Mclurnqy.dll et heqfplpo.dll introuvable
Résolu/Fermé
Cobaycool
-
30 mai 2008 à 22:41
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 2 juin 2008 à 10:23
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 2 juin 2008 à 10:23
A voir également:
- Mclurnqy.dll et heqfplpo.dll introuvable
- Le chemin d'accès spécifié est introuvable ✓ - Forum Téléchargement
- Xinput1_3.dll est introuvable ✓ - Forum Jeux PC
- Facebook rencontre introuvable 2023 ✓ - Forum Facebook
- Serveur introuvable ✓ - Forum Réseaux sociaux
- Messenger 1 message non lu introuvable - Forum Facebook Messenger
7 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
30 mai 2008 à 22:42
30 mai 2008 à 22:42
Salut
Télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tuto : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Télécharge ceci :
Lien : http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
Tuto : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:23, on 30/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.be/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [BM8b4b74ef] "Rundll32.exe" "C:\WINDOWS\system32\mclurnqy.dll",s
O4 - HKLM\..\Run: [88784773] "rundll32.exe" "C:\WINDOWS\system32\heqfpbpo.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [inwkkcz] c:\documents and settings\administrateur\local settings\application data\inwkkcz.exe inwkkcz
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?ca3428ed43d44ebbaa34778e49f71d0e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?ca3428ed43d44ebbaa34778e49f71d0e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
Scan saved at 23:02:23, on 30/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.be/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.be/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [BM8b4b74ef] "Rundll32.exe" "C:\WINDOWS\system32\mclurnqy.dll",s
O4 - HKLM\..\Run: [88784773] "rundll32.exe" "C:\WINDOWS\system32\heqfpbpo.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [inwkkcz] c:\documents and settings\administrateur\local settings\application data\inwkkcz.exe inwkkcz
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?ca3428ed43d44ebbaa34778e49f71d0e
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?ca3428ed43d44ebbaa34778e49f71d0e
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
30 mai 2008 à 23:17
30 mai 2008 à 23:17
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp
++
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp
++
ComboFix 08-05-29.1 - Administrateur 2008-05-30 23:46:20.2 - NTFSx86 MINIMAL
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
/wow section - STAGE 38
La syntaxe de la commande est incorrecte.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz_navps.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces_navps.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww_navps.dat
C:\WINDOWS\system32\drivers\Icon.exe
.
---- Previous Run -------
.
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz.dat
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz_nav.dat
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz_navps.dat
C:\WINDOWS\BM8b4b74ef.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\opbpfqeh.ini
C:\WINDOWS\system32\pmnmnKEt.dll
C:\WINDOWS\system32\tEKnmnmp.ini
C:\WINDOWS\system32\tEKnmnmp.ini2
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-28 to 2008-05-30 ))))))))))))))))))))))))))))))))))))
.
2008-05-30 22:51 . 2008-05-30 22:51 <REP> d--h----- C:\$AVG8.VAULT$
2008-05-30 22:50 . 2008-05-30 22:50 <REP> d-------- C:\Program Files\Trend Micro
2008-05-30 22:47 . 2008-05-30 22:53 <REP> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-30 22:47 . 2008-05-30 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AVGTOOLBAR
2008-05-30 22:47 . 2008-05-30 22:47 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-30 22:47 . 2008-05-30 22:47 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-30 22:47 . 2008-05-30 22:47 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-30 22:45 . 2008-05-30 22:45 <REP> d-------- C:\Program Files\AVG
2008-05-30 22:45 . 2008-05-30 22:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-30 22:31 . 2008-05-30 22:31 <REP> d-------- C:\Program Files\Avira
2008-05-30 22:31 . 2008-05-30 22:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-30 15:46 . 2008-05-30 15:46 164 --a------ C:\install.dat
