Aller au contenu

jujudu78550

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par jujudu78550

  1. jujudu78550
    bonjour,j'ai fait un scan avec combofix et j'aimerais avoir une réponse sur ce rapport.Merci ComboFix 11-06-01.04 - Nico 01/06/2011 21:43:58.2.2 - x86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2550.1991 [GMT 2:00] Lancé depuis: c:\documents and settings\Nico\Bureau\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\program files\AskSearch\bin\DefaultSearch.dll c:\program files\Eorezo c:\program files\Eorezo\confmedia.cyp c:\program files\Eorezo\unins000.dat . ----- BITS: Il y a peut-être des sites infectés ----- . hxxp://apnmedia.ask.com . ((((((((((((((((((((((((((((( Fichiers créés du 2011-05-01 au 2011-06-01 )))))))))))))))))))))))))))))))))))) . . 2074-05-18 16:44 . 2008-03-21 13:46 607296 ------w- c:\program files\Microsoft Games\Age of Empires III\deformerdllyD.dll 2011-06-01 18:40 . 2011-06-01 18:40 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2011-06-01 18:36 . 2011-06-01 18:40 -------- d-----w- c:\program files\ZHPDiag 2011-06-01 16:40 . 2011-06-01 16:40 -------- d-----w- c:\documents and settings\JULIEN\Application Data\SUPERAntiSpyware.com 2011-06-01 15:07 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys 2011-06-01 14:05 . 2011-06-01 14:05 -------- d-----w- c:\documents and settings\Nico\Application Data\SUPERAntiSpyware.com 2011-06-01 14:05 . 2011-06-01 14:05 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-06-01 14:05 . 2011-06-01 14:06 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-06-01 14:01 . 2011-06-01 14:01 -------- d-----w- c:\documents and settings\Nico\Application Data\Malwarebytes 2011-06-01 14:01 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-01 14:01 . 2011-06-01 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-06-01 14:00 . 2011-06-01 14:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-01 14:00 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-29 09:13 . 2011-05-29 09:13 -------- d-----w- c:\program files\Universal Interactive 2011-05-29 09:07 . 2011-05-29 09:07 -------- d-----w- c:\program files\Alcohol Soft 2011-05-29 09:02 . 2011-05-29 09:02 436792 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-28 08:00 . 2011-05-28 08:27 -------- d-----w- c:\program files\Sierra 2011-05-28 07:43 . 2011-05-28 07:43 -------- d-----w- c:\documents and settings\JULIEN\Application Data\Sierra 2011-05-28 07:43 . 2011-05-28 07:43 -------- d-----w- c:\documents and settings\JULIEN\Application Data\InstallShield Installation Information 2011-05-28 07:40 . 2011-05-28 07:40 -------- d-----w- c:\documents and settings\JULIEN\Application Data\InstallShield 2011-05-19 17:38 . 2011-05-19 17:38 -------- d-----w- c:\program files\Conduit 2011-05-19 17:38 . 2011-05-19 17:38 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Conduit 2011-05-19 17:38 . 2011-05-19 17:38 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Softonic_France_FF 2011-05-19 17:38 . 2011-05-19 17:38 -------- d-----w- c:\program files\Softonic_France_FF 2011-05-19 17:37 . 2011-05-19 17:37 -------- d-----w- c:\program files\FreeTime 2011-05-18 13:31 . 2008-04-13 17:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2011-05-18 13:31 . 2008-04-13 17:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys 2011-05-18 13:31 . 2008-04-14 01:34 92160 ----a-w- c:\windows\system32\kswdmcap.ax 2011-05-18 13:31 . 2008-04-14 01:34 43008 ----a-w- c:\windows\system32\ksxbar.ax 2011-05-18 13:31 . 2008-04-14 01:33 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2011-05-18 13:31 . 2008-04-14 01:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll 2011-05-18 13:31 . 2008-04-14 01:34 61952 ----a-w- c:\windows\system32\kstvtune.ax 2011-05-18 13:24 . 2011-05-18 13:24 -------- d-----w- C:\SXS 2011-05-18 13:24 . 2011-05-18 13:24 -------- d-----w- c:\program files\Logitech 2011-05-18 13:24 . 2004-01-21 01:28 86016 ----a-w- c:\windows\system32\lvcoinst.dll 2011-05-18 13:24 . 2004-01-21 01:16 12080 ----a-w- c:\windows\system32\drivers\LVUSBSta.sys 2011-05-18 13:24 . 2004-01-21 01:26 360448 ----a-w- c:\windows\system32\LVUI2RC.dll 2011-05-18 13:24 . 2004-01-21 01:26 122880 ----a-w- c:\windows\system32\LVUI2.dll 2011-05-18 13:24 . 2004-01-21 01:24 57344 ----a-w- c:\windows\system32\LVComC.dll 2011-05-18 13:24 . 2004-01-21 01:24 135214 ----a-w- c:\windows\system32\LVComS.exe 2011-05-18 13:24 . 2004-01-21 01:25 172032 ----a-w- c:\windows\system32\lvcodec2.dll 2011-05-18 13:24 . 2004-01-21 01:14 271360 ----a-w- c:\windows\system32\drivers\LV302AV.SYS 2011-05-18 13:24 . 2004-01-21 01:14 5915 ----a-w- c:\windows\system32\drivers\lv302af.sys 2011-05-18 13:23 . 