Aller au contenu

kikou45

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kikou45

  1. kikou45
    après un usage sans prob de ma clé usb sous xp pro sp3, elle est depuis qques jours reconnue comme...disque amovible avec icone en relation. j'accède tjs à son contenu mais je soupçonne une infection. meme sur d'autres ports usb et pc différents meme chose. avast home n'a rien "vu"! j'ai installé et fait tourner combofix; voici son rapport: ComboFix 10-01-03.05 - Administrateur 04/01/2010 13:44:05.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1015.490 [GMT 1:00] Lancé depuis: e:\documents and settings\Administrateur\Mes documents\Downloads\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . D:\Autorun.inf e:\docume~1\ADMINI~1\LOCALS~1\Temp\install_flash_player.exe e:\windows\system32\msconfig.exe e:\windows\system32\proquota.exe . . . manque!! . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-04 au 2010-01-04 )))))))))))))))))))))))))))))))))))) . 2010-01-04 09:16 . 2009-02-09 02:10 67208 ----a-w- e:\windows\UnDeploy.exe 2010-01-04 08:58 . 2009-11-21 10:18 1673216 ----a-w- e:\windows\system32\BootMan.exe 2010-01-04 08:58 . 2009-09-16 15:55 8456 ----a-w- e:\windows\system32\EuGdiDrv.sys 2010-01-04 08:58 . 2009-09-14 08:21 14848 ----a-w- e:\windows\system32\EuEpmGdi.dll 2010-01-04 08:58 . 2009-08-26 11:45 13192 ----a-w- e:\windows\system32\epmntdrv.sys 2010-01-04 08:58 . 2009-04-22 13:28 86408 ----a-w- e:\windows\system32\setupempdrv03.exe 2010-01-04 08:58 . 2010-01-04 08:58 -------- d-----w- e:\program files\EASEUS 2010-01-03 22:46 . 2010-01-03 23:28 4212 ---ha-w- e:\windows\system32\zllictbl.dat 2010-01-03 22:46 . 2009-09-23 19:04 69000 ----a-w- e:\windows\system32\zlcomm.dll 2010-01-03 22:46 . 2009-09-23 19:04 103816 ----a-w- e:\windows\system32\zlcommdb.dll 2010-01-03 22:46 . 2009-09-23 19:04 1238408 ----a-w- e:\windows\system32\zpeng25.dll 2010-01-03 22:46 . 2010-01-03 22:46 -------- d-----w- e:\windows\system32\ZoneLabs 2010-01-03 22:46 . 2010-01-03 22:46 -------- d-----w- e:\program files\Zone Labs 2010-01-03 22:44 . 2010-01-04 13:12 -------- d-----w- e:\windows\Internet Logs 2010-01-03 21:39 . 2010-01-03 21:50 -------- d-----w- e:\program files\Soft4Ever 2010-01-03 21:35 . 2008-04-13 08:46 11136 ----a-w- e:\windows\system32\drivers\SLIP.sys 2010-01-03 21:14 . 2010-01-03 21:14 -------- d-----w- e:\windows\Downloaded Installations 2010-01-03 14:30 . 2010-01-03 14:30 -------- d-----w- e:\documents and settings\Administrateur\Application Data\Apple Computer 2010-01-03 14:26 . 2010-01-03 14:26 -------- d-----w- e:\program files\QuickTime 2010-01-03 14:26 . 2010-01-03 14:30 -------- d-----w- e:\documents and settings\All Users\Application Data\Apple Computer 2010-01-03 14:25 . 2010-01-03 14:25 -------- d-----w- e:\program files\Fichiers communs\Apple 2010-01-03 14:25 . 2010-01-03 14:25 -------- d-----w- e:\documents and settings\Administrateur\Local Settings\Application Data\Apple 2010-01-03 14:25 . 2010-01-03 14:25 -------- d-----w- e:\program files\Apple Software Update 2010-01-03 14:25 . 2010-01-03 14:25 -------- d-----w- e:\documents and settings\All Users\Application Data\Apple 2010-01-03 14:25 . 2010-01-03 14:25 -------- d-----w- e:\documents and settings\Administrateur\Local Settings\Application Data\Apple Computer 2010-01-02 08:40 . 2010-01-02 08:43 -------- d-----w- e:\documents and settings\Administrateur\Local Settings\Application Data\AskToolbar 2010-01-02 08:38 . 2010-01-02 08:38 -------- d-----w- e:\documents and settings\Administrateur\Application Data\Nero 2010-01-01 21:57 . 2009-12-16 13:42 43008 ----a-w- e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2010-01-01 21:57 . 