2008-05-30 15:44 . 2008-05-30 23:13 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-30 15:44 . 2008-05-30 23:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-30 15:42 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-30 15:39 . 2008-05-30 15:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2008-05-30 15:38 . 2008-05-30 15:42 <REP> d-------- C:\Temp
2008-05-30 15:21 . 2008-05-30 15:21 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2008-05-30 15:20 . 2008-05-30 23:15 <REP> d-------- C:\Program Files\Hitman Pro
2008-05-29 21:31 . 2008-05-29 21:31 57,344 --a------ C:\WINDOWS\system32\geBrpmnn.dll
2008-05-29 21:14 . 2008-05-29 22:29 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-29 20:56 . 2008-05-29 20:59 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-05-28 15:07 . 2008-05-28 15:07 <REP> d-------- C:\Program Files\ESET
2008-05-25 00:56 . 2008-05-25 00:56 3,932,214 --a------ C:\WINDOWS\AW_XenoMorph1280.bmp
2008-05-25 00:54 . 2008-05-25 00:54 <REP> d-------- C:\Program Files\Fichiers communs\Stardock
2008-05-25 00:54 . 2008-05-25 00:58 <REP> d-------- C:\Program Files\AlienGUIse
2008-05-25 00:54 . 2003-02-26 22:27 36,864 --a------ C:\WINDOWS\system32\wbsys.dll
2008-05-25 00:54 . 2008-05-25 00:54 56 --a------ C:\WINDOWS\wb.ini
2008-05-24 17:34 . 2008-05-24 17:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-24 16:12 . 2008-05-24 16:49 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-05-21 13:05 . 2008-05-21 13:05 <REP> d-------- C:\Program Files\Rockstar Games
2008-05-19 21:08 . 2008-05-19 21:08 680,960 --a------ C:\WINDOWS\isRS-000.tmp
2008-05-19 21:03 . 2008-05-18 09:23 2,256,896 --a------ C:\WINDOWS\system32\vbsbak.dat
2008-05-19 21:03 . 2008-05-19 21:39 297,984 --a------ C:\WINDOWS\system32\baksm.dat
2008-05-19 21:03 . 2003-09-06 22:32 73,728 --a------ C:\WINDOWS\system32\smh.dat
2008-05-19 20:53 . 2008-05-19 20:53 0 --a------ C:\WINDOWS\system32\suupdate.dat
2008-05-17 23:54 . 2008-05-17 23:54 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-05-17 23:54 . 1997-05-29 16:26 316,416 --a------ C:\WINDOWS\IsUn040c.exe
2008-05-17 18:57 . 2008-05-18 00:02 <REP> d-------- C:\Sierra
2008-05-16 17:45 . 2008-05-16 17:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-16 17:45 . 2008-05-16 17:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-05-15 17:12 . 2008-05-15 20:49 <REP> d-------- C:\Program Files\Windows Defender
2008-05-15 17:08 . 2008-05-15 20:33 <REP> d-------- C:\Program Files\Uniblue
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\system32\bits
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-14 18:10 . 2008-05-14 18:18 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-14 17:39 . 2008-04-14 04:33 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-05-14 17:38 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-14 17:37 . 2008-04-14 04:33 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2008-05-14 15:32 . 2008-05-14 15:32 <REP> d--h----- C:\WINDOWS\PIF
2008-05-12 17:04 . 2008-05-12 17:06 10 --a------ C:\WINDOWS\popcinfo.dat
2008-05-12 17:03 . 2008-05-12 17:03 19,968 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-05-12 16:59 . 2008-05-12 17:05 724,992 --a------ C:\WINDOWS\iun6002.exe
2008-05-09 18:42 . 2008-05-24 16:41 <REP> d-------- C:\Program Files\SpeedFan
2008-05-05 22:30 . 2008-05-05 22:30 <REP> d-------- C:\Program Files\MediaInfo
2008-05-05 20:09 . 2008-05-05 20:09 682,496 --a------ C:\WINDOWS\system32\CDUninst.exe
2008-05-03 17:20 . 2008-05-03 17:20 <REP> d-------- C:\WINDOWS\system32\NtmsData
2008-05-03 16:47 . 2008-05-03 16:47 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-05-02 17:05 . 2008-05-02 17:05 <REP> d-------- C:\WINDOWS\system32\FlashAX
2008-04-30 13:10 . 2008-05-26 21:04 <REP> d-------- C:\Program Files\Lavalys
2008-04-26 11:48 . 2008-04-26 11:48 <REP> d-------- C:\Program Files\KC Softwares
2008-04-25 17:24 . 2008-04-25 17:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nexon
2008-04-18 23:04 . 2008-03-03 14:25 5,702 --ah----- C:\WINDOWS\nod32restoretemdono.reg
2008-04-18 22:47 . 2008-04-18 22:47 <REP> d-------- C:\Program Files\real
2008-04-18 21:59 . 2008-04-18 21:59 <REP> d-------- C:\Program Files\%temp&
