voila j'ai attrappé le virus nokia_19 et je cherche par tout les moyens à m'en débarasser mais je n'y suis tjrs pas arrivé (msnfix ne le detecte pas, je le supprime, il revient quand je redémarre etc...) Bref j'ai besoin de votre aide je suis désespéré. 
j'espere que vs me viendrais en aide merci d'avance.
voici le rapport de Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:43, on 14/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Windows\vVX3000.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\LBTWiz.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\JB\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: rightonadz.biz browser optimizer - {36A91CEC-6C71-4758-B492-397BFC8E96A2} - C:\Windows\system32\gzmrotate.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [{6F-F0-0B-BB-ZN}] C:\Users\CHRIST~1\AppData\Local\Temp\TICHA001.exe CHA001
O4 - HKLM\..\Run: [LBTWiz.exe] C:\Windows\LBTWiz.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Protection Trend Micro contre les programmes espions (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 7522 bytes
AIDEZ MOI S'ILS VOUS PLAIT!!!
Bonjour
Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.
Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.
Poste aussi le rapport de MSNFix.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
bonjour et merci de votre réponse
voici le nouveau rapport de HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:31, on 15/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe
C:\Windows\vVX3000.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\LBTWiz.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\JB\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: rightonadz.biz browser optimizer - {36A91CEC-6C71-4758-B492-397BFC8E96A2} - C:\Windows\system32\gzmrotate.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [{6F-F0-0B-BB-ZN}] C:\Users\CHRIST~1\AppData\Local\Temp\TICHA001.exe CHA001
O4 - HKLM\..\Run: [LBTWiz.exe] C:\Windows\LBTWiz.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Wireless Configuration Utility HW.51.lnk = C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Protection Trend Micro contre les programmes espions (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 7418 bytes
voici le rapport de combofix :
ComboFix 07-10-12.4 - Christine 2007-10-15 20:20:59.3 - NTFSx86
Microsoft© Windows VistaT dition Familiale Basique 6.0.6000.0.1252.1.1036.18.1029 [GMT 2:00]
Running from: C:\Users\JB\Downloads\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\Conditions générales.url
C:\Program Files\webmediaplayer\Confidentialité.url
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\uninst.exe
C:\Program Files\webmediaplayer\WebMediaPlayer.exe
C:\Program Files\webmediaplayer\Website.url
C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ta_start.lnk
C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TA_Start.lnk
C:\Users\Christine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
C:\Windows\pack.epk
C:\Windows\system32\msnav32.ax
C:\Windows\system32\nvs2.inf
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-15 to 2007-10-15 ))))))))))))))))))))))))))))))))))))
.
2007-10-15 19:05 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-15 18:37 <REP> d-------- C:\Program Files\802.11 Wireless LAN
2007-10-14 21:44 <REP> d-------- C:\Program Files\KONAMI
2007-10-12 20:27 <REP> d-------- C:\Program Files\ViVi MP4 Converter 2.1
2007-10-12 20:26 2,795,209 --a------ C:\Users\Antonin\vivimp4.exe
2007-10-11 21:57 <REP> d-------- C:\Program Files\Navilog1
2007-10-10 22:12 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-10-10 22:12 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 22:12 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-10-10 22:12 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-10-10 22:09 26,624 --a------ C:\Windows\System32\ieUnatt.exe
2007-10-10 22:08 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-10-10 22:08 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-10-10 22:07 788,992 --a------ C:\Windows\System32\rpcrt4.dll
2007-10-10 16:41 3,770,400 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2007-10-10 16:20 1,126,328 --a------ C:\Windows\System32\drivers\vsapint.sys
2007-10-10 16:20 288,848 --a------ C:\Windows\System32\drivers\TM_CFW.sys
2007-10-10 16:20 203,024 --a------ C:\Windows\System32\drivers\tmxpflt.sys
2007-10-10 16:20 111,888 --a------ C:\Windows\System32\drivers\tm_mbd_c.sys
2007-10-10 16:20 102,800 --a------ C:\Windows\System32\drivers\tmcomm.sys
2007-10-10 16:20 75,088 --a------ C:\Windows\System32\drivers\tmtdi.sys
2007-10-10 16:20 36,112 --a------ C:\Windows\System32\drivers\tmpreflt.sys
2007-10-10 16:19 <REP> d-------- C:\Users\All Users\Trend Micro
2007-10-10 16:19 <REP> d-------- C:\PROGRA~2\Trend Micro
2007-10-10 16:15 <REP> d-------- C:\Program Files\Trend Micro