2009-12-16 13:42 872960 ----a-w- e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 2010-01-01 21:57 . 2009-12-16 13:42 340480 ----a-w- e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2010-01-01 21:57 . 2009-12-16 13:41 346624 ----a-w- e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2010-01-01 08:59 . 2010-01-01 08:59 -------- d-----w- e:\program files\Fontboard 2010-01-01 08:42 . 2008-04-14 12:30 15360 ----a-w- e:\windows\system32\ctfmon.exe 2010-01-01 08:42 . 2008-04-13 18:33 195584 ----a-w- e:\windows\system32\msutb.dll 2010-01-01 00:25 . 2010-01-01 00:25 0 ----a-w- e:\windows\nsreg.dat 2010-01-01 00:25 . 2010-01-01 00:25 -------- d-----w- e:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla 2010-01-01 00:01 . 2010-01-01 00:01 33558 ----a-w- e:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe 2009-12-31 23:56 . 2003-06-19 00:31 18944 ----a-w- e:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2009-12-31 23:56 . 2003-06-19 00:31 17920 ----a-w- e:\windows\system32\mdimon.dll 2009-12-31 23:55 . 2009-12-31 23:56 -------- d-----w- e:\windows\SHELLNEW 2009-12-31 23:55 . 2009-12-31 23:55 -------- d-----w- e:\program files\Microsoft.NET 2009-12-31 23:53 . 2009-12-31 23:53 -------- d-----r- E:\MSOCache 2009-12-31 23:51 . 2008-04-13 08:39 7552 ----a-w- e:\windows\system32\drivers\MSKSSRV.sys 2009-12-31 23:50 . 2010-01-04 12:49 -------- d-----w- e:\documents and settings\Administrateur\Application Data\Skype 2009-12-31 23:49 . 2008-02-15 11:49 184320 ----a-w- e:\windows\system32\igfxres.dll 2009-12-31 23:35 . 2008-04-13 09:17 83072 ----a-w- e:\windows\system32\drivers\wdmaud.sys 2009-12-31 23:34 . 2008-04-13 16:57 58752 ----a-w- e:\windows\system32\drivers\redbook.sys 2009-12-31 23:34 . 2008-04-13 17:34 153088 ----a-w- e:\windows\system32\irftp.exe 2009-12-31 23:34 . 2008-04-13 17:33 8192 ----a-w- e:\windows\system32\wshirda.dll 2009-12-31 23:34 . 2008-04-13 17:33 29184 ----a-w- e:\windows\system32\irmon.dll 2009-12-31 23:34 . 2008-04-13 09:54 88192 ----a-w- e:\windows\system32\drivers\irda.sys 2009-12-31 23:34 . 2001-08-17 19:51 19584 ----a-w- e:\windows\system32\drivers\rasirda.sys 2009-12-31 23:34 . 2001-08-17 19:51 18688 ----a-w- e:\windows\system32\drivers\irsir.sys 2009-12-31 23:33 . 2008-04-13 16:33 77312 ----a-w- e:\windows\system32\usbui.dll 2009-12-31 23:32 . 2010-01-03 22:44 -------- d-sh--w- e:\windows\Installer 2009-12-31 23:32 . 2010-01-04 13:09 -------- d-----w- E:\Program Files 2009-12-31 23:30 . 2009-12-31 23:41 -------- dc----w- e:\windows\system32\DRVSTORE 2009-12-31 23:30 . 2009-12-31 23:30 -------- d-----w- e:\program files\Intel 2009-12-31 23:30 . 2009-08-26 14:04 53248 ----a-w- e:\windows\system32\CSVer.dll 2009-12-31 23:30 . 2009-12-31 23:30 -------- d-----w- E:\Intel 2009-12-31 23:30 . 2009-12-31 23:30 -------- d-----w- E:\DRIVERS 2009-12-31 23:27 . 2009-11-30 20:27 38848 ----a-w- e:\windows\system32\avastSS.scr 2009-12-31 23:27 . 2009-12-31 23:27 -------- d-----w- e:\program files\ma-config.com 2009-12-31 23:27 . 2009-12-31 23:27 -------- d-----w- e:\documents and settings\All Users\Application Data\ma-config.com . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-04 13:09 . 2010-01-04 13:09 -------- d-----w- e:\program files\microsoft frontpage 2010-01-01 08:26 . 2009-12-31 23:01 11448 ----a-w- e:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-01 00:00 . 2009-12-31 23:00 -------- d-----w- e:\program files\Google 2009-12-31 23:59 . 2009-12-31 23:00 -------- d-----w- e:\documents and settings\All Users\Application Data\Google Updater 2009-12-31 23:42 . 2009-12-31 22:45 -------- d-----w- e:\program files\CCleaner 2009-12-31 23:22 . 