2008-04-17 20:35 . 2008-04-17 21:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-04-15 17:40 . 2008-04-15 17:46 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-04-15 17:40 . 2008-05-30 23:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-15 17:40 . 2008-04-15 17:40 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-15 17:39 . 2008-04-15 17:39 <REP> d-------- C:\Program Files\iTunes
2008-04-15 17:39 . 2008-04-15 17:39 <REP> d-------- C:\Program Files\iPod
2008-04-15 17:38 . 2008-04-15 17:38 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-04-15 17:26 . 2008-04-15 17:27 <REP> d-------- C:\Program Files\QuickTime
2008-04-13 18:56 . 2008-05-09 21:59 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-04-11 15:45 . 2004-02-29 14:47 528,384 --a------ C:\WINDOWS\system32\SLLights.dll
2008-04-11 15:45 . 2004-02-29 14:12 454,656 --a------ C:\WINDOWS\system32\slcpappl.cpl
2008-04-11 15:45 . 2004-02-29 13:47 368,640 --a------ C:\WINDOWS\system32\slmh.exe
2008-04-11 15:45 . 2004-02-29 13:47 351,183 --a------ C:\WINDOWS\system32\slmh.cab
2008-04-11 15:45 . 2004-02-29 13:53 208,896 --a------ C:\WINDOWS\system32\amr_cpl.dll
2008-04-11 15:45 . 2004-02-29 14:25 167,936 --a------ C:\WINDOWS\system32\minirec.exe
2008-04-11 15:45 . 2004-01-04 17:37 138,560 --a------ C:\WINDOWS\system32\slcpappl.chm
2008-04-11 15:45 . 2004-02-29 14:49 65,536 --a------ C:\WINDOWS\SmCfg.exe
2008-04-11 15:45 . 2004-02-29 14:22 14,968 --a------ C:\WINDOWS\system32\drivers\winddx.sys
2008-04-11 15:44 . 2008-04-11 15:45 <REP> d-------- C:\WINDOWS\Modio
2008-04-11 15:24 . 2008-04-11 15:24 32 --a------ C:\WINDOWS\CD_Start.INI
2008-04-09 19:34 . 2003-12-17 15:01 448,000 --a------ C:\WINDOWS\system32\drivers\unMTCDIO.exe
2008-04-09 19:34 . 2003-09-22 14:31 36,864 --a------ C:\WINDOWS\system32\drivers\MTCDIO.dll
2008-04-09 19:34 . 2003-09-22 11:04 11,316 --a------ C:\WINDOWS\system32\drivers\MTCDIO.sys
2008-04-09 19:34 . 2003-12-17 12:00 934 --a------ C:\WINDOWS\system32\drivers\UNMTCDIO.bat
2008-04-09 16:26 . 2008-05-23 20:55 <REP> d-------- C:\Program Files\FileZilla FTP Client
2008-04-09 16:26 . 2008-05-23 20:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\FileZilla
2008-04-07 20:44 . 2008-04-07 20:44 <REP> d-------- C:\WINDOWS\Sun
2008-04-03 00:40 . 2008-04-11 15:44 <REP> d-------- C:\pnp
2008-04-03 00:13 . 2008-05-24 17:30 <REP> d-------- C:\Program Files\ATI Technologies
2008-04-03 00:13 . 2008-05-12 10:49 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-04-01 22:53 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-01 22:53 . 2008-04-01 22:53 385 --a------ C:\WINDOWS\ODBC.INI
2008-04-01 22:50 . 2008-04-01 22:52 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-04-01 22:50 . 2008-04-01 22:50 <REP> d-------- C:\Program Files\Microsoft.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 21:20 0 ----a-w C:\WINDOWS\system32\drivers\eicon.txt
2008-05-30 21:14 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-30 20:42 --------- d-----w C:\Program Files\Steam
2008-05-29 19:14 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-05-29 16:21 --------- d-----w C:\Program Files\XoftSpySE
2008-05-29 04:52 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-29 04:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-26 13:18 --------- d-----w C:\Program Files\uTorrent
2008-05-23 18:53 --------- d-s---w C:\Program Files\HLSW
2008-05-23 18:53 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\HLSW
2008-05-15 18:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Uniblue
2008-05-12 16:30 3,007,488 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-05-12 15:02 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-05-08 19:51 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\mIRC
2008-05-08 19:49 --------- d-----w C:\Program Files\mIRC
2008-04-25 12:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\teamspeak2
2008-04-18 18:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-04-15 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 02:03 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
2008-04-14 02:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99972D1B-964E-49EC-92F4-1EB39F4810A5}]
C:\WINDOWS\system32\qoMfcCTM.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
2008-05-30 22:47 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [2008-05-30 22:47 2050816]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 16:28 577536 C:\WINDOWS\soundman.exe]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"BM8b4b74ef"="Rundll32.exe" [2008-04-14 04:34 33792 C:\WINDOWS\system32\rundll32.exe]
