Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport ComboFix

steve77

Par steve77
dans Analyses et éradication malwares

 Partager

Messages recommandés

steve77 Junior Member

steve77

Posté(e)
Posté(e)

Bonjour,

J'avais un problème de redirection de recherche google. J'ai éxecuté ComboFix en suivant ce tuto ICI

Le problème a leur réglé mais a la fin du tuto il recommande de poster le rapport, donc le voila :

ComboFix 10-09-17.04 - Steve Rolland 20/09/2010 0:13.1.2 - x86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.687 [GMT 2:00]

Lancé depuis: c:\documents and settings\Steve Rolland\Bureau\ComboFi.exe

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Steve Rolland\Recent\Anthony Kavanagh.com (2).pif

c:\documents and settings\Steve Rolland\Recent\Anthony Kavanagh.com.pif

C:\Install.exe

 

Une copie infectée de c:\windows\system32\drivers\WudfPf.sys a été trouvée et désinfectée

Copie restaurée à partir de - Kitty had a snack :P

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-08-19 au 2010-09-19 ))))))))))))))))))))))))))))))))))))

.

 

2010-09-18 15:32 . 2010-09-18 15:32 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\XWare

2010-09-18 15:32 . 2010-09-18 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\XWare

2010-09-18 08:20 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-09-18 08:20 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-09-18 08:20 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-09-18 08:20 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-09-18 08:20 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-09-18 08:20 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-09-18 08:20 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-09-18 08:20 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr

2010-09-18 08:20 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe

2010-09-18 08:20 . 2010-09-18 08:20 -------- d-----w- c:\program files\Alwil Software

2010-09-18 08:20 . 2010-09-18 08:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

2010-09-17 17:02 . 2010-09-17 17:02 -------- d-----w- c:\program files\CCleaner

2010-09-13 07:22 . 2010-09-13 07:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2010-09-12 09:19 . 2010-09-12 09:19 -------- d-s---w- c:\documents and settings\LocalService\Favoris

2010-09-12 08:58 . 2010-09-12 08:58 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\Malwarebytes

2010-09-12 08:42 . 2010-09-12 08:45 -------- d-----w- C:\WORT

2010-09-12 08:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-09-12 08:29 . 2010-09-12 08:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-09-12 08:29 . 2010-09-12 08:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-09-12 08:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-09-12 07:25 . 2010-09-17 16:59 -------- d-----w- c:\program files\ZHPDiag

2010-09-11 23:33 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-09-11 14:49 . 2009-03-24 12:43 43008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll

2010-09-11 14:49 . 2009-03-24 12:43 43008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2010-09-11 14:49 . 2009-03-24 12:43 338432 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2010-09-11 14:49 . 2009-03-24 12:42 345088 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2010-09-11 14:49 . 2009-03-24 12:43 235520 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff2.dll

2010-09-11 14:49 . 2009-03-24 12:42 235008 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff3.dll

2010-09-11 13:52 . 2010-09-11 13:52 -------- d-----w- c:\windows\system32\wbem\Repository

2010-09-11 08:25 . 2010-09-11 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2010-08-23 11:00 . 2010-08-29 14:16 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\vlc

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-19 22:23 . 2004-08-05 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat

2010-09-19 22:23 . 2004-08-05 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat

2010-09-18 18:05 . 2009-12-28 14:42 1 ----a-w- c:\documents and settings\Steve Rolland\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-09-17 21:41 . 2009-12-30 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-09-17 16:56 . 2010-05-12 20:08 -------- d-----w- c:\program files\PC Connectivity Solution

2010-09-11 23:46 . 2009-12-28 11:53 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-09-11 23:46 . 2010-05-22 18:08 -------- d-----w- c:\program files\Microsoft ActiveSync

2010-09-11 23:30 . 2010-07-10 08:27 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\Broad Intelligence

2010-09-11 23:28 . 2009-12-28 13:37 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

2010-09-04 09:15 . 2010-01-16 11:59 1324 ----a-w- c:\windows\system32\d3d9caps.dat

2010-08-29 11:30 . 2009-12-28 20:48 -------- d-----w- c:\program files\Opera

2010-08-23 10:50 . 2010-01-01 01:39 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\dvdcss

2010-08-17 13:17 . 2004-08-05 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe

2010-08-13 16:16 . 2009-12-28 15:40 -------- d-----w- c:\program files\Mozilla Thunderbird

2010-08-11 23:52 . 2010-08-13 17:00 85464 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll

2010-08-11 23:52 . 2010-08-13 17:00 38872 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINCE\components\WeaveCrypto.dll

2010-08-07 01:46 . 2010-08-07 01:46 503808 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\msvcp71.dll

2010-08-07 01:46 . 2010-08-07 01:46 499712 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\jmc.dll

2010-08-07 01:46 . 2010-08-07 01:46 348160 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-4b50c37f-n\msvcr71.dll

2010-08-07 01:46 . 2010-08-07 01:46 61440 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d67d9ba-n\decora-sse.dll

2010-08-07 01:46 . 2010-08-07 01:46 12800 ----a-w- c:\documents and settings\Steve Rolland\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1d67d9ba-n\decora-d3d.dll

