Mon ordi est-t-il OK?
yahyo88
Messages postés
7
Statut
Membre
-
funny0508 -
funny0508 -
Bonjour,
voila les résultats des scans:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:48, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\PcBoost\PcBoost.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\SuperRam\SuperRam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\TURBOC~1\netdetect.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.359\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PcBoost] "C:\Program Files\PcBoost\PcBoost.exe" /start
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe" /start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TurboConnect] C:\PROGRA~1\TURBOC~1\TurboConnect.exe 1
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
voila les résultats des scans:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:48, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\PcBoost\PcBoost.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\SuperRam\SuperRam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\TURBOC~1\netdetect.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.359\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PcBoost] "C:\Program Files\PcBoost\PcBoost.exe" /start
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SuperRam] "C:\Program Files\SuperRam\SuperRam.exe" /start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [TurboConnect] C:\PROGRA~1\TURBOC~1\TurboConnect.exe 1
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:
- Mon ordi est-t-il OK?
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Mon ordi ne reconnait pas ma clé usb - Guide
- Plus de son sur mon ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
2 réponses
ComboFix 07-11-19.3 - Administrateur 2007-11-25 21:51:17.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.612 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Mes documents\My Completed Downloads\ComboFix.exe
* Created a new restore point
.
[i] ADS - svchost.exe: deleted 0 bytes in 1 streams. [/i]
((((((((((((((((((((((((((((( Fichiers créés 2007-10-25 to 2007-11-25 ))))))))))))))))))))))))))))))))))))
.
2007-11-25 21:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-25 21:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2007-11-25 21:04 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-25 18:42 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DivX
2007-11-25 18:09 <REP> d-------- C:\GIGASOFT3
2007-11-25 13:00 <REP> d-------- C:\Program Files\SuperRam
2007-11-25 12:10 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-11-25 12:10 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-11-25 12:10 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-11-25 11:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-25 11:39 <REP> d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-11-25 11:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-11-25 11:16 0 --a------ C:\WINDOWS\system32\sys_dll.dll
2007-11-25 10:49 10,027 --a------ C:\WINDOWS\system32\mspriv32.dll
2007-11-25 10:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Program Files\Fichiers communs\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Program Files\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems
2007-11-24 22:02 347,680 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-24 22:02 7,820 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-24 22:02 6,432 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-24 22:02 1,676 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-11-24 21:58 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-11-24 21:57 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-11-24 21:56 <REP> d-------- C:\WINDOWS\Internet Logs
2007-11-24 21:30 2,813 --a------ C:\WINDOWS\system32\testscript.tmp
2007-11-24 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-24 19:31 <REP> d-------- C:\WINDOWS\system32\AppData
2007-11-24 13:28 <REP> d-------- C:\WINDOWS\GTA SAN ANDREAS Tunisien Modification
2007-11-24 13:28 <REP> d-------- C:\Program Files\PCI-SOFT
2007-11-24 13:05 0 --a------ C:\WINDOWS\system32\bdss.log
2007-11-24 12:57 <REP> d--h----- C:\WINDOWS\PIF
2007-11-24 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ChemTable Software
2007-11-24 08:43 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2007-11-24 00:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ATI
2007-11-24 00:00 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-11-23 23:59 <REP> d-------- C:\Program Files\ATI Technologies
2007-11-23 22:55 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2007-11-23 22:26 <REP> d-------- C:\Program Files\eMule
2007-11-23 21:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Lavasoft
2007-11-23 21:23 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2007-11-23 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Backup
2007-11-22 15:56 1,990 --a------ C:\WINDOWS\system32\drivers\net_m32.inf
2007-11-22 13:28 <REP> d-------- C:\Program Files\Gadwin Systems
2007-11-22 11:36 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-22 11:36 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-22 11:36 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-21 15:05 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Smart PC Solutions
2007-11-21 15:04 <REP> d-------- C:\WINDOWS\Sun
2007-11-21 15:01 <REP> d-------- C:\Program Files\DSL Speed
2007-11-21 14:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-21 14:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-21 14:07 <REP> d-------- C:\Program Files\PcBoost
2007-11-21 14:07 50,520 --a------ C:\WINDOWS\system32\SP32395.SYS
