Je penes etre infecter..
empty_files
Messages postés
438
Date d'inscription
Statut
Membre
Dernière intervention
-
empty_files Messages postés 438 Date d'inscription Statut Membre Dernière intervention -
empty_files Messages postés 438 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
je vous hijakthis: Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:23, on 2008-09-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: BearSharePersonalization - {DD1849EA-8403-4441-8DFF-7575AAE1DC16} - C:\Program Files\BearShare Applications\Personalization\BearSharePersonalizationIE_v1053.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Guy\LOCALS~1\Temp\IXP001.TMP\"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BearSharePersonalization] "C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Carte pour réseau sans fil WLAN (USB 2.0).lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u7-windows-i586-jc.cab&AuthParam=1580978829_3fac487ff39b191ded7866fc4973d48d&ext=.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Update Service (gupdate1c915768255b8f0) (gupdate1c915768255b8f0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
je vous hijakthis: Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:33:23, on 2008-09-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: BearSharePersonalization - {DD1849EA-8403-4441-8DFF-7575AAE1DC16} - C:\Program Files\BearShare Applications\Personalization\BearSharePersonalizationIE_v1053.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\RunOnce: [wextract_cleanup1] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Guy\LOCALS~1\Temp\IXP001.TMP\"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BearSharePersonalization] "C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Carte pour réseau sans fil WLAN (USB 2.0).lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.15.0\gears.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u7-windows-i586-jc.cab&AuthParam=1580978829_3fac487ff39b191ded7866fc4973d48d&ext=.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Update Service (gupdate1c915768255b8f0) (gupdate1c915768255b8f0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
A voir également:
- Je penes etre infecter..
- Un pdf peut il etre infecté - Guide
- Je pense être infecté par un virus ✓ - Forum Virus
- Suis-je infecté ? ✓ - Forum Virus
- Suis je infecté - Forum Virus
- Suis-je vraiment infecté ? - Forum Virus
41 réponses
sddfix je comprends pas tres bien c est koi faut que j utilise comofix ou smitfraudefix... je suis meler un peut desoler..
Oui je les telecharger mais, si ca marche pas combien de chance que j ai de perdre mes donne ou autre chose du a une desinfection. je sais pas quoi fix je peut te faire confiance .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
si je t envoie un autre raport hijakthis vous aller etre en mesure de mieux connaitre mon probleme a venir ou je ne ces koi d autre mais si je suis infecter pour vrais, et que je ne me rends pas compte ca serais une bonne idee de desinfecter ...
Salut !!
Si tu n as pas encore lancé d outils de désinfection, le premier rapport suffit...
Fais ce que destrio t as demandé de faire stp
Si tu n as pas encore lancé d outils de désinfection, le premier rapport suffit...
Fais ce que destrio t as demandé de faire stp
---> Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Bonjour,
je te sugere de desinstaller tes antivirus, anti-malware, ... (pour eviter tout probleme inutile). Quand c'est fais tu installe le Microsoft Onecare (gratuit 90 jours). C'est pour moi le meilleur Antivirus/suite de sécuritée.
Il m'a regler beaucoup de problemes que aucun autre antivirus n'a réussis en enlever.
tu peux le telecharger a l'adresse suivante: https://support.microsoft.com/fr-fr/office/obtenir-de-l-aide-sur-outlook-com-40676ad0-c831-45ac-a023-5be633be798d?ui=fr-fr&rs=fr-fr&ad=fr
PS: Combfix il me fais egalement planter encore + mon pc. des que je le lance je n'ai plus que des BSOD et impossible de redemarer Vista (je dois faire une restauration system) donc personelement, je te le déconseil.
je te sugere de desinstaller tes antivirus, anti-malware, ... (pour eviter tout probleme inutile). Quand c'est fais tu installe le Microsoft Onecare (gratuit 90 jours). C'est pour moi le meilleur Antivirus/suite de sécuritée.
Il m'a regler beaucoup de problemes que aucun autre antivirus n'a réussis en enlever.
tu peux le telecharger a l'adresse suivante: https://support.microsoft.com/fr-fr/office/obtenir-de-l-aide-sur-outlook-com-40676ad0-c831-45ac-a023-5be633be798d?ui=fr-fr&rs=fr-fr&ad=fr
PS: Combfix il me fais egalement planter encore + mon pc. des que je le lance je n'ai plus que des BSOD et impossible de redemarer Vista (je dois faire une restauration system) donc personelement, je te le déconseil.
