Virus msn en anglais
Kaly-Ama
-
Le sioux Messages postés 4907 Statut Contributeur sécurité -
Le sioux Messages postés 4907 Statut Contributeur sécurité -
Salut à tous et à toutes et avis aux bonnes âmes prêtes à me conseiller: quelques choses que je suis incapable d'identifier envois des messages en anglais à tous mes contacts en ligne en leur demandant d'ouvrir une image,et cela se reproduit environ toutes les 30 min et dés que je me connecte,( heureusement, tous mes amis savent que je ne suis pas douée en anglais), mais je tiens tout de même à me débarasser de cet intru car ça devient pénible pour rester polie!!
Merci d'avance
Merci d'avance
A voir également:
- Virus msn en anglais
- Virus mcafee - Accueil - Piratage
- Nbcar en anglais - Guide
- Corbeille en anglais - Guide
- Clavier en anglais - Guide
- Telecharger msn - Télécharger - Messagerie
25 réponses
Bonsoir Kaly ama
Bien joué, je regarde ton rapport et te tiens au courant pour la suite sous peu .
As tu executé FlashDesinfector comme demandé message 20 ?
@plus
Bien joué, je regarde ton rapport et te tiens au courant pour la suite sous peu .
As tu executé FlashDesinfector comme demandé message 20 ?
@plus
ComboFix 07-12-21.4 - utilisateur 2007-12-30 16:19:36.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1359 [GMT 1:00]
Running from: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-28 to 2007-12-30 ))))))))))))))))))))))))))))))))))))
.
2007-12-27 18:18 . 2007-12-27 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2007-12-27 18:12 . 2007-12-27 18:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2007-12-27 18:12 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2007-12-27 18:12 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2007-12-27 18:12 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2007-12-27 18:12 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-12-27 18:12 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-12-27 18:12 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-27 18:12 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-27 18:10 . 2007-12-27 18:16 <REP> d-------- C:\Program Files\epson
2007-12-27 18:10 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2007-12-27 18:10 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2007-12-27 18:10 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2007-12-27 18:09 . 2007-12-27 18:09 27 --a------ C:\WINDOWS\CDE DX4400DEFGIPS.ini
2007-12-15 13:08 . 2007-12-15 13:08 <REP> d-------- C:\Program Files\Micro Application
2007-12-14 13:11 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-12-14 13:11 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-12-14 13:11 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-12-14 12:38 . 2007-12-14 12:38 <REP> d---s---- C:\WINDOWS\system32\config\systemprofile\Temporary Internet Files
2007-12-14 12:38 . 2007-12-14 12:38 <REP> d---s---- C:\WINDOWS\system32\config\systemprofile\Historique
2007-12-11 20:10 . 2007-12-11 20:10 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Bitdefender
2007-12-11 19:55 . 2007-12-30 16:19 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-11 19:47 . 2007-12-11 21:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2007-12-11 19:18 . 2007-12-11 19:18 <REP> d-------- C:\Program Files\Trend Micro
2007-12-11 00:55 . 2007-12-11 00:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-02 02:56 . 2007-12-02 02:56 <REP> d-------- C:\Program Files\WEB13AB Camera
2007-12-02 02:56 . 2007-12-02 02:56 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\InstallShield
2007-12-02 02:55 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-02 02:54 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-11-23 14:59 . 2007-11-23 15:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2007-11-22 16:13 . 2007-11-22 17:14 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\PlayFirst
2007-11-22 16:13 . 2007-11-22 16:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-11-20 23:32 . 2007-11-20 23:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-11-20 23:32 . 2007-11-20 23:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2007-11-20 23:14 . 2007-11-22 16:13 <REP> d-------- C:\Downloads
2007-11-15 22:34 . 2007-11-15 22:34 <REP> d-------- C:\Program Files\Real
2007-11-15 22:34 . 2007-11-29 01:25 <REP> d-------- C:\Program Files\Fichiers communs\Real
2007-11-10 23:30 . 2007-11-10 23:30 <REP> dr-h----- C:\Documents and Settings\utilisateur\Application Data\SecuROM
2007-11-10 23:30 . 2007-11-10 23:30 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-11-01 19:03 . 2007-11-01 19:03 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-01 17:21 . 2007-07-09 14:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-01 17:11 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2007-11-01 17:11 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2007-11-01 17:09 . 2007-11-10 03:33 <REP> d-------- C:\Program Files\Wanadoo
2007-11-01 17:07 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2007-11-01 17:07 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 17:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-18 14:45 --------- d-----w C:\Program Files\eMule
2007-12-17 15:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-14 12:04 --------- d-----w C:\Program Files\Java
2007-12-14 12:02 --------- d-----w C:\Program Files\Azureus
2007-12-11 20:50 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
2007-12-10 23:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-30 21:34 --------- d-----w C:\Program Files\Windows Live
2007-11-20 21:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-14 07:28 450,560 ------w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-02 00:31 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-30 09:57 3,086,848 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:36 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:36 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ------w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 05:59 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-10-11 05:59 670,208 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-11 05:59 620,032 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-11 05:59 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-11 05:59 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-11 05:59 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-10-11 05:59 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-11 05:59 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-10-11 05:59 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-10-11 05:59 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-10-11 05:59 205,824 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-11 05:59 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-11 05:59 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-10-11 05:59 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-11 05:59 1,498,624 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-10-11 05:59 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-10-11 05:59 1,024,512 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-10-10 10:48 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-03-15 15:06 166 -c--a-w C:\Documents and Settings\utilisateur\Application Data\wklnhst.dat
