Aller au contenu

Maropower

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Maropower

  1. Maropower
    J'ai télécharger ComboFix, et j'ai suivi vos étapes voici ce qe j'ai obtenu comme résutat pouvez vous me dire ce qe je dois faire mnt Merci d'avance ComboFix 08-05-15.2 - Administrateur 2008-05-16 12:05:43.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.181 [GMT 2:00] Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrateur\Bureau\WinXP_FR_PRO_BF.EXE * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\windows\system32\Cache . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))))))) . 2008-05-16 11:05 . 2008-05-16 11:05 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG 2008-05-11 11:00 . 2008-05-11 11:00 <REP> d-------- C:\Program Files\IcoFX 1.6 2008-05-11 11:00 . 2008-05-11 11:31 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\IcoFX 2008-05-08 23:35 . 2008-05-08 23:35 <REP> d-------- C:\WINDOWS\IIS Temporary Compressed Files 2008-05-08 23:34 . 2001-08-23 17:47 43,520 --a------ C:\WINDOWS\system32\fcachdll.dll 2008-05-08 23:34 . 2001-08-23 15:46 24,340 --a------ C:\WINDOWS\system32\smtpctrs.ini 2008-05-08 23:34 . 2001-08-23 17:47 23,040 --a------ C:\WINDOWS\system32\regtrace.exe 2008-05-08 23:34 . 2001-08-23 17:47 12,800 --a------ C:\WINDOWS\system32\smtpctrs.dll 2008-05-08 23:34 . 2001-07-21 22:23 8,002 --a------ C:\WINDOWS\system32\smtpctrs.h 2008-05-08 23:34 . 2001-08-23 17:47 7,168 --a------ C:\WINDOWS\system32\snprfdll.dll 2008-05-08 23:34 . 2001-08-23 17:46 5,632 --a------ C:\WINDOWS\system32\adsiisex.dll 2008-05-08 23:34 . 2001-08-23 15:46 1,106 --a------ C:\WINDOWS\system32\ntfsdrct.ini 2008-05-08 23:34 . 2001-07-21 22:23 773 --a------ C:\WINDOWS\system32\ntfsdrct.h 2008-05-08 23:32 . 2008-05-12 23:06 <REP> d-------- C:\WINDOWS\system32\Logfiles 2008-05-08 23:32 . 2008-05-08 23:35 <REP> d-------- C:\Inetpub 2008-05-06 14:33 . 2008-05-06 14:33 <REP> d-------- C:\Program Files\SQLXML 4.0 2008-05-06 14:08 . 2008-05-06 14:08 <REP> d-------- C:\Program Files\Microsoft Analysis Services 2008-05-05 12:09 . 1998-10-07 13:08 327,168 --a------ C:\WINDOWS\IsUn040c.exe 2008-05-05 12:09 . 2008-05-05 12:13 1,888 --a------ C:\WINDOWS\sql.mif 2008-05-05 12:09 . 2008-05-05 12:13 128 --a------ C:\WINDOWS\setup.iss 2008-05-05 12:01 . 2008-05-05 12:01 <REP> d-------- C:\WINDOWS\system32\xircom 2008-05-05 12:01 . 2008-05-05 12:01 <REP> d-------- C:\WINDOWS\system32\oobe 2008-05-05 12:01 . 2008-05-05 12:01 <REP> d-------- C:\WINDOWS\srchasst 2008-05-05 12:01 . 2008-05-05 12:01 <REP> d-------- C:\Program Files\microsoft frontpage 2008-05-04 20:57 . 2004-08-04 00:54 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2008-05-04 20:57 . 2004-08-04 00:45 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2008-05-04 20:57 . 2001-08-23 17:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-05-04 20:56 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-05-04 20:56 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-05-02 00:40 . 2008-05-02 00:40 <REP> d-------- C:\Program Files\Nevron 2008-04-30 20:53 . 2008-05-16 01:24 2,528 --a------ C:\WINDOWS\system32\settings.aaw 2008-04-30 20:53 . 2008-05-16 01:24 720 --a------ C:\WINDOWS\system32\history.aaw 2008-04-29 12:41 . 2008-04-29 12:41 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ACD Systems 2008-04-27 23:29 . 2008-04-27 23:29 <REP> d-------- C:\Program Files\Winamp 2008-04-27 23:29 . 2008-04-28 00:14 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Winamp 2008-04-22 20:01 . 2008-04-22 20:01 <REP> d-------- C:\Program Files\ooVoo 2008-04-22 19:50 . 2008-04-22 19:53 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\ooVoo Details 2008-04-22 12:48 . 2008-04-22 12:50 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-04-22 12:42 . 2008-04-22 12:42 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Samsung 2008-04-22 12:41 . 2008-04-22 12:40 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys 2008-04-22 12:11 . 2008-04-22 12:11 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers 2008-04-22 12:11 . 2008-04-22 12:11 <REP> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs 2008-04-22 12:11 . 2005-08-30 01:49 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys 2008-04-22 12:11 . 