Virus defensenetsurfage
Résolu/Fermé
A voir également:
- Virus defensenetsurfage
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Tinyurl.com virus - Forum Virus
- Virus mcafee - Accueil - Piratage
45 réponses
Re,
Non toujours pas, les cases étaient déja comme tu m'as demandé (j'avais déjà du le faire auparavent) il n'y a que les fichiers que je t'ai écrit dans mon post précédent qui sont au chemin indiqué, pour les autres, j'en ai aperçu quelque-uns dans le dossier C:\Windows\ mais pas dans les autres dossiers, et le dossier C:\Windows\System32\dllcahe\win32\ n'existe pas sur m'on système.
A+
Non toujours pas, les cases étaient déja comme tu m'as demandé (j'avais déjà du le faire auparavent) il n'y a que les fichiers que je t'ai écrit dans mon post précédent qui sont au chemin indiqué, pour les autres, j'en ai aperçu quelque-uns dans le dossier C:\Windows\ mais pas dans les autres dossiers, et le dossier C:\Windows\System32\dllcahe\win32\ n'existe pas sur m'on système.
A+
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
11 nov. 2007 à 21:59
11 nov. 2007 à 21:59
Ok.
On les vireras en auto alors.
Lance ce scan en ligne:
http://www.bitdefender.fr/scan8/ie.html
Copie/colle le rapport
Aide en image : http://pageperso.aol.fr/rginformatique/mapage/defender.htm
a+
On les vireras en auto alors.
Lance ce scan en ligne:
http://www.bitdefender.fr/scan8/ie.html
Copie/colle le rapport
Aide en image : http://pageperso.aol.fr/rginformatique/mapage/defender.htm
a+
Re,
Désolé mais le scan online ne se lance pas j'ai tout fait jusqu'à l'installation du controle ActiveX, mais juste après un message d'erreur s'affiche :
"This web site is not authorized to host this ActiveX control.
Please contact the webmaster of this website, or report to BitDefender at the e-mail adress: scanonline@bitdefender.com"
Et après avoir cliqué sur le "ok" de ce message, le lien "Scan online" ne fonctionne pas...
A+
Désolé mais le scan online ne se lance pas j'ai tout fait jusqu'à l'installation du controle ActiveX, mais juste après un message d'erreur s'affiche :
"This web site is not authorized to host this ActiveX control.
Please contact the webmaster of this website, or report to BitDefender at the e-mail adress: scanonline@bitdefender.com"
Et après avoir cliqué sur le "ok" de ce message, le lien "Scan online" ne fonctionne pas...
A+
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
12 nov. 2007 à 21:58
12 nov. 2007 à 21:58
Ok on fera sans.
Remet un combofix et on supprimera les fichiers malicieux.
A+
Remet un combofix et on supprimera les fichiers malicieux.
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re! D'accord voila le combofix :
ComboFix 07-11-05.2 - HP_Propriétaire 2007-11-13 19:01:45.3 - NTFSx86
Running from: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-13 to 2007-11-13 ))))))))))))))))))))))))))))))))))))
.
2007-11-12 19:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-10 09:38 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-06 19:17 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-06 11:45 <REP> d----c--- C:\Program Files\VideoLAN
2007-11-05 23:43 <REP> d----c--- C:\Program Files\Navilog1
2007-11-05 22:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-05 13:56 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 10:52 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-05 10:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-05 10:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-05 10:52 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-04 22:05 3,268 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:32 <REP> d----c--- C:\VundoFix Backups
2007-11-03 19:41 <REP> d----c--- C:\Program Files\Trend Micro
2007-10-30 18:55 2,855 --a------ C:\WINDOWS\system32\edit.PIF
2007-10-27 09:07 44,032 --a------ C:\WINDOWS\system32\VuPassword.dll
2007-10-25 10:26 53,248 --a------ C:\WINDOWS\bdoscandel.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-13 01:35 --------- dc----w C:\Program Files\eMule
2007-11-06 14:29 --------- dc----w C:\Program Files\Wanadoo
2007-11-06 10:47 --------- dc----w C:\Documents and Settings\HP_Propriétaire\Application Data\vlc
2007-10-27 17:45 --------- dc----w C:\Program Files\DivX
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-25 16:24 815,480 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-10-25 16:14 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-10-15 17:37 --------- dc----w C:\Program Files\Shareaza
2007-10-08 18:58 --------- dc----w C:\Documents and Settings\HP_Propriétaire\Application Data\BearShare
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-09-23 20:09 --------- dc----w C:\Program Files\Dictionnaire
2007-08-28 19:53 164,352 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-08-22 07:45 15,470 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-01 12:52 95,288 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-08-23 15:40:18 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-10-24 07:39:23 56 --sh--r C:\WINDOWS\system32\8CD90E1E38.sys
2003-08-16 19:56:00 579,584 --sha-r C:\WINDOWS\system32\cd.exe
.
