Processus vraiment chiant et inconue
sirial
-
sirial -
sirial -
Bonjour, a tous
voila j'ai un problème de processus intempestif je peu l'arrêter mais il revient sans arrêt son nom:" 87exgmrgml18" le problème c'est qu'il na pas toujours les mêmes chiffres de plus aucun anti-virus ne détectent de virus exemple: nod 32, trend micro,bitdefender,spybot,smitfraudfix et autres ce proccesus reduit mes jeux lorsque je suis en train de jouer et lorsque j'écrit sur msn enlève mon curseur de plus il me prend environ 30000ko! donc i need help si quelqu'un pourai m'aider sa serait sympa merci!
voila j'ai un problème de processus intempestif je peu l'arrêter mais il revient sans arrêt son nom:" 87exgmrgml18" le problème c'est qu'il na pas toujours les mêmes chiffres de plus aucun anti-virus ne détectent de virus exemple: nod 32, trend micro,bitdefender,spybot,smitfraudfix et autres ce proccesus reduit mes jeux lorsque je suis en train de jouer et lorsque j'écrit sur msn enlève mon curseur de plus il me prend environ 30000ko! donc i need help si quelqu'un pourai m'aider sa serait sympa merci!
A voir également:
- Processus vraiment chiant et inconue
- Processus hote windows rundll32 c'est quoi ✓ - Forum Windows
- Processus rundll32.exe au démarrage - 50% CPU - Forum Virus
- Quest ce que Processus hôte windows(Rundll32) ✓ - Forum Logiciels
- Appeler en inconue - Guide
- Processus inactif du systeme ✓ - Forum Windows
2 réponses
merci je vien de faire un combofix je met le rapport ici si quelqu'un si connait!
ComboFix 08-02-15.2 - alex 2008-02-15 15:33:20.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.605 [GMT 1:00]
Endroit: C:\Documents and Settings\alex\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))))))))
.
2008-02-06 16:31 . 2008-02-06 16:31 <REP> d-------- C:\Documents and Settings\alex\Application Data\ESET
2008-02-06 16:30 . 2008-02-06 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-02-04 13:35 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-02-04 13:35 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-02-03 17:56 . 2008-02-04 13:38 161,377 --a------ C:\WINDOWS\system32\NvApps.xml
2008-02-02 17:12 . 2008-01-27 20:11 <REP> d-------- C:\Documents and Settings\DM-{BCRC}-Utopia 1.2\DM-{BCRC}-Utopia 1.2
2008-01-30 12:38 . 2008-01-30 12:38 71,176 --a------ C:\WINDOWS\system32\drivers\epfw.sys
2008-01-30 12:38 . 2008-01-30 12:38 54,280 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys
2008-01-30 12:38 . 2008-01-30 12:38 30,728 --a------ C:\WINDOWS\system32\drivers\epfwndis.sys
2008-01-30 12:35 . 2008-01-30 12:35 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2008-01-30 12:35 . 2008-01-30 12:35 29,704 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2008-01-28 11:26 . 2008-01-28 11:26 1,751 --a------ C:\Documents and Settings\alex\clean.reg
2008-01-28 11:08 . 2008-01-28 11:08 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-27 16:10 . 2008-01-27 16:15 <REP> d-------- C:\Program Files\RegistrySmart
2008-01-25 17:41 . 2003-10-15 17:52 200,704 -ra------ C:\WINDOWS\sel3110.exe
2008-01-25 17:41 . 2003-10-15 17:52 174,530 -ra------ C:\WINDOWS\system32\drivers\ov519vid.sys
2008-01-25 17:41 . 2003-10-15 17:52 40,960 -ra------ C:\WINDOWS\system32\ov519ext.dll
2008-01-25 17:41 . 2003-10-15 17:52 25,211 -ra------ C:\WINDOWS\system32\drivers\ov519cmd.sys
2008-01-25 17:41 . 2003-10-15 17:52 25,099 -ra------ C:\WINDOWS\system32\ov519ext.ax
2008-01-21 15:00 . 2008-02-14 17:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-21 15:00 . 2008-01-21 15:00 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-20 21:13 . 2008-02-04 14:25 50 --a------ C:\plug_in.ini
2008-01-17 19:00 . 2008-02-06 16:08 <REP> d-------- C:\Program Files\uTorrent
2008-01-17 19:00 . 2008-02-14 19:17 <REP> d-------- C:\Documents and Settings\alex\Application Data\uTorrent
2008-01-15 01:34 . 2008-01-15 01:34 <REP> d-------- C:\Documents and Settings\alex\Application Data\Renoise
2008-01-15 01:33 . 2008-01-15 20:31 <REP> d-------- C:\Program Files\Renoise 1.9.0
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 14:30 --------- d-----w C:\Documents and Settings\alex\Application Data\WTablet
2008-02-14 22:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-14 20:52 --------- d-----w C:\Program Files\VirtualDJ
2008-02-14 16:38 --------- d-----w C:\Program Files\eMule
2008-02-06 15:30 --------- d-----w C:\Program Files\ESET
2008-02-05 15:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-20 16:49 --------- d-----w C:\Program Files\VstPlugins
2008-01-13 22:08 --------- d-----w C:\Documents and Settings\alex\Application Data\InstallShield
2008-01-13 19:03 --------- d-----w C:\Documents and Settings\alex\Application Data\Publish Providers
