Page d accueil
fenderrory
-
fenderrory -
fenderrory -
Bonjour,lyonnais92
ca va beaucoup merci
voici le rapport:
ComboFix 08-12-09.03 - .......... 2008-12-14 19:36:00.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.464 [GMT 1:00]
Lancé depuis: c:\documents and settings\SERRELI\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\SERRELI\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\[u]0/u8dgu.com
C:\1t6yxlxx.cmd
C:\m2nl.bat
C:\pnt.com
C:\t1ypkh.exe
C:\tbm9.bat
c:\windows\system32\MabryObj.dll
c:\windows\system32\rnaph.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-14 au 2008-12-14 ))))))))))))))))))))))))))))))))))))
.
2008-12-09 18:32 . 2008-12-09 19:26 <REP> d-------- c:\program files\UsbFix
2008-12-07 11:09 . 2008-12-14 11:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-12-06 18:14 . 2008-12-14 17:49 <REP> d-------- c:\program files\Ad-remover
2008-12-06 17:38 . 2008-12-06 17:50 <REP> d-------- C:\Lop SD
2008-12-06 17:07 . 2008-12-06 17:21 <REP> d-------- C:\ToolBar SD
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\documents and settings\SERRELI\Application Data\Malwarebytes
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-05 17:54 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-05 17:54 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-03 19:43 . 2008-12-03 19:39 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-03 11:49 . 2008-12-06 16:39 <REP> d-------- c:\program files\Trend Micro
2008-11-28 18:45 . 2008-11-29 09:22 111,636 -r-hs---- C:\o1.com
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 11:06 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-12-12 13:53 --------- d-----w c:\program files\htm
2008-12-12 06:27 --------- d-----w c:\program files\Google
2008-12-10 19:26 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-12-03 18:54 --------- d-----w c:\program files\Java
2008-12-01 18:51 --------- d-----w c:\documents and settings\SERRELI\Application Data\vlc
2008-11-25 09:33 --------- d-----w c:\program files\Norton SystemWorks
2008-11-23 15:12 --------- d-----w c:\documents and settings\SERRELI\Application Data\dvdcss
2008-10-29 19:07 --------- d-----w c:\documents and settings\SERRELI\Application Data\AdobeUM
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2007-08-03 16:05 11,147,601 -c--a-w c:\program files\vlc-0.8.6c.tar.bz2
2007-08-03 16:01 856 -c--a-w c:\program files\vlc-0.8.6c-announce
2007-08-03 16:00 14,100,583 -c--a-w c:\program files\vlc-0.8.6c-win32.zip
2007-08-03 15:53 9,679,815 -c--a-w c:\program files\vlc-0.8.6c-win32.exe
2007-07-31 15:01 64,968 -c--a-w c:\documents and settings\SERRELI\Application Data\GDIPFONTCACHEV1.DAT
2007-03-25 14:58 22 -c--a-w c:\program files\Control_Alcoholemia.zip
2007-01-30 20:33 2,437,120 -c--a-w c:\program files\Jeux-Grattage.pps
2007-01-29 20:17 238,536 -c--a-w c:\program files\Alors.jpg
2007-01-29 20:16 71,028 -c--a-w c:\program files\VOEUX_police_2007.JPG
2007-01-29 20:15 772,608 -c--a-w c:\program files\TEMPETE_DE_GLACE.pps
2007-01-29 20:13 167,936 -c--a-w c:\program files\Controladorlaboral.pps
2007-01-29 20:13 1,716,736 -c--a-w c:\program files\Kamasutra.pps
2007-01-27 05:44 524,288 -c--a-w c:\program files\POURLAPAIX.pps
2007-01-26 12:00 2,150,400 -c--a-w c:\program files\Eengoeiemanieromhetalfabetteleren18_.pps
2007-01-26 11:57 710,144 -c--a-w c:\program files\MissBeer.pps
2007-01-25 20:38 343,552 -c--a-w c:\program files\BlagMail_un_ptit_baiser_2.pps
2007-01-25 15:40 1,024,512 -c--a-w c:\program files\Curioso.pps
2007-01-25 13:08 2,605,219 -c--a-w c:\program files\ParadisT.zip