2009-12-31 23:22 -------- d-----w- e:\program files\Alwil Software 2009-12-31 23:22 . 2009-12-31 23:22 -------- d-----w- e:\documents and settings\All Users\Application Data\Alwil Software 2009-12-31 23:16 . 2009-12-31 23:16 -------- d-----w- e:\program files\Fichiers communs\Adobe 2009-12-31 23:15 . 2009-12-31 23:15 -------- d-----w- e:\program files\Ask.com 2009-12-31 23:11 . 2009-12-31 23:11 -------- d-----w- e:\program files\Fichiers communs\Real 2009-12-31 23:11 . 2009-12-31 23:11 -------- d-----w- e:\program files\Fichiers communs\xing shared 2009-12-31 23:11 . 2009-12-31 23:11 499712 ----a-w- e:\windows\system32\msvcp71.dll 2009-12-31 23:11 . 2009-12-31 23:11 348160 ----a-w- e:\windows\system32\msvcr71.dll 2009-12-31 23:11 . 2009-12-31 23:11 -------- d-----w- e:\program files\Real 2009-12-31 23:07 . 2009-12-31 23:07 -------- d-----w- e:\program files\Fichiers communs\Skype 2009-12-31 23:07 . 2009-12-31 23:07 -------- d-----r- e:\program files\Skype 2009-12-31 23:07 . 2009-12-31 23:07 -------- d-----w- e:\documents and settings\All Users\Application Data\Skype 2009-12-31 23:00 . 2009-10-23 19:00 70718 ----a-w- e:\windows\system32\perfc00C.dat 2009-12-31 23:00 . 2009-10-23 19:00 455430 ----a-w- e:\windows\system32\perfh00C.dat 2009-12-31 22:45 . 2009-12-31 22:45 -------- d-----w- e:\program files\MPC HomeCinema 2009-12-31 22:45 . 2009-12-31 22:45 -------- d-----w- e:\program files\Symantec 2009-12-31 22:45 . 2009-12-31 22:54 -------- d-----w- e:\documents and settings\Administrateur\Application Data\Symantec 2009-12-31 22:45 . 2009-12-31 22:52 -------- d-----w- e:\windows\system32\config\systemprofile\Application Data\Symantec 2009-12-31 22:45 . 2009-12-31 22:45 -------- d-----w- e:\documents and settings\Default User\Application Data\Symantec 2009-12-31 22:45 . 2009-12-31 22:45 -------- d-----w- e:\program files\Fichiers communs\Symantec Shared 2009-12-31 22:45 . 2009-12-31 22:45 -------- d-----w- e:\documents and settings\All Users\Application Data\Symantec 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\program files\Fichiers communs\Nero 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\program files\Nero 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\documents and settings\All Users\Application Data\Nero 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\program files\Fichiers communs\ACD Systems 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\documents and settings\All Users\Application Data\ACD Systems 2009-12-31 22:44 . 2009-12-31 22:44 -------- d-----w- e:\program files\ACD Systems 2009-12-31 22:43 . 2009-12-31 22:43 -------- d-----w- e:\program files\Fichiers communs\EZB Systems 2009-12-31 22:43 . 2009-12-31 22:43 -------- d-----w- e:\program files\Windows Live 2009-12-31 22:43 . 2009-12-31 22:43 -------- d-----w- e:\program files\Microsoft 2009-12-31 22:39 . 2009-12-31 22:39 2678 ----a-w- e:\windows\java\Packages\Data\HVFLRB77.DAT 2009-12-31 22:39 . 2009-12-31 22:39 2678 ----a-w- e:\windows\java\Packages\Data\XBDBNFH7.DAT 2009-12-31 22:39 . 2009-12-31 22:39 2678 ----a-w- e:\windows\java\Packages\Data\R53Z3PNT.DAT 2009-12-31 22:39 . 2009-12-31 22:39 2678 ----a-w- e:\windows\java\Packages\Data\NFTRXVPN.DAT 2009-12-31 22:39 . 2009-12-31 22:39 2678 ----a-w- e:\windows\java\Packages\Data\KTNVT7Z5.DAT 2009-12-31 22:38 . 2009-12-31 22:38 21892 ----a-w- e:\windows\system32\emptyregdb.dat 2009-11-30 20:26 . 2009-12-31 23:22 150624 ----a-w- e:\windows\system32\aswBoot.exe 2009-11-30 20:15 . 2009-12-31 23:22 46544 ----a-w- e:\windows\system32\drivers\aswTdi.sys 2009-11-30 20:14 . 2009-12-31 23:22 149840 ----a-w- e:\windows\system32\drivers\aswSP.sys 2009-11-30 20:12 . 