Merci morlokco moi j ai xp pro je ne sais pas trop koi faire pour combo fix je fais des traveaux scolaire Pour_ one care_ je l ai deja , et je penser que c etait juste pour les msn et tout ca . Mais bon. et pour le reste les antvirus eet ect oui je crois moi aussi que cest mieux les desinstaler a place juste de desactiver merci pour les conseile.... Et por goeffrey mon rapport il est vraiment alrmant pour koi moi je ne vois pas bcp de bog dans mon systeme, et par ou commencer pour la desinfection , caprends combien de temps et pour savoir je vais y penser vouz saver des traveaux scolair ca serait domage de tout bousiller..... et merci encor une fois
voila j ai utiliser combo fix avec un tutuo et la j ai plus de bureau...ComboFix 08-09-24.09 - Guy 2008-09-25 7:24:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.649 [GMT -4:00]
Running from: C:\Documents and Settings\Guy\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Guy\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU(2).exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\fad.sys
.
((((((((((((((((((((((((( Files Created from 2008-08-25 to 2008-09-25 )))))))))))))))))))))))))))))))
.
2008-09-25 07:58 . 2004-10-04 14:05 405,593 --a------ C:\WINDOWS\system32\PRIS4a99.rra
2008-09-25 00:00 . 2008-09-25 00:00 <DIR> d-------- C:\My Downloads
2008-09-24 21:15 . 2008-09-24 21:47 1,254 --a------ C:\Documents and Settings\Orph.egd
2008-09-24 21:14 . 2008-09-24 21:48 <DIR> d-------- C:\ToolBar SD
2008-09-24 03:42 . 2008-09-25 05:34 <DIR> d-------- C:\Documents and Settings\Guy\dwhelper
2008-09-24 00:43 . 2008-09-24 20:29 <DIR> d-------- C:\Program Files\MediaCoder
2008-09-23 00:13 . 2008-09-23 00:16 <DIR> d-------- C:\Program Files\Combined Community Codec Pack
2008-09-22 10:25 . 2008-09-22 10:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-22 10:07 . 2008-09-22 10:07 <DIR> d-------- C:\Program Files\Circle Developement
2008-09-22 10:06 . 2008-09-22 10:07 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2008-09-22 10:00 . 2008-09-22 10:00 <DIR> d-------- C:\Program Files\Nicolas MERLET
2008-09-22 09:53 . 2008-09-22 09:58 <DIR> d-------- C:\Program Files\StuffPlug3
2008-09-22 08:20 . 2008-09-22 08:21 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\vlc
2008-09-22 07:14 . 2008-09-22 07:14 <DIR> d-------- C:\Program Files\VideoLAN
2008-09-22 06:37 . 2008-09-22 06:58 14,482,140 --a------ C:\Program Files\vlc-0.9.2-win32.exe
2008-09-19 17:51 . 2008-09-19 17:52 <DIR> d-------- C:\Program Files\Oront Burning Kit 2
2008-09-19 17:51 . 2008-09-19 17:51 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Obsidium
2008-09-19 17:50 . 2008-09-19 17:50 5,331,265 --a------ C:\Program Files\burningkit2_basic.exe
2008-09-19 14:48 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-19 14:48 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-19 06:54 . 2008-09-19 06:54 367,932 --a------ C:\Program Files\ClavierSetup.exe
2008-09-19 03:56 . 2008-09-19 03:56 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-09-19 00:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-09-19 00:36 . 2008-09-19 00:36 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-19 00:27 . 2008-09-19 00:29 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-19 00:26 . 2008-09-19 18:12 <DIR> d-------- C:\Program Files\Windows Live
2008-09-19 00:26 . 2008-09-19 00:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-18 01:56 . 2008-09-18 01:56 318,904 --a------ C:\Program Files\wmpfirefoxplugin.exe
2008-09-15 22:43 . 2008-09-18 01:10 <DIR> d-------- C:\Program Files\RegCleaner
2008-09-15 22:19 . 2008-09-15 22:19 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-15 22:15 . 2008-09-15 22:20 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-15 22:09 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\[u]0/u02828_.tmp
2008-09-15 21:40 . 2008-06-23 12:57 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 21:40 . 2007-04-17 05:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-09-15 21:40 . 2007-03-08 01:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-09-15 21:40 . 2008-06-23 12:57 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-09-15 21:40 . 2008-06-23 12:57 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-09-15 21:40 . 2008-06-23 12:57 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-09-15 21:40 . 2008-06-23 12:57 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-09-15 21:40 . 2008-06-23 12:57 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-09-15 21:40 . 2008-06-23 05:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-09-15 21:31 . 2008-09-15 21:34 15,452,536 --a------ C:\Program Files\IE7-WindowsXP-x86-enu.exe
2008-09-15 20:47 . 2008-09-15 20:47 553,687 --a------ C:\Program Files\RegCleaner.exe