2007-01-25 12:08 440,832 -c--a-w c:\program files\développement du Foetus.pps
2007-01-24 08:01 2,746,368 -c--a-w c:\program files\Maravilhacanadiana.pps
2007-01-23 15:59 2,590,208 -c--a-w c:\program files\brunestop.pps
2007-01-23 13:15 923,136 -c--a-w c:\program files\DoubleVision1.pps
2007-01-22 08:27 79,360 -c--a-w c:\program files\lepharmacien.pps
2007-01-22 08:27 591,872 -c--a-w c:\program files\plus_con_que CON.pps
2007-01-22 08:21 971,776 -c--a-w c:\program files\pourvousfairesourireRO171.pps
2007-01-22 08:21 535,040 -c--a-w c:\program files\sautemoutonmarinRO171.pps
2007-01-22 08:21 140,288 -c--a-w c:\program files\questionsexistentiellesRO171.pps
2007-01-19 08:28 760,320 -c--a-w c:\program files\perlesecoleprim(cv).pps
2007-01-18 11:56 1,329,152 -c--a-w c:\program files\Question1.pps
2007-01-18 08:56 966,656 -c--a-w c:\program files\Temporada AC.pps
2007-01-18 08:56 1,303,552 -c--a-w c:\program files\Infidèle_AC.pps
2007-01-18 08:55 1,773,056 -c--a-w c:\program files\VivelesCh__tis1.......pps
2007-01-18 08:52 95,515 -c--a-w c:\program files\LeBeaujolaisnouveau05.jpg
2007-01-18 08:52 88,986 -c--a-w c:\program files\LeBeaujolaisnouveau01.jpg
2007-01-18 08:52 122,752 -c--a-w c:\program files\LeBeaujolaisnouveau04.jpg
2007-01-18 08:52 107,615 -c--a-w c:\program files\LeBeaujolaisnouveau03.jpg
2007-01-16 18:31 812,032 -c--a-w c:\program files\mentos-cocacola.pps
2007-01-15 09:42 1,871,872 -c--a-w c:\program files\Prends_le_temps.pps
2007-01-13 14:29 109,056 -c--a-w c:\program files\bootlicker.ppt
2007-01-11 16:15 100,936 -c--a-w c:\program files\PechesMignons42.jpg
2007-01-10 20:26 63,478 -c--a-w c:\program files\ShowLetter.jpg
2007-01-07 19:18 255,352 -c--a-w c:\program files\1200 Wmax.jpg
2006-12-27 12:41 139,264 -c--a-w c:\program files\Lepetitgénie.pps
2006-12-27 09:54 53,760 -c--a-w c:\program files\PermisConduire.xls
2006-12-27 09:54 37,376 -c--a-w c:\program files\picolometre.xls
2006-12-26 16:07 2,692,075 -c--a-w c:\program files\Erica1.zip
2006-12-25 18:50 457,216 -c--a-w c:\program files\L_attaquedel_ours.pps
2006-12-24 10:41 709,120 -c--a-w c:\program files\maisondereves1.pps
2006-12-24 10:41 524,533 -c--a-w c:\program files\hottie.exe
2006-12-24 10:41 502,494 -c--a-w c:\program files\marmottes.exe
2006-12-24 10:41 306,688 -c--a-w c:\program files\HistoiresVrai.pps
2006-12-24 10:41 155,136 -c--a-w c:\program files\Messageinter-planetaire.pps
2006-12-24 10:41 1,616,896 -c--a-w c:\program files\Img2003.pps
2006-12-24 10:41 1,541,632 -c--a-w c:\program files\mijnverzamelingauto_'s.pps
2006-12-24 10:41 1,541,120 -c--a-w c:\program files\INSOLITE_1.pps
2006-12-24 10:41 1,448,960 -c--a-w c:\program files\grippeaviaire.pps
2006-12-24 10:41 1,190,912 -c--a-w c:\program files\kawa.pps
2006-12-24 10:41 1,085,175 -c--a-w c:\program files\homerun.exe
2006-12-23 10:52 847,758 -c--a-w c:\program files\Surprise du père noël.bmp
2006-12-22 13:10 1,864,704 -c--a-w c:\program files\Silent-night-2007NB.pps
2006-12-21 13:53 2,355,712 -c--a-w c:\program files\Hiver_d_autrefois.pps
2006-12-17 15:48 2,441,728 -c--a-w c:\program files\Caveclandestine.pps
2006-12-17 11:52 2,286,080 -c--a-w c:\program files\Cuisinechinoise.pps
2006-12-13 22:20 2,804,224 -c--a-w c:\program files\Dok1.pps
2006-12-13 22:20 2,804,224 -c--a-w c:\program files\Calendrier de l'avent.pps
2006-12-12 20:34 854,528 -c--a-w c:\program files\10 strings 1.ppt
2006-12-11 08:29 1,903,104 -c--a-w c:\program files\Calendrier de l'avent pour HOMME cv.ppt
2006-12-06 22:00 2,359,808 -c--a-w c:\program files\Filles du nord_.pps
