Il y a actuellement 179 visiteurs
Mardi 07 Mai 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

malgaré

Ce membre n'a pas encore choisi d'avatar
Visiteur
Visiteur
Nom d'utilisateur:
malgaré
Groupes:

Contacter malgaré

Statistiques de l’utilisateur

Inscription:
14 Fév 2010 23:22
Dernière visite:
07 Avr 2010 18:09
Messages:
6 (0.00% de tous les messages / 0.00 messages par jour)
Forum le plus actif:
Forum sécurité, virus et publicité (adware)
(6 Messages / 100.00% des messages de l'utilisateur)
Sujet le plus actif:
virus Win32:rootkit-gen help
(6 Messages / 100.00% des messages de l'utilisateur)

Les derniers messages de malgaré

Message virus Win32:rootkit-gen help
Bonsoir

Pourriez vous maider SVP?

Avast a découvert ce virus, j'ai suivi la procédure suivante:

virus-win32rootkit-gen-vt-49389.html

voici le rapport.

Helppp!!!!


ComboFix 10-02-12.01 - myosotis 14/02/2010 22:22:12.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1496 [GMT 1:00]
Lancé depuis: c:\documents and settings\myosotis\Mes documents\Téléchargements\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton AntiVirus *On-access scanning disabled* (Outdated) {B5510F6F-87E1-47F7-A411-360BC453007C}
FW: Norton Internet Security *disabled* {825036E0-9F94-4752-8789-8B92454AF49B}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\myosotis\Application Data\inst.exe
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\recycler\S-1-5-21-1751712109-3092945748-3671164633-1003
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_NPF
-------\Service_Boonty Games
-------\Service_npf


((((((((((((((((((((((((((((( Fichiers créés du 2010-01-14 au 2010-02-14 ))))))))))))))))))))))))))))))))))))
.

2010-02-14 19:02 . 2010-02-14 21:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-14 18:50 . 2010-02-14 19:04 -------- d-----w- C:\ToolBar SD
2010-02-13 13:18 . 2010-02-13 13:18 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-10 18:26 . 2010-02-13 13:16 -------- d-----w- c:\program files\Mozilla Firefox(2)
2010-02-06 23:05 . 2010-02-06 23:05 -------- d-----w- c:\documents and settings\myosotis\Application Data\Malwarebytes
2010-02-06 23:05 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-06 23:05 . 2010-02-06 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-06 23:04 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-06 23:04 . 2010-02-06 23:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-06 19:52 . 2010-02-06 19:52 -------- d-----w- c:\program files\CCleaner
2010-02-06 18:23 . 2010-02-06 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-06 17:59 . 2010-02-06 17:59 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-02-06 17:58 . 2010-02-06 17:58 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-02-06 17:58 . 2010-02-14 22:01 792064 ----a-w- c:\windows\system32\drivers\aankx.sys
2010-02-06 12:12 . 2004-12-14 16:06 229376 ----a-r- c:\windows\system32\hpovst08.dll
2010-01-23 21:56 . 2010-01-23 21:56 -------- d-----w- C:\PFiles
2010-01-16 16:07 . 2010-01-16 16:07 -------- d-----w- c:\documents and settings\myosotis\Application Data\Reallusion

