Problème Antivirus 360
Nico17
-
Delphine13 -
Delphine13 -
Bonjour,
J'ai plein de message de Antivirus 360 qui s'affiche et me disent que j'ai plein de virus mais je n'y comprend rien.
J'ai lu quelques messages sur le forum et ait fait tourner ComboFix.
Voici ce que ca me donne.
Quelqu'un peut-il m'aider sachant que je n'y connais pas grand chose...
D'avance merci.
ComboFix 08-12-11.06 - Dumortier 2008-12-12 20:45:25.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.566 [GMT 1:00]
Lancé depuis: c:\documents and settings\Dumortier\Mes documents\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Starware354
c:\documents and settings\All Users\Application Data\Starware354\buttons\FindIt.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\findithotxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\finditxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\Highlight.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\highlightxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp
c:\documents and settings\All Users\Application Data\Starware354\contexts\error.xml
c:\documents and settings\All Users\Application Data\Starware354\contexts\related.xml
c:\documents and settings\All Users\Application Data\Starware354\contexts\Travel.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354
c:\documents and settings\Dumortier\Application Data\Starware354\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Dumortier\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Configurator\Configurator.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Configurator\Configurator.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Games\GamesOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Games\GamesOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Layouts\ToolbarLayout.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Manager\ManagerOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Manager\ManagerOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\images\active\Movies0.bmp
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\MoviesOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\MoviesOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Toolbar\TBProductsOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup
c:\documents and settings\Dumortier\BureauEditorFKWP1.5.exe
c:\documents and settings\Dumortier\BureauEditorFKWP2.0.exe
c:\documents and settings\Dumortier\Bureaufilemanagerclient.exe
c:\documents and settings\Dumortier\Bureaufkwp1.5.exe
c:\documents and settings\Dumortier\Bureaufkwp2.0.exe
c:\documents and settings\Dumortier\Bureaufwebd.exe
c:\documents and settings\Dumortier\BureauFWebdEditor.exe
c:\documents and settings\Dumortier\BureauTrojan.Win32.BlackBird.exe
c:\documents and settings\Dumortier\Menu Démarrer\Programmes\Démarrage\ppcb_32.lnk
c:\program files\akl
c:\program files\akl\akl.dll
c:\program files\akl\akl.exe
c:\program files\akl\uninstall.exe
c:\program files\akl\unsetup.exe
c:\program files\Altnet
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab
c:\program files\Inet Delivery
c:\program files\Inet Delivery\inetdl.exe
c:\program files\Inet Delivery\intdel.exe
c:\program files\INSTALL.LOG
c:\program files\PC-Cleaner
c:\program files\PC-Cleaner\com\pcsd.dll
c:\program files\ppcbooster
c:\program files\ppcbooster\ppcbu_32.exe
c:\program files\SpeedTest
c:\program files\Starware354
c:\program files\Starware354\brand.bmp
c:\program files\Starware354\icons\star_16.ico
c:\program files\Starware354\Starware354Config.xml
c:\program files\Starware354\Starware354Uninstall.exe
c:\windows\a.bat
c:\windows\base64.tmp
c:\windows\bdn.com
c:\windows\FVProtect.exe