2005-09-24 06:49 12,288 -c--a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-25 05:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-10 17:45]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 08:59]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007-03-01 07:01]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 21:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 21:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 21:17]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 16:02 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 06:22]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 14:14]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 10:33]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 09:50]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 08:52]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 19:33]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-05-14 21:30]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-12-11 20:51]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-12-11 20:51]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-25 05:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll
R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\WINDOWS\system32\drivers\pe3ajbeb.sys [2007-08-22 17:31]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\WINDOWS\system32\drivers\ps7ajbeb.sys [2007-08-22 17:30]
S0 Lsa53;Lsa53;C:\WINDOWS\system32\drivers\Lsa53.sys []
S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\WINDOWS\system32\pr2ajbeb.exe svc []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 08:46]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 08:46]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 08:47]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 08:47]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 08:47]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 08:47]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM);C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 08:47]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\Auto\command - F:\AdobeR.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-30 15:17:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-30 16:21:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????W??????`?@?????L?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-30 16:22:20
C:\ComboFix2.txt ... 2007-12-19 15:17
C:\ComboFix3.txt ... 2007-12-18 16:39
.
2007-12-18 22:15:54 --- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1359 [GMT 1:00]
Running from: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-28 to 2007-12-30 ))))))))))))))))))))))))))))))))))))
.
2007-12-27 18:18 . 2007-12-27 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2007-12-27 18:12 . 2007-12-27 18:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2007-12-27 18:12 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCAE.DLL
2007-12-27 18:12 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCAE.DLL
2007-12-27 18:12 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2007-12-27 18:12 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-12-27 18:12 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-12-27 18:12 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-27 18:12 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-27 18:10 . 2007-12-27 18:16 <REP> d-------- C:\Program Files\epson
2007-12-27 18:10 . 2006-12-28 00:00 208,896 --a------ C:\WINDOWS\system32\esint7e.dll
2007-12-27 18:10 . 2006-12-28 00:00 66,560 --a------ C:\WINDOWS\system32\eswia7e.dll
2007-12-27 18:10 . 2006-03-10 00:00 3,584 --a------ C:\WINDOWS\system32\eswiaml.dll
2007-12-27 18:09 . 2007-12-27 18:09 27 --a------ C:\WINDOWS\CDE DX4400DEFGIPS.ini
2007-12-15 13:08 . 2007-12-15 13:08 <REP> d-------- C:\Program Files\Micro Application
2007-12-14 13:11 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-12-14 13:11 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-12-14 13:11 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-12-14 13:11 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-12-14 12:38 . 2007-12-14 12:38 <REP> d---s---- C:\WINDOWS\system32\config\systemprofile\Temporary Internet Files
2007-12-14 12:38 . 2007-12-14 12:38 <REP> d---s---- C:\WINDOWS\system32\config\systemprofile\Historique
2007-12-11 20:10 . 2007-12-11 20:10 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Bitdefender
2007-12-11 19:55 . 2007-12-30 16:19 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-12-11 19:47 . 2007-12-11 21:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2007-12-11 19:18 . 2007-12-11 19:18 <REP> d-------- C:\Program Files\Trend Micro
2007-12-11 00:55 . 2007-12-11 00:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-02 02:56 . 2007-12-02 02:56 <REP> d-------- C:\Program Files\WEB13AB Camera
2007-12-02 02:56 . 2007-12-02 02:56 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\InstallShield
2007-12-02 02:55 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-02 02:54 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-11-23 14:59 . 2007-11-23 15:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Zylom
2007-11-22 16:13 . 2007-11-22 17:14 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\PlayFirst
2007-11-22 16:13 . 2007-11-22 16:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-11-20 23:32 . 2007-11-20 23:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-11-20 23:32 . 2007-11-20 23:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2007-11-20 23:14 . 2007-11-22 16:13 <REP> d-------- C:\Downloads
2007-11-15 22:34 . 2007-11-15 22:34 <REP> d-------- C:\Program Files\Real
2007-11-15 22:34 . 2007-11-29 01:25 <REP> d-------- C:\Program Files\Fichiers communs\Real
2007-11-10 23:30 . 2007-11-10 23:30 <REP> dr-h----- C:\Documents and Settings\utilisateur\Application Data\SecuROM