"88784773"="rundll32.exe" [2008-04-14 04:34 33792 C:\WINDOWS\system32\rundll32.exe]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-30 22:38 262401]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-30 22:45 1177368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 04:33 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{99972D1B-964E-49EC-92F4-1EB39F4810A5}"= C:\WINDOWS\system32\qoMfcCTM.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qoMfcCTM]
qoMfcCTM.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll,avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"vidc.ir32"= C:\WINDOWS\system32\ir32_32.dll
"vidc.ir31"= C:\WINDOWS\system32\ir32_32.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Nero\\Nero ControlCenter\\SetupX.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Steam\\steamapps\\cobaycool\\counter-strike\\hl.exe"=
"C:\\Program Files\\Steam\\steamapps\\cobaycool\\dedicated server\\hlds.exe"=
"C:\\Program Files\\HLSW\\hlsw.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Nexon\\NGM\\NGM.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Nexon\\Common\\NMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
R2 MTC0005_MTCDIO;Wireless HotKey Driver;C:\WINDOWS\system32\drivers\MTCDIO.sys [2003-09-22 11:04]
S1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-30 22:47]
S2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-30 22:45]
S2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-30 22:45]
S2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-30 22:47]
S2 MTCDIO;MTCDIO;C:\WINDOWS\system32\DRIVERS\MTCDIO.sys [2003-09-22 11:04]
S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2004-08-05 14:00]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-06 14:13:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-15 15:15:37 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-05-30 20:51:05 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Voila bonne nuit a demain j espere ^^
amitiée
Cobay
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
/wow section - STAGE 38
La syntaxe de la commande est incorrecte.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\qrjwoz_navps.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\rfwrkdces_navps.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww_nav.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\zfrrfpww_navps.dat
C:\WINDOWS\system32\drivers\Icon.exe
.
---- Previous Run -------
.
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz.dat
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz_nav.dat
c:\Documents and Settings\Administrateur\Local Settings\Application Data\inwkkcz_navps.dat
C:\WINDOWS\BM8b4b74ef.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\opbpfqeh.ini
C:\WINDOWS\system32\pmnmnKEt.dll
C:\WINDOWS\system32\tEKnmnmp.ini
C:\WINDOWS\system32\tEKnmnmp.ini2
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-28 to 2008-05-30 ))))))))))))))))))))))))))))))))))))
.
2008-05-30 22:51 . 2008-05-30 22:51 <REP> d--h----- C:\$AVG8.VAULT$
2008-05-30 22:50 . 2008-05-30 22:50 <REP> d-------- C:\Program Files\Trend Micro
2008-05-30 22:47 . 2008-05-30 22:53 <REP> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-30 22:47 . 2008-05-30 22:47 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AVGTOOLBAR
2008-05-30 22:47 . 2008-05-30 22:47 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-30 22:47 . 2008-05-30 22:47 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-30 22:47 . 2008-05-30 22:47 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-30 22:45 . 2008-05-30 22:45 <REP> d-------- C:\Program Files\AVG
2008-05-30 22:45 . 2008-05-30 22:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-30 22:31 . 2008-05-30 22:31 <REP> d-------- C:\Program Files\Avira
2008-05-30 22:31 . 2008-05-30 22:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-30 15:46 . 2008-05-30 15:46 164 --a------ C:\install.dat
2008-05-30 15:44 . 2008-05-30 23:13 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-30 15:44 . 2008-05-30 23:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-30 15:42 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-05-30 15:39 . 2008-05-30 15:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
2008-05-30 15:38 . 2008-05-30 15:42 <REP> d-------- C:\Temp