2005-08-30 01:47 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys 2008-04-22 12:11 . 2005-08-30 01:49 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys 2008-04-22 12:11 . 2005-08-30 01:49 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys 2008-04-22 12:11 . 2005-08-30 01:49 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys 2008-04-22 12:11 . 2005-08-30 01:47 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys 2008-04-22 12:11 . 2005-08-30 01:47 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys 2008-04-22 12:11 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico 2008-04-22 12:10 . 2008-04-22 12:10 <REP> d-------- C:\Program Files\Samsung 2008-04-21 22:45 . 2008-05-10 21:46 <REP> d-------- C:\Program Files\Microsoft SQL Server 2008-04-21 22:43 . 2008-04-21 22:43 <REP> d-------- C:\Program Files\Microsoft SQL Server 2005 Mobile Edition 2008-04-21 22:43 . 2008-04-21 22:43 <REP> d-------- C:\Program Files\Microsoft Device Emulator 2008-04-21 22:33 . 2008-04-21 22:33 <REP> d-------- C:\Program Files\MSBuild 2008-04-21 22:19 . 2008-04-21 22:19 <REP> d-------- C:\WINDOWS\Symbols 2008-04-21 22:19 . 2008-04-21 22:32 <REP> d-------- C:\Program Files\HTML Help Workshop 2008-04-21 22:19 . 2008-04-21 22:30 <REP> d-------- C:\Program Files\Fichiers communs\Merge Modules 2008-04-21 22:19 . 2008-04-21 22:21 <REP> d-------- C:\Program Files\Fichiers communs\Business Objects 2008-04-21 22:19 . 2008-04-21 22:19 <REP> d-------- C:\Program Files\CE Remote Tools 2008-04-21 22:19 . 2008-04-21 22:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions 2008-04-21 22:16 . 2008-04-21 22:33 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-04-21 22:16 . 2008-05-10 21:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-20 10:37 . 2008-04-20 10:37 <REP> d-------- C:\Program Files\Kap.TOEFL 2008-04-20 00:16 . 2008-04-20 00:16 <REP> d--h----- C:\BJPrinter 2008-04-18 19:30 . 2008-05-04 23:10 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\U3 2008-04-17 18:37 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2008-04-17 18:37 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2008-04-17 18:37 . 2004-08-04 00:55 16,384 --a------ C:\WINDOWS\system32\ipsink.ax 2008-04-17 18:37 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2008-04-17 18:37 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2008-04-17 18:37 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2008-04-17 18:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2008-04-17 18:17 . 2008-04-17 18:17 <REP> d-------- C:\Program Files\Google 2008-04-17 10:46 . 2008-04-17 10:46 8,192 --a------ C:\WINDOWS\REGLOCS.OLD 2008-04-17 08:28 . 2008-04-30 21:48 <REP> d-------- C:\Documents and Settings\Administrateur\Contacts 2008-04-17 07:00 . 2008-04-21 22:36 530 --a------ C:\WINDOWS\ODBC.INI 2008-04-17 06:59 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2008-04-17 06:58 . 2008-04-17 06:58 <REP> d-------- C:\Program Files\Microsoft Works 2008-04-17 06:57 . 2008-04-17 06:59 <REP> d-------- C:\WINDOWS\SHELLNEW 2008-04-17 06:57 . 2008-04-21 22:47 <REP> d-------- C:\Program Files\Microsoft.NET . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-16 08:49 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype 2008-05-16 08:09 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\skypePM 2008-05-07 15:07 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Media Player Classic 2008-04-22 18:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-15 09:57 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Ahead 2008-04-15 09:50 --------- d-----w C:\Program Files\Unlocker 2008-04-15 07:31 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\MusicIP 2008-04-14 14:30 --------- d-----w C:\Program Files\Synaptics 2008-04-14 13:54 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-04-14 13:52 --------- d-----w C:\Program Files\Skype 2008-04-14 13:52 --------- d-----w C:\Program Files\Fichiers communs\Skype 2008-04-14 13:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2008-04-14 13:19 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Talkback 2008-04-14 11:27 --------- d-----w C:\Program Files\Sigmatel 2008-04-14 10:32 --------- d-----w C:\Program Files\Dell 2008-04-14 10:31 