((((((((((((((((((((((((((((( snapshot@2007-11-05_23.11.59.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-10-25 09:26:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2007-10-25 09:26:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2005-05-16 18:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 12:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 12:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2007-11-13 12:26:25 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_144.dat
+ 2007-11-13 12:26:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_54c.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB}]
C:\WINDOWS\system32\VBA232.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
C:\Program Files\Accoona\ASearchAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B}]
C:\WINDOWS\system32\dplay32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2EA6A7E-79FC-4CFB-90E4-898C742B44C5}]
C:\WINDOWS\system32\mobsyncd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC}]
C:\WINDOWS\system32\ulib32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
"h3yb0y"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"h3yb0y1"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"helpr"="C:\Program Files\SETI\helper.exe" []
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04]
"AlcxMonitor"="ALCXMNTR.EXE" []
"PS2"="C:\WINDOWS\system32\ps2.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 17:20]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 18:43]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-18 08:38]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s C:\WINDOWS\system32\sfg.dll" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:34]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2006-03-17 21:16:17]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"DisallowRun"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoTrayContextMenu"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"=edi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxsbang"= {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="lsass.exe"
"UIHost"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=. 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3200]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCShield]
regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
R0 vax347b2;vax347b2;C:\WINDOWS\system32\DRIVERS\vax347b2.sys
R0 vax347s2;vax347s2;C:\WINDOWS\system32\Drivers\vax347s2.sys
R2 MicroGuard;MicroGuard Copy Protection;\??\C:\WINDOWS\system32\drivers\mgnt.sys
R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys
R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S2 NoxizacDriver;Noxizac Driver;\??\C:\WINDOWS\system32\noxizac.sys
S2 NoxizacSrv;Noxizac Service;C:\WINDOWS\system32\noxizac.exe
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State;C:\WINDOWS\system32\Drivers\frmupgr.sys
S3 hSONYPVh;hSONYPVh;\??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hSONYPVh.sys
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS
S3 OCBNEXFH;OCBNEXFH;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SaiH0464;SaiH0464;C:\WINDOWS\system32\DRIVERS\SaiH0464.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S4 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys
S4 QVMKLIL;QVMKLIL;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\QVMKLIL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{096db9a4-0d52-11dc-b652-0060b3b148b3}]
\Shell\AutoRun\command - G:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16e5fb2a-6824-11db-a3db-806d6172696f}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3970f550-40b0-11db-9d5b-806d6172696f}]
\Shell\AutoRun\command - K:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6f0b4a-35e0-11dc-9a38-806d6172696f}]
\Shell\AutoRun\command - E:\autoplay.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058ab-3c1b-11dc-b036-806d6172696f}]
\Shell\AutoRun\command - H:\autorun.exe
\Shell\directx\command - H:\DirectX9\dxsetup.exe
\Shell\setup\command - H:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058c3-3c1b-11dc-b036-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377a8-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377aa-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d37e11a-0923-11dc-b645-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94c17f00-5499-11db-a6fe-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a11c522a-3d00-11db-bb3c-806d6172696f}]
\Shell\AutoRun\command - G:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4b15c4f-cf59-11db-9570-806d6172696f}]
\Shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69cc-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69d0-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - G:\EE2AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6a63ceb-b08e-11db-b7cf-0060b3b148b3}]
\Shell\AutoRun\command - M:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de217750-44a2-11db-a39c-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4043a5a-56c1-11db-a1c1-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74926-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74928-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d7492a-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
*Newly Created Service* - PCANDIS5
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-13 19:07:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-11-13 19:08:48
C:\ComboFix2.txt ... 2007-11-06 13:54
C:\ComboFix3.txt ... 2007-11-05 23:14
.