2008-09-13 20:03 . 2008-09-13 20:03 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-09-13 20:02 . 2008-09-13 20:02 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-09-13 20:02 . 2008-09-13 20:02 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-09-13 20:02 . 2008-09-13 20:02 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-09-13 19:55 . 2008-09-13 20:01 19,564,288 --a------ C:\Program Files\CFP_Setup_3.0.25.378_XP_Vista_x32.exe
2008-09-13 05:44 . 2008-09-13 05:44 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-09-13 05:22 . 2008-09-13 05:22 3,761 --a------ C:\Documents and Settings\sg_backup_2008-09-13-0522.spg
2008-09-13 05:22 . 2008-09-13 05:22 3,761 --a------ C:\Documents and Settings\FirstBackup.spg
2008-09-13 03:58 . 2008-09-21 20:56 <DIR> d-------- C:\Program Files\Google
2008-09-13 01:52 . 2008-09-13 01:52 <DIR> d-------- C:\Program Files\Vasilios Applications
2008-09-13 01:52 . 2008-09-19 00:54 17,408 --a------ C:\psapi.dll
2008-09-13 01:24 . 2008-09-13 01:26 2,585,872 --a------ C:\Program Files\WindowsInstaller-KB893803-v2-x86.exe
2008-09-12 20:41 . 2008-09-12 20:41 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\SPAMfighter
2008-09-12 04:53 . 2008-09-23 07:48 <DIR> d-------- C:\divx
2008-09-12 04:01 . 2008-09-12 04:01 <DIR> d-------- C:\WINDOWS\system32\vmm32
2008-09-12 03:58 . 2008-09-12 03:59 2,810,507 --a------ C:\Program Files\icechat-setup.exe
2008-09-12 03:53 . 2008-09-25 05:06 <DIR> d-------- C:\Program Files\mIRC
2008-09-12 03:53 . 2008-09-25 05:21 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\mIRC
2008-09-12 03:47 . 2008-09-12 03:47 1,750,952 --a------ C:\Program Files\mirc634.exe
2008-09-12 02:58 . 2008-09-12 03:18 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\TigerPlayer
2008-09-12 02:56 . 2008-09-12 04:50 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\DivX
2008-09-12 02:55 . 2008-09-25 04:19 <DIR> d-------- C:\Program Files\MpcStar
2008-09-12 02:55 . 2008-09-12 02:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-12 00:48 . 2008-09-12 00:51 <DIR> d-------- C:\Program Files\MSNFix
2008-09-11 23:56 . 2008-09-25 05:51 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-09-11 23:55 . 2008-09-11 23:55 <DIR> d-------- C:\Program Files\DivX
2008-09-11 23:37 . 2008-09-11 23:47 23,770,568 --a------ C:\Program Files\DivXInstaller.exe
2008-09-11 23:25 . 2008-09-25 02:34 <DIR> d-------- C:\Downloads
2008-09-11 23:24 . 2008-09-21 22:33 <DIR> d-------- C:\Program Files\BitComet
2008-09-11 23:23 . 2008-09-11 23:24 5,318,816 --a------ C:\Program Files\bitcomet_setup.exe
2008-09-11 22:17 . 2008-09-11 22:36 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Spamihilator
2008-09-11 22:17 . 2008-09-11 22:17 1,893,888 --a------ C:\Program Files\spamihilator_0_9_9_43.exe
2008-09-11 21:36 . 2008-09-11 21:36 <DIR> d-------- C:\Program Files\Avira
2008-09-11 21:36 . 2008-09-11 21:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-11 21:28 . 2008-09-11 21:33 25,085,704 --a------ C:\Program Files\antivir_workstation_winu_en_h.exe
2008-09-11 20:20 . 2008-09-17 23:53 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-09-11 05:03 . 2008-09-11 05:49 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Azureus
2008-09-11 05:03 . 2008-09-11 05:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-09-11 05:02 . 2008-09-12 19:57 <DIR> d-------- C:\Program Files\Azureus
2008-09-11 04:53 . 2008-09-11 04:53 <DIR> d-------- C:\Program Files\DNA
2008-09-11 04:53 . 2008-09-11 10:48 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\DNA
2008-09-11 04:15 . 2008-09-11 04:15 2,182,784 --a------ C:\Program Files\mbam-setup(2).exe
2008-09-11 00:48 . 2008-09-11 00:48 1,495,112 --a------ C:\Program Files\install_flash_player.exe
2008-09-11 00:41 . 2008-09-11 00:41 267,056 --a------ C:\Program Files\utorrent.exe
2008-09-11 00:30 . 2008-09-11 00:30 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-11 00:29 . 2008-09-11 00:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-09-11 00:28 . 2008-09-11 00:29 7,601,152 --a------ C:\Program Files\Firefox Setup 3.0.1.exe
2008-09-11 00:26 . 2008-09-11 23:17 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\uTorrent
2008-09-10 23:45 . 2008-09-10 23:45 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-09-10 23:18 . 2008-09-10 23:18 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-09-10 23:17 . 2008-09-21 21:58 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-09-10 23:17 . 2008-09-10 23:18 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-09-10 23:11 . 2008-09-10 23:17 25,740,144 --a------ C:\Program Files\wmp11-windowsxp-x86-enu.exe
2008-09-10 23:03 . 2008-09-10 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BearShare Applications
2008-09-10 23:02 . 2008-09-10 23:03 <DIR> d-------- C:\Program Files\BearShare Applications
2008-09-10 23:02 . 2008-09-19 10:41 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\BearShare
2008-09-10 23:02 . 2008-09-10 23:02 8,897,064 --a------ C:\Program Files\BearShareV6.exe
2008-09-10 23:02 . 2007-11-22 10:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx
2008-09-10 22:52 . 2008-09-10 22:52 <DIR> d-------- C:\Program Files\Lavalys
2008-09-10 22:52 . 2008-09-10 22:52 4,179,293 --a------ C:\Program Files\everest_everest_2.20_francais_12281.exe
2008-09-10 22:49 . 2008-09-10 22:50 478,618 --a------ C:\Program Files\JkDefrag-3.36.zip
2008-09-10 22:41 . 2008-09-10 22:41 <DIR> d-------- C:\Documents and Settings\Guy\Contacts
2008-09-10 22:38 . 2008-09-10 22:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-09-10 22:37 . 2008-09-19 00:31 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-09-10 22:37 . 2008-09-10 22:37 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-09-10 22:36 . 2008-09-10 22:36 17,929,072 --a------ C:\Program Files\Install_Messenger.exe
2008-09-10 22:27 . 2008-09-24 23:17 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\LimeWire
2008-09-10 22:27 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-10 22:23 . 2008-09-24 23:18 <DIR> d-------- C:\Program Files\LimeWire
2008-09-10 22:22 . 2008-09-10 22:22 4,898,704 --a------ C:\Program Files\LimeWireWin.exe
2008-09-10 22:12 . 2008-09-10 22:12 <DIR> d-------- C:\WINDOWS\Sun
2008-09-10 21:51 . 2008-09-10 21:51 <DIR> d--hs---- C:\Documents and Settings\Guy\UserData
2008-09-10 21:37 . 2008-09-11 04:16 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-10 21:37 . 2008-09-10 21:37 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Malwarebytes
2008-09-10 21:37 . 2008-09-10 21:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-10 21:37 . 2008-09-10 21:37 2,182,784 --a------ C:\Program Files\mbam-setup.exe
2008-09-10 21:37 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-10 21:37 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-10 21:29 . 2008-09-25 07:05 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-10 21:27 . 2008-09-10 21:28 15,083,520 --a------ C:\Program Files\spybotsd160.exe
2008-09-10 21:19 . 2008-09-10 21:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-10 21:13 . 2008-09-16 01:46 <DIR> d-------- C:\downloadbinportable
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 11:20 --------- d-----w C:\Program Files\Dell
2008-09-11 04:28 6,703,104 ----a-w C:\Program Files\winzip111fr.msi
2008-09-11 01:19 1,734 ----a-w C:\Program Files\HijackThis.lnk
2008-09-10 10:25 623 ----a-w C:\Program Files\Shortcut to Update.lnk
2008-09-10 09:11 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-10 09:09 1,570 ----a-w C:\Program Files\Modem Helper.lnk
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:34 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2005-09-30 02:23 135,168 ----a-w C:\Program Files\wifigen.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-07-07 05:27 398776 --a------ C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}]
2008-09-13 03:58 133616 --a----t- C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DD1849EA-8403-4441-8DFF-7575AAE1DC16}]
2008-06-10 17:11 661944 --a------ C:\Program Files\BearShare Applications\Personalization\BearSharePersonalizationIE_v1053.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BearSharePersonalization"="C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe" [2008-06-10 1268152]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"QuickTime Task"="C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" [2008-09-12 282624]
"COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-09-13 278264]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\cfp.exe" [2008-09-13 1655552]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Carte pour r‚seau sans fil WLAN (USB 2.0).lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe [2008-09-10 917611]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 394856]
Wireless USB 2.0 WLAN Card Utility.lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe [2008-09-10 917611]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.tscc"= C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-ccleaner - C:\Documents and Settings\Guy\Desktop\downloadbinportable\CCleaner.exe
HKLM-RunOnce-InstallShieldSetup - C:\PROGRA~1\INSTAL~1\{A3BC5~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{A3BC5~1\reboot.ini
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
FF -: plugin - C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 07:59:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\BAsfIpM.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-09-25 8:01:16 - machine was rebooted [Guy]
ComboFix-quarantined-files.txt 2008-09-25 12:01:11
Pre-Run: 17 185 075 200 bytes free
Post-Run: 17,087,365,120 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU(2).exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
247 --- E O F --- 2008-09-21 07:00:44
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.649 [GMT -4:00]
Running from: C:\Documents and Settings\Guy\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Guy\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU(2).exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\fad.sys
.