2007-10-08 21:48 <REP> d-------- C:\Windows\PCHEALTH
2007-10-08 19:13 556,032 -r-hs---- C:\Windows\LBTWiz.exe
2007-09-30 15:58 <REP> d-------- C:\Program Files\Pro Media Director
2007-09-29 16:48 <REP> d-------- C:\Users\Antonin\Nouveau dossier
2007-09-29 11:08 <REP> d-------- C:\Program Files\Personal Media Manager
2007-09-28 20:31 1,355,776 --a------ C:\Users\Antonin\UMDGen.exe
2007-09-28 20:01 <REP> d-------- C:\Program Files\Game Graphic Studio
2007-09-22 21:02 <REP> d-------- C:\Users\Christine\AppData\Roaming\Media Player Classic
2007-09-22 21:02 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\Media Player Classic
2007-09-22 17:36 <REP> d-------- C:\Temp
2007-09-22 14:20 <REP> d-------- C:\Program Files\Kate's Video Converter
2007-09-22 13:52 <REP> d-------- C:\Program Files\Magicbit
2007-09-19 16:56 <REP> d-------- C:\Users\JB\AppData\Roaming\Sony
2007-09-19 16:56 <REP> d-------- C:\Users\JB\AppData\Roaming\Publish Providers
2007-09-19 16:50 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-09-19 16:50 33,340 --------- C:\Windows\System32\dbmsqlgc.dll
2007-09-19 16:50 24,576 --------- C:\Windows\System32\dbmsgnet.dll
2007-09-19 16:49 <REP> d-------- C:\Users\Christine\AppData\Roaming\Sony
2007-09-19 16:49 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\Sony
2007-09-19 16:47 <REP> d-------- C:\Users\All Users\Sony
2007-09-19 16:47 <REP> d-------- C:\Program Files\Vstplugins
2007-09-19 16:47 <REP> d-------- C:\PROGRA~2\Sony
2007-09-19 16:46 <REP> d-------- C:\Program Files\Sony
2007-09-19 16:45 <REP> d-------- C:\Program Files\Sony Setup
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-15 16:38 44,108 --sha-w C:\Windows\system32\drivers\fidbox.idx
2007-10-15 16:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-15 16:18 --------- d-----w C:\PROGRA~2\Google Updater
2007-10-13 15:46 --------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2007-10-11 15:34 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 20:10 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-10-10 20:09 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-10-10 13:55 --------- d-----w C:\PROGRA~2\Kaspersky Lab
2007-10-08 19:49 --------- d-----w C:\Program Files\MSN Messenger
2007-09-28 15:09 --------- d-----w C:\Program Files\Cyanide
2007-09-22 12:15 --------- d-----w C:\Users\Antonin\AppData\Roaming\CyberLink
2007-09-16 20:05 --------- d-----w C:\Users\Christine\AppData\Roaming\Ahead
2007-09-16 20:05 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\Ahead
2007-09-12 17:06 --------- d-----w C:\Program Files\DFX
2007-09-12 17:06 --------- d-----w C:\PROGRA~2\DFX
2007-09-12 17:05 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-09-12 14:10 --------- d-----w C:\Program Files\DivX
2007-09-08 15:48 82,061 ----a-w C:\Windows\system32\drivers\klick.dat
2007-09-08 15:48 81,549 ----a-w C:\Windows\system32\drivers\klin.dat
2007-09-05 15:34 114,688 ----a-w C:\Windows\System32\netlogun.exe
2007-09-03 10:27 --------- d-----w C:\Program Files\Google
2007-09-02 18:33 --------- d-----w C:\Users\Antonin\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-09-02 13:33 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-09-01 16:09 --------- d-----w C:\Users\Christine\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-09-01 16:09 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-08-31 09:54 174 --sha-w C:\Program Files\desktop.ini
2007-08-31 09:48 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-08-31 09:48 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-08-31 09:48 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-08-31 09:48 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-08-31 09:48 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-08-31 09:48 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-08-31 09:48 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-08-31 09:48 61,440 ----a-w C:\Windows\System32\ntprint.exe
2007-08-31 09:48 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-08-31 09:48 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-08-31 09:48 3,470,008 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-08-31 09:48 269,824 ----a-w C:\Windows\System32\schannel.dll
2007-08-31 09:48 220,160 ----a-w C:\Windows\System32\ntprint.dll
2007-08-31 09:48 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-08-31 09:48 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-08-31 09:48 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-08-31 09:48 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-08-31 09:48 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-08-30 09:19 --------- d-----w C:\Program Files\Windows Calendar