--- E O F ---
ComboFix 07-11-05.2 - HP_Propriétaire 2007-11-13 19:01:45.3 - NTFSx86
Running from: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-13 to 2007-11-13 ))))))))))))))))))))))))))))))))))))
.
2007-11-12 19:01 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-10 09:38 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-06 19:17 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-06 11:45 <REP> d----c--- C:\Program Files\VideoLAN
2007-11-05 23:43 <REP> d----c--- C:\Program Files\Navilog1
2007-11-05 22:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-05 13:56 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-05 10:52 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-05 10:52 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-05 10:52 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-05 10:52 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-04 22:05 3,268 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 14:32 <REP> d----c--- C:\VundoFix Backups
2007-11-03 19:41 <REP> d----c--- C:\Program Files\Trend Micro
2007-10-30 18:55 2,855 --a------ C:\WINDOWS\system32\edit.PIF
2007-10-27 09:07 44,032 --a------ C:\WINDOWS\system32\VuPassword.dll
2007-10-25 10:26 53,248 --a------ C:\WINDOWS\bdoscandel.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-13 01:35 --------- dc----w C:\Program Files\eMule
2007-11-06 14:29 --------- dc----w C:\Program Files\Wanadoo
2007-11-06 10:47 --------- dc----w C:\Documents and Settings\HP_Propriétaire\Application Data\vlc
2007-10-27 17:45 --------- dc----w C:\Program Files\DivX
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-25 16:24 815,480 -c--a-w C:\WINDOWS\system32\aswBoot.exe
2007-10-25 16:14 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-10-15 17:37 --------- dc----w C:\Program Files\Shareaza
2007-10-08 18:58 --------- dc----w C:\Documents and Settings\HP_Propriétaire\Application Data\BearShare
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-09-23 20:09 --------- dc----w C:\Program Files\Dictionnaire
2007-08-28 19:53 164,352 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-08-22 07:45 15,470 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-01 12:52 95,288 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\GDIPFONTCACHEV1.DAT
2005-08-23 15:40:18 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-10-24 07:39:23 56 --sh--r C:\WINDOWS\system32\8CD90E1E38.sys
2003-08-16 19:56:00 579,584 --sha-r C:\WINDOWS\system32\cd.exe
.