c:\windows\Installer\{80991220-245b-4183-8ec9-23d26633e623}\zip.dll
c:\windows\iTunesMusic.exe
c:\windows\mslagent
c:\windows\mslagent\2_mslagent.dll
c:\windows\mslagent\mslagent.exe
c:\windows\mslagent\uninstall.exe
c:\windows\mssecu.exe
c:\windows\privacy_danger
c:\windows\privacy_danger\images\spacer.gif
c:\windows\rs.txt
c:\windows\system32akttzn.exe
c:\windows\system32anticipator.dll
c:\windows\system32awtoolb.dll
c:\windows\system32bdn.com
c:\windows\system32bsva-egihsg52.exe
c:\windows\system32dpcproxy.exe
c:\windows\system32emesx.dll
c:\windows\system32h@tkeysh@@k.dll
c:\windows\system32hoproxy.dll
c:\windows\system32hxiwlgpm.dat
c:\windows\system32hxiwlgpm.exe
c:\windows\system32medup012.dll
c:\windows\system32medup020.dll
c:\windows\system32msgp.exe
c:\windows\system32msnbho.dll
c:\windows\system32mssecu.exe
c:\windows\system32msvchost.exe
c:\windows\system32mtr2.exe
c:\windows\system32mwin32.exe
c:\windows\system32netode.exe
c:\windows\system32newsd32.exe
c:\windows\system32ps1.exe
c:\windows\system32psof1.exe
c:\windows\system32psoft1.exe
c:\windows\system32regc64.dll
c:\windows\system32regm64.dll
c:\windows\system32Rundl1.exe
c:\windows\system32smp
c:\windows\system32smp\msrc.exe
c:\windows\system32sncntr.exe
c:\windows\system32ssurf022.dll
c:\windows\system32ssvchost.com
c:\windows\system32ssvchost.exe
c:\windows\system32sysreq.exe
c:\windows\system32taack.dat
c:\windows\system32taack.exe
c:\windows\system32temp#01.exe
c:\windows\system32thun.dll
c:\windows\system32thun32.dll
c:\windows\system32VBIEWER.OCX
c:\windows\system32vbsys2.dll
c:\windows\system32vcatchpi.dll
c:\windows\system32winlogonpc.exe
c:\windows\system32winsystem.exe
c:\windows\system32WINWGPX.EXE
c:\windows\userconfig9x.dll
c:\windows\winsystem.exe
c:\windows\zip1.tmp
c:\windows\zip2.tmp
c:\windows\zip3.tmp
c:\windows\zipped.tmp
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-12 au 2008-12-12 ))))))))))))))))))))))))))))))))))))
.
2008-12-12 13:41 . 2008-12-12 13:42 <REP> d-------- c:\program files\A360
2008-12-12 07:45 . 2008-12-12 14:10 1,393 --a------ c:\windows\imsins.BAK
2008-12-02 18:43 . 2008-12-02 18:43 675,328 --a------ c:\windows\system32\nstC.dll
2008-11-22 18:02 . 2008-12-03 14:30 102,176 --a------ c:\windows\system32\cont_globaladsolution-remove.exe
2008-11-22 18:02 . 2008-11-22 18:02 78,636 --a------ c:\windows\system32\xhkpvovzzja.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\wuan364443.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\o255.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\hw5305.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\gbg033414.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\feoc827.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\c20232.exe
2008-11-21 22:09 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-21 22:08 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-29 08:17 --------- d-----w c:\documents and settings\Dumortier\Application Data\Skype
2008-11-22 17:04 --------- d-----w c:\documents and settings\Dumortier\Application Data\LimeWire
2008-11-16 14:37 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-14 13:12 --------- d-----w c:\documents and settings\Dumortier\Application Data\U3
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-17 00:48 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:35 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:03 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:26 1,846,528 ------w c:\windows\system32\dllcache\win32k.sys
2005-07-07 13:33 1,220,608 ----a-w c:\program files\dvdmaker.dll
2005-03-10 08:52 235,520 ----a-w c:\program files\mdabase.dll