2007-11-10 23:30 . 2007-11-10 23:30 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-11-01 19:03 . 2007-11-01 19:03 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-01 17:21 . 2007-07-09 14:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-01 17:11 . 2004-08-23 14:50 32,768 --a------ C:\WINDOWS\system32\WooDial2000.dll
2007-11-01 17:11 . 2003-08-04 14:22 16,128 --------- C:\WINDOWS\system32\PCANDIS5.SYS
2007-11-01 17:09 . 2007-11-10 03:33 <REP> d-------- C:\Program Files\Wanadoo
2007-11-01 17:07 . 2005-06-17 10:26 114,688 --a------ C:\WINDOWS\system32\WLANUTL.dll
2007-11-01 17:07 . 2003-08-04 14:22 94,208 --a------ C:\WINDOWS\system32\W32n50.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 17:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-18 14:45 --------- d-----w C:\Program Files\eMule
2007-12-17 15:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-14 12:04 --------- d-----w C:\Program Files\Java
2007-12-14 12:02 --------- d-----w C:\Program Files\Azureus
2007-12-11 20:50 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
2007-12-10 23:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-30 21:34 --------- d-----w C:\Program Files\Windows Live
2007-11-20 21:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-11-14 07:28 450,560 ------w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-02 00:31 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-30 09:57 3,086,848 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:36 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:36 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 08:28 222,720 ------w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 05:59 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-10-11 05:59 670,208 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-11 05:59 620,032 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-11 05:59 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-11 05:59 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-11 05:59 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-10-11 05:59 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-11 05:59 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-10-11 05:59 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-10-11 05:59 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-10-11 05:59 205,824 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-11 05:59 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-11 05:59 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-10-11 05:59 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-11 05:59 1,498,624 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-10-11 05:59 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-10-11 05:59 1,024,512 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-10-10 10:48 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-03-15 15:06 166 -c--a-w C:\Documents and Settings\utilisateur\Application Data\wklnhst.dat
2005-09-24 06:49 12,288 -c--a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-25 05:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-10 17:45]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" []
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 08:59]
"EPSON Stylus DX4400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe" [2007-03-01 07:01]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 20:34]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-22 21:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-22 21:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-22 21:17]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 16:02 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 06:22]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-07-19 14:14]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 10:33]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 09:50]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [2006-02-09 08:52]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 19:33]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-05-14 21:30]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-12-11 20:51]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-12-11 20:51]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-25 05:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll
R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb);C:\WINDOWS\system32\drivers\pe3ajbeb.sys [2007-08-22 17:31]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb);C:\WINDOWS\system32\drivers\ps7ajbeb.sys [2007-08-22 17:30]
S0 Lsa53;Lsa53;C:\WINDOWS\system32\drivers\Lsa53.sys []
S2 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb);C:\WINDOWS\system32\pr2ajbeb.exe svc []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 08:46]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 08:46]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 08:47]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 08:47]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 08:47]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 08:47]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM);C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 08:47]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\Auto\command - F:\AdobeR.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-30 15:17:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-30 16:21:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????W??????`?@?????L?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-30 16:22:20
C:\ComboFix2.txt ... 2007-12-19 15:17
C:\ComboFix3.txt ... 2007-12-18 16:39
.
2007-12-18 22:15:54 --- E O F ---
Bonsoir Kaly ama
Oups, je t avais un peu oublié ... désolé, je regarde tout cela dans la soirée si je peux (je serais au taff) sinon,dans le pire des cas, je te dis quoi faire au matin.
@plus
Oups, je t avais un peu oublié ... désolé, je regarde tout cela dans la soirée si je peux (je serais au taff) sinon,dans le pire des cas, je te dis quoi faire au matin.
@plus
Re bonjour
Bon, je vois que tu m'as envoyé un autre rapport ComboFix sans un mot ...
Je ne t'avais pas demandé cela, par contre je t'avais posée cette question restée sans réponse :
As tu executé FlashDesinfector comme demandé message 20 ?
Salut.
Bon, je vois que tu m'as envoyé un autre rapport ComboFix sans un mot ...
Je ne t'avais pas demandé cela, par contre je t'avais posée cette question restée sans réponse :
As tu executé FlashDesinfector comme demandé message 20 ?
Salut.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