2006-12-05 09:21 1,256,960 -c--a-w c:\program files\AGJD-Compile20.pps
2006-12-03 16:01 2,446,336 -c--a-w c:\program files\Quiveutetreuncochonmag.pps
2006-11-27 18:15 315,392 -c--a-w c:\program files\Cadeau-Gouv.pps
2006-11-23 19:29 1,238,528 -c--a-w c:\program files\au_cinema_en_ce_moment[1][1][1].3.pps
2006-11-23 19:17 655,360 -c--a-w c:\program files\DIEUETLEMONDEJPCASbritt.pps
2006-11-12 13:17 147,968 -c--a-w c:\program files\Autos41.pps
2006-11-11 16:33 119,808 -c--a-w c:\program files\Congsannuels.pps
2006-11-04 20:18 985,088 -c--a-w c:\program files\vistavie.pps
2006-10-23 08:31 1,947,648 -c--a-w c:\program files\uneblondedanstonbureau.pps
2006-10-23 06:37 2,956,288 -c--a-w c:\program files\bricolage2.pps
2006-10-17 07:53 1,799,489 -c--a-w c:\program files\Hentai.zip
2006-10-15 12:18 6,576,972 -c--a-w c:\program files\Akon - Lonely(Techno).mp3
2006-10-13 08:40 677,888 -c--a-w c:\program files\Dieux du Stade 2007.ppt
2006-10-12 12:27 1,483,264 -c--a-w c:\program files\Puzzle.pps
2006-09-21 11:11 254,701 -c--a-w c:\program files\Nouveauxradars[1].pdf
2006-09-10 22:36 5,233,165 -c--a-w c:\program files\COUP DE BOULE - Zidane il a taper.mp3
2006-09-10 22:35 4,737,024 -c--a-w c:\program files\Tina Turner - Rolling On The River.mp3
2006-09-02 02:04 6,039,680 -c--a-w c:\program files\Toto K Maro - Femme Like You.mp3
2006-08-28 10:26 287,744 -c--a-w c:\program files\lessanspapier(PDO).pps
2006-07-20 10:45 1,517,568 -c--a-w c:\program files\Etoonants.pps
2006-07-17 21:21 5,286,246 -c--a-w c:\program files\Bob Sinclar - World hold on.mp3
2006-07-11 13:57 2,617,399 -c--a-w c:\program files\COUP DE BOULE-LA PLAGE.MP3
2004-01-18 14:01 32 -csha-w c:\windows\{112E1951-9C8C-4267-B8C4-F684AA0B4A36}.dat
2004-01-18 14:03 32 -csha-w c:\windows\{19D3C0EB-08BF-4302-AAA4-327F98F8D141}.dat
2004-01-18 14:01 32 -csha-w c:\windows\{7AC52AB4-DF11-499D-A85C-3598E91F9141}.dat
2004-01-18 14:03 32 -csha-w c:\windows\{9C7E1FE3-F795-4161-8DDC-753E415550AC}.dat
2004-01-18 14:01 32 -csha-w c:\windows\{A4408898-B780-4566-B9A2-4B715EAB6A54}.dat
2004-01-18 14:02 32 -csha-w c:\windows\{FB114E00-59B8-4A88-AC3C-6828DEAD843C}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{2E784D9A-968C-4E9A-8456-76C0FED4DB57}.dat
2004-01-18 14:02 32 -csha-w c:\windows\system32\{3FB4A967-D805-4B92-A27F-3126DA74B606}.dat
2004-01-18 14:03 32 -csha-w c:\windows\system32\{829DACAB-4892-4B59-BCBC-697314F0CB07}.dat
2004-01-18 14:03 32 -csha-w c:\windows\system32\{998A6F67-6ED2-4DEE-9A70-7F1633EC409F}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{9A7F6DB4-5300-4D04-9C44-677469AFEDFB}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{BF4599FE-6978-4597-874E-D629AAD9046A}.dat
2008-09-03 12:54 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EM_EXEC"="c:\progra~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-01-28 35328]
"ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2003-06-19 335872]
"VCSPlayer"="c:\program files\Virtual CD v4 SDK\system\vcsplay.exe" [2002-06-07 299008]
"MPTBox"="c:\progra~1\Canon\MULTIP~1\MPTBox.exe" [2002-08-08 167936]
"SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-06-06 861184]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE" [2001-11-13 98304]
"GhostStartTrayApp"="c:\program files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2002-08-19 94208]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-06 71256]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2005-12-12 100056]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-03 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo"= lvfwwdmt.dll