2004-10-22 15:41 118,784 ----a-w c:\program files\ZIPDLL.DLL
2004-08-17 15:11 460,800 ----a-w c:\program files\DynDVDMenu.dll
2004-05-27 14:59 40,960 ----a-w c:\program files\HHWMPrxy.dll
2004-03-17 14:34 1,736,704 ----a-w c:\program files\GMEdit.dll
2004-03-17 08:22 798,720 ----a-w c:\program files\GmProP3.dll
2004-03-17 08:22 700,416 ----a-w c:\program files\GmProK7.dll
2003-10-20 10:29 49,152 ----a-w c:\program files\MDLL32.DLL
2003-04-15 10:42 102,400 ----a-w c:\program files\RemoveWaggle.dll
2003-04-03 10:09 49,152 ----a-w c:\program files\CPUINF32.DLL
2003-02-12 09:20 28,672 ----a-w c:\program files\explore.exe
2003-01-28 10:23 3,200 ----a-w c:\program files\thunk16.dll
2003-01-28 10:18 40,960 ----a-w c:\program files\thunk3216.dll
2002-12-30 11:10 184,320 ----a-w c:\program files\GmDvsd.dll
2002-11-07 10:41 86,016 ----a-w c:\program files\GmDV2Mpeg.dll
2002-10-31 11:40 237,568 ----a-w c:\program files\qtmlClient.dll
2002-10-02 10:12 49,152 ----a-w c:\program files\VirtSrc.ax
2002-10-02 10:11 65,536 ----a-w c:\program files\GoMotionDVtoMPEG.ax
2002-10-02 10:11 53,248 ----a-w c:\program files\DVIntcpt.ax
2002-10-02 09:56 28,672 ----a-w c:\program files\Preview.dll
2002-09-12 08:40 181,248 ----a-w c:\program files\Lfpng13n.dll
2002-09-12 08:39 392,704 ----a-w c:\program files\LFCMP13n.DLL
2002-09-12 08:39 126,464 ----a-w c:\program files\LFTIF13N.DLL
2002-09-12 08:37 55,296 ----a-w c:\program files\LFPSD13N.DLL
2002-09-12 08:37 31,232 ----a-w c:\program files\LFPNM13n.dll
2002-09-12 08:37 24,576 ----a-w c:\program files\LFTGA13N.DLL
2002-09-12 08:37 20,480 ----a-w c:\program files\LFRAS13N.DLL
2002-09-12 08:36 73,216 ----a-w c:\program files\LFFAX13N.DLL
2002-09-12 08:36 445,952 ----a-w c:\program files\LTIMG13N.DLL
2002-09-12 08:36 30,208 ----a-w c:\program files\LFBMP13N.DLL
2002-09-12 08:36 265,728 ----a-w c:\program files\LTDIS13n.dll
2002-09-12 08:36 26,112 ----a-w c:\program files\LFPCX13N.DLL
2002-09-12 08:36 205,312 ----a-w c:\program files\LTEFX13N.DLL
2002-09-12 08:36 19,968 ----a-w c:\program files\LFPCD13N.DLL
2002-09-12 08:36 18,944 ----a-w c:\program files\LFMSP13N.DLL
2002-09-12 08:36 139,264 ----a-w c:\program files\LTFIL13N.DLL
2002-09-12 08:35 445,440 ----a-w c:\program files\LTKRN13N.DLL
2002-09-11 10:26 1,684,992 ----a-w c:\program files\LTCLR13n.dll
2002-08-20 10:36 1,667,072 ----a-w c:\program files\GoMo4E.dll
2002-03-26 16:24 1,024 ----a-w c:\program files\AV32UID.DAT
2002-03-07 07:59 139,264 ----a-w c:\program files\GmVfwCap.dll
2002-02-22 14:32 987,136 ----a-w c:\program files\MumaIplW7.dll
2002-02-22 14:32 983,040 ----a-w c:\program files\MumaIplA6.dll
2002-02-22 14:32 942,080 ----a-w c:\program files\MumaIplM6.dll
2002-02-22 14:32 815,104 ----a-w c:\program files\MumaIplP6.dll
2002-02-22 14:32 811,008 ----a-w c:\program files\MumaIplPX.dll
2002-02-22 14:32 24,576 ----a-w c:\program files\MumaIpl.dll
2001-11-16 17:50 35,840 ----a-w c:\program files\lfgif13n.dll
2001-09-05 15:23 55,808 ----a-w c:\program files\MP3UTIL.DLL
2001-06-22 15:31 278,528 ----a-w c:\program files\pncrt.dll
2001-05-10 16:26 638,976 ----a-w c:\program files\PlayRIplPX.dll
2001-05-10 16:26 20,480 ----a-w c:\program files\PlayRIpl.dll
2000-08-24 13:35 20,480 ----a-w c:\program files\SAMSIG.DLL
2000-08-24 11:35 110,592 ----a-w c:\program files\samsigM6.dll
2000-08-24 11:35 110,592 ----a-w c:\program files\samsigM5.dll
2000-08-24 11:35 102,400 ----a-w c:\program files\samsigP6.dll
2000-08-24 11:34 139,264 ----a-w c:\program files\samsigA6.dll
2000-08-24 11:33 57,344 ----a-w c:\program files\samsigPX.dll
2000-08-18 09:57 28,672 ----a-w c:\program files\hhrashlp.dll
2000-04-11 14:53 90,112 ----a-w c:\program files\DAC37.DLL