((((((((((((((((((((((((( Files Created from 2008-08-25 to 2008-09-25 )))))))))))))))))))))))))))))))
.
2008-09-25 07:58 . 2004-10-04 14:05 405,593 --a------ C:\WINDOWS\system32\PRIS4a99.rra
2008-09-25 00:00 . 2008-09-25 00:00 <DIR> d-------- C:\My Downloads
2008-09-24 21:15 . 2008-09-24 21:47 1,254 --a------ C:\Documents and Settings\Orph.egd
2008-09-24 21:14 . 2008-09-24 21:48 <DIR> d-------- C:\ToolBar SD
2008-09-24 03:42 . 2008-09-25 05:34 <DIR> d-------- C:\Documents and Settings\Guy\dwhelper
2008-09-24 00:43 . 2008-09-24 20:29 <DIR> d-------- C:\Program Files\MediaCoder
2008-09-23 00:13 . 2008-09-23 00:16 <DIR> d-------- C:\Program Files\Combined Community Codec Pack
2008-09-22 10:25 . 2008-09-22 10:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-22 10:07 . 2008-09-22 10:07 <DIR> d-------- C:\Program Files\Circle Developement
2008-09-22 10:06 . 2008-09-22 10:07 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2008-09-22 10:00 . 2008-09-22 10:00 <DIR> d-------- C:\Program Files\Nicolas MERLET
2008-09-22 09:53 . 2008-09-22 09:58 <DIR> d-------- C:\Program Files\StuffPlug3
2008-09-22 08:20 . 2008-09-22 08:21 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\vlc
2008-09-22 07:14 . 2008-09-22 07:14 <DIR> d-------- C:\Program Files\VideoLAN
2008-09-22 06:37 . 2008-09-22 06:58 14,482,140 --a------ C:\Program Files\vlc-0.9.2-win32.exe
2008-09-19 17:51 . 2008-09-19 17:52 <DIR> d-------- C:\Program Files\Oront Burning Kit 2
2008-09-19 17:51 . 2008-09-19 17:51 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Obsidium
2008-09-19 17:50 . 2008-09-19 17:50 5,331,265 --a------ C:\Program Files\burningkit2_basic.exe
2008-09-19 14:48 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-09-19 14:48 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-09-19 06:54 . 2008-09-19 06:54 367,932 --a------ C:\Program Files\ClavierSetup.exe
2008-09-19 03:56 . 2008-09-19 03:56 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-09-19 00:37 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-09-19 00:36 . 2008-09-19 00:36 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-19 00:27 . 2008-09-19 00:29 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-19 00:26 . 2008-09-19 18:12 <DIR> d-------- C:\Program Files\Windows Live
2008-09-19 00:26 . 2008-09-19 00:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-18 01:56 . 2008-09-18 01:56 318,904 --a------ C:\Program Files\wmpfirefoxplugin.exe
2008-09-15 22:43 . 2008-09-18 01:10 <DIR> d-------- C:\Program Files\RegCleaner
2008-09-15 22:19 . 2008-09-15 22:19 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-09-15 22:15 . 2008-09-15 22:20 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-09-15 22:09 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\[u]0/u02828_.tmp
2008-09-15 21:40 . 2008-06-23 12:57 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-09-15 21:40 . 2007-04-17 05:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-09-15 21:40 . 2007-03-08 01:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-09-15 21:40 . 2008-06-23 12:57 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-09-15 21:40 . 2008-06-23 12:57 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-09-15 21:40 . 2008-06-23 12:57 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-09-15 21:40 . 2008-06-23 12:57 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-09-15 21:40 . 2008-06-23 12:57 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-09-15 21:40 . 2008-06-23 05:20 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-09-15 21:31 . 2008-09-15 21:34 15,452,536 --a------ C:\Program Files\IE7-WindowsXP-x86-enu.exe
2008-09-15 20:47 . 2008-09-15 20:47 553,687 --a------ C:\Program Files\RegCleaner.exe
2008-09-13 20:03 . 2008-09-13 20:03 249,592 --a------ C:\WINDOWS\system32\cssdll32.dll
2008-09-13 20:02 . 2008-09-13 20:02 143,104 --a------ C:\WINDOWS\system32\guard32.dll
2008-09-13 20:02 . 2008-09-13 20:02 87,056 --a------ C:\WINDOWS\system32\drivers\cmdguard.sys
2008-09-13 20:02 . 2008-09-13 20:02 24,208 --a------ C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-09-13 19:55 . 2008-09-13 20:01 19,564,288 --a------ C:\Program Files\CFP_Setup_3.0.25.378_XP_Vista_x32.exe