2007-08-30 09:16 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-08-30 09:16 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-08-30 09:16 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2007-08-30 09:16 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-08-30 09:16 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2007-08-30 09:16 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2007-08-30 09:16 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-08-30 09:16 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2007-08-30 09:16 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-08-30 09:16 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-08-30 09:16 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-08-30 09:16 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-08-30 09:16 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-08-30 09:16 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-08-30 09:16 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2007-08-30 09:16 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-08-30 09:16 134,656 ----a-w C:\Windows\System32\dps.dll
2007-08-30 09:16 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-08-30 09:16 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-08-30 09:14 750,080 ----a-w C:\Windows\System32\qmgr.dll
2007-08-28 13:07 --------- d-----w C:\Program Files\Kaspersky Lab
2007-08-28 13:05 --------- d-----w C:\PROGRA~2\Kaspersky Lab Setup Files
2007-08-27 11:09 163,644 ----a-w C:\Windows\system32\drivers\SECDRV.SYS
2007-08-26 17:21 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2007-08-26 17:21 43,352 ----a-w C:\Windows\System32\wups2.dll
2007-08-26 17:21 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2007-08-26 17:21 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2007-08-26 17:20 80,896 ----a-w C:\Windows\System32\wudriver.dll
2007-08-26 17:20 549,720 ----a-w C:\Windows\System32\wuapi.dll
2007-08-26 17:20 33,624 ----a-w C:\Windows\System32\wups.dll
2007-08-26 17:20 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-08-26 17:20 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2007-08-24 16:17 1,275,392 ----a-w C:\Windows\System32\msxml4.dll
2007-08-18 16:26 --------- d-----w C:\Users\JB\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-08-18 12:53 --------- d-----w C:\Program Files\EA GAMES
2007-08-18 09:38 --------- d-----w C:\Program Files\pspvideo9
2007-08-18 09:36 --------- d-----w C:\Program Files\AviSynth 2.5
2007-08-17 18:43 --------- d-----w C:\Program Files\Red Kawa
2007-08-15 21:19 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2007-08-15 21:18 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2007-08-09 21:14 79,186 ----a-w C:\Windows\System32\adssite-remove.exe
2007-08-09 21:14 39,884 ----a-w C:\Windows\System32\gzmrot-uninst.exe
2007-08-08 10:03 265,216 ----a-w C:\Users\Christine\RUYCNQUXKN.EXE
2007-07-28 17:50 36,864 ----a-w C:\Windows\System32\wmdmps.dll
2007-07-28 17:50 311,296 ----a-w C:\Windows\System32\mswmdm.dll
2007-07-28 17:50 31,744 ----a-w C:\Windows\System32\wmdmlog.dll
2007-07-26 23:06 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2007-07-26 23:06 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
C:\Windows\system32\gzmrotate.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-04 11:33]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]
"LyraHD2TrayApp"="C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [2005-04-18 16:35]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-01-12 17:48]
"VX3000"="C:\Windows\vVX3000.exe" [2006-12-05 15:39]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-06-28 21:29]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" []
"LBTWiz.exe"="C:\Windows\LBTWiz.exe" [2007-10-08 16:42]
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe" [2007-03-08 01:34]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 18:05]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-08 15:05]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-07-08 16:02]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-08 15:05:40]
Wireless Configuration Utility HW.51.lnk - C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe [2004-12-14 19:53:38]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
R0 videX32;videX32;C:\Windows\system32\DRIVERS\videX32.sys
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\Windows\system32\DRIVERS\xfilt.sys
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys
R3 MRV6X32P;Pilote WiFi natif Vista 32-bits;C:\Windows\system32\DRIVERS\MRVW13B.sys
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 siusbmod;siusbmod;C:\Windows\system32\DRIVERS\siusbmod.sys
S3 VX3000;VX-3000;C:\Windows\system32\DRIVERS\VX3000.sys
S3 winusb;Pilote WinUsb;C:\Windows\system32\DRIVERS\winusb.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc
WindowsMobile wcescomm rapimgr
LocalServiceRestricted WcesComm RapiMgr
bthsvcs BthServ
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-15 20:29:20
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-15 20:35:04
.