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 19:07 . 2008-09-20 12:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-13 19:58 . 2006-01-05 17:43 -------- d-----w- c:\documents and settings\myosotis\Application Data\Skype
2010-02-06 17:58 . 2010-02-06 17:58 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\sgcpom.dat
2010-02-06 12:20 . 2005-11-18 09:25 -------- d-----w- c:\program files\Google
2010-02-06 12:15 . 2008-01-30 20:32 59 -c--a-w- c:\windows\hpoRW.dat
2010-01-21 23:03 . 2009-11-08 19:53 -------- d-----w- c:\program files\Unlocker
2010-01-21 18:27 . 2009-06-28 17:55 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-16 16:06 . 2005-04-18 16:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-16 16:06 . 2010-01-16 16:06 32768 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\7B5560BB781B40259A06350E9B643B6E\RLLauncher.exe
2010-01-16 16:06 . 2010-01-16 16:06 7734336 ----a-w- c:\documents and settings\All Users\Application Data\Skype\Plugins\Plugins\7B5560BB781B40259A06350E9B643B6E\CT4SkypePlugin10_Multi_Lite.exe
2010-01-03 22:58 . 2004-08-16 15:41 63854 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-03 22:58 . 2004-08-16 15:41 445434 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-31 16:50 . 2004-08-16 15:41 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:07 . 2004-08-16 15:41 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 09:51 . 2008-01-09 23:26 -------- d-----w- c:\documents and settings\myosotis\Application Data\XnView
2009-12-17 07:41 . 2004-08-16 16:03 347648 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2004-08-16 15:40 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:49 . 2009-12-04 18:49 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-04 18:49 . 2009-12-04 18:49 47360 ----a-w- c:\documents and settings\myosotis\Application Data\pcouffin.sys
2009-12-04 18:49 . 2009-12-04 18:49 47360 ----a-w- c:\documents and settings\myosotis\Application Data\pcouffin.sys
2009-12-04 18:22 . 2004-08-16 15:40 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-28 20:51 . 2009-11-28 20:51 152576 ----a-w- c:\documents and settings\myosotis\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-28 20:51 . 2009-11-28 20:51 79488 ----a-w- c:\documents and settings\myosotis\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-27 17:13 . 2004-08-16 15:40 1297920 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:13 . 2004-08-03 22:54 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:08 . 2004-08-16 15:40 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:08 . 2004-08-16 15:40 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:08 . 2004-08-16 15:39 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:08 . 2004-08-03 22:54 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:08 . 2001-08-23 15:47 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-24 23:54 . 2009-11-09 08:32 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-09 08:33 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-09 08:33 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-09 08:33 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-09 08:33 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-09 08:33 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 15:58 . 2004-08-16 15:39 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2005-11-18 09:25 . 2005-11-18 09:26 774144 -c--a-w- c:\program files\RngInterstitial.dll
2002-07-02 13:00 . 2009-11-08 19:51 32768 ----a-w- c:\program files\WhoLockMe.dll
2008-03-01 09:25 . 2008-03-01 09:25 8 -csh--r- c:\windows\system32\BE54FA8F64.sys
2006-05-03 10:06 . 2009-04-23 19:53 163328 --sh--r- c:\windows\system32\flvDX.dll
2008-03-01 09:31 . 2006-05-04 20:36 15594 -csha-w- c:\windows\system32\KGyGaAvL.sys
2007-02-21 11:47 . 2009-04-23 19:53 31232 -csh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 . 2009-04-23 19:53 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-04-18 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" [2004-09-10 77824]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-04-18 98304]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2004-10-08 81920]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Laser mouse"="c:\program files\Laser Center\Laser Sensor Mouse\Panel.exe" [2005-06-20 233472]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-05-06 49152]
"GBMLite8AgentLaCie"="c:\program files\LaCie\Genie Backup Assistant\GBMAgent.exe" [2008-09-18 189056]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2005-02-12 339968]
"AlcWzrd"="ALCWZRD.EXE" [2004-09-15 2557952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\Sitecom\Logiciel Bluetooth\BTTray.exe [2004-8-16 565309]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
NETGEAR WPN111 Smart Wizard.lnk - c:\program files\NETGEAR\WPN111\wpn111.exe [2007-5-13 884838]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-03-07 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\myosotis\\Mes documents\\***********\\Farma\\Freeplayer\\vlc\\vlc.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"8080:TCP"= 8080:TCP:freeplayer

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [09/11/2009 09:33 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [09/11/2009 09:33 20560]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [02/12/2006 20:55 17149]
R3 GMFilter Filter;GMFilter Filter;c:\windows\system32\drivers\GMFilter.sys [25/10/2008 13:38 25088]
R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [13/05/2007 18:40 362944]
S2 gupdate1ca6637d773f73a;Service Google Update (gupdate1ca6637d773f73a);c:\program files\Google\Update\GoogleUpdate.exe [15/11/2009 22:08 133104]
S3 EAGLE2RC;Analog/DVB-T Hybrid Tv Infrared Receiver;c:\windows\system32\DRIVERS\Eagle2RC.sys --> c:\windows\system32\DRIVERS\Eagle2RC.sys [?]
S3 Eagle2TV;TV tuner device;c:\windows\system32\Drivers\eagle2tv_B.sys --> c:\windows\system32\Drivers\eagle2tv_B.sys [?]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - aankx
.
Contenu du dossier 'Tâches planifiées'