2008-05-30 15:21 . 2008-05-30 15:21 <REP> d-------- C:\WINDOWS\system32\GroupPolicy
2008-05-30 15:20 . 2008-05-30 23:15 <REP> d-------- C:\Program Files\Hitman Pro
2008-05-29 21:31 . 2008-05-29 21:31 57,344 --a------ C:\WINDOWS\system32\geBrpmnn.dll
2008-05-29 21:14 . 2008-05-29 22:29 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-29 20:56 . 2008-05-29 20:59 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-05-28 15:07 . 2008-05-28 15:07 <REP> d-------- C:\Program Files\ESET
2008-05-25 00:56 . 2008-05-25 00:56 3,932,214 --a------ C:\WINDOWS\AW_XenoMorph1280.bmp
2008-05-25 00:54 . 2008-05-25 00:54 <REP> d-------- C:\Program Files\Fichiers communs\Stardock
2008-05-25 00:54 . 2008-05-25 00:58 <REP> d-------- C:\Program Files\AlienGUIse
2008-05-25 00:54 . 2003-02-26 22:27 36,864 --a------ C:\WINDOWS\system32\wbsys.dll
2008-05-25 00:54 . 2008-05-25 00:54 56 --a------ C:\WINDOWS\wb.ini
2008-05-24 17:34 . 2008-05-24 17:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-24 16:12 . 2008-05-24 16:49 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-05-21 13:05 . 2008-05-21 13:05 <REP> d-------- C:\Program Files\Rockstar Games
2008-05-19 21:08 . 2008-05-19 21:08 680,960 --a------ C:\WINDOWS\isRS-000.tmp
2008-05-19 21:03 . 2008-05-18 09:23 2,256,896 --a------ C:\WINDOWS\system32\vbsbak.dat
2008-05-19 21:03 . 2008-05-19 21:39 297,984 --a------ C:\WINDOWS\system32\baksm.dat
2008-05-19 21:03 . 2003-09-06 22:32 73,728 --a------ C:\WINDOWS\system32\smh.dat
2008-05-19 20:53 . 2008-05-19 20:53 0 --a------ C:\WINDOWS\system32\suupdate.dat
2008-05-17 23:54 . 2008-05-17 23:54 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2008-05-17 23:54 . 1997-05-29 16:26 316,416 --a------ C:\WINDOWS\IsUn040c.exe
2008-05-17 18:57 . 2008-05-18 00:02 <REP> d-------- C:\Sierra
2008-05-16 17:45 . 2008-05-16 17:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-16 17:45 . 2008-05-16 17:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-05-15 17:12 . 2008-05-15 20:49 <REP> d-------- C:\Program Files\Windows Defender
2008-05-15 17:08 . 2008-05-15 20:33 <REP> d-------- C:\Program Files\Uniblue
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\system32\fr
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\system32\bits
2008-05-14 18:17 . 2008-05-14 18:17 <REP> d-------- C:\WINDOWS\l2schemas
2008-05-14 18:10 . 2008-05-14 18:18 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-14 17:39 . 2008-04-14 04:33 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2008-05-14 17:38 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-14 17:37 . 2008-04-14 04:33 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2008-05-14 15:32 . 2008-05-14 15:32 <REP> d--h----- C:\WINDOWS\PIF
2008-05-12 17:04 . 2008-05-12 17:06 10 --a------ C:\WINDOWS\popcinfo.dat
2008-05-12 17:03 . 2008-05-12 17:03 19,968 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-05-12 16:59 . 2008-05-12 17:05 724,992 --a------ C:\WINDOWS\iun6002.exe
2008-05-09 18:42 . 2008-05-24 16:41 <REP> d-------- C:\Program Files\SpeedFan
2008-05-05 22:30 . 2008-05-05 22:30 <REP> d-------- C:\Program Files\MediaInfo
2008-05-05 20:09 . 2008-05-05 20:09 682,496 --a------ C:\WINDOWS\system32\CDUninst.exe
2008-05-03 17:20 . 2008-05-03 17:20 <REP> d-------- C:\WINDOWS\system32\NtmsData
2008-05-03 16:47 . 2008-05-03 16:47 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-05-02 17:05 . 2008-05-02 17:05 <REP> d-------- C:\WINDOWS\system32\FlashAX
2008-04-30 13:10 . 2008-05-26 21:04 <REP> d-------- C:\Program Files\Lavalys
2008-04-26 11:48 . 2008-04-26 11:48 <REP> d-------- C:\Program Files\KC Softwares
2008-04-25 17:24 . 2008-04-25 17:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nexon
2008-04-18 23:04 . 2008-03-03 14:25 5,702 --ah----- C:\WINDOWS\nod32restoretemdono.reg
2008-04-18 22:47 . 2008-04-18 22:47 <REP> d-------- C:\Program Files\real
2008-04-18 21:59 . 2008-04-18 21:59 <REP> d-------- C:\Program Files\%temp&
2008-04-17 20:35 . 2008-04-17 21:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-04-15 17:40 . 2008-04-15 17:46 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Apple Computer
2008-04-15 17:40 . 2008-05-30 23:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-15 17:40 . 2008-04-15 17:40 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-15 17:39 . 2008-04-15 17:39 <REP> d-------- C:\Program Files\iTunes