1999-12-10 11:00 431,376 ----a-w c:\program files\riched20.dll
1999-03-11 17:06 61,440 ----a-w c:\program files\samsigP5.dll
1999-02-09 09:46 137,728 ----a-w c:\program files\IJL10.DLL
1997-12-22 00:30 94,208 ----a-w c:\program files\UNZDLL.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1a0573dc-ec02-088b-f608-ea85fd6a5410}]
2008-12-02 18:43 675328 --a------ c:\windows\system32\nstC.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 68856]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"48463495369633345507576435678555"="c:\program files\A360\av360.exe" [2008-12-12 1585664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-20 729178]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"%FP%Friendly fts.exe"="c:\program files\Friendly Technologies\BroadbandAccess\fts.exe" [2003-05-06 72192]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-13 26112]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2002-09-09 90112]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-09-11 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-09-11 45056]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 c:\windows\RTHDCPL.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2005-05-11 c:\windows\AGRSMMSG.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-02 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
"vidc.mxmc"= MimicICM.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\IRAS\\RAS Admin.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-05-17 97928]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-05-17 231704]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2777ee8c-c31b-11dd-8fe9-5050506f4531}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f320dc6-74f5-11dd-8f42-5050506f4531}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKCU-Run-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\telechargement-photoweb.ocx
O16 -: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB}
hxxp://www2.photoweb.fr/telechargement/Photoweb_uploader.cab
c:\windows\Downloaded Program Files\telechargement-photoweb.inf
c:\windows\system32\ws2_32.dll - c:\windows\system32\MSSTKPRP.DLL
c:\windows\system32\MSPRPFR.DLL
c:\windows\system32\oleaut32.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\asycfilt.dll
c:\windows\system32\stdole2.tlb
c:\windows\system32\comcat.dll
c:\windows\system32\VB6FR.DLL
c:\windows\system32\MSVBVM60.DLL
c:\windows\phs.ico
c:\windows\system32\WINSKFR.DLL
c:\windows\system32\MSWINSCK.OCX
c:\windows\system32\DPDlg.ocx
c:\windows\system32\MSCMCFR.DLL
c:\windows\system32\MSCOMCTL.OCX
c:\windows\system32\STDFTFR.DLL
c:\windows\system32\MSSTDFMT.DLL
c:\windows\system32\CMDLGFR.DLL
c:\windows\system32\COMDLG32.OCX
c:\windows\system32\RsaCrypt.dll
c:\windows\Downloaded Program Files\newUpload.ocx
O16 -: {983AB2CC-3D50-11D9-ADFE-00062919A34C}
hxxp://www.photoservice.com/activeX/newUpload.CAB
c:\windows\Downloaded Program Files\newUpload.INF
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 20:50:23
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0/u\FTRTSVC.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Heure de fin: 2008-12-12 20:53:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-12 19:53:42
Avant-CF: 45 537 239 040 octets libres
Après-CF: 45,548,331,008 octets libres
436 --- E O F --- 2008-12-12 13:12:48
J'ai plein de message de Antivirus 360 qui s'affiche et me disent que j'ai plein de virus mais je n'y comprend rien.
J'ai lu quelques messages sur le forum et ait fait tourner ComboFix.
Voici ce que ca me donne.
Quelqu'un peut-il m'aider sachant que je n'y connais pas grand chose...
D'avance merci.