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-04-14 10:22 --------- d-----w C:\Program Files\CONEXANT 2008-04-14 09:59 --------- d-----w C:\Program Files\FlashFXP 2008-04-14 09:59 --------- d-----w C:\Program Files\DAEMON Tools 2008-04-14 09:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Thunderbird 2008-04-14 09:59 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\FlashFXP 2008-04-14 09:58 --------- d-----w C:\Program Files\Real Alternative 2008-04-14 09:58 --------- d-----w C:\Program Files\QuickTime Alternative 2008-04-14 09:58 --------- d-----w C:\Program Files\My Company Name 2008-04-14 09:58 --------- d-----w C:\Program Files\Media Player Classic 2008-04-14 09:58 --------- d-----w C:\Program Files\Combined Community Codec Pack 2008-04-14 09:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-04-14 09:57 --------- d---a-w C:\Program Files\PuTTY 2008-04-14 09:57 --------- d-----w C:\Program Files\Xtremsplit 2008-04-14 09:57 --------- d-----w C:\Program Files\QuickPar 2008-04-14 09:57 --------- d-----w C:\Program Files\Kristanix 2008-04-14 09:57 --------- d-----w C:\Program Files\CyberLink 2008-04-14 09:56 --------- d-----w C:\Program Files\ElcomSoft 2008-04-14 09:56 --------- d-----w C:\Program Files\Chrono 2008-04-14 09:55 --------- d-----w C:\Program Files\Java 2008-04-14 09:53 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-04-14 09:51 --------- d-----w C:\Program Files\HashTab Shell Extension 2008-04-14 09:50 395,744 ----a-w C:\windows\system32\drivers\timntr.sys 2008-04-14 09:50 39,264 ----a-w C:\windows\system32\drivers\tifsfilt.sys 2008-04-14 09:50 114,048 ----a-w C:\windows\system32\drivers\snapman.sys 2008-04-14 09:50 --------- d-----w C:\Program Files\Lavasoft 2008-04-14 09:50 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-04-14 09:50 --------- d-----w C:\Program Files\Fichiers communs\Acronis 2008-04-14 09:50 --------- d-----w C:\Program Files\Alwil Software 2008-04-14 09:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-14 09:49 --------- d-----w C:\Program Files\MSN Messenger 2008-04-14 09:49 --------- d-----w C:\Program Files\Acronis 2008-04-14 09:48 --------- d-----w C:\Program Files\SlySoft 2008-04-14 09:48 --------- d-----w C:\Program Files\Nero 2008-04-14 09:48 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-04-14 09:48 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2008-04-14 09:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-04-14 09:47 10,368 ----a-w C:\windows\system32\drivers\pfc.sys 2008-04-14 09:47 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-04-14 09:47 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems 2008-04-14 09:47 --------- d-----w C:\Program Files\ACD Systems 2008-04-14 09:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-04-14 09:36 685,816 ----a-w C:\windows\system32\drivers\sptd.sys 2008-04-14 09:36 --------- d-----w C:\Program Files\MSXML 4.0 2008-04-14 09:34 --------- d-----w C:\Program Files\Services en ligne 2008-04-14 09:31 --------- d-----w C:\Program Files\Desktop 2008-04-14 09:30 --------- d-----w C:\Program Files\Windows Media Connect 2 . ------- Sigcheck ------- 2007-06-26 22:18 360576 c7be59b07c6eb74bea6fd67c1b164015 C:\windows\system32\drivers\tcpip.sys 2004-08-04 06:54 1227264 e28d16a8d63eca6246921fdf7cbde42a C:\windows\explorer.exe 2004-08-04 06:54 1227264 e28d16a8d63eca6246921fdf7cbde42a C:\windows\icon_TMP\explorer.exe 2004-08-04 06:54 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\windows\system_backup\explorer.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2004-08-04 06:54 15360] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-11-21 04:12 3297280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 23:30 282624 C:\WINDOWS\stsystra.exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 09:06 40048] "TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 17:58 1185264] "AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 18:02 1961576] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-10-17 11:47 87584] "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 19:19 15872] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe\ -lang 1033" [ ] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 18:37 