--- E O F ---
je n'arrive pas à avoir le rapport de MSNfix cela m'affiche :
"Impossible de trouver le fichier C:\\Windows\msnfix.txt."
après on me demande si je veux en recréer un nouveau je mets oui et rien n'apparait ds le bloc note.
voila merci de nouveau pr votre aide
Re
Copie (Ctrl+C) le texte ci-dessous :
File::
C:\Windows\LBTWiz.exe
C:\Windows\system32\gzmrotate.dll
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LBTWiz.exe"=-
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt
Comme l'image le montre, fait glisser CFScript.txt sur Combofix.exe
Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
Supprime MSNFix et retélécharge le.
Télécharge MSNFix.zip (de !aur3n7) sur le Bureau
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et double clique sur le fichier MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, exécute l'option N.
Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
Poste le ainsi qu'un nouveau scan HijackThis fait en mode normal.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
re
voici le nouveau rapport de combofix:
ComboFix 07-10-12.4 - Christine 16/10/2007 19:20:19.4 - NTFSx86
Microsoft© Windows VistaT dition Familiale Basique 6.0.6000.0.1252.1.1036.18.831 [GMT 2:00]
Running from: C:\Users\JB\Desktop\ComboFix.exe
Command switches used :: C:\Users\JB\Desktop\CFScript.txt
* Created a new restore point
FILE::
C:\Windows\LBTWiz.exe
C:\Windows\system32\gzmrotate.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\LBTWiz.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-16 to 2007-10-16 ))))))))))))))))))))))))))))))))))))
.
2007-10-16 19:23 <REP> d-------- C:\Users\All Users\Lavasoft
2007-10-16 19:23 <REP> d-------- C:\Program Files\Lavasoft
2007-10-16 19:23 <REP> d-------- C:\PROGRA~2\Lavasoft
2007-10-15 19:05 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-15 18:37 <REP> d-------- C:\Program Files\802.11 Wireless LAN
2007-10-14 21:44 <REP> d-------- C:\Program Files\KONAMI
2007-10-12 20:27 <REP> d-------- C:\Program Files\ViVi MP4 Converter 2.1
2007-10-12 20:26 2,795,209 --a------ C:\Users\Antonin\vivimp4.exe
2007-10-11 21:57 <REP> d-------- C:\Program Files\Navilog1
2007-10-10 22:12 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-10-10 22:12 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 22:12 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-10-10 22:12 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-10-10 22:09 26,624 --a------ C:\Windows\System32\ieUnatt.exe
2007-10-10 22:08 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-10-10 22:08 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-10-10 22:07 788,992 --a------ C:\Windows\System32\rpcrt4.dll
2007-10-10 16:41 4,841,504 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2007-10-10 16:20 1,126,328 --a------ C:\Windows\System32\drivers\vsapint.sys
2007-10-10 16:20 288,848 --a------ C:\Windows\System32\drivers\TM_CFW.sys
2007-10-10 16:20 203,024 --a------ C:\Windows\System32\drivers\tmxpflt.sys
2007-10-10 16:20 111,888 --a------ C:\Windows\System32\drivers\tm_mbd_c.sys
2007-10-10 16:20 102,800 --a------ C:\Windows\System32\drivers\tmcomm.sys
2007-10-10 16:20 75,088 --a------ C:\Windows\System32\drivers\tmtdi.sys
2007-10-10 16:20 36,112 --a------ C:\Windows\System32\drivers\tmpreflt.sys
2007-10-10 16:19 <REP> d-------- C:\Users\All Users\Trend Micro
2007-10-10 16:19 <REP> d-------- C:\PROGRA~2\Trend Micro
2007-10-10 16:15 <REP> d-------- C:\Program Files\Trend Micro
2007-10-08 21:48 <REP> d-------- C:\Windows\PCHEALTH
2007-09-30 15:58 <REP> d-------- C:\Program Files\Pro Media Director
2007-09-29 16:48 <REP> d-------- C:\Users\Antonin\Nouveau dossier
2007-09-29 11:08 <REP> d-------- C:\Program Files\Personal Media Manager
2007-09-28 20:31 1,355,776 --a------ C:\Users\Antonin\UMDGen.exe