ComboFix 08-12-11.06 - Dumortier 2008-12-12 20:45:25.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.566 [GMT 1:00]
Lancé depuis: c:\documents and settings\Dumortier\Mes documents\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Starware354
c:\documents and settings\All Users\Application Data\Starware354\buttons\FindIt.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\findithotxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\finditxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\Highlight.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\highlightxp.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.bmp
c:\documents and settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.png
c:\documents and settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp
c:\documents and settings\All Users\Application Data\Starware354\contexts\error.xml
c:\documents and settings\All Users\Application Data\Starware354\contexts\related.xml
c:\documents and settings\All Users\Application Data\Starware354\contexts\Travel.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml
c:\documents and settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354
c:\documents and settings\Dumortier\Application Data\Starware354\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Dumortier\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Configurator\Configurator.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Configurator\Configurator.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Games\GamesOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Games\GamesOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Layouts\ToolbarLayout.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Manager\ManagerOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Manager\ManagerOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\images\active\Movies0.bmp
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\MoviesOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Movies\MoviesOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\Toolbar\TBProductsOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup
c:\documents and settings\Dumortier\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml
c:\documents and settings\Dumortier\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup
c:\documents and settings\Dumortier\BureauEditorFKWP1.5.exe
c:\documents and settings\Dumortier\BureauEditorFKWP2.0.exe
c:\documents and settings\Dumortier\Bureaufilemanagerclient.exe
c:\documents and settings\Dumortier\Bureaufkwp1.5.exe
c:\documents and settings\Dumortier\Bureaufkwp2.0.exe
c:\documents and settings\Dumortier\Bureaufwebd.exe
c:\documents and settings\Dumortier\BureauFWebdEditor.exe
c:\documents and settings\Dumortier\BureauTrojan.Win32.BlackBird.exe
c:\documents and settings\Dumortier\Menu Démarrer\Programmes\Démarrage\ppcb_32.lnk
c:\program files\akl
c:\program files\akl\akl.dll
c:\program files\akl\akl.exe
c:\program files\akl\uninstall.exe
c:\program files\akl\unsetup.exe
c:\program files\Altnet
c:\program files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab
c:\program files\Inet Delivery
c:\program files\Inet Delivery\inetdl.exe
c:\program files\Inet Delivery\intdel.exe
c:\program files\INSTALL.LOG
c:\program files\PC-Cleaner
c:\program files\PC-Cleaner\com\pcsd.dll
c:\program files\ppcbooster
c:\program files\ppcbooster\ppcbu_32.exe
c:\program files\SpeedTest
c:\program files\Starware354
c:\program files\Starware354\brand.bmp
c:\program files\Starware354\icons\star_16.ico
c:\program files\Starware354\Starware354Config.xml
c:\program files\Starware354\Starware354Uninstall.exe
c:\windows\a.bat
c:\windows\base64.tmp
c:\windows\bdn.com
c:\windows\FVProtect.exe