"vidc.DIV3"= divxc32.dll
"vidc.MJPG"= m3jpeg32.dll
"msacm.DivXa32"= DivXa32.acm
"vidc.div4"= divxc32f.dll
"vidc.xvid"= xvid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\StubInstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 GhPciScan;GhostPciScanner;\??\c:\program files\Norton SystemWorks\Norton Ghost\ghpciscan.sys [2002-08-14 5632]
R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\DRIVERS\vcsmpdrv.sys [2003-08-04 49232]
R2 NProtectService;Norton Unerase Protection;c:\program files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE [2004-01-18 139264]
R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\system\vcssecs.exe [2003-08-04 139264]
S2 gupdate1c95c229e96c336;Google Update Service (gupdate1c95c229e96c336);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-12-12 119280]
S3 NetMate;CATC USB/Ethernet Link device driver;c:\windows\system32\DRIVERS\netmate2.sys [1979-12-31 35694]
.
Contenu du dossier 'Tâches planifiées'
2008-12-14 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 07:26]
2008-12-12 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur.job
- c:\progra~1\NORTON~1\Navw32.exe [2003-12-04 19:06]
2008-12-12 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
- c:\program files\Norton SystemWorks\OBC.exe [2002-09-30 17:44]
2008-12-14 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 11:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{C7B76B90-3455-4AE6-A752-EAC4D19689E5} - (no file)
HKCU-Run-AnumanLive - c:\documents and settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
HKCU-Run-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
HKLM-Run-QD FastAndSafe - (no file)
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://free.fr/
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\SERRELI\Application Data\Mozilla\Firefox\Profiles\1zdgz1tl.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
user_pref("gglûtoolûèbarüFireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://lo.st#home.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-14 19:41:46
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
c:\program files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
c:\progra~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Canon\MultiPASS4\MPDBMgr.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Canon\MultiPASS4\mpservic.exe
c:\program files\Norton AntiVirus\navapsvc.exe
c:\program files\Norton AntiVirus\SAVSCAN.EXE
c:\windows\system32\slserv.exe
c:\progra~1\NORTON~2\SPEEDD~1\NOPDB.EXE
c:\program files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE
c:\program files\Fichiers communs\Symantec Shared\Security Center\symwsc.exe
c:\program files\Messenger\msmsgs.exe
.
**************************************************************************
.
Heure de fin: 2008-12-14 19:46:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-14 18:46:39
Avant-CF: 46 946 238 464 octets libres
Après-CF: 47,862,136,832 octets libres
262 --- E O F --- 2008-12-12 07:02:13
ca va beaucoup merci
voici le rapport:
ComboFix 08-12-09.03 - .......... 2008-12-14 19:36:00.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.464 [GMT 1:00]
Lancé depuis: c:\documents and settings\SERRELI\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\SERRELI\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\[u]0/u8dgu.com
C:\1t6yxlxx.cmd
C:\m2nl.bat
C:\pnt.com
C:\t1ypkh.exe
C:\tbm9.bat
c:\windows\system32\MabryObj.dll
c:\windows\system32\rnaph.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-14 au 2008-12-14 ))))))))))))))))))))))))))))))))))))
.