2009-12-31 23:22 23248 ----a-w- e:\windows\system32\drivers\aswRdr.sys 2009-11-30 20:11 . 2009-12-31 23:22 100176 ----a-w- e:\windows\system32\drivers\aswmon2.sys 2009-11-30 20:11 . 2009-12-31 23:22 94544 ----a-w- e:\windows\system32\drivers\aswmon.sys 2009-11-30 20:11 . 2009-12-31 23:22 19024 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys 2009-10-18 23:48 . 2009-12-31 23:22 27728 ----a-w- e:\windows\system32\drivers\aavmker4.sys 2009-10-11 19:36 . 2009-10-11 19:36 73728 ----a-w- e:\windows\system32\RtNicProp32.dll 2009-10-11 19:36 . 2009-10-11 19:36 143360 ----a-w- e:\windows\system32\drivers\Rtenicxp.sys . ------- Sigcheck ------- [-] 2009-10-23 . E88631E21A9CACA06104802F9E915115 . 361600 . . [5.1.2600.5625] . . e:\windows\system32\drivers\tcpip.sys [-] 2009-10-23 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . e:\windows\system32\kernel32.dll [-] 2009-10-23 . 6D290615A78C60746F4E25B2102573AF . 2640896 . . [5.1.2600.5755] . . e:\windows\system32\ntoskrnl.exe [-] 2009-10-23 . BEE6ADE296912A058D88C51ABC458515 . 579584 . . [5.1.2600.5512] . . e:\windows\system32\user32.dll [-] 2009-10-23 . 0E27A305F86583A1F5B61F3C7DDCC5A2 . 1859584 . . [6.00.2900.5634] . . e:\windows\explorer.exe [-] 2009-10-23 . A9658459BB4F4EE00FA117C9382C0D3A . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll [-] 2009-10-23 . A8300000232F40CC3E38885144BDECDD . 2519552 . . [5.1.2600.5755] . . e:\windows\system32\ntkrnlpa.exe e:\windows\System32\drivers\beep.sys ... manque !! e:\windows\System32\wuauclt.exe ... manque !! e:\windows\System32\wscntfy.exe ... manque !! e:\windows\System32\regsvc.dll ... manque !! e:\windows\System32\schedsvc.dll ... manque !! . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-02-26 10:25 809864 ----a-w- e:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "e:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "e:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="e:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-31 39408] "Skype"="e:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-22 1474560] "Google Updater"="e:\program files\Google\Google Updater\GoogleUpdater.exe" [2009-12-31 160752] "Google Desktop Search"="e:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-31 30192] "TkBellExe"="e:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-12-31 198160] "Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "avast5"="e:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2009-11-30 2654512] "IgfxTray"="e:\windows\system32\igfxtray.exe" [2008-02-15 135168] "HotKeysCmds"="e:\windows\system32\hkcmd.exe" [2008-02-15 159744] "Persistence"="e:\windows\system32\igfxpers.exe" [2008-02-15 131072] "Google Quick Search Box"="e:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-01-01 122880] "QuickTime Task"="e:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "ZoneAlarm Client"="e:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-09-23 1011080] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "_nltide_3"="advpack.dll" [2009-10-23 128512] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au] "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2536309916-560122738-865605030-500] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "e:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "e:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12530:TCP"= 12530:TCP:eMule_TCP "65530:UDP"= 65530:UDP:eMule_UDP "65535:UDP"= 65535:UDP:eMule_UDPServeur R0 Si3124;Si3124;e:\windows\system32\drivers\si3124.sys [23/10/2009 20:00 76208] R0 Si3531;Si3531;e:\windows\system32\drivers\Si3531.sys [23/10/2009 20:00 