2008-04-15 17:39 . 2008-04-15 17:39 <REP> d-------- C:\Program Files\iPod
2008-04-15 17:38 . 2008-04-15 17:38 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-04-15 17:26 . 2008-04-15 17:27 <REP> d-------- C:\Program Files\QuickTime
2008-04-13 18:56 . 2008-05-09 21:59 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2008-04-11 15:45 . 2004-02-29 14:47 528,384 --a------ C:\WINDOWS\system32\SLLights.dll
2008-04-11 15:45 . 2004-02-29 14:12 454,656 --a------ C:\WINDOWS\system32\slcpappl.cpl
2008-04-11 15:45 . 2004-02-29 13:47 368,640 --a------ C:\WINDOWS\system32\slmh.exe
2008-04-11 15:45 . 2004-02-29 13:47 351,183 --a------ C:\WINDOWS\system32\slmh.cab
2008-04-11 15:45 . 2004-02-29 13:53 208,896 --a------ C:\WINDOWS\system32\amr_cpl.dll
2008-04-11 15:45 . 2004-02-29 14:25 167,936 --a------ C:\WINDOWS\system32\minirec.exe
2008-04-11 15:45 . 2004-01-04 17:37 138,560 --a------ C:\WINDOWS\system32\slcpappl.chm
2008-04-11 15:45 . 2004-02-29 14:49 65,536 --a------ C:\WINDOWS\SmCfg.exe
2008-04-11 15:45 . 2004-02-29 14:22 14,968 --a------ C:\WINDOWS\system32\drivers\winddx.sys
2008-04-11 15:44 . 2008-04-11 15:45 <REP> d-------- C:\WINDOWS\Modio
2008-04-11 15:24 . 2008-04-11 15:24 32 --a------ C:\WINDOWS\CD_Start.INI
2008-04-09 19:34 . 2003-12-17 15:01 448,000 --a------ C:\WINDOWS\system32\drivers\unMTCDIO.exe
2008-04-09 19:34 . 2003-09-22 14:31 36,864 --a------ C:\WINDOWS\system32\drivers\MTCDIO.dll
2008-04-09 19:34 . 2003-09-22 11:04 11,316 --a------ C:\WINDOWS\system32\drivers\MTCDIO.sys
2008-04-09 19:34 . 2003-12-17 12:00 934 --a------ C:\WINDOWS\system32\drivers\UNMTCDIO.bat
2008-04-09 16:26 . 2008-05-23 20:55 <REP> d-------- C:\Program Files\FileZilla FTP Client
2008-04-09 16:26 . 2008-05-23 20:56 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\FileZilla
2008-04-07 20:44 . 2008-04-07 20:44 <REP> d-------- C:\WINDOWS\Sun
2008-04-03 00:40 . 2008-04-11 15:44 <REP> d-------- C:\pnp
2008-04-03 00:13 . 2008-05-24 17:30 <REP> d-------- C:\Program Files\ATI Technologies
2008-04-03 00:13 . 2008-05-12 10:49 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-04-01 22:53 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-01 22:53 . 2008-04-01 22:53 385 --a------ C:\WINDOWS\ODBC.INI
2008-04-01 22:50 . 2008-04-01 22:52 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-04-01 22:50 . 2008-04-01 22:50 <REP> d-------- C:\Program Files\Microsoft.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-30 21:20 0 ----a-w C:\WINDOWS\system32\drivers\eicon.txt
2008-05-30 21:14 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-30 20:42 --------- d-----w C:\Program Files\Steam
2008-05-29 19:14 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2008-05-29 16:21 --------- d-----w C:\Program Files\XoftSpySE
2008-05-29 04:52 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-29 04:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-26 13:18 --------- d-----w C:\Program Files\uTorrent
2008-05-23 18:53 --------- d-s---w C:\Program Files\HLSW
2008-05-23 18:53 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\HLSW
2008-05-15 18:34 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Uniblue
2008-05-12 16:30 3,007,488 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-05-12 15:02 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-05-08 19:51 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\mIRC
2008-05-08 19:49 --------- d-----w C:\Program Files\mIRC
2008-04-25 12:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\teamspeak2
2008-04-18 18:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-04-15 15:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-14 02:34 70,656 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 02:34 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 02:34 288,256 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 02:34 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 02:34 153,088 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 02:34 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 02:34 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 02:34 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 02:34 1,037,824 ----a-w C:\WINDOWS\explorer.exe
2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 02:03 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
2008-04-14 02:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99972D1B-964E-49EC-92F4-1EB39F4810A5}]