2007-09-28 20:01 <REP> d-------- C:\Program Files\Game Graphic Studio
2007-09-22 21:02 <REP> d-------- C:\Users\Christine\AppData\Roaming\Media Player Classic
2007-09-22 21:02 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\Media Player Classic
2007-09-22 17:36 <REP> d-------- C:\Temp
2007-09-22 14:20 <REP> d-------- C:\Program Files\Kate's Video Converter
2007-09-22 13:52 <REP> d-------- C:\Program Files\Magicbit
2007-09-19 16:56 <REP> d-------- C:\Users\JB\AppData\Roaming\Sony
2007-09-19 16:56 <REP> d-------- C:\Users\JB\AppData\Roaming\Publish Providers
2007-09-19 16:50 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-09-19 16:50 33,340 --------- C:\Windows\System32\dbmsqlgc.dll
2007-09-19 16:50 24,576 --------- C:\Windows\System32\dbmsgnet.dll
2007-09-19 16:49 <REP> d-------- C:\Users\Christine\AppData\Roaming\Sony
2007-09-19 16:49 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\Sony
2007-09-19 16:47 <REP> d-------- C:\Users\All Users\Sony
2007-09-19 16:47 <REP> d-------- C:\Program Files\Vstplugins
2007-09-19 16:47 <REP> d-------- C:\PROGRA~2\Sony
2007-09-19 16:46 <REP> d-------- C:\Program Files\Sony
2007-09-19 16:45 <REP> d-------- C:\Program Files\Sony Setup
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-16 17:21 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-10-15 16:38 44,108 --sha-w C:\Windows\system32\drivers\fidbox.idx
2007-10-15 16:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-15 16:18 --------- d-----w C:\PROGRA~2\Google Updater
2007-10-13 15:46 --------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2007-10-11 15:34 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 20:10 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-10-10 20:09 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-10-10 13:55 --------- d-----w C:\PROGRA~2\Kaspersky Lab
2007-10-08 19:49 --------- d-----w C:\Program Files\MSN Messenger
2007-09-28 15:09 --------- d-----w C:\Program Files\Cyanide
2007-09-22 12:15 --------- d-----w C:\Users\Antonin\AppData\Roaming\CyberLink
2007-09-16 20:05 --------- d-----w C:\Users\Christine\AppData\Roaming\Ahead
2007-09-16 20:05 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\Ahead
2007-09-12 17:06 --------- d-----w C:\Program Files\DFX
2007-09-12 17:06 --------- d-----w C:\PROGRA~2\DFX
2007-09-12 14:10 --------- d-----w C:\Program Files\DivX
2007-09-08 15:48 82,061 ----a-w C:\Windows\system32\drivers\klick.dat
2007-09-08 15:48 81,549 ----a-w C:\Windows\system32\drivers\klin.dat
2007-09-05 15:34 114,688 ----a-w C:\Windows\System32\netlogun.exe
2007-09-03 10:27 --------- d-----w C:\Program Files\Google
2007-09-02 18:33 --------- d-----w C:\Users\Antonin\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-09-02 13:33 --------- d-----w C:\Program Files\Windows Live Safety Center
2007-09-01 16:09 --------- d-----w C:\Users\Christine\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-09-01 16:09 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-08-31 09:54 174 --sha-w C:\Program Files\desktop.ini
2007-08-31 09:48 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-08-31 09:48 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-08-31 09:48 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-08-31 09:48 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-08-31 09:48 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-08-31 09:48 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-08-31 09:48 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-08-31 09:48 61,440 ----a-w C:\Windows\System32\ntprint.exe
2007-08-31 09:48 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-08-31 09:48 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-08-31 09:48 3,470,008 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-08-31 09:48 269,824 ----a-w C:\Windows\System32\schannel.dll