c:\windows\Installer\{80991220-245b-4183-8ec9-23d26633e623}\zip.dll
c:\windows\iTunesMusic.exe
c:\windows\mslagent
c:\windows\mslagent\2_mslagent.dll
c:\windows\mslagent\mslagent.exe
c:\windows\mslagent\uninstall.exe
c:\windows\mssecu.exe
c:\windows\privacy_danger
c:\windows\privacy_danger\images\spacer.gif
c:\windows\rs.txt
c:\windows\system32akttzn.exe
c:\windows\system32anticipator.dll
c:\windows\system32awtoolb.dll
c:\windows\system32bdn.com
c:\windows\system32bsva-egihsg52.exe
c:\windows\system32dpcproxy.exe
c:\windows\system32emesx.dll
c:\windows\system32h@tkeysh@@k.dll
c:\windows\system32hoproxy.dll
c:\windows\system32hxiwlgpm.dat
c:\windows\system32hxiwlgpm.exe
c:\windows\system32medup012.dll
c:\windows\system32medup020.dll
c:\windows\system32msgp.exe
c:\windows\system32msnbho.dll
c:\windows\system32mssecu.exe
c:\windows\system32msvchost.exe
c:\windows\system32mtr2.exe
c:\windows\system32mwin32.exe
c:\windows\system32netode.exe
c:\windows\system32newsd32.exe
c:\windows\system32ps1.exe
c:\windows\system32psof1.exe
c:\windows\system32psoft1.exe
c:\windows\system32regc64.dll
c:\windows\system32regm64.dll
c:\windows\system32Rundl1.exe
c:\windows\system32smp
c:\windows\system32smp\msrc.exe
c:\windows\system32sncntr.exe
c:\windows\system32ssurf022.dll
c:\windows\system32ssvchost.com
c:\windows\system32ssvchost.exe
c:\windows\system32sysreq.exe
c:\windows\system32taack.dat
c:\windows\system32taack.exe
c:\windows\system32temp#01.exe
c:\windows\system32thun.dll
c:\windows\system32thun32.dll
c:\windows\system32VBIEWER.OCX
c:\windows\system32vbsys2.dll
c:\windows\system32vcatchpi.dll
c:\windows\system32winlogonpc.exe
c:\windows\system32winsystem.exe
c:\windows\system32WINWGPX.EXE
c:\windows\userconfig9x.dll
c:\windows\winsystem.exe
c:\windows\zip1.tmp
c:\windows\zip2.tmp
c:\windows\zip3.tmp
c:\windows\zipped.tmp
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-12 au 2008-12-12 ))))))))))))))))))))))))))))))))))))
.
2008-12-12 13:41 . 2008-12-12 13:42 <REP> d-------- c:\program files\A360
2008-12-12 07:45 . 2008-12-12 14:10 1,393 --a------ c:\windows\imsins.BAK
2008-12-02 18:43 . 2008-12-02 18:43 675,328 --a------ c:\windows\system32\nstC.dll
2008-11-22 18:02 . 2008-12-03 14:30 102,176 --a------ c:\windows\system32\cont_globaladsolution-remove.exe
2008-11-22 18:02 . 2008-11-22 18:02 78,636 --a------ c:\windows\system32\xhkpvovzzja.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\wuan364443.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\o255.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\hw5305.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\gbg033414.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\feoc827.exe
2008-11-22 18:02 . 2008-11-22 18:02 16,384 --a------ c:\windows\c20232.exe
2008-11-21 22:09 . 2008-10-24 12:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-21 22:08 . 2008-09-04 18:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-29 08:17 --------- d-----w c:\documents and settings\Dumortier\Application Data\Skype
2008-11-22 17:04 --------- d-----w c:\documents and settings\Dumortier\Application Data\LimeWire
2008-11-16 14:37 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-14 13:12 --------- d-----w c:\documents and settings\Dumortier\Application Data\U3
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-17 00:48 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:35 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-03 10:03 247,326 ------w c:\windows\system32\dllcache\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:26 1,846,528 ------w c:\windows\system32\dllcache\win32k.sys
2005-07-07 13:33 1,220,608 ----a-w c:\program files\dvdmaker.dll
2005-03-10 08:52 235,520 ----a-w c:\program files\mdabase.dll
