Probléme virus
Résolu/Fermé
doyentony
Messages postés
55
Date d'inscription
mercredi 9 juin 2010
Statut
Membre
Dernière intervention
16 juin 2021
-
Modifié par doyentony le 9/06/2010 à 20:48
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 17 juin 2010 à 10:55
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 17 juin 2010 à 10:55
A voir également:
- Probléme virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone - Forum iPhone
- Comment savoir si j'ai attrapé un virus sur mon téléphone ? ✓ - Forum iPhone
23 réponses
doyentony
Messages postés
55
Date d'inscription
mercredi 9 juin 2010
Statut
Membre
Dernière intervention
16 juin 2021
2
16 juin 2010 à 16:31
16 juin 2010 à 16:31
ComboFix 10-06-15.03 - kevin 16/06/2010 15:46:42.3.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.2814.1999 [GMT 2:00]
Lancé depuis: c:\users\kevin\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\kevin\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un antivirus résident est actif
FILE ::
"c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT"
"c:\windows\system32\perfc00C.dat"
"c:\windows\system32\perfh00C.dat"
.
PEV Error: LocalSettingsFile
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT
.
---- Exécution préalable -------
.
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT
c:\windows\system32\perfc00C.dat
c:\windows\system32\perfh00C.dat
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-05-16 au 2010-06-16 ))))))))))))))))))))))))))))))))))))
.
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\kevin\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-11 00:33 . 2010-06-11 00:33 -------- d-----w- c:\programdata\WindowsSearch
2010-06-10 00:20 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-09 22:13 . 2010-06-10 17:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-09 22:13 . 2010-06-09 22:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-09 20:13 . 2010-06-09 20:13 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-06-09 18:57 . 2010-06-09 18:57 -------- d-----w- c:\program files\Trend Micro
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\users\kevin\AppData\Roaming\Malwarebytes
2010-06-09 07:17 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\programdata\Malwarebytes
2010-06-09 07:17 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-29 18:51 . 2010-06-08 18:25 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\programdata\Norton
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\windows\system32\drivers\NSS
2010-05-26 11:33 . 2010-05-29 18:51 -------- d-----w- c:\programdata\Symantec
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\programdata\NortonInstaller
2010-05-26 00:25 . 2010-05-26 00:25 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-26 00:23 . 2010-05-26 00:24 -------- d-----w- c:\program files\Real
2010-05-26 00:15 . 2010-05-26 00:11 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-05-26 00:15 . 2010-05-26 00:11 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-05-26 00:15 . 2010-05-26 00:15 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 57679 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54629 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-26 00:13 . 2010-05-26 00:13 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-05-26 00:13 . 2010-05-26 00:13 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-05-26 00:11 . 2010-05-27 20:59 -------- d-----w- c:\programdata\DivX
2010-05-25 19:29 . 2010-05-25 19:29 -------- d-----w- c:\program files\CamStudio
2010-05-22 15:16 . 2010-05-22 15:16 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-05-21 19:21 . 2010-05-21 19:21 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-16 13:36 . 2009-11-26 16:48 -------- d-----w- c:\users\kevin\AppData\Roaming\Skype
2010-06-16 06:06 . 2009-11-26 16:54 -------- d-----w- c:\users\kevin\AppData\Roaming\skypePM
2010-06-15 23:45 . 2008-03-16 21:24 -------- d-----w- c:\program files\McAfee
2010-06-13 18:34 . 2009-05-31 20:43 -------- d-----w- c:\users\kevin\AppData\Roaming\DNA
2010-06-13 14:09 . 2009-02-03 17:31 -------- d-----w- c:\program files\Steam
2010-06-11 13:10 . 2009-02-03 17:31 -------- d-----w- c:\program files\Common Files\Steam
2010-06-10 17:53 . 2009-06-01 10:39 680 ----a-w- c:\users\kevin\AppData\Local\d3d9caps.dat
2010-06-09 21:20 . 2008-03-16 21:24 -------- d-----w- c:\programdata\McAfee
2010-06-09 20:05 . 2009-10-13 14:29 -------- d-----w- c:\program files\Cheat Engine
2010-06-09 08:31 . 2009-12-03 15:52 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus 2
2010-06-08 15:46 . 2009-06-02 22:10 -------- d-----w- c:\users\kevin\AppData\Roaming\dvdcss
2010-06-05 01:59 . 2009-03-20 20:59 -------- d-----w- c:\users\kevin\AppData\Roaming\LimeWire
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-26 00:25 . 2010-05-26 00:25 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-26 00:25 . 2010-05-26 00:25 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-26 00:25 . 2010-05-26 00:25 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-26 00:25 . 2010-05-26 00:25 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-26 00:25 . 2010-05-26 00:23 -------- d-----w- c:\program files\Common Files\Real
2010-05-26 00:24 . 2010-05-26 00:24 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-26 00:15 . 2009-01-21 23:40 -------- d-----w- c:\program files\DivX
2010-05-26 00:14 . 2010-04-02 22:02 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-05-26 00:13 . 2009-03-29 18:58 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-05-19 00:32 . 2009-01-20 19:00 -------- d-----w- c:\program files\Dofus
2010-05-17 15:25 . 2010-05-17 15:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-05-13 18:02 . 2009-03-29 19:33 95744 ----a-w- c:\programdata\SpeedBit\DAP\SDCondition.dll
2010-04-25 22:27 . 2010-04-25 22:27 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-04-21 02:39 . 2010-03-14 20:34 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-04-17 18:09 . 2009-09-27 11:14 -------- d-----w- c:\program files\NCSoft
.