2008-09-13 05:44 . 2008-09-13 05:44 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-09-13 05:22 . 2008-09-13 05:22 3,761 --a------ C:\Documents and Settings\sg_backup_2008-09-13-0522.spg
2008-09-13 05:22 . 2008-09-13 05:22 3,761 --a------ C:\Documents and Settings\FirstBackup.spg
2008-09-13 03:58 . 2008-09-21 20:56 <DIR> d-------- C:\Program Files\Google
2008-09-13 01:52 . 2008-09-13 01:52 <DIR> d-------- C:\Program Files\Vasilios Applications
2008-09-13 01:52 . 2008-09-19 00:54 17,408 --a------ C:\psapi.dll
2008-09-13 01:24 . 2008-09-13 01:26 2,585,872 --a------ C:\Program Files\WindowsInstaller-KB893803-v2-x86.exe
2008-09-12 20:41 . 2008-09-12 20:41 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\SPAMfighter
2008-09-12 04:53 . 2008-09-23 07:48 <DIR> d-------- C:\divx
2008-09-12 04:01 . 2008-09-12 04:01 <DIR> d-------- C:\WINDOWS\system32\vmm32
2008-09-12 03:58 . 2008-09-12 03:59 2,810,507 --a------ C:\Program Files\icechat-setup.exe
2008-09-12 03:53 . 2008-09-25 05:06 <DIR> d-------- C:\Program Files\mIRC
2008-09-12 03:53 . 2008-09-25 05:21 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\mIRC
2008-09-12 03:47 . 2008-09-12 03:47 1,750,952 --a------ C:\Program Files\mirc634.exe
2008-09-12 02:58 . 2008-09-12 03:18 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\TigerPlayer
2008-09-12 02:56 . 2008-09-12 04:50 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\DivX
2008-09-12 02:55 . 2008-09-25 04:19 <DIR> d-------- C:\Program Files\MpcStar
2008-09-12 02:55 . 2008-09-12 02:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-12 00:48 . 2008-09-12 00:51 <DIR> d-------- C:\Program Files\MSNFix
2008-09-11 23:56 . 2008-09-25 05:51 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-09-11 23:55 . 2008-09-11 23:55 <DIR> d-------- C:\Program Files\DivX
2008-09-11 23:37 . 2008-09-11 23:47 23,770,568 --a------ C:\Program Files\DivXInstaller.exe
2008-09-11 23:25 . 2008-09-25 02:34 <DIR> d-------- C:\Downloads
2008-09-11 23:24 . 2008-09-21 22:33 <DIR> d-------- C:\Program Files\BitComet
2008-09-11 23:23 . 2008-09-11 23:24 5,318,816 --a------ C:\Program Files\bitcomet_setup.exe
2008-09-11 22:17 . 2008-09-11 22:36 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Spamihilator
2008-09-11 22:17 . 2008-09-11 22:17 1,893,888 --a------ C:\Program Files\spamihilator_0_9_9_43.exe
2008-09-11 21:36 . 2008-09-11 21:36 <DIR> d-------- C:\Program Files\Avira
2008-09-11 21:36 . 2008-09-11 21:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-11 21:28 . 2008-09-11 21:33 25,085,704 --a------ C:\Program Files\antivir_workstation_winu_en_h.exe
2008-09-11 20:20 . 2008-09-17 23:53 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-09-11 05:03 . 2008-09-11 05:49 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Azureus
2008-09-11 05:03 . 2008-09-11 05:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-09-11 05:02 . 2008-09-12 19:57 <DIR> d-------- C:\Program Files\Azureus
2008-09-11 04:53 . 2008-09-11 04:53 <DIR> d-------- C:\Program Files\DNA
2008-09-11 04:53 . 2008-09-11 10:48 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\DNA
2008-09-11 04:15 . 2008-09-11 04:15 2,182,784 --a------ C:\Program Files\mbam-setup(2).exe
2008-09-11 00:48 . 2008-09-11 00:48 1,495,112 --a------ C:\Program Files\install_flash_player.exe
2008-09-11 00:41 . 2008-09-11 00:41 267,056 --a------ C:\Program Files\utorrent.exe
2008-09-11 00:30 . 2008-09-11 00:30 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-11 00:29 . 2008-09-11 00:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-09-11 00:28 . 2008-09-11 00:29 7,601,152 --a------ C:\Program Files\Firefox Setup 3.0.1.exe
2008-09-11 00:26 . 2008-09-11 23:17 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\uTorrent
2008-09-10 23:45 . 2008-09-10 23:45 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-09-10 23:18 . 2008-09-10 23:18 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-09-10 23:17 . 2008-09-21 21:58 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-09-10 23:17 . 2008-09-10 23:18 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-09-10 23:11 . 2008-09-10 23:17 25,740,144 --a------ C:\Program Files\wmp11-windowsxp-x86-enu.exe
2008-09-10 23:03 . 2008-09-10 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BearShare Applications