2007-11-21 13:43 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
2007-11-21 13:42 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Leadertech
2007-11-21 13:41 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared
2007-11-21 13:40 <REP> d-------- C:\Program Files\Java
2007-11-21 13:40 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-11-21 13:40 5,474 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-21 13:12 <REP> d-------- C:\Program Files\Fichiers communs\Java
2007-11-21 12:47 2,820,544 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-11-21 12:47 1,986,560 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-11-21 12:47 1,315,712 --a------ C:\WINDOWS\system32\ativvaxx.dll
2007-11-21 12:47 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-11-21 12:47 356,352 --a------ C:\WINDOWS\system32\ati2cqag.dll
2007-11-21 12:47 267,776 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-11-20 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-20 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 20:41 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-11-20 20:14 <REP> d-------- C:\Program Files\Windows Live
2007-11-20 20:14 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-11-20 19:56 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-20 19:56 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-11-20 19:28 1,156 --a------ C:\WINDOWS\mozver.dat
2007-11-20 18:56 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
2007-11-20 18:56 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
2007-11-20 18:56 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2007-11-20 18:24 <REP> d-------- C:\Program Files\CCleaner
2007-11-20 17:50 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2007-11-20 17:45 816,640 ---h----- C:\WINDOWS\system32\wodfamoh.dll
2007-11-20 17:31 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-11-20 17:31 369,696 --a------ C:\WINDOWS\system32\Comct332.ocx
2007-11-20 17:31 140,096 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2007-11-17 08:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-11-16 19:18 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2007-11-16 19:17 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-16 19:16 <REP> d-------- C:\Program Files\MSN Messenger
2007-11-16 16:35 <REP> d-------- C:\Program Files\DAP
2007-11-16 16:35 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-16 16:29 <REP> d-------- C:\Program Files\TurboConnect
2007-11-16 16:13 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-11-16 16:09 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2007-11-16 15:52 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2007-11-15 07:32 167,936 --a------ C:\WINDOWS\system32\igfxres.dll
2007-11-15 07:31 1,181,824 --a------ C:\WINDOWS\system32\drivers\igxpmp32.sys
2007-11-15 07:31 121,232 --a------ C:\WINDOWS\system32\IScrNBR.bmp
2007-11-14 16:56 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-11-14 16:56 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-11-14 16:50 17,024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-25 17:42 --------- d-----w C:\Program Files\DivX
2007-11-24 20:44 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-11-24 09:18 --------- d-----w C:\Program Files\Fichiers communs\Panda Software
2007-11-23 23:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-23 21:48 --------- d-----w C:\Program Files\Winamp
2007-11-16 14:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\RedMercury
2007-10-20 00:56 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-10-20 00:56 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-10-20 00:56 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-10-20 00:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-10-20 00:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-10-20 00:54 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-10-20 00:54 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-18 09:06 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-10-18 09:03 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-10-18 09:03 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-10-18 09:03 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-10-18 09:03 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-10-18 09:02 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"TurboConnect"="C:\PROGRA~1\TURBOC~1\TurboConnect.exe" [2002-08-20 10:28]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:55 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:55 C:\WINDOWS\system32\rundll32.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-11 18:36 C:\WINDOWS\RTHDCPL.exe]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 19:42]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-06 11:11]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-06 11:13]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-06 11:10]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2007-11-20 22:18]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"PcBoost"="C:\Program Files\PcBoost\PcBoost.exe" [2007-11-19 18:06]
"Device Detector"="DevDetect.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-11-25 12:10]
"SuperRam"="C:\Program Files\SuperRam\SuperRam.exe" [2007-11-19 18:13]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:54]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 00:37]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8004b003-9ad0-11dc-9f64-000ffe8cdf6b}]
\Shell\AutoRun\command - K:\RavMon.exe
*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-25 21:52:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-25 21:52:38
.
--- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.612 [GMT 1:00]
Running from: C:\Documents and Settings\Administrateur\Mes documents\My Completed Downloads\ComboFix.exe
* Created a new restore point
.
[i] ADS - svchost.exe: deleted 0 bytes in 1 streams. [/i]
((((((((((((((((((((((((((((( Fichiers créés 2007-10-25 to 2007-11-25 ))))))))))))))))))))))))))))))))))))
.
2007-11-25 21:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-25 21:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Grisoft
2007-11-25 21:04 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-25 18:42 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DivX
2007-11-25 18:09 <REP> d-------- C:\GIGASOFT3
2007-11-25 13:00 <REP> d-------- C:\Program Files\SuperRam
2007-11-25 12:10 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-11-25 12:10 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-11-25 12:10 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-11-25 11:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-25 11:39 <REP> d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-11-25 11:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-11-25 11:16 0 --a------ C:\WINDOWS\system32\sys_dll.dll
2007-11-25 10:49 10,027 --a------ C:\WINDOWS\system32\mspriv32.dll
2007-11-25 10:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Program Files\Fichiers communs\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Program Files\ACD Systems
2007-11-25 10:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems
2007-11-24 22:02 347,680 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-24 22:02 7,820 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-24 22:02 6,432 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-24 22:02 1,676 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-11-24 21:58 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-11-24 21:57 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-11-24 21:56 <REP> d-------- C:\WINDOWS\Internet Logs
2007-11-24 21:30 2,813 --a------ C:\WINDOWS\system32\testscript.tmp
2007-11-24 19:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-24 19:31 <REP> d-------- C:\WINDOWS\system32\AppData
2007-11-24 13:28 <REP> d-------- C:\WINDOWS\GTA SAN ANDREAS Tunisien Modification
2007-11-24 13:28 <REP> d-------- C:\Program Files\PCI-SOFT
2007-11-24 13:05 0 --a------ C:\WINDOWS\system32\bdss.log
2007-11-24 12:57 <REP> d--h----- C:\WINDOWS\PIF
2007-11-24 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ChemTable Software
2007-11-24 08:43 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2007-11-24 00:04 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ATI
2007-11-24 00:00 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-11-23 23:59 <REP> d-------- C:\Program Files\ATI Technologies
2007-11-23 22:55 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2007-11-23 22:26 <REP> d-------- C:\Program Files\eMule
2007-11-23 21:44 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Lavasoft
2007-11-23 21:23 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2007-11-23 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Backup
2007-11-22 15:56 1,990 --a------ C:\WINDOWS\system32\drivers\net_m32.inf
2007-11-22 13:28 <REP> d-------- C:\Program Files\Gadwin Systems
2007-11-22 11:36 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-22 11:36 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-22 11:36 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-21 15:05 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Smart PC Solutions
2007-11-21 15:04 <REP> d-------- C:\WINDOWS\Sun
2007-11-21 15:01 <REP> d-------- C:\Program Files\DSL Speed
2007-11-21 14:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-21 14:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-21 14:07 <REP> d-------- C:\Program Files\PcBoost
2007-11-21 14:07 50,520 --a------ C:\WINDOWS\system32\SP32395.SYS
2007-11-21 13:43 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Sonic
2007-11-21 13:42 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Leadertech
2007-11-21 13:41 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared
2007-11-21 13:40 <REP> d-------- C:\Program Files\Java
2007-11-21 13:40 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-11-21 13:40 5,474 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-21 13:12 <REP> d-------- C:\Program Files\Fichiers communs\Java
2007-11-21 12:47 2,820,544 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-11-21 12:47 1,986,560 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-11-21 12:47 1,315,712 --a------ C:\WINDOWS\system32\ativvaxx.dll
2007-11-21 12:47 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-11-21 12:47 356,352 --a------ C:\WINDOWS\system32\ati2cqag.dll