2008-01-13 19:02 --------- d-----w C:\Documents and Settings\alex\Application Data\Sony
2008-01-13 18:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-01-13 18:58 --------- d-----w C:\Program Files\Sony Setup
2008-01-13 18:58 --------- d-----w C:\Program Files\Sony
2008-01-12 16:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 21:22 --------- d-----w C:\Program Files\KONAMI
2008-01-10 20:12 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-01-10 20:11 151,552 ----a-w C:\WINDOWS\system32\nvRegDev.dll
2007-12-29 22:15 --------- d-----w C:\Documents and Settings\alex\Application Data\GetRightToGo
2007-12-29 19:46 --------- d-----w C:\Program Files\Image-Line
2007-12-29 19:43 --------- d-----w C:\Program Files\Steinberg
2007-12-23 03:44 --------- d-----w C:\Documents and Settings\alex\Application Data\U3
2007-12-22 19:57 --------- d--h--r C:\Documents and Settings\alex\Application Data\SecuROM
2007-12-22 19:52 22,328 ----a-w C:\Documents and Settings\alex\Application Data\PnkBstrK.sys
2007-12-22 19:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-12-22 15:35 --------- d-----w C:\Program Files\Tablet
2007-12-21 18:45 --------- d-----w C:\Program Files\HOTALBUMMyBOX
2007-12-20 14:09 --------- d-----w C:\Program Files\MySpace
2007-12-19 20:24 --------- d-----w C:\Documents and Settings\alex\Application Data\MySpace
2007-12-19 00:16 --------- d-----w C:\Program Files\Ambient Design
2007-12-19 00:12 --------- d-----w C:\Documents and Settings\alex\Application Data\Ambient Design
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-16 13:55 --------- d-----w C:\Program Files\CASIO
2007-12-16 13:53 15,172 ----a-w C:\WINDOWS\system32\drivers\PzWDM.sys
2007-12-14 15:00 98,304 ----a-w C:\WINDOWS\DUMPad57.tmp
2007-12-07 01:07 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
2007-12-05 00:41 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
2007-12-05 00:41 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-12-05 00:41 3,334,144 ----a-w C:\WINDOWS\system32\nvgamesr.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
2007-12-05 00:41 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
2007-12-05 00:41 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 12:32 94208]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-09-14 15:57 190024]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-08-16 15:19 5728112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-07-12 10:47 352256]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 03:07 843776]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-04-10 08:19 729088]
"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-07-20 22:35 3167744]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Desktop\V5.1\moffice.exe" [2007-07-14 19:41 958464]
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-07-14 19:41 387584]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"devenv"="C:\WINDOWS\system\smvss.exe" [2008-01-13 23:11 34304]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-01-30 12:37 1443072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MediaChecker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MediaChecker.lnk
backup=C:\WINDOWS\pss\MediaChecker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-14 11:40 5304320 C:\Program Files\eMule\emule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MBBalloon]
--a------ 2006-12-15 11:45 787096 C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-08-16 15:19 5728112 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 03:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-04-25 16:44 35328 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\[webwiz]]
C:\PROGRA~1\_WEBWI~1\WEBWIZ~1.EXE
R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2007-12-16 14:53]
R1 XPROTECTOR;XPROTECTOR;C:\WINDOWS\system32\drivers\Oreans.sys [2007-09-13 18:50]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2006-03-02 13:00]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 08:30]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 20:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 19:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-16 01:11]
S3 SaiH5F0D;SaiH5F0D;C:\WINDOWS\system32\DRIVERS\SaiH5F0D.sys [2005-11-14 07:19]
S3 SaiU5F0D;SaiU5F0D;C:\WINDOWS\system32\DRIVERS\SaiU5F0D.sys [2005-11-14 07:19]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeb21b46-6212-11dc-aba4-0015af09908c}]
\Shell\AutoRun\command - J:\LaunchU3.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-10 02:30:00 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 15:35:24
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-15 15:35:38
.