2011-05-18 13:23 -------- d-----w- c:\program files\Fichiers communs\Labtec 2011-05-18 13:23 . 1998-11-13 11:16 308224 ----a-w- c:\windows\IsUn040c.exe 2011-05-18 13:22 . 2011-05-18 13:22 53248 ------w- c:\program files\Fichiers communs\InstallShield\Engine\6\Intel 32\msihook.dll 2011-05-18 13:22 . 2011-05-18 13:22 126976 ------w- c:\program files\Fichiers communs\InstallShield\Engine\6\Intel 32\knlwrap.exe 2011-05-18 13:22 . 2011-05-18 13:22 114688 ------w- c:\program files\Fichiers communs\InstallShield\Engine\6\Intel 32\scpthdlr.dll 2011-05-14 08:10 . 2011-05-14 08:10 -------- d-----w- c:\documents and settings\MAXIME\Application Data\searchquband 2011-05-14 08:06 . 2011-05-15 10:49 -------- d-----w- c:\documents and settings\MAXIME\Application Data\searchqutoolbar 2011-05-11 14:29 . 2010-12-02 08:11 10915840 ----a-w- c:\windows\system32\libmfxhw32.dll 2011-05-11 14:29 . 2010-12-02 08:11 10833920 ----a-w- c:\windows\system32\libmfxsw32.dll 2011-05-11 14:26 . 2011-05-12 17:23 -------- d-----w- c:\windows\SxsCaPendDel 2011-05-11 14:20 . 2010-12-02 08:12 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2011-05-09 18:59 . 2011-05-09 18:59 -------- d-----w- c:\documents and settings\JULIEN\Application Data\searchqutoolbar 2011-05-09 18:59 . 2011-05-09 18:59 -------- d-----w- c:\documents and settings\JULIEN\Application Data\searchquband 2011-05-08 07:58 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-05-08 07:58 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-05-08 07:57 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-05-08 07:51 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-05-07 21:53 . 2011-05-07 21:53 -------- d-----w- c:\program files\Pivot Stickfigure Animator 2011-05-07 21:49 . 2011-05-07 21:49 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-05-07 16:22 . 2011-05-07 16:22 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\Ilivid Player 2011-05-07 16:22 . 2011-05-07 16:22 -------- d-----w- c:\documents and settings\Nico\Application Data\searchquband 2011-05-07 16:19 . 2011-05-07 16:22 -------- d-----w- c:\documents and settings\Nico\Application Data\searchqutoolbar 2011-05-07 16:19 . 2011-05-07 16:19 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-05-07 16:18 . 2011-05-07 16:18 -------- d-----w- c:\documents and settings\Nico\Local Settings\Application Data\PackageAware 2011-05-07 16:15 . 2011-05-13 17:29 -------- d-----w- c:\program files\Bridge Building Game . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-10 12:10 . 2010-06-29 19:40 40112 ----a-w- c:\windows\avastSS.scr 2011-05-10 12:10 . 2010-01-24 10:46 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-05-10 12:03 . 2011-04-07 17:28 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-05-10 12:03 . 2010-01-24 10:47 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-05-10 12:02 . 2010-01-24 10:47 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-05-10 12:02 . 2010-01-24 10:46 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-05-10 12:02 . 2010-01-24 10:46 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-05-10 11:59 . 2010-01-24 10:47 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-05-10 11:59 . 2010-01-24 10:47 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-05-10 11:59 . 2010-01-24 10:47 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-03-15 17:26 . 2011-03-15 17:26 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys 2011-03-07 05:33 . 2011-02-08 17:12 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-04 06:36 . 2002-08-30 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll 2001-10-05 10:53 . 2009-04-16 20:28 21866 -c--a-w- c:\program files\Fichiers communs\tppupd2k.dll . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240] "{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSoft.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\Softonic_France_FF\tbSoft.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-02-01 17:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240] "{6d6b212b-2245-4898-8b16-9a11b81ff9e1}"= "c:\program files\Softonic_France_FF\tbSoft.dll" [2010-10-18 3908192] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-23 2424192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824] "Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "TPP Auto Loader"="c:\windows\TPPALDR.EXE" [2001-10-05 118784] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-01 421160] "SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-02-12 188416] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-02-12 