69216] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55 54832] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-07-19 18:09 94208] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-07-19 18:06 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-07-19 18:10 114688] "Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2005-08-01 16:00 610304] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-24 14:36 729178] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 06:54 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [] "nltide_3"="advpack.dll" [2007-06-26 22:18 124928 C:\WINDOWS\system32\advpack.dll] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "ForceStartMenuLogoff"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoStartMenuMFUprogramsList"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "StartMenuLogoff"= 1 (0x1) "ForceStartMenuLogoff"= 0 (0x0) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoStartMenuMFUprogramsList"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll "vidc.wmv3"= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva] C:\windows\system32\amvo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe] --a------ 2008-03-30 11:53 12416816 C:\Program Files\ooVoo\ooVoo.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NICCONFIGSVC"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\ooVoo\\ooVoo.exe"= "C:\\Program Files\\Microsoft SQL Server\\90\\Tools\\Binn\\VSShell\\Common7\\IDE\\SqlWb.exe"= "C:\\Program Files\\Microsoft Visual Studio 8\\Common7\\IDE\\devenv.exe"= "C:\\Program Files\\Microsoft SQL Server\\90\\Shared\\SqlSAC.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "443:TCP"= 443:TCP:TCP port 443 ooVoo "443:UDP"= 443:UDP:UDP port 443 ooVoo "37674:TCP"= 37674:TCP:TCP port 37674 ooVoo "37674:UDP"= 37674:UDP:UDP port 37674 ooVoo "37675:UDP"= 37675:UDP:UDP port 37675 ooVoo R1 aswSP;avast! Self Protection;C:\windows\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 16:51] R2 aswFsBlk;aswFsBlk;C:\windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R2 MsDtsServer;SQL Server Integration Services;"C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe" [2005-10-14 03:45] S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 03:53] S3 USBSTOR;Pilote de stockage de masse USB;C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \Shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e2117e0-0d6d-11dd-82fa-0015c574ac0d}] \Shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e2117e1-0d6d-11dd-82fa-0015c574ac0d}] \Shell\AutoRun\command - H:\jfvkcsy.bat \Shell\explore\Command - H:\jfvkcsy.bat \Shell\open\Command - H:\jfvkcsy.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82b606b4-1ec3-11dd-8347-0015c574ac0d}] \Shell\AutoRun\command - G:\jfvkcsy.bat \Shell\explore\Command - G:\jfvkcsy.bat \Shell\open\Command - G:\jfvkcsy.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9af9a80-219d-11dd-8353-0015c574ac0d}] \Shell\AutoRun\command - G:\pa39xth.cmd \Shell\explore\Command - G:\pa39xth.cmd \Shell\open\Command - G:\pa39xth.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e920b899-0fde-11dd-8305-0015c574ac0d}] \Shell\AutoRun\command - G:\pa39xth.cmd \Shell\explore\Command - G:\pa39xth.cmd \Shell\open\Command - G:\pa39xth.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7ae7694-21df-11dd-8355-0015c574ac0d}] \Shell\AutoRun\command - G:\pa39xth.cmd \Shell\explore\Command - G:\pa39xth.cmd \Shell\open\Command - G:\pa39xth.cmd . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-16 12:09:36 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msftesql] "ImagePath"="\"C:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:MSSQLSERVER" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}] "ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\000.fcl" . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\windows\explorer.exe -> C:\Program Files\Unlocker\UnlockerHook.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\verclsid.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-16 12:13:06 - machine was rebooted [Administrateur] ComboFix-quarantined-files.txt 2008-05-16 10:12:59 ComboFix2.txt 2008-05-05 10:05:05 Pre-Run: 13,400,506,368 octets libres Post-Run: 13,393,072,128 octets libres 323
×
×
  • Créer...