2008-02-13 22:50:28 --- E O F ---
ComboFix 08-02-15.2 - alex 2008-02-15 15:33:20.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.605 [GMT 1:00]
Endroit: C:\Documents and Settings\alex\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))))))))
.
2008-02-06 16:31 . 2008-02-06 16:31 <REP> d-------- C:\Documents and Settings\alex\Application Data\ESET
2008-02-06 16:30 . 2008-02-06 16:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-02-04 13:35 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-02-04 13:35 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-02-03 17:56 . 2008-02-04 13:38 161,377 --a------ C:\WINDOWS\system32\NvApps.xml
2008-02-02 17:12 . 2008-01-27 20:11 <REP> d-------- C:\Documents and Settings\DM-{BCRC}-Utopia 1.2\DM-{BCRC}-Utopia 1.2
2008-01-30 12:38 . 2008-01-30 12:38 71,176 --a------ C:\WINDOWS\system32\drivers\epfw.sys
2008-01-30 12:38 . 2008-01-30 12:38 54,280 --a------ C:\WINDOWS\system32\drivers\epfwtdi.sys
2008-01-30 12:38 . 2008-01-30 12:38 30,728 --a------ C:\WINDOWS\system32\drivers\epfwndis.sys
2008-01-30 12:35 . 2008-01-30 12:35 39,944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2008-01-30 12:35 . 2008-01-30 12:35 29,704 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2008-01-28 11:26 . 2008-01-28 11:26 1,751 --a------ C:\Documents and Settings\alex\clean.reg
2008-01-28 11:08 . 2008-01-28 11:08 <REP> d-------- C:\WINDOWS\ERUNT
2008-01-27 16:10 . 2008-01-27 16:15 <REP> d-------- C:\Program Files\RegistrySmart
2008-01-25 17:41 . 2003-10-15 17:52 200,704 -ra------ C:\WINDOWS\sel3110.exe
2008-01-25 17:41 . 2003-10-15 17:52 174,530 -ra------ C:\WINDOWS\system32\drivers\ov519vid.sys
2008-01-25 17:41 . 2003-10-15 17:52 40,960 -ra------ C:\WINDOWS\system32\ov519ext.dll
2008-01-25 17:41 . 2003-10-15 17:52 25,211 -ra------ C:\WINDOWS\system32\drivers\ov519cmd.sys
2008-01-25 17:41 . 2003-10-15 17:52 25,099 -ra------ C:\WINDOWS\system32\ov519ext.ax
2008-01-21 15:00 . 2008-02-14 17:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-21 15:00 . 2008-01-21 15:00 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-20 21:13 . 2008-02-04 14:25 50 --a------ C:\plug_in.ini
2008-01-17 19:00 . 2008-02-06 16:08 <REP> d-------- C:\Program Files\uTorrent
2008-01-17 19:00 . 2008-02-14 19:17 <REP> d-------- C:\Documents and Settings\alex\Application Data\uTorrent
2008-01-15 01:34 . 2008-01-15 01:34 <REP> d-------- C:\Documents and Settings\alex\Application Data\Renoise
2008-01-15 01:33 . 2008-01-15 20:31 <REP> d-------- C:\Program Files\Renoise 1.9.0
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 14:30 --------- d-----w C:\Documents and Settings\alex\Application Data\WTablet
2008-02-14 22:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-14 20:52 --------- d-----w C:\Program Files\VirtualDJ
2008-02-14 16:38 --------- d-----w C:\Program Files\eMule
2008-02-06 15:30 --------- d-----w C:\Program Files\ESET
2008-02-05 15:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-20 16:49 --------- d-----w C:\Program Files\VstPlugins
2008-01-13 22:08 --------- d-----w C:\Documents and Settings\alex\Application Data\InstallShield
2008-01-13 19:03 --------- d-----w C:\Documents and Settings\alex\Application Data\Publish Providers
2008-01-13 19:02 --------- d-----w C:\Documents and Settings\alex\Application Data\Sony
2008-01-13 18:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-01-13 18:58 --------- d-----w C:\Program Files\Sony Setup
2008-01-13 18:58 --------- d-----w C:\Program Files\Sony
2008-01-12 16:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-10 21:22 --------- d-----w C:\Program Files\KONAMI
2008-01-10 20:12 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-01-10 20:11 151,552 ----a-w C:\WINDOWS\system32\nvRegDev.dll
2007-12-29 22:15 --------- d-----w C:\Documents and Settings\alex\Application Data\GetRightToGo
2007-12-29 19:46 --------- d-----w C:\Program Files\Image-Line
2007-12-29 19:43 --------- d-----w C:\Program Files\Steinberg
2007-12-23 03:44 --------- d-----w C:\Documents and Settings\alex\Application Data\U3
2007-12-22 19:57 --------- d--h--r C:\Documents and Settings\alex\Application Data\SecuROM