2004-10-22 15:41 118,784 ----a-w c:\program files\ZIPDLL.DLL
2004-08-17 15:11 460,800 ----a-w c:\program files\DynDVDMenu.dll
2004-05-27 14:59 40,960 ----a-w c:\program files\HHWMPrxy.dll
2004-03-17 14:34 1,736,704 ----a-w c:\program files\GMEdit.dll
2004-03-17 08:22 798,720 ----a-w c:\program files\GmProP3.dll
2004-03-17 08:22 700,416 ----a-w c:\program files\GmProK7.dll
2003-10-20 10:29 49,152 ----a-w c:\program files\MDLL32.DLL
2003-04-15 10:42 102,400 ----a-w c:\program files\RemoveWaggle.dll
2003-04-03 10:09 49,152 ----a-w c:\program files\CPUINF32.DLL
2003-02-12 09:20 28,672 ----a-w c:\program files\explore.exe
2003-01-28 10:23 3,200 ----a-w c:\program files\thunk16.dll
2003-01-28 10:18 40,960 ----a-w c:\program files\thunk3216.dll
2002-12-30 11:10 184,320 ----a-w c:\program files\GmDvsd.dll
2002-11-07 10:41 86,016 ----a-w c:\program files\GmDV2Mpeg.dll
2002-10-31 11:40 237,568 ----a-w c:\program files\qtmlClient.dll
2002-10-02 10:12 49,152 ----a-w c:\program files\VirtSrc.ax
2002-10-02 10:11 65,536 ----a-w c:\program files\GoMotionDVtoMPEG.ax
2002-10-02 10:11 53,248 ----a-w c:\program files\DVIntcpt.ax
2002-10-02 09:56 28,672 ----a-w c:\program files\Preview.dll
2002-09-12 08:40 181,248 ----a-w c:\program files\Lfpng13n.dll
2002-09-12 08:39 392,704 ----a-w c:\program files\LFCMP13n.DLL
2002-09-12 08:39 126,464 ----a-w c:\program files\LFTIF13N.DLL
2002-09-12 08:37 55,296 ----a-w c:\program files\LFPSD13N.DLL
2002-09-12 08:37 31,232 ----a-w c:\program files\LFPNM13n.dll
2002-09-12 08:37 24,576 ----a-w c:\program files\LFTGA13N.DLL
2002-09-12 08:37 20,480 ----a-w c:\program files\LFRAS13N.DLL
2002-09-12 08:36 73,216 ----a-w c:\program files\LFFAX13N.DLL
2002-09-12 08:36 445,952 ----a-w c:\program files\LTIMG13N.DLL
2002-09-12 08:36 30,208 ----a-w c:\program files\LFBMP13N.DLL
2002-09-12 08:36 265,728 ----a-w c:\program files\LTDIS13n.dll
2002-09-12 08:36 26,112 ----a-w c:\program files\LFPCX13N.DLL
2002-09-12 08:36 205,312 ----a-w c:\program files\LTEFX13N.DLL
2002-09-12 08:36 19,968 ----a-w c:\program files\LFPCD13N.DLL
2002-09-12 08:36 18,944 ----a-w c:\program files\LFMSP13N.DLL
2002-09-12 08:36 139,264 ----a-w c:\program files\LTFIL13N.DLL
2002-09-12 08:35 445,440 ----a-w c:\program files\LTKRN13N.DLL
2002-09-11 10:26 1,684,992 ----a-w c:\program files\LTCLR13n.dll
2002-08-20 10:36 1,667,072 ----a-w c:\program files\GoMo4E.dll
2002-03-26 16:24 1,024 ----a-w c:\program files\AV32UID.DAT
2002-03-07 07:59 139,264 ----a-w c:\program files\GmVfwCap.dll
2002-02-22 14:32 987,136 ----a-w c:\program files\MumaIplW7.dll
2002-02-22 14:32 983,040 ----a-w c:\program files\MumaIplA6.dll
2002-02-22 14:32 942,080 ----a-w c:\program files\MumaIplM6.dll
2002-02-22 14:32 815,104 ----a-w c:\program files\MumaIplP6.dll
2002-02-22 14:32 811,008 ----a-w c:\program files\MumaIplPX.dll
2002-02-22 14:32 24,576 ----a-w c:\program files\MumaIpl.dll
2001-11-16 17:50 35,840 ----a-w c:\program files\lfgif13n.dll
2001-09-05 15:23 55,808 ----a-w c:\program files\MP3UTIL.DLL
2001-06-22 15:31 278,528 ----a-w c:\program files\pncrt.dll
2001-05-10 16:26 638,976 ----a-w c:\program files\PlayRIplPX.dll
2001-05-10 16:26 20,480 ----a-w c:\program files\PlayRIpl.dll
2000-08-24 13:35 20,480 ----a-w c:\program files\SAMSIG.DLL
2000-08-24 11:35 110,592 ----a-w c:\program files\samsigM6.dll
2000-08-24 11:35 110,592 ----a-w c:\program files\samsigM5.dll
2000-08-24 11:35 102,400 ----a-w c:\program files\samsigP6.dll
2000-08-24 11:34 139,264 ----a-w c:\program files\samsigA6.dll
2000-08-24 11:33 57,344 ----a-w c:\program files\samsigPX.dll
2000-08-18 09:57 28,672 ----a-w c:\program files\hhrashlp.dll
2000-04-11 14:53 90,112 ----a-w c:\program files\DAC37.DLL
1999-12-10 11:00 431,376 ----a-w c:\program files\riched20.dll