2008-12-09 18:32 . 2008-12-09 19:26 <REP> d-------- c:\program files\UsbFix
2008-12-07 11:09 . 2008-12-14 11:35 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-12-06 18:14 . 2008-12-14 17:49 <REP> d-------- c:\program files\Ad-remover
2008-12-06 17:38 . 2008-12-06 17:50 <REP> d-------- C:\Lop SD
2008-12-06 17:07 . 2008-12-06 17:21 <REP> d-------- C:\ToolBar SD
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\documents and settings\SERRELI\Application Data\Malwarebytes
2008-12-05 17:54 . 2008-12-05 17:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-05 17:54 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-05 17:54 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-03 19:43 . 2008-12-03 19:39 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-03 11:49 . 2008-12-06 16:39 <REP> d-------- c:\program files\Trend Micro
2008-11-28 18:45 . 2008-11-29 09:22 111,636 -r-hs---- C:\o1.com
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 11:06 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-12-12 13:53 --------- d-----w c:\program files\htm
2008-12-12 06:27 --------- d-----w c:\program files\Google
2008-12-10 19:26 --------- d-----w c:\program files\Fichiers communs\Symantec Shared
2008-12-03 18:54 --------- d-----w c:\program files\Java
2008-12-01 18:51 --------- d-----w c:\documents and settings\SERRELI\Application Data\vlc
2008-11-25 09:33 --------- d-----w c:\program files\Norton SystemWorks
2008-11-23 15:12 --------- d-----w c:\documents and settings\SERRELI\Application Data\dvdcss
2008-10-29 19:07 --------- d-----w c:\documents and settings\SERRELI\Application Data\AdobeUM
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2007-08-03 16:05 11,147,601 -c--a-w c:\program files\vlc-0.8.6c.tar.bz2
2007-08-03 16:01 856 -c--a-w c:\program files\vlc-0.8.6c-announce
2007-08-03 16:00 14,100,583 -c--a-w c:\program files\vlc-0.8.6c-win32.zip
2007-08-03 15:53 9,679,815 -c--a-w c:\program files\vlc-0.8.6c-win32.exe
2007-07-31 15:01 64,968 -c--a-w c:\documents and settings\SERRELI\Application Data\GDIPFONTCACHEV1.DAT
2007-03-25 14:58 22 -c--a-w c:\program files\Control_Alcoholemia.zip
2007-01-30 20:33 2,437,120 -c--a-w c:\program files\Jeux-Grattage.pps
2007-01-29 20:17 238,536 -c--a-w c:\program files\Alors.jpg
2007-01-29 20:16 71,028 -c--a-w c:\program files\VOEUX_police_2007.JPG
2007-01-29 20:15 772,608 -c--a-w c:\program files\TEMPETE_DE_GLACE.pps
2007-01-29 20:13 167,936 -c--a-w c:\program files\Controladorlaboral.pps
2007-01-29 20:13 1,716,736 -c--a-w c:\program files\Kamasutra.pps
2007-01-27 05:44 524,288 -c--a-w c:\program files\POURLAPAIX.pps
2007-01-26 12:00 2,150,400 -c--a-w c:\program files\Eengoeiemanieromhetalfabetteleren18_.pps
2007-01-26 11:57 710,144 -c--a-w c:\program files\MissBeer.pps
2007-01-25 20:38 343,552 -c--a-w c:\program files\BlagMail_un_ptit_baiser_2.pps
2007-01-25 15:40 1,024,512 -c--a-w c:\program files\Curioso.pps
2007-01-25 13:08 2,605,219 -c--a-w c:\program files\ParadisT.zip
2007-01-25 12:08 440,832 -c--a-w c:\program files\développement du Foetus.pps
2007-01-24 08:01 2,746,368 -c--a-w c:\program files\Maravilhacanadiana.pps
2007-01-23 15:59 2,590,208 -c--a-w c:\program files\brunestop.pps
2007-01-23 13:15 923,136 -c--a-w c:\program files\DoubleVision1.pps
2007-01-22 08:27 79,360 -c--a-w c:\program files\lepharmacien.pps
2007-01-22 08:27 591,872 -c--a-w c:\program files\plus_con_que CON.pps
2007-01-22 08:21 971,776 -c--a-w c:\program files\pourvousfairesourireRO171.pps