((((((((((((((((((((((((((((( SnapShot@2010-06-09_20.06.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2010-06-16 13:43 57896 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-01-20 18:46 . 2010-06-16 13:43 10268 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2763895443-656490219-1109127536-1000_UserData.bin
+ 2009-01-20 18:42 . 2010-06-16 14:02 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-01-20 18:42 . 2010-06-09 19:50 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-20 18:42 . 2010-06-16 14:02 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-20 18:42 . 2010-06-09 19:50 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-16 04:55 . 2010-06-16 04:55 21504 c:\windows\Installer\11cf0ce.msi
+ 2010-06-16 13:42 . 2010-06-16 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-06-16 13:42 . 2010-06-16 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 13:02 . 2010-06-16 13:43 103654 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2010-06-16 13:40 586980 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-06-16 13:40 101052 c:\windows\System32\perfc009.dat
+ 2010-06-16 10:37 . 2010-06-16 10:37 231888 c:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2009-02-03 02:15 . 2010-06-16 10:37 5612496 c:\windows\System32\Macromed\Flash\NPSWF32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
2009-06-01 11:46 815104 ----a-w- c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [BU]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll" [2009-06-01 815104]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll" [2009-06-01 815104]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [BU]
[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-20 136600]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-06-02 319488]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-06-02 319488]
c:\users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d''cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Outil de notification Live Search.lnk - c:\users\kevin\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2009-1-20 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG111v3 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2010-06-08 21:34 323392 ----a-w- c:\users\kevin\Program Files\DNA\btdna.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-25 20:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANAL+ CANALSAT A LA DEMANDE]
2010-01-12 10:09 163928 ----a-w- c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-03-29 19:12 2807296 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-01-20 18:45 24064 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-03-12 19:56 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2010-02-11 10:36 1218008 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ----a-w- c:\program files\Cyberlink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 13:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-10 19:28 1238352 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-20 18:45 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-05-26 00:23 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
2007-12-21 16:51 3481600 ----a-w- c:\program files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-04-03 19:23 3558648 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2008-01-29 08:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-01 721904]
R2 gupdate1c9f698d603de5;Service Google Update (gupdate1c9f698d603de5);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 133104]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 24064]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2007-05-11 329728]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328]
R3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [2009-12-15 188416]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contenu du dossier 'Tâches planifiées'
2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 19:55]
2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 19:55]
2010-04-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-09 10:22]
2010-04-30 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-09 10:22]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://fr.yahoo.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:53774
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\users\kevin\AppData\Roaming\Mozilla\Firefox\Profiles\sjzifefi.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 53774
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npCpVod.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\kevin\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Live Search - c:\users\kevin\AppData\Roaming\Microsoft\Live Search\Suppression-Live-Search.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-16 16:03
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2010-06-16 16:06:44
ComboFix-quarantined-files.txt 2010-06-16 14:06
ComboFix2.txt 2010-06-09 20:07
Avant-CF: 103 477 248 octets libres
Après-CF: 185 352 192 octets libres
- - End Of File - - 9B6C58607AE3DE3F2D6830CE40775A60
Microsoft® Windows Vista(TM) Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.2814.1999 [GMT 2:00]
Lancé depuis: c:\users\kevin\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\kevin\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Un antivirus résident est actif
FILE ::
"c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT"
"c:\windows\system32\perfc00C.dat"
"c:\windows\system32\perfh00C.dat"
.
PEV Error: LocalSettingsFile
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT
.
---- Exécution préalable -------
.