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-15 21:08]

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-15 21:08]

2010-02-14 c:\windows\Tasks\User_Feed_Synchronization-{A2BB03A0-0307-42F8-A3D8-B970777B19AE}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Envoyer à &Bluetooth - c:\program files\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {6AA85413-165C-4200-8154-71166077B22E} - hxxp://scripts.downloadv3.com/binaries/ ... _FR_XP.cab
DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - hxxp://scripts.downloadv3.com/binaries/ ... _FR_XP.cab
DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - hxxp://scripts.downloadv3.com/binaries/ ... _FR_XP.cab
FF - ProfilePath - c:\documents and settings\myosotis\Application Data\Mozilla\Firefox\Profiles\hcyob10k.default\
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{58B525F4-B7D7-4600-86F4-46D30A9CC183} - (no file)
WebBrowser-{7741B272-20A0-7739-FFFF-FFFF64213A77} - (no file)
WebBrowser-{015FD3A4-0514-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{0500D3A4-10B4-0000-9CD3-000594D30005} - (no file)
WebBrowser-{015FD3A4-04DC-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{0533D3A4-0904-0000-9CD3-330594D33305} - (no file)
WebBrowser-{015FD3A4-0704-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{0533D3A4-0A7C-0000-9CD3-330594D33305} - (no file)
WebBrowser-{081CD3A4-0894-0000-9CD3-1C0894D31C08} - (no file)
WebBrowser-{088FD3A4-09D8-0000-9CD3-8F0894D38F08} - (no file)
WebBrowser-{0686D3A4-0C6C-0000-9CD3-860694D38606} - (no file)
WebBrowser-{088FD3A4-033C-0000-9CD3-8F0894D38F08} - (no file)
WebBrowser-{015FD3A4-04D0-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{0269D3A4-0ABC-0000-9CD3-690294D36902} - (no file)
WebBrowser-{015FD3A4-04E0-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{04E0D3A4-0F78-0000-9CD3-E00494D3E004} - (no file)
WebBrowser-{082FD3A4-0998-0000-9CD3-2F0894D32F08} - (no file)
WebBrowser-{06E9D3A4-04EC-0000-9CD3-E90694D3E906} - (no file)
WebBrowser-{015FD3A4-04D4-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{015FD3A4-05A8-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{015FD3A4-04CC-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{015FD3A4-05B4-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{015FD3A4-04E4-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{015FD3A4-0618-0000-9CD3-5F0194D35F01} - (no file)
WebBrowser-{044B0F70-208B-773A-309A-150048DA5F01} - (no file)
WebBrowser-{044B0F70-208B-773A-309A-150008C05F01} - (no file)
WebBrowser-{00000000-04D4-0003-50A8-C90200000000} - (no file)
HKCU-Run-RssReader - c:\program files\RssReader\RssReader.exe
HKCU-Run-BoontyBox - c:\program files\Boonty\BoontyBox\BoontyBox.exe
HKCU-Run-BitTorrent DNA - c:\program files\DNA\btdna.exe
HKU-Default-RunOnce-^SetupICWDesktop - (no file)
AddRemove-AOL Connectivity Services - c:\progra~1\FICHIE~1\AOL\ACS\AcsUninstall.exe
AddRemove-AOL YGP Screensaver - c:\program files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
AddRemove-DVD Shrink_is1 - c:\program files\DVD Shrink\unins000.exe
AddRemove-eMule - c:\program files\eMule\Uninstall.exe
AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe
AddRemove-Winamp Toolbar for Firefox - c:\documents and settings\myosotis\Application Data\Mozilla\Firefox\Profiles\60iuvkiq.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe
AddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 23:01
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aankx]

.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3480)
c:\program files\Unlocker\UnlockerHook.dll
c:\program files\CyberLink\Shared Files\CLRCEngine.dll
c:\windows\system32\Hook.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Sitecom\Logiciel Bluetooth\bin\btwdins.exe
c:\windows\system32\CTsvcCDA.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\windows\ALCWZRD.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2010-02-14 23:06:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-02-14 22:06

Avant-CF: 4 934 033 408 octets libres
Après-CF: 4 786 081 792 octets libres

- - End Of File - - 2EF04C9E0AFCF95E0CA185C51A31AE55

Edité par AtOM:*********** sur demande.

Haut

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.