1999-03-11 17:06 61,440 ----a-w c:\program files\samsigP5.dll
1999-02-09 09:46 137,728 ----a-w c:\program files\IJL10.DLL
1997-12-22 00:30 94,208 ----a-w c:\program files\UNZDLL.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1a0573dc-ec02-088b-f608-ea85fd6a5410}]
2008-12-02 18:43 675328 --a------ c:\windows\system32\nstC.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 68856]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"48463495369633345507576435678555"="c:\program files\A360\av360.exe" [2008-12-12 1585664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-20 729178]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"%FP%Friendly fts.exe"="c:\program files\Friendly Technologies\BroadbandAccess\fts.exe" [2003-05-06 72192]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-13 26112]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2002-09-09 90112]
"LogitechGalleryRepair"="c:\program files\Logitech\ImageStudio\ISStart.exe" [2002-09-11 155648]
"LogitechImageStudioTray"="c:\program files\Logitech\ImageStudio\LogiTray.exe" [2002-09-11 45056]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 c:\windows\RTHDCPL.EXE]
"AGRSMMSG"="AGRSMMSG.exe" [2005-05-11 c:\windows\AGRSMMSG.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-02 67128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
"vidc.mxmc"= MimicICM.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\IRAS\\RAS Admin.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-05-17 97928]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-05-17 231704]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2777ee8c-c31b-11dd-8fe9-5050506f4531}]
\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f320dc6-74f5-11dd-8f42-5050506f4531}]
\Shell\AutoRun\command - E:\InstallTomTomHOME.exe
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKCU-Run-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
c:\windows\system32\unicows.dll - c:\windows\Downloaded Program Files\telechargement-photoweb.ocx
O16 -: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB}
hxxp://www2.photoweb.fr/telechargement/Photoweb_uploader.cab
c:\windows\Downloaded Program Files\telechargement-photoweb.inf
c:\windows\system32\ws2_32.dll - c:\windows\system32\MSSTKPRP.DLL
c:\windows\system32\MSPRPFR.DLL
c:\windows\system32\oleaut32.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\asycfilt.dll
c:\windows\system32\stdole2.tlb
c:\windows\system32\comcat.dll
c:\windows\system32\VB6FR.DLL
c:\windows\system32\MSVBVM60.DLL
c:\windows\phs.ico
c:\windows\system32\WINSKFR.DLL
c:\windows\system32\MSWINSCK.OCX
c:\windows\system32\DPDlg.ocx
c:\windows\system32\MSCMCFR.DLL
c:\windows\system32\MSCOMCTL.OCX
c:\windows\system32\STDFTFR.DLL
c:\windows\system32\MSSTDFMT.DLL
c:\windows\system32\CMDLGFR.DLL
c:\windows\system32\COMDLG32.OCX
c:\windows\system32\RsaCrypt.dll
c:\windows\Downloaded Program Files\newUpload.ocx
O16 -: {983AB2CC-3D50-11D9-ADFE-00062919A34C}
hxxp://www.photoservice.com/activeX/newUpload.CAB
c:\windows\Downloaded Program Files\newUpload.INF
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 20:50:23
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0/u\FTRTSVC.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Heure de fin: 2008-12-12 20:53:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-12 19:53:42
Avant-CF: 45 537 239 040 octets libres
Après-CF: 45,548,331,008 octets libres
436 --- E O F --- 2008-12-12 13:12:48
A voir également:
- Problème Antivirus 360
- Comodo antivirus - Télécharger - Sécurité
- Panda antivirus - Télécharger - Antivirus & Antimalwares
- Norton antivirus gratuit - Télécharger - Antivirus & Antimalwares
- Code gta 4 xbox 360 - Guide
- Avast antivirus gratuit - Télécharger - Antivirus & Antimalwares