2007-01-22 08:21 535,040 -c--a-w c:\program files\sautemoutonmarinRO171.pps
2007-01-22 08:21 140,288 -c--a-w c:\program files\questionsexistentiellesRO171.pps
2007-01-19 08:28 760,320 -c--a-w c:\program files\perlesecoleprim(cv).pps
2007-01-18 11:56 1,329,152 -c--a-w c:\program files\Question1.pps
2007-01-18 08:56 966,656 -c--a-w c:\program files\Temporada AC.pps
2007-01-18 08:56 1,303,552 -c--a-w c:\program files\Infidèle_AC.pps
2007-01-18 08:55 1,773,056 -c--a-w c:\program files\VivelesCh__tis1.......pps
2007-01-18 08:52 95,515 -c--a-w c:\program files\LeBeaujolaisnouveau05.jpg
2007-01-18 08:52 88,986 -c--a-w c:\program files\LeBeaujolaisnouveau01.jpg
2007-01-18 08:52 122,752 -c--a-w c:\program files\LeBeaujolaisnouveau04.jpg
2007-01-18 08:52 107,615 -c--a-w c:\program files\LeBeaujolaisnouveau03.jpg
2007-01-16 18:31 812,032 -c--a-w c:\program files\mentos-cocacola.pps
2007-01-15 09:42 1,871,872 -c--a-w c:\program files\Prends_le_temps.pps
2007-01-13 14:29 109,056 -c--a-w c:\program files\bootlicker.ppt
2007-01-11 16:15 100,936 -c--a-w c:\program files\PechesMignons42.jpg
2007-01-10 20:26 63,478 -c--a-w c:\program files\ShowLetter.jpg
2007-01-07 19:18 255,352 -c--a-w c:\program files\1200 Wmax.jpg
2006-12-27 12:41 139,264 -c--a-w c:\program files\Lepetitgénie.pps
2006-12-27 09:54 53,760 -c--a-w c:\program files\PermisConduire.xls
2006-12-27 09:54 37,376 -c--a-w c:\program files\picolometre.xls
2006-12-26 16:07 2,692,075 -c--a-w c:\program files\Erica1.zip
2006-12-25 18:50 457,216 -c--a-w c:\program files\L_attaquedel_ours.pps
2006-12-24 10:41 709,120 -c--a-w c:\program files\maisondereves1.pps
2006-12-24 10:41 524,533 -c--a-w c:\program files\hottie.exe
2006-12-24 10:41 502,494 -c--a-w c:\program files\marmottes.exe
2006-12-24 10:41 306,688 -c--a-w c:\program files\HistoiresVrai.pps
2006-12-24 10:41 155,136 -c--a-w c:\program files\Messageinter-planetaire.pps
2006-12-24 10:41 1,616,896 -c--a-w c:\program files\Img2003.pps
2006-12-24 10:41 1,541,632 -c--a-w c:\program files\mijnverzamelingauto_'s.pps
2006-12-24 10:41 1,541,120 -c--a-w c:\program files\INSOLITE_1.pps
2006-12-24 10:41 1,448,960 -c--a-w c:\program files\grippeaviaire.pps
2006-12-24 10:41 1,190,912 -c--a-w c:\program files\kawa.pps
2006-12-24 10:41 1,085,175 -c--a-w c:\program files\homerun.exe
2006-12-23 10:52 847,758 -c--a-w c:\program files\Surprise du père noël.bmp
2006-12-22 13:10 1,864,704 -c--a-w c:\program files\Silent-night-2007NB.pps
2006-12-21 13:53 2,355,712 -c--a-w c:\program files\Hiver_d_autrefois.pps
2006-12-17 15:48 2,441,728 -c--a-w c:\program files\Caveclandestine.pps
2006-12-17 11:52 2,286,080 -c--a-w c:\program files\Cuisinechinoise.pps
2006-12-13 22:20 2,804,224 -c--a-w c:\program files\Dok1.pps
2006-12-13 22:20 2,804,224 -c--a-w c:\program files\Calendrier de l'avent.pps
2006-12-12 20:34 854,528 -c--a-w c:\program files\10 strings 1.ppt
2006-12-11 08:29 1,903,104 -c--a-w c:\program files\Calendrier de l'avent pour HOMME cv.ppt
2006-12-06 22:00 2,359,808 -c--a-w c:\program files\Filles du nord_.pps
2006-12-05 09:21 1,256,960 -c--a-w c:\program files\AGJD-Compile20.pps
2006-12-03 16:01 2,446,336 -c--a-w c:\program files\Quiveutetreuncochonmag.pps
2006-11-27 18:15 315,392 -c--a-w c:\program files\Cadeau-Gouv.pps
2006-11-23 19:29 1,238,528 -c--a-w c:\program files\au_cinema_en_ce_moment[1][1][1].3.pps
2006-11-23 19:17 655,360 -c--a-w c:\program files\DIEUETLEMONDEJPCASbritt.pps
2006-11-12 13:17 147,968 -c--a-w c:\program files\Autos41.pps