77824] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "BrowserChoice"="c:\windows\system32\browserchoice.exe" [2010-02-12 293376] . c:\documents and settings\MAXIME\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\Nico\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A] OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\documents and settings\Nico\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\Nico\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [N/A] OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\documents and settings\JULIEN\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\Nico\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe [2011-1-15 86576] OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-2-23 24576] WiFi Station pour Livebox.lnk - c:\program files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe [2011-2-8 806400] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"= "c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows iLivid Toolbar\\ToolBar\\dtUser.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "c:\\Documents and Settings\\JULIEN\\Mes documents\\utorrent.exe"= . R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29/05/2011 11:02 436792] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [07/04/2011 19:28 441176] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24/01/2010 12:47 307928] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 20:25 12872] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 20:41 67656] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24/01/2010 12:47 19544] R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [05/04/2011 19:28 245760] S3 JWTGSBG;JWTGSBG;c:\docume~1\Nico\LOCALS~1\Temp\JWTGSBG.exe --> c:\docume~1\Nico\LOCALS~1\Temp\JWTGSBG.exe [?] . Contenu du dossier 'Tâches planifiées' . 2011-05-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-484061587-725345543-1006Core.job - c:\documents and settings\JULIEN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-18 18:24] . 2011-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-484061587-725345543-1006UA.job - c:\documents and settings\JULIEN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-05-18 18:24] . 2011-06-01 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2011-02-01 17:17] . 2011-06-01 c:\windows\Tasks\User_Feed_Synchronization-{896FFEF8-0A01-4F59-8A86-4E86EEEE68DB}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . 2011-06-01 c:\windows\Tasks\User_Feed_Synchronization-{B806B5FE-3E25-444C-89E4-C3EF8E04EF15}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101668&gct=&gc=1&q=%s IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: mappy.com Trusted Zone: orange.fr Trusted Zone: voila.fr\rw.search.ke Trusted Zone: weborama.fr\orange TCP: DhcpNameServer = 192.168.1.1 DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-10 - (no file) HKCU-Run-TomTomHOME.exe - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe HKLM-Run-EPSON Stylus DX4800 Series - c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE HKLM-Run-NWEReboot - (no file) AddRemove-Notification de cadeaux MSN - c:\documents and settings\Nico\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-06-01 22:10 Windows 5.1.2600 Service Pack 3 NTFS . Recherche de processus cachés ... . Recherche d'éléments en démarrage automatique cachés ... . Recherche de fichiers cachés ... . Scan terminé avec succès Fichiers cachés: 0 . ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ñw*] "C040210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- . - - - - - - - > 'winlogon.exe'(844) c:\program files\SUPERAntiSpyware\SASWINLO.DLL . - - - - - - - > 'explorer.exe'(3016) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Dell\OpenManage\Client\Iap.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe c:\windows\system32\wscntfy.exe c:\progra~1\WI371A~1\Datamngr\DATAMN~1.EXE c:\program files\Brother\ControlCenter3\brccMCtl.exe c:\windows\system32\LVComS.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\iPod\bin\iPodService.exe c:\program files\OpenOffice.org 3\program\soffice.bin . ************************************************************************** . Heure de fin: 2011-06-01 22:17:55 - La machine a redémarré ComboFix-quarantined-files.txt 2011-06-01 20:17 . Avant-CF: 34 452 664 320 octets libres Après-CF: 36 709 269 504 octets libres . Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,3,4,5 - - End Of File - - B303B431F4A2DC5458F1D17C29DEF100
  2. jujudu78550
    Bonjour, j'ai fait une analyse avec combofix et je dois le soumettre a un assistant.Pouvez me donner un lien pour vous donnez ce rapport? Merci de vos reponses
×
×
  • Créer...