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\users\kevin\AppData\Local\GDIPFONTCACHEV1.DAT
c:\windows\system32\perfc00C.dat
c:\windows\system32\perfh00C.dat
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-05-16 au 2010-06-16 ))))))))))))))))))))))))))))))))))))
.
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\kevin\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-16 14:03 . 2010-06-16 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-11 00:33 . 2010-06-11 00:33 -------- d-----w- c:\programdata\WindowsSearch
2010-06-10 00:20 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-09 22:13 . 2010-06-10 17:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-09 22:13 . 2010-06-09 22:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-09 20:13 . 2010-06-09 20:13 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-06-09 18:57 . 2010-06-09 18:57 -------- d-----w- c:\program files\Trend Micro
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\users\kevin\AppData\Roaming\Malwarebytes
2010-06-09 07:17 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\programdata\Malwarebytes
2010-06-09 07:17 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-09 07:17 . 2010-06-09 07:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-29 18:51 . 2010-06-08 18:25 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\programdata\Norton
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\windows\system32\drivers\NSS
2010-05-26 11:33 . 2010-05-29 18:51 -------- d-----w- c:\programdata\Symantec
2010-05-26 11:33 . 2010-05-26 11:33 -------- d-----w- c:\programdata\NortonInstaller
2010-05-26 00:25 . 2010-05-26 00:25 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-26 00:23 . 2010-05-26 00:24 -------- d-----w- c:\program files\Real
2010-05-26 00:15 . 2010-05-26 00:11 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-05-26 00:15 . 2010-05-26 00:11 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-05-26 00:15 . 2010-05-26 00:15 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 57679 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-05-26 00:15 . 2010-05-26 00:15 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54629 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-05-26 00:14 . 2010-05-26 00:14 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-05-26 00:13 . 2010-05-26 00:13 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-05-26 00:13 . 2010-05-26 00:13 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-05-26 00:11 . 2010-05-27 20:59 -------- d-----w- c:\programdata\DivX
2010-05-25 19:29 . 2010-05-25 19:29 -------- d-----w- c:\program files\CamStudio
2010-05-22 15:16 . 2010-05-22 15:16 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-05-21 19:21 . 2010-05-21 19:21 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-16 13:36 . 2009-11-26 16:48 -------- d-----w- c:\users\kevin\AppData\Roaming\Skype
2010-06-16 06:06 . 2009-11-26 16:54 -------- d-----w- c:\users\kevin\AppData\Roaming\skypePM
2010-06-15 23:45 . 2008-03-16 21:24 -------- d-----w- c:\program files\McAfee
2010-06-13 18:34 . 2009-05-31 20:43 -------- d-----w- c:\users\kevin\AppData\Roaming\DNA
2010-06-13 14:09 . 2009-02-03 17:31 -------- d-----w- c:\program files\Steam
2010-06-11 13:10 . 2009-02-03 17:31 -------- d-----w- c:\program files\Common Files\Steam
2010-06-10 17:53 . 2009-06-01 10:39 680 ----a-w- c:\users\kevin\AppData\Local\d3d9caps.dat
2010-06-09 21:20 . 2008-03-16 21:24 -------- d-----w- c:\programdata\McAfee
2010-06-09 20:05 . 2009-10-13 14:29 -------- d-----w- c:\program files\Cheat Engine
2010-06-09 08:31 . 2009-12-03 15:52 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus 2
2010-06-08 15:46 . 2009-06-02 22:10 -------- d-----w- c:\users\kevin\AppData\Roaming\dvdcss
2010-06-05 01:59 . 2009-03-20 20:59 -------- d-----w- c:\users\kevin\AppData\Roaming\LimeWire
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-26 00:25 . 2010-05-26 00:25 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-26 00:25 . 2010-05-26 00:25 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-26 00:25 . 2010-05-26 00:25 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-26 00:25 . 2010-05-26 00:25 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-26 00:25 . 2010-05-26 00:25 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-26 00:25 . 2010-05-26 00:23 -------- d-----w- c:\program files\Common Files\Real
2010-05-26 00:24 . 2010-05-26 00:24 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-26 00:15 . 2009-01-21 23:40 -------- d-----w- c:\program files\DivX
2010-05-26 00:14 . 2010-04-02 22:02 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-05-26 00:13 . 2009-03-29 18:58 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-05-19 00:32 . 2009-01-20 19:00 -------- d-----w- c:\program files\Dofus
2010-05-17 15:25 . 2010-05-17 15:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-05-13 18:02 . 2009-03-29 19:33 95744 ----a-w- c:\programdata\SpeedBit\DAP\SDCondition.dll
2010-04-25 22:27 . 2010-04-25 22:27 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-04-21 02:39 . 2010-03-14 20:34 -------- d-----w- c:\users\kevin\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-04-17 18:09 . 2009-09-27 11:14 -------- d-----w- c:\program files\NCSoft
.