2010-07-27 19:53 . 2010-02-18 17:16 -------- d-----w- c:\documents and settings\Steve Rolland\Application Data\PC Suite

2010-07-25 07:30 . 2010-07-25 07:30 -------- d-----w- c:\program files\Microsoft Silverlight

2010-07-24 14:07 . 2009-12-28 20:15 -------- d-----w- c:\program files\Messenger Plus! Live

2010-07-22 15:48 . 2004-08-05 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll

2010-06-30 12:32 . 2004-08-05 12:00 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-24 12:25 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-24 09:02 . 2004-08-05 12:00 1852032 ----a-w- c:\windows\system32\win32k.sys

1995-09-20 15:16 . 1995-09-20 15:16 456976 ----a-w- c:\program files\Fichiers communs\dao3032.dll

2010-08-06 22:08 . 2009-12-28 13:52 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

2010-02-03 11:51 . 2010-02-03 11:51 8192 --sha-w- c:\windows\o2cLicStore.bin

2006-05-03 09:06 . 2010-07-10 08:11 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 10:47 . 2010-07-10 08:11 31232 --sh--r- c:\windows\system32\msfDX.dll

2008-03-16 12:30 . 2010-07-10 08:11 216064 --sh--r- c:\windows\system32\nbDX.dll

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Wallpaper"="c:\program files\Wallpaper\Wallpaper.exe" [2007-08-20 233472]

"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

"eMuleAutoStart"="c:\program files\eMule\eMule.exe" [2010-04-07 5758976]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-29 150040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-29 170520]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-29 141848]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-08-03 1044480]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-06 30192]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]

"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

"WinVNC"="c:\program files\UltraVNC\WinVNC.exe" [2006-07-17 364544]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2010-01-30 126976]

"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-31 813584]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2009-07-20 11:28 72208 ----a-w- c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

c:\program files\Fichiers communs\Nokia\MPlatform\NokiaMServer [X]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]

2010-04-07 13:00 5758976 ----a-w- c:\program files\eMule\emule.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]

2009-10-05 17:03 2174976 ----a-w- c:\program files\EXPERTool\TBPANEL.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]

2010-01-30 21:49 126976 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Updater]

2010-02-03 18:47 160752 ----a-w- c:\program files\Google\Google Updater\GoogleUpdater.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-01-22 18:16 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-13 18:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\UltraVNC\\winvnc.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Documents and Settings\\Steve Rolland\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=

"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

 

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/09/2010 10:20 165584]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/09/2010 10:20 17744]

R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [31/12/2009 01:20 10384]

R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [19/11/2004 19:07 101488]

R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]

R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [02/01/2010 19:51 6016]

R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [10/02/2010 23:57 28160]

S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/01/2010 16:34 133104]

S3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [13/07/2007 21:42 152832]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [28/12/2009 22:22 30192]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [12/05/2010 22:06 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [12/05/2010 22:06 8320]

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 09:14 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe

.

Contenu du dossier 'Tâches planifiées'

 

2010-09-19 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-31 18:47]

 

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 14:34]

 

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-16 14:34]

 

2010-09-19 c:\windows\Tasks\User_Feed_Synchronization-{AF03C099-2871-4A0D-9E50-46DA08EB6A37}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1263138696&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1036&id=64855&mkt=fr-FR

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

FF - ProfilePath - c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/

FF - component: c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\WINNT_x86-msvc\components\WeaveCrypto.dll

FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll

FF - plugin: c:\documents and settings\Steve Rolland\Application Data\Mozilla\Firefox\Profiles\hewfvb88.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll

FF - plugin: c:\documents and settings\Steve Rolland\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nptidfusionplugin.dll

FF - plugin: c:\program files\Opera\program\plugins\NPO2C.DLL

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- PARAMETRES FIREFOX ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORPHELINS SUPPRIMES - - - -

 

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

HKCU-Run-RocketDock - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe

HKLM-Run-Waiting1690 - c:\windows\stid1690.exe

MSConfigStartUp-Waiting1690 - c:\windows\stid1690.exe

AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe

AddRemove-UnityWebPlayer - c:\documents and settings\Steve Rolland\Local Settings\Application Data\Unity\WebPlayer\Uninstall.exe

 

 

 

**************************************************************************

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés:

 

**************************************************************************

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(716)

c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll

c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

 

- - - - - - - > 'explorer.exe'(3964)

c:\program files\Logitech\SetPoint\lgscroll.dll

c:\windows\system32\eappprxy.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\system32\nvsvc32.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Google\Update\1.2.183.29\GoogleCrashHandler.exe

c:\windows\system32\libusbd-nt.exe

c:\program files\Fichiers communs\LightScribe\LSSrvc.exe

c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\system32\wscntfy.exe

c:\program files\Microsoft ActiveSync\WCESCOMM.EXE

c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE

.

**************************************************************************

.

Heure de fin: 2010-09-20 00:26:13 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-09-19 22:26

 

Avant-CF: 112 535 183 360 octets libres

Après-CF: 118 332 133 376 octets libres

 

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

multi(0)disk(0)rdisk(1)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

 

- - End Of File - - 9EAE85F13B6513DCA66CB73794175AC5

 

 

Merci de votre aide.

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...