((((((((((((((((((((((((((((( snapshot@2007-11-05_23.11.59.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-10-25 09:26:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2007-10-25 09:26:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2005-05-16 18:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 12:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 12:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2007-11-13 12:26:25 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_144.dat
+ 2007-11-13 12:26:31 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_54c.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{65D5A3B2-859E-42F5-AE9E-BC6D7EC1B0EB}]
C:\WINDOWS\system32\VBA232.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}]
C:\Program Files\Accoona\ASearchAssist.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7531CF3-3DBE-4D68-BED9-E3697F3CDC9B}]
C:\WINDOWS\system32\dplay32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2EA6A7E-79FC-4CFB-90E4-898C742B44C5}]
C:\WINDOWS\system32\mobsyncd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3E3A0A8-906B-47D7-8E5E-8C7F1D3C0BDC}]
C:\WINDOWS\system32\ulib32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-07-01 23:12]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 18:53]
"h3yb0y"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"h3yb0y1"="C:\WINDOWS\SYSTEM32\DRIVERS\etc\LSASS.exe" []
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"helpr"="C:\Program Files\SETI\helper.exe" []
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 10:52]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04]
"AlcxMonitor"="ALCXMNTR.EXE" []
"PS2"="C:\WINDOWS\system32\ps2.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 17:20]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 18:43]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-18 08:38]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCShield"="regsvr32 /s C:\WINDOWS\system32\sfg.dll" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 11:00]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 19:31]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:34]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
C:\Documents and Settings\HP_Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe [2006-03-17 21:16:17]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"DisallowRun"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoTrayContextMenu"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun]
"1"=edi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxsbang"= {D117607A-ED64-4810-9909-CD719374EE12} - C:\WINDOWS\bxsbang.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="lsass.exe"
"UIHost"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=. 3 SF3.DLL,noxizaca.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3200]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCShield]
regsvr32 /s "C:\WINDOWS\system32\sfg.dll"
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
R0 vax347b2;vax347b2;C:\WINDOWS\system32\DRIVERS\vax347b2.sys
R0 vax347s2;vax347s2;C:\WINDOWS\system32\Drivers\vax347s2.sys
R2 MicroGuard;MicroGuard Copy Protection;\??\C:\WINDOWS\system32\drivers\mgnt.sys
R3 Cap7134;ASUS TV7134 WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys
R3 PhTVTune;ASUS WDM TV Tuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S2 NoxizacDriver;Noxizac Driver;\??\C:\WINDOWS\system32\noxizac.sys
S2 NoxizacSrv;Noxizac Service;C:\WINDOWS\system32\noxizac.exe
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State;C:\WINDOWS\system32\Drivers\frmupgr.sys
S3 hSONYPVh;hSONYPVh;\??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\hSONYPVh.sys
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\WINDOWS\system32\SophosMEMSWEEP.SYS
S3 OCBNEXFH;OCBNEXFH;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\OCBNEXFH.exe
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 p2psvc;Réseau homologue;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\system32\svchost.exe -k p2psvc
S3 SaiH0464;SaiH0464;C:\WINDOWS\system32\DRIVERS\SaiH0464.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S4 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys
S4 QVMKLIL;QVMKLIL;C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\QVMKLIL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{096db9a4-0d52-11dc-b652-0060b3b148b3}]
\Shell\AutoRun\command - G:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16e5fb2a-6824-11db-a3db-806d6172696f}]
\Shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3970f550-40b0-11db-9d5b-806d6172696f}]
\Shell\AutoRun\command - K:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d6f0b4a-35e0-11dc-9a38-806d6172696f}]
\Shell\AutoRun\command - E:\autoplay.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058ab-3c1b-11dc-b036-806d6172696f}]
\Shell\AutoRun\command - H:\autorun.exe
\Shell\directx\command - H:\DirectX9\dxsetup.exe
\Shell\setup\command - H:\install.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47c058c3-3c1b-11dc-b036-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377a8-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d5377aa-4a78-11db-90ea-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d37e11a-0923-11dc-b645-0060b3b148b3}]
\Shell\AutoRun\command - EXPLORER.EXE
\Shell\explore\Command - EXPLORER.EXE
\Shell\open\Command - EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94c17f00-5499-11db-a6fe-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a11c522a-3d00-11db-bb3c-806d6172696f}]
\Shell\AutoRun\command - G:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4b15c4f-cf59-11db-9570-806d6172696f}]
\Shell\AutoRun\command - F:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69cc-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab1b69d0-4bad-11db-8e77-806d6172696f}]
\Shell\AutoRun\command - G:\EE2AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6a63ceb-b08e-11db-b7cf-0060b3b148b3}]
\Shell\AutoRun\command - M:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de217750-44a2-11db-a39c-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4043a5a-56c1-11db-a1c1-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74926-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d74928-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7d7492a-5151-11db-a6d7-806d6172696f}]
\Shell\AutoRun\command - G:\Autorun.exe
*Newly Created Service* - PCANDIS5
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-13 19:07:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-11-13 19:08:48
C:\ComboFix2.txt ... 2007-11-06 13:54
C:\ComboFix3.txt ... 2007-11-05 23:14
.
--- E O F ---