2007-08-31 09:48 220,160 ----a-w C:\Windows\System32\ntprint.dll
2007-08-31 09:48 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-08-31 09:48 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-08-31 09:48 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-08-31 09:48 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-08-31 09:48 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-08-30 09:19 --------- d-----w C:\Program Files\Windows Calendar
2007-08-30 09:16 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-08-30 09:16 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-08-30 09:16 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2007-08-30 09:16 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-08-30 09:16 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2007-08-30 09:16 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2007-08-30 09:16 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-08-30 09:16 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2007-08-30 09:16 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-08-30 09:16 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-08-30 09:16 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-08-30 09:16 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-08-30 09:16 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-08-30 09:16 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-08-30 09:16 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2007-08-30 09:16 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-08-30 09:16 134,656 ----a-w C:\Windows\System32\dps.dll
2007-08-30 09:16 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-08-30 09:16 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-08-30 09:14 750,080 ----a-w C:\Windows\System32\qmgr.dll
2007-08-28 13:07 --------- d-----w C:\Program Files\Kaspersky Lab
2007-08-28 13:05 --------- d-----w C:\PROGRA~2\Kaspersky Lab Setup Files
2007-08-27 11:09 163,644 ----a-w C:\Windows\system32\drivers\SECDRV.SYS
2007-08-26 17:21 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2007-08-26 17:21 43,352 ----a-w C:\Windows\System32\wups2.dll
2007-08-26 17:21 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2007-08-26 17:21 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2007-08-26 17:20 80,896 ----a-w C:\Windows\System32\wudriver.dll
2007-08-26 17:20 549,720 ----a-w C:\Windows\System32\wuapi.dll
2007-08-26 17:20 33,624 ----a-w C:\Windows\System32\wups.dll
2007-08-26 17:20 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-08-26 17:20 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2007-08-24 16:17 1,275,392 ----a-w C:\Windows\System32\msxml4.dll
2007-08-18 16:26 --------- d-----w C:\Users\JB\AppData\Roaming\La Bataille pour la Terre du Milieu
2007-08-18 12:53 --------- d-----w C:\Program Files\EA GAMES
2007-08-18 09:38 --------- d-----w C:\Program Files\pspvideo9
2007-08-18 09:36 --------- d-----w C:\Program Files\AviSynth 2.5
2007-08-17 18:43 --------- d-----w C:\Program Files\Red Kawa
2007-08-15 21:19 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2007-08-15 21:18 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2007-08-09 21:14 79,186 ----a-w C:\Windows\System32\adssite-remove.exe
2007-08-09 21:14 39,884 ----a-w C:\Windows\System32\gzmrot-uninst.exe
2007-08-08 10:03 265,216 ----a-w C:\Users\Christine\RUYCNQUXKN.EXE
2007-07-28 17:50 36,864 ----a-w C:\Windows\System32\wmdmps.dll
2007-07-28 17:50 311,296 ----a-w C:\Windows\System32\mswmdm.dll
2007-07-28 17:50 31,744 ----a-w C:\Windows\System32\wmdmlog.dll
2007-07-26 23:06 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2007-07-26 23:06 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
.