2008-09-10 23:02 . 2008-09-10 23:03 <DIR> d-------- C:\Program Files\BearShare Applications
2008-09-10 23:02 . 2008-09-19 10:41 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\BearShare
2008-09-10 23:02 . 2008-09-10 23:02 8,897,064 --a------ C:\Program Files\BearShareV6.exe
2008-09-10 23:02 . 2007-11-22 10:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx
2008-09-10 22:52 . 2008-09-10 22:52 <DIR> d-------- C:\Program Files\Lavalys
2008-09-10 22:52 . 2008-09-10 22:52 4,179,293 --a------ C:\Program Files\everest_everest_2.20_francais_12281.exe
2008-09-10 22:49 . 2008-09-10 22:50 478,618 --a------ C:\Program Files\JkDefrag-3.36.zip
2008-09-10 22:41 . 2008-09-10 22:41 <DIR> d-------- C:\Documents and Settings\Guy\Contacts
2008-09-10 22:38 . 2008-09-10 22:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-09-10 22:37 . 2008-09-19 00:31 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-09-10 22:37 . 2008-09-10 22:37 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-09-10 22:36 . 2008-09-10 22:36 17,929,072 --a------ C:\Program Files\Install_Messenger.exe
2008-09-10 22:27 . 2008-09-24 23:17 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\LimeWire
2008-09-10 22:27 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-10 22:23 . 2008-09-24 23:18 <DIR> d-------- C:\Program Files\LimeWire
2008-09-10 22:22 . 2008-09-10 22:22 4,898,704 --a------ C:\Program Files\LimeWireWin.exe
2008-09-10 22:12 . 2008-09-10 22:12 <DIR> d-------- C:\WINDOWS\Sun
2008-09-10 21:51 . 2008-09-10 21:51 <DIR> d--hs---- C:\Documents and Settings\Guy\UserData
2008-09-10 21:37 . 2008-09-11 04:16 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-10 21:37 . 2008-09-10 21:37 <DIR> d-------- C:\Documents and Settings\Guy\Application Data\Malwarebytes
2008-09-10 21:37 . 2008-09-10 21:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-10 21:37 . 2008-09-10 21:37 2,182,784 --a------ C:\Program Files\mbam-setup.exe
2008-09-10 21:37 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-10 21:37 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-10 21:29 . 2008-09-25 07:05 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-09-10 21:27 . 2008-09-10 21:28 15,083,520 --a------ C:\Program Files\spybotsd160.exe
2008-09-10 21:19 . 2008-09-10 21:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-10 21:13 . 2008-09-16 01:46 <DIR> d-------- C:\downloadbinportable
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-25 11:20 --------- d-----w C:\Program Files\Dell
2008-09-11 04:28 6,703,104 ----a-w C:\Program Files\winzip111fr.msi
2008-09-11 01:19 1,734 ----a-w C:\Program Files\HijackThis.lnk
2008-09-10 10:25 623 ----a-w C:\Program Files\Shortcut to Update.lnk
2008-09-10 09:11 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-10 09:09 1,570 ----a-w C:\Program Files\Modem Helper.lnk
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-18 18:34 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2005-09-30 02:23 135,168 ----a-w C:\Program Files\wifigen.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-07-07 05:27 398776 --a------ C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}]
2008-09-13 03:58 133616 --a----t- C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DD1849EA-8403-4441-8DFF-7575AAE1DC16}]
2008-06-10 17:11 661944 --a------ C:\Program Files\BearShare Applications\Personalization\BearSharePersonalizationIE_v1053.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"BearSharePersonalization"="C:\Program Files\BearShare Applications\Personalization\BearSharePersonalization.exe" [2008-06-10 1268152]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"QuickTime Task"="C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" [2008-09-12 282624]
"COMODO SafeSurf"="C:\Program Files\COMODO\SafeSurf\cssurf.exe" [2008-09-13 278264]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\cfp.exe" [2008-09-13 1655552]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Carte pour r‚seau sans fil WLAN (USB 2.0).lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe [2008-09-10 917611]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 394856]