2006-11-11 16:33 119,808 -c--a-w c:\program files\Congsannuels.pps
2006-11-04 20:18 985,088 -c--a-w c:\program files\vistavie.pps
2006-10-23 08:31 1,947,648 -c--a-w c:\program files\uneblondedanstonbureau.pps
2006-10-23 06:37 2,956,288 -c--a-w c:\program files\bricolage2.pps
2006-10-17 07:53 1,799,489 -c--a-w c:\program files\Hentai.zip
2006-10-15 12:18 6,576,972 -c--a-w c:\program files\Akon - Lonely(Techno).mp3
2006-10-13 08:40 677,888 -c--a-w c:\program files\Dieux du Stade 2007.ppt
2006-10-12 12:27 1,483,264 -c--a-w c:\program files\Puzzle.pps
2006-09-21 11:11 254,701 -c--a-w c:\program files\Nouveauxradars[1].pdf
2006-09-10 22:36 5,233,165 -c--a-w c:\program files\COUP DE BOULE - Zidane il a taper.mp3
2006-09-10 22:35 4,737,024 -c--a-w c:\program files\Tina Turner - Rolling On The River.mp3
2006-09-02 02:04 6,039,680 -c--a-w c:\program files\Toto K Maro - Femme Like You.mp3
2006-08-28 10:26 287,744 -c--a-w c:\program files\lessanspapier(PDO).pps
2006-07-20 10:45 1,517,568 -c--a-w c:\program files\Etoonants.pps
2006-07-17 21:21 5,286,246 -c--a-w c:\program files\Bob Sinclar - World hold on.mp3
2006-07-11 13:57 2,617,399 -c--a-w c:\program files\COUP DE BOULE-LA PLAGE.MP3
2004-01-18 14:01 32 -csha-w c:\windows\{112E1951-9C8C-4267-B8C4-F684AA0B4A36}.dat
2004-01-18 14:03 32 -csha-w c:\windows\{19D3C0EB-08BF-4302-AAA4-327F98F8D141}.dat
2004-01-18 14:01 32 -csha-w c:\windows\{7AC52AB4-DF11-499D-A85C-3598E91F9141}.dat
2004-01-18 14:03 32 -csha-w c:\windows\{9C7E1FE3-F795-4161-8DDC-753E415550AC}.dat
2004-01-18 14:01 32 -csha-w c:\windows\{A4408898-B780-4566-B9A2-4B715EAB6A54}.dat
2004-01-18 14:02 32 -csha-w c:\windows\{FB114E00-59B8-4A88-AC3C-6828DEAD843C}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{2E784D9A-968C-4E9A-8456-76C0FED4DB57}.dat
2004-01-18 14:02 32 -csha-w c:\windows\system32\{3FB4A967-D805-4B92-A27F-3126DA74B606}.dat
2004-01-18 14:03 32 -csha-w c:\windows\system32\{829DACAB-4892-4B59-BCBC-697314F0CB07}.dat
2004-01-18 14:03 32 -csha-w c:\windows\system32\{998A6F67-6ED2-4DEE-9A70-7F1633EC409F}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{9A7F6DB4-5300-4D04-9C44-677469AFEDFB}.dat
2004-01-18 14:01 32 -csha-w c:\windows\system32\{BF4599FE-6978-4597-874E-D629AAD9046A}.dat
2008-09-03 12:54 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090320080904\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EM_EXEC"="c:\progra~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-01-28 35328]
"ATIPTA"="c:\ati technologies\ATI Control Panel\atiptaxx.exe" [2003-06-19 335872]
"VCSPlayer"="c:\program files\Virtual CD v4 SDK\system\vcsplay.exe" [2002-06-07 299008]
"MPTBox"="c:\progra~1\Canon\MULTIP~1\MPTBox.exe" [2002-08-08 167936]
"SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-06-06 861184]
"LVCOMS"="c:\program files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE" [2001-11-13 98304]
"GhostStartTrayApp"="c:\program files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2002-08-19 94208]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-06 71256]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2005-12-12 100056]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-03 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo"= lvfwwdmt.dll
"vidc.DIV3"= divxc32.dll
"vidc.MJPG"= m3jpeg32.dll
"msacm.DivXa32"= DivXa32.acm
"vidc.div4"= divxc32f.dll