C:\WINDOWS\system32\qoMfcCTM.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
2008-05-30 22:47 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [2008-05-30 22:47 2050816]
[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 16:28 577536 C:\WINDOWS\soundman.exe]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"BM8b4b74ef"="Rundll32.exe" [2008-04-14 04:34 33792 C:\WINDOWS\system32\rundll32.exe]
"88784773"="rundll32.exe" [2008-04-14 04:34 33792 C:\WINDOWS\system32\rundll32.exe]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-30 22:38 262401]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-30 22:45 1177368]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 04:33 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{99972D1B-964E-49EC-92F4-1EB39F4810A5}"= C:\WINDOWS\system32\qoMfcCTM.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qoMfcCTM]
qoMfcCTM.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\Program Files\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Program Files\AlienGUIse\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll,avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"vidc.ir32"= C:\WINDOWS\system32\ir32_32.dll
"vidc.ir31"= C:\WINDOWS\system32\ir32_32.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Nero\\Nero ControlCenter\\SetupX.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Steam\\steamapps\\cobaycool\\counter-strike\\hl.exe"=
"C:\\Program Files\\Steam\\steamapps\\cobaycool\\dedicated server\\hlds.exe"=
"C:\\Program Files\\HLSW\\hlsw.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Nexon\\NGM\\NGM.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Nexon\\Common\\NMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
R2 MTC0005_MTCDIO;Wireless HotKey Driver;C:\WINDOWS\system32\drivers\MTCDIO.sys [2003-09-22 11:04]
S1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-30 22:47]
S2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-30 22:45]
S2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-30 22:45]
S2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-30 22:47]
S2 MTCDIO;MTCDIO;C:\WINDOWS\system32\DRIVERS\MTCDIO.sys [2003-09-22 11:04]
S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2004-08-05 14:00]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-06 14:13:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-15 15:15:37 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-05-30 20:51:05 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
Voila bonne nuit a demain j espere ^^
amitiée
Cobay
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
1 juin 2008 à 12:02
1 juin 2008 à 12:02
Salut
pas mal ...
Télécharge Avira AntiRootkit Tool et dézippe-le sur ton bureau:
http://dl.antivir.de/down/windows/antivir_rootkit.zip
Ouvre le dossier antivir_rootkit créé, double-clique sur le fichier setup.exe, et suis les instructions d'installation du programme. Lorsque c'est terminé, lance l'outil par le menu démarrer / tous les programmes / Avira RootKit Detection / Avira RootKit Detection.
Vérifie que les cases "Scan files", "Scan registry", "Scan processes", "Scan all drives" et "Show progress" soient bien cochées. Clique à présent sur "Start scan" et patiente.
Lorsque le scan est terminé, clique sur "View report" et dans ta prochaine réponse, poste le contenu du rapport qui s'est ouvert.
++
pas mal ...
Télécharge Avira AntiRootkit Tool et dézippe-le sur ton bureau:
http://dl.antivir.de/down/windows/antivir_rootkit.zip
Ouvre le dossier antivir_rootkit créé, double-clique sur le fichier setup.exe, et suis les instructions d'installation du programme. Lorsque c'est terminé, lance l'outil par le menu démarrer / tous les programmes / Avira RootKit Detection / Avira RootKit Detection.
Vérifie que les cases "Scan files", "Scan registry", "Scan processes", "Scan all drives" et "Show progress" soient bien cochées. Clique à présent sur "Start scan" et patiente.
Lorsque le scan est terminé, clique sur "View report" et dans ta prochaine réponse, poste le contenu du rapport qui s'est ouvert.
++
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
2 juin 2008 à 10:23
2 juin 2008 à 10:23
dans ce cas ... il ne te reste plus qu'à "blinder" ton pc :
voir ici : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet
@+
voir ici : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet
@+