Wireless USB 2.0 WLAN Card Utility.lnk - C:\Program Files\Dell Wireless\PRISMCFG.exe [2008-09-10 917611]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.tscc"= C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-ccleaner - C:\Documents and Settings\Guy\Desktop\downloadbinportable\CCleaner.exe
HKLM-RunOnce-InstallShieldSetup - C:\PROGRA~1\INSTAL~1\{A3BC5~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{A3BC5~1\reboot.ini
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Guy\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\
FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll
FF -: plugin - C:\Program Files\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll
FF -: plugin - C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-25 07:59:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\BAsfIpM.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\PRISMSVR.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-09-25 8:01:16 - machine was rebooted [Guy]
ComboFix-quarantined-files.txt 2008-09-25 12:01:11
Pre-Run: 17 185 075 200 bytes free
Post-Run: 17,087,365,120 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU(2).exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
247 --- E O F --- 2008-09-21 07:00:44
no vraiment pas, j ai mis mon cd de reinstalation xp vendu pour dell , la premiere fois ecran bleu la je voulais mourir j ai ressayer et la je penser me retrouver avec un ordi formater et non l a meme chose pas de bureau, je comprends rien , mais mon ordi est plus rapide ,, c est fou
donc c etait pas la meilleur idee... La ces koi que je peux faire , au moin ca tu debaraser des nuisance..... mon bureau il revien avec quelque tache mais paas toute. ca me derange pas ...mais bon ma question n est pas resolue suis je infecter
Salut !!
Fais ceci pour ton bureau stp :
-ctrl-alt-del
-fichier/nouvelle tâche
-taper regedit.exe puis enter
-le registre s'ouvre ,faire une sauvegarde cliquer sur le menu registre "exporter un fichier du registre"
-dans la fenêtre qui souvre,selectionner l'option"tout" du cadre " étendue de l'exportation" puis donner un nom a la copie et cliquer sur enregistrer
pour remettre le registre en état il suffit de double cliquer dessus
- dans la partie gauche de l'écran cliquer succesivement sur le petit + des lignes HKEY_LOCAL_MACHINE?software,microsoft,windowsNT,curentversion
puis clicquez sur le dossier winlogon pour le surligner
-dans la partie droite de la fenêtre, rechercher SHELL qui ne contient que la donnée explorer.exe.
pour modifier son contenu,cliquez avec le bouton droit de la souris sur cette ligneet , dans contestuel cliquez sur modifier
-dans le fenêtre qui s'affiche,effacer le contenu de l'espace texte intituler "donner de la valeur et tapez Explorer.exe a la place et clic ok
enfin, cliquer sur affichage puis sur actualiser avant de redemarer votre ordi
Fais ceci pour ton bureau stp :
-ctrl-alt-del
-fichier/nouvelle tâche
-taper regedit.exe puis enter
-le registre s'ouvre ,faire une sauvegarde cliquer sur le menu registre "exporter un fichier du registre"
-dans la fenêtre qui souvre,selectionner l'option"tout" du cadre " étendue de l'exportation" puis donner un nom a la copie et cliquer sur enregistrer
pour remettre le registre en état il suffit de double cliquer dessus
- dans la partie gauche de l'écran cliquer succesivement sur le petit + des lignes HKEY_LOCAL_MACHINE?software,microsoft,windowsNT,curentversion
puis clicquez sur le dossier winlogon pour le surligner
-dans la partie droite de la fenêtre, rechercher SHELL qui ne contient que la donnée explorer.exe.
pour modifier son contenu,cliquez avec le bouton droit de la souris sur cette ligneet , dans contestuel cliquez sur modifier
-dans le fenêtre qui s'affiche,effacer le contenu de l'espace texte intituler "donner de la valeur et tapez Explorer.exe a la place et clic ok
enfin, cliquer sur affichage puis sur actualiser avant de redemarer votre ordi
Et aussie je pense quil reste des residus de combofix, au demarage il y a une petite fenetre , comme celle de combo fix......Cest surment pas conseiller ... Et mon ativir apres le passage de combo fix a trouvee moin de menace...
non , c est pour cleaner les nuisance .... je vais le chercher et je te donne des news... merci et bonne journee....