"vidc.xvid"= xvid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\StubInstaller.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 GhPciScan;GhostPciScanner;\??\c:\program files\Norton SystemWorks\Norton Ghost\ghpciscan.sys [2002-08-14 5632]
R1 vcsmpdrv;vcsmpdrv;c:\windows\system32\DRIVERS\vcsmpdrv.sys [2003-08-04 49232]
R2 NProtectService;Norton Unerase Protection;c:\program files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE [2004-01-18 139264]
R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);c:\program files\Virtual CD v4 SDK\system\vcssecs.exe [2003-08-04 139264]
S2 gupdate1c95c229e96c336;Google Update Service (gupdate1c95c229e96c336);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-12-12 119280]
S3 NetMate;CATC USB/Ethernet Link device driver;c:\windows\system32\DRIVERS\netmate2.sys [1979-12-31 35694]
.
Contenu du dossier 'Tâches planifiées'
2008-12-14 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-12 07:26]
2008-12-12 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur.job
- c:\progra~1\NORTON~1\Navw32.exe [2003-12-04 19:06]
2008-12-12 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job
- c:\program files\Norton SystemWorks\OBC.exe [2002-09-30 17:44]
2008-12-14 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2004-08-24 11:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{C7B76B90-3455-4AE6-A752-EAC4D19689E5} - (no file)
HKCU-Run-AnumanLive - c:\documents and settings\SERRELI\Application Data\Anuman Interactive\AnumanLive\AnumanLive.exe
HKCU-Run-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
HKLM-Run-QD FastAndSafe - (no file)
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://free.fr/
mWindow Title =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\SERRELI\Application Data\Mozilla\Firefox\Profiles\1zdgz1tl.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
user_pref("gglûtoolûèbarüFireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://lo.st#home.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-14 19:41:46
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Symantec Shared\CCSETMGR.EXE
c:\program files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe
c:\progra~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Canon\MultiPASS4\MPDBMgr.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Canon\MultiPASS4\mpservic.exe
c:\program files\Norton AntiVirus\navapsvc.exe
c:\program files\Norton AntiVirus\SAVSCAN.EXE
c:\windows\system32\slserv.exe
c:\progra~1\NORTON~2\SPEEDD~1\NOPDB.EXE
c:\program files\Fichiers communs\Symantec Shared\CCEVTMGR.EXE
c:\program files\Fichiers communs\Symantec Shared\Security Center\symwsc.exe
c:\program files\Messenger\msmsgs.exe
.
**************************************************************************
.
Heure de fin: 2008-12-14 19:46:53 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-12-14 18:46:39
Avant-CF: 46 946 238 464 octets libres
Après-CF: 47,862,136,832 octets libres
262 --- E O F --- 2008-12-12 07:02:13
A voir également:
- Page d accueil
- Page d'accueil - Guide
- Page accueil iphone - Guide
- Supprimer page word - Guide
- Imprimer tableau excel sur une page - Guide
- Page privée - Guide
2 réponses
Bonjour,
Si tu veux que Lyonnais puisse continuer à t'aider, je te conseille de continuer à poster dans le sujet que tu avais déjà ouvert : http://www.commentcamarche.net/forum/affich 9775136 page d accueil
Si tu veux que Lyonnais puisse continuer à t'aider, je te conseille de continuer à poster dans le sujet que tu avais déjà ouvert : http://www.commentcamarche.net/forum/affich 9775136 page d accueil