((((((((((((((((((((((((((((( snapshot@2007-10-15_20.31.16.90 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-15 16:46:40 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2007-10-16 04:41:27 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2007-10-16 17:23:41 1,038,336 ----a-r C:\Windows\Installer\{E31C348B-63A9-4CBF-8D7F-D932ABB63244}\Icon0E6AB9FC.exe
+ 2007-10-16 17:23:41 178,688 ----a-r C:\Windows\Installer\{E31C348B-63A9-4CBF-8D7F-D932ABB63244}\Icon0E6AB9FC1.exe
- 2007-10-15 18:04:20 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-10-16 05:51:49 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-10-15 18:04:20 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-10-16 05:51:49 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-10-15 18:04:20 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-10-16 05:51:49 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-10-15 18:19:53 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2007-10-16 17:19:48 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2007-10-16 17:19:48 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
+ 2007-06-04 13:14:56 6,272 ----a-w C:\Windows\System32\drivers\AWRTPD.sys
+ 2007-06-04 13:17:02 8,320 ----a-w C:\Windows\System32\drivers\AWRTRD.sys
+ 2007-06-04 13:18:48 9,344 ----a-w C:\Windows\System32\drivers\NSDriver.sys
+ 2007-04-13 13:19:52 7,680 ----a-w C:\Windows\System32\lsdelete.exe
- 2007-10-14 15:44:00 115,100 ----a-w C:\Windows\System32\perfc009.dat
+ 2007-10-16 04:45:30 115,100 ----a-w C:\Windows\System32\perfc009.dat
- 2007-10-14 15:44:01 132,528 ----a-w C:\Windows\System32\perfc00C.dat
+ 2007-10-16 04:45:30 132,528 ----a-w C:\Windows\System32\perfc00C.dat
- 2007-10-14 15:44:01 636,102 ----a-w C:\Windows\System32\perfh009.dat
+ 2007-10-16 04:45:30 636,102 ----a-w C:\Windows\System32\perfh009.dat
- 2007-10-14 15:44:01 721,286 ----a-w C:\Windows\System32\perfh00C.dat
+ 2007-10-16 04:45:30 721,286 ----a-w C:\Windows\System32\perfh00C.dat
- 2007-10-07 15:22:33 262,510 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2007-10-16 04:41:29 267,996 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/07/2007 11:33]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [12/01/2006 15:40]
"LyraHD2TrayApp"="C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe" [18/04/2005 16:35]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 03:06]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [12/01/2007 17:48]
"VX3000"="C:\Windows\vVX3000.exe" [05/12/2006 15:39]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [28/06/2004 21:29]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" []
"pccguide.exe"="C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe" [08/03/2007 01:34]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [26/09/2007 18:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [02/11/2006 14:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [23/12/2006 18:05]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [08/07/2007 15:05]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [08/07/2007 16:02]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-07-08 15:05:40]
Wireless Configuration Utility HW.51.lnk - C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe [2004-12-14 19:53:38]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
R0 videX32;videX32;C:\Windows\system32\DRIVERS\videX32.sys
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\Windows\system32\DRIVERS\xfilt.sys
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe"
R2 RapiMgr;Connectivité de l'appareil Windows Mobile;C:\Windows\system32\svchost.exe -k WindowsMobile
R2 WcesComm;Connectivité de l'appareil Windows Mobile 2003;C:\Windows\system32\svchost.exe -k WindowsMobile
R3 MRV6X32P;Pilote WiFi natif Vista 32-bits;C:\Windows\system32\DRIVERS\MRVW13B.sys
R3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 siusbmod;siusbmod;C:\Windows\system32\DRIVERS\siusbmod.sys
S3 VX3000;VX-3000;C:\Windows\system32\DRIVERS\VX3000.sys
S3 winusb;Pilote WinUsb;C:\Windows\system32\DRIVERS\winusb.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc
WindowsMobile wcescomm rapimgr
LocalServiceRestricted WcesComm RapiMgr
bthsvcs BthServ
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 19:26:04
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 16/10/2007 19:28:32
C:\ComboFix2.txt ... 15/10/2007 20:35
.
--- E O F ---
c'est bon le probleme est résolu!!!
je l'ai plus j'ai télécharger spybot et j'ai fais une analyse et je l'ai supprimer. Il est plus là!!! merci quand meme pr ton aide!!!
