08
badraux	juil. 08
benurrr	juil. 08