2007-12-22 19:52 22,328 ----a-w C:\Documents and Settings\alex\Application Data\PnkBstrK.sys
2007-12-22 19:51 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-12-22 15:35 --------- d-----w C:\Program Files\Tablet
2007-12-21 18:45 --------- d-----w C:\Program Files\HOTALBUMMyBOX
2007-12-20 14:09 --------- d-----w C:\Program Files\MySpace
2007-12-19 20:24 --------- d-----w C:\Documents and Settings\alex\Application Data\MySpace
2007-12-19 00:16 --------- d-----w C:\Program Files\Ambient Design
2007-12-19 00:12 --------- d-----w C:\Documents and Settings\alex\Application Data\Ambient Design
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-16 13:55 --------- d-----w C:\Program Files\CASIO
2007-12-16 13:53 15,172 ----a-w C:\WINDOWS\system32\drivers\PzWDM.sys
2007-12-14 15:00 98,304 ----a-w C:\WINDOWS\DUMPad57.tmp
2007-12-07 01:07 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
2007-12-05 00:41 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
2007-12-05 00:41 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-12-05 00:41 3,334,144 ----a-w C:\WINDOWS\system32\nvgamesr.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
2007-12-05 00:41 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
2007-12-05 00:41 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 12:32 94208]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-09-14 15:57 190024]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-08-16 15:19 5728112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-07-12 10:47 352256]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 03:07 843776]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-04-10 08:19 729088]
"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-07-20 22:35 3167744]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Desktop\V5.1\moffice.exe" [2007-07-14 19:41 958464]
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-07-14 19:41 387584]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 11:06 77824]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"devenv"="C:\WINDOWS\system\smvss.exe" [2008-01-13 23:11 34304]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-01-30 12:37 1443072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MediaChecker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MediaChecker.lnk
backup=C:\WINDOWS\pss\MediaChecker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files\GameSpy\Comrade\Comrade.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
--a------ 2007-05-14 11:40 5304320 C:\Program Files\eMule\emule.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MBBalloon]
--a------ 2006-12-15 11:45 787096 C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-08-16 15:19 5728112 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-07-12 03:00 132496 C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-04-25 16:44 35328 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\[webwiz]]
C:\PROGRA~1\_WEBWI~1\WEBWIZ~1.EXE
R0 PzWDM;PzWDM;C:\WINDOWS\system32\Drivers\PzWDM.sys [2007-12-16 14:53]
R1 XPROTECTOR;XPROTECTOR;C:\WINDOWS\system32\drivers\Oreans.sys [2007-09-13 18:50]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2006-03-02 13:00]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 08:30]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 20:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 19:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-16 01:11]
S3 SaiH5F0D;SaiH5F0D;C:\WINDOWS\system32\DRIVERS\SaiH5F0D.sys [2005-11-14 07:19]
S3 SaiU5F0D;SaiU5F0D;C:\WINDOWS\system32\DRIVERS\SaiU5F0D.sys [2005-11-14 07:19]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeb21b46-6212-11dc-aba4-0015af09908c}]
\Shell\AutoRun\command - J:\LaunchU3.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-10 02:30:00 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
- C:\Program Files\RegistrySmart\RegistrySmart.ex
- C:\Program Files\RegistrySmart
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 15:35:24
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-15 15:35:38
.
2008-02-13 22:50:28 --- E O F ---