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\uninst.exe
C:\Program Files\webmediaplayer\WebMediaPlayer.exe
C:\Program Files\webmediaplayer\WebMediaPlayer.url
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\nqiycyhgx.dat
c:\windows\system32\nqiycyhgx.exe
C:\WINDOWS\system32\nqiycyhgx_nav.dat
c:\WINDOWS\system32\nqiycyhgx_navps.dat
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-24 to 2007-10-24 ))))))))))))))))))))))))))))))))))))
.
2007-10-24 16:54 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-22 18:48 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-10-22 08:34 561,298 --a------ C:\WINDOWS\Nokia_19_jpg.zip
2007-10-21 21:26 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
2007-10-21 21:26 44,495 --a------ C:\k3d3t4t8n7l.exe
2007-10-21 21:24 561,152 -r-hs---- C:\WINDOWS\LBTWiz.exe
2007-10-12 18:10 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-10-10 16:27 <REP> d-------- C:\Program Files\Multi_Media_France
2007-10-10 16:26 <REP> d-------- C:\Program Files\MultiMedia France Toolbar
2007-09-30 18:02 <REP> d-------- C:\Documents and Settings\loic\Application Data\BitTorrent
2007-09-30 18:01 <REP> d-------- C:\Program Files\BitTorrent_DNA
2007-09-30 18:01 <REP> d-------- C:\Program Files\BitTorrent
2007-09-30 18:01 <REP> d-------- C:\Documents and Settings\loic\Application Data\BitTorrent DNA
2007-09-25 17:40 299,776 --a------ C:\WINDOWS\system32\drivers\MRVW225.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-22 21:04 --------- d-----w C:\Program Files\BoontyGames
2007-10-17 16:46 --------- d-----w C:\Program Files\eMule
2007-10-14 17:18 --------- d-----w C:\Program Files\Java
2007-10-13 16:48 --------- d-----w C:\Program Files\Picasa2
2007-10-06 16:07 --------- d-----w C:\Program Files\Metin2_France
2007-10-03 05:19 --------- d-----w C:\Program Files\DDD Pool
2007-09-25 15:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-23 10:06 --------- d-----w C:\Program Files\ReflexiveArcade
2007-09-20 17:48 230,432 ----a-w C:\StiImg.dat
2007-09-17 18:01 --------- d-----w C:\Program Files\NEC Synchronization
2007-09-15 17:30 --------- d-----w C:\Program Files\NEC
2007-09-15 17:28 --------- d-----w C:\Documents and Settings\loic\Application Data\XCPCSync.OEM
2007-09-15 17:20 --------- d-----w C:\Program Files\Fichiers communs\XCPCSync.OEM
2007-09-15 09:36 --------- d-----w C:\Program Files\Gamenext
2007-09-14 16:41 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 09:35]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 09:32]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 09:36]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2007-02-14 13:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"XCSyncML"="C:\WINDOWS\system32\XCSyncML.exe" [2005-07-14 10:07]
"LBTWiz.exe"="C:\WINDOWS\LBTWiz.exe" [2007-10-21 11:46]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 18:13]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-09-30 18:01]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
R3 PAC207;Trust WB-1200p Mini Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys
R3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\archbus.sys
S3 archmdfl;NEC WMC USB_BJ1 Modem Filter;C:\WINDOWS\system32\DRIVERS\archmdfl.sys
S3 archmdm;NEC WMC USB_BJ1 Modem Drivers;C:\WINDOWS\system32\DRIVERS\archmdm.sys
S3 archobex;NEC WMC USB_BJ1 OBEX Interface Drivers (WDM);C:\WINDOWS\system32\DRIVERS\archobex.sys
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
S3 MRVW225;54M Wireless USB Adapter Dirver for Windows XP;C:\WINDOWS\system32\DRIVERS\MRVW225.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dc1c1c30-7c06-11dc-ac1f-0060b35bc4bc}]
AutoRun\command - G:\start.exe
iledefrance\command - G:\start.exe
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-24 17:09:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-24 17:11:13 - machine was rebooted
.
--- E O F ---
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Message édité par chercheur_ le 24-10-2007 à 18:08:34
Modération
Merci de créer votre propre sujet
===> A lire par tous avant de poster !
Et aussi ceci
Vous avez un problème ? Créez votre propre post !
Répondre à chercheur_
Il y a 1848 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