2007-11-21 12:47 267,776 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-11-20 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-20 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 20:41 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-11-20 20:14 <REP> d-------- C:\Program Files\Windows Live
2007-11-20 20:14 <REP> d-------- C:\Program Files\Messenger Plus! Live
2007-11-20 19:56 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-11-20 19:56 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-11-20 19:28 1,156 --a------ C:\WINDOWS\mozver.dat
2007-11-20 18:56 479,298 --a------ C:\WINDOWS\system32\wbocx.ocx
2007-11-20 18:56 172,032 --a------ C:\WINDOWS\system32\AniGIF.ocx
2007-11-20 18:56 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2007-11-20 18:24 <REP> d-------- C:\Program Files\CCleaner
2007-11-20 17:50 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2007-11-20 17:45 816,640 ---h----- C:\WINDOWS\system32\wodfamoh.dll
2007-11-20 17:31 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2007-11-20 17:31 369,696 --a------ C:\WINDOWS\system32\Comct332.ocx
2007-11-20 17:31 140,096 --a------ C:\WINDOWS\system32\Comdlg32.ocx
2007-11-17 08:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-11-16 19:18 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts
2007-11-16 19:17 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-16 19:16 <REP> d-------- C:\Program Files\MSN Messenger
2007-11-16 16:35 <REP> d-------- C:\Program Files\DAP
2007-11-16 16:35 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-16 16:29 <REP> d-------- C:\Program Files\TurboConnect
2007-11-16 16:13 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-11-16 16:09 <REP> d---s---- C:\Documents and Settings\Administrateur\UserData
2007-11-16 15:52 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2007-11-15 07:32 167,936 --a------ C:\WINDOWS\system32\igfxres.dll
2007-11-15 07:31 1,181,824 --a------ C:\WINDOWS\system32\drivers\igxpmp32.sys
2007-11-15 07:31 121,232 --a------ C:\WINDOWS\system32\IScrNBR.bmp
2007-11-14 16:56 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-11-14 16:56 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-11-14 16:50 17,024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-25 17:42 --------- d-----w C:\Program Files\DivX
2007-11-24 20:44 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2007-11-24 09:18 --------- d-----w C:\Program Files\Fichiers communs\Panda Software
2007-11-23 23:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-23 21:48 --------- d-----w C:\Program Files\Winamp
2007-11-16 14:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\RedMercury
2007-10-20 00:56 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-10-20 00:56 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-10-20 00:56 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-10-20 00:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-10-20 00:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-10-20 00:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-10-20 00:54 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-10-20 00:54 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-18 09:06 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-10-18 09:03 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-10-18 09:03 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-10-18 09:03 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-10-18 09:03 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-10-18 09:03 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-10-18 09:02 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"TurboConnect"="C:\PROGRA~1\TURBOC~1\TurboConnect.exe" [2002-08-20 10:28]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:55 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:55 C:\WINDOWS\system32\rundll32.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-11 18:36 C:\WINDOWS\RTHDCPL.exe]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 19:42]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-10-06 11:11]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-10-06 11:13]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-10-06 11:10]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2007-11-20 22:18]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"PcBoost"="C:\Program Files\PcBoost\PcBoost.exe" [2007-11-19 18:06]
"Device Detector"="DevDetect.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-11-25 12:10]
"SuperRam"="C:\Program Files\SuperRam\SuperRam.exe" [2007-11-19 18:13]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:54]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 00:37]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8004b003-9ad0-11dc-9f64-000ffe8cdf6b}]
\Shell\AutoRun\command - K:\RavMon.exe
*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-25 21:52:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-25 21:52:38
.
--- E O F ---