((((((((((((((((((((((((((((( SnapShot@2010-06-09_20.06.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2010-06-16 13:43 57896 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-01-20 18:46 . 2010-06-16 13:43 10268 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2763895443-656490219-1109127536-1000_UserData.bin
+ 2009-01-20 18:42 . 2010-06-16 14:02 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-01-20 18:42 . 2010-06-09 19:50 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-20 18:42 . 2010-06-16 14:02 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-20 18:42 . 2010-06-09 19:50 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-16 04:55 . 2010-06-16 04:55 21504 c:\windows\Installer\11cf0ce.msi
+ 2010-06-16 13:42 . 2010-06-16 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-06-16 13:42 . 2010-06-16 13:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 13:02 . 2010-06-16 13:43 103654 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 10:33 . 2010-06-16 13:40 586980 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-06-16 13:40 101052 c:\windows\System32\perfc009.dat
+ 2010-06-16 10:37 . 2010-06-16 10:37 231888 c:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2009-02-03 02:15 . 2010-06-16 10:37 5612496 c:\windows\System32\Macromed\Flash\NPSWF32.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
2009-06-01 11:46 815104 ----a-w- c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [BU]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll" [2009-06-01 815104]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}"= "c:\program files\Burn4Free Toolbar\v3.3.0.2\Burn4Free_Toolbar.dll" [2009-06-01 815104]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [BU]
[HKEY_CLASSES_ROOT\clsid\{4f11acbb-393f-4c86-a214-ff3d0d155cc3}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-20 136600]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 4911104]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-06-02 319488]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-06-02 319488]
c:\users\kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 - Capture d''cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Outil de notification Live Search.lnk - c:\users\kevin\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe [2009-1-20 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG111v3 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
backup=c:\windows\pss\Ralink Wireless Utility.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2010-06-08 21:34 323392 ----a-w- c:\users\kevin\Program Files\DNA\btdna.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-25 20:36 28672 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CANAL+ CANALSAT A LA DEMANDE]
2010-01-12 10:09 163928 ----a-w- c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2009-03-29 19:12 2807296 ----a-w- c:\program files\DAP\DAP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-01-20 18:45 24064 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-03-12 19:56 342312 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2010-02-11 10:36 1218008 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 21:26 68640 ----a-w- c:\program files\Cyberlink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 13:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-10 19:28 1238352 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-20 18:45 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-05-26 00:23 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
2007-12-21 16:51 3481600 ----a-w- c:\program files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2009-04-03 19:23 3558648 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2008-01-29 08:03 303104 ----a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-01 721904]
R2 gupdate1c9f698d603de5;Service Google Update (gupdate1c9f698d603de5);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 133104]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-20 24064]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2007-05-11 329728]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328]
R3 WSDPrintDevice;Prise en charge de l'impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [2009-12-15 188416]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-12-08 93320]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contenu du dossier 'Tâches planifiées'
2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 19:55]
2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 19:55]
2010-04-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-09 10:22]
2010-04-30 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-06-09 10:22]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://fr.yahoo.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:53774
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\users\kevin\AppData\Roaming\Mozilla\Firefox\Profiles\sjzifefi.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 53774
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npCpVod.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\kevin\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Live Search - c:\users\kevin\AppData\Roaming\Microsoft\Live Search\Suppression-Live-Search.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-16 16:03
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2010-06-16 16:06:44
ComboFix-quarantined-files.txt 2010-06-16 14:06
ComboFix2.txt 2010-06-09 20:07
Avant-CF: 103 477 248 octets libres
Après-CF: 185 352 192 octets libres
- - End Of File - - 9B6C58607AE3DE3F2D6830CE40775A60
doyentony
Messages postés
55
Date d'inscription
mercredi 9 juin 2010
Statut
Membre
Dernière intervention
16 juin 2021
2
16 juin 2010 à 16:53
16 juin 2010 à 16:53
le robot a bloqué mon rapport
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
17 juin 2010 à 10:55
17 juin 2010 à 10:55
Salut,
ok, il reste encore quelques fichiers à virer, mais avant lance un scan complet avec Malwarebytes et poste le rapport stp
@+
ok, il reste encore quelques fichiers à virer, mais avant lance un scan complet avec Malwarebytes et poste le rapport stp
@+