210224] R1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [01/01/2010 00:22 149840] R1 GhPciScan;GhostPciScanner;e:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [28/05/2003 19:01 5632] R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [01/01/2010 00:22 19024] R3 QCAbsee;QuickCam Web Logitech (0801);e:\windows\system32\drivers\OVCA.sys [01/01/2010 00:35 25088] S2 gupdate;Service Google Update (gupdate);e:\program files\Google\Update\GoogleUpdate.exe [01/01/2010 00:03 133104] S3 epmntdrv;epmntdrv;e:\windows\system32\epmntdrv.sys [04/01/2010 09:58 13192] S3 EuGdiDrv;EuGdiDrv;e:\windows\system32\EuGdiDrv.sys [04/01/2010 09:58 8456] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;e:\program files\Google\Google Desktop Search\GoogleDesktop.exe [01/01/2010 00:01 30192] S3 maconfservice;Ma-Config Service;e:\program files\ma-config.com\maconfservice.exe [17/12/2009 19:00 243056] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - HELPSVC *NewlyCreated* - SECLOGON NETSVCS DOIT ÊTRE RÉPARÉ - liste des éléments présents 6to4 AppMgmt AudioSrv Browser CryptSvc DMServer DHCP EventSystem FastUserSwitchingCompatibility HidServ Ias Iprip Irmon LanmanServer LanmanWorkstation Netman Nla NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Themes TrkWks WZCSVC Wmi WmdmPmSp winmgmt xmlprov napagent hkmsvc BITS ShellHWDetection WmdmPmSN HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.ask.com/?o=101723&l=dis mStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - e:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - e:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\ FF - component: e:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h4ajjd4y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: e:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: e:\program files\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll FF - plugin: e:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: e:\program files\ma-config.com\nphardwaredetection.dll . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-ITBar7Layout - (no file) Toolbar-ITBar7Position - (no file) HKU-Default-Run-ccleaner - c:\program files\CCleaner\CCleaner.exe HKU-Default-RunOnce-MPlayer2_FixUp - e:\windows\inf\unregmp2.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-04 14:14 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-484763869-1645522239-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,40,64,6d,6b,f5,0b,18,46,95,63,ab,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,40,64,6d,6b,f5,0b,18,46,95,63,ab,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1152) e:\windows\system32\SETUPAPI.dll - - - - - - - > 'lsass.exe'(1304) e:\windows\system32\setupapi.dll - - - - - - - > 'explorer.exe'(4088) e:\windows\system32\msi.dll e:\program files\Google\Quick Search Box\bin\1.2.1150.162\qsb.dll e:\windows\system32\SETUPAPI.dll e:\windows\system32\NETSHELL.dll e:\windows\system32\credui.dll e:\windows\system32\eappprxy.dll e:\windows\system32\webcheck.dll e:\windows\system32\WPDShServiceObj.dll e:\windows\system32\PortableDeviceTypes.dll e:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . e:\program files\Alwil Software\Avast5\AvastSvc.exe e:\windows\system32\igfxsrvc.exe e:\program files\Skype\Phone\Skype.exe . ************************************************************************** . Heure de fin: 2010-01-04 14:16:59 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-04 13:16 Avant-CF: 35 764 785 152 octets libres Après-CF: 35 708 121 088 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 45D7EC069A1C7AC7ACB674FE82C89AD6 Merci de m'aider et bonne année 2010 à tous
×
×
  • Créer...