A voir également:
- Virus virtumonde,
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Produkey virus ✓ - Forum Windows 10
- Vérificateur de lien virus - Guide
5 réponses
salut Honolulu
Télécharge HijackThis ici :
-> https://www.zebulon.fr/telechargements/securite/systeme/hijackthis.html
Tutoriel d´installation (images) :
-> http://pchelpbordeaux.free.fr/tuto.html
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
Post le rapport généré ici stp...
Télécharge HijackThis ici :
-> https://www.zebulon.fr/telechargements/securite/systeme/hijackthis.html
Tutoriel d´installation (images) :
-> http://pchelpbordeaux.free.fr/tuto.html
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
Post le rapport généré ici stp...
voici mon rapport vundofix
C:\windows\system32\__c0017900.dat
C:\windows\system32\__c0028517.dat
C:\windows\system32\__c0062A1E.dat
C:\windows\system32\__c0076A11.dat
C:\windows\system32\__c00774AA.dat
C:\windows\system32\__c0085B98.dat
C:\windows\system32\__c008933C.dat
C:\windows\system32\__c00910D9.dat
C:\windows\system32\__c009BB5B.dat
C:\windows\system32\__c00AAC6.dat
C:\windows\system32\__c00AB040.dat
C:\windows\system32\__c00B55AC.dat
C:\windows\system32\__c00DD055.dat
C:\windows\system32\cmvfqaph.dll
C:\windows\system32\cthfwemo.dll
C:\windows\system32\dqvomlbu.dll
C:\windows\system32\egewhbyv.dllbox
C:\windows\system32\gcxnfqva.dll
C:\windows\system32\ghwwaauf.dll
C:\windows\system32\htmjwvcd.dll
C:\windows\system32\iwdhxbua.dll
C:\windows\system32\iytmbjhe.dll
C:\windows\system32\jsxdsfff.dll
C:\windows\system32\kcpktsbs.dll
C:\windows\system32\mhcgbelg.dll
C:\windows\system32\mxtwqvay.dll
C:\windows\system32\noqrswux.dll
C:\windows\system32\ofvwexqw.dll
C:\WINDOWS\system32\ooogfawy.dll
C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\rhbgjilt.dll
C:\windows\system32\riuhbjig.dll
C:\windows\system32\spxpjhas.dll
C:\windows\system32\tkcnmfim.dll
C:\windows\system32\twsvldmu.dll
C:\windows\system32\ukicrbck.dll
C:\windows\system32\wkcgnofp.dll
C:\windows\system32\ylpdqwgl.dll
C:\windows\system32\ypqrlhwo.dll
Beginning removal...
Attempting to delete C:\windows\system32\__c0017900.dat
C:\windows\system32\__c0017900.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0028517.dat
C:\windows\system32\__c0028517.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0062A1E.dat
C:\windows\system32\__c0062A1E.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0076A11.dat
C:\windows\system32\__c0076A11.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00774AA.dat
C:\windows\system32\__c00774AA.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0085B98.dat
C:\windows\system32\__c0085B98.dat Has been deleted!
Attempting to delete C:\windows\system32\__c008933C.dat
C:\windows\system32\__c008933C.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00910D9.dat
C:\windows\system32\__c00910D9.dat Has been deleted!
Attempting to delete C:\windows\system32\__c009BB5B.dat
C:\windows\system32\__c009BB5B.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00AAC6.dat
C:\windows\system32\__c00AAC6.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00AB040.dat
C:\windows\system32\__c00AB040.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00B55AC.dat
C:\windows\system32\__c00B55AC.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00DD055.dat
C:\windows\system32\__c00DD055.dat Could not be deleted.
Attempting to delete C:\windows\system32\cmvfqaph.dll
C:\windows\system32\cmvfqaph.dll Has been deleted!
Attempting to delete C:\windows\system32\cthfwemo.dll
C:\windows\system32\cthfwemo.dll Has been deleted!
Attempting to delete C:\windows\system32\dqvomlbu.dll
C:\windows\system32\dqvomlbu.dll Has been deleted!
Attempting to delete C:\windows\system32\egewhbyv.dllbox
C:\windows\system32\egewhbyv.dllbox Has been deleted!
Attempting to delete C:\windows\system32\gcxnfqva.dll
C:\windows\system32\gcxnfqva.dll Has been deleted!
Attempting to delete C:\windows\system32\ghwwaauf.dll
C:\windows\system32\ghwwaauf.dll Has been deleted!
Attempting to delete C:\windows\system32\htmjwvcd.dll
C:\windows\system32\htmjwvcd.dll Has been deleted!
Attempting to delete C:\windows\system32\iwdhxbua.dll
C:\windows\system32\iwdhxbua.dll Has been deleted!
Attempting to delete C:\windows\system32\iytmbjhe.dll
C:\windows\system32\iytmbjhe.dll Has been deleted!
Attempting to delete C:\windows\system32\jsxdsfff.dll
C:\windows\system32\jsxdsfff.dll Has been deleted!
Attempting to delete C:\windows\system32\kcpktsbs.dll
C:\windows\system32\kcpktsbs.dll Has been deleted!
Attempting to delete C:\windows\system32\mhcgbelg.dll
C:\windows\system32\mhcgbelg.dll Has been deleted!
Attempting to delete C:\windows\system32\mxtwqvay.dll
C:\windows\system32\mxtwqvay.dll Has been deleted!
Attempting to delete C:\windows\system32\noqrswux.dll
C:\windows\system32\noqrswux.dll Has been deleted!
Attempting to delete C:\windows\system32\ofvwexqw.dll
C:\windows\system32\ofvwexqw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ooogfawy.dll
C:\WINDOWS\system32\ooogfawy.dll Could not be deleted.
Attempting to delete C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\ooogfawy.dllbox Has been deleted!
Attempting to delete C:\windows\system32\rhbgjilt.dll
C:\windows\system32\rhbgjilt.dll Has been deleted!
Attempting to delete C:\windows\system32\riuhbjig.dll
C:\windows\system32\riuhbjig.dll Has been deleted!
Attempting to delete C:\windows\system32\spxpjhas.dll
C:\windows\system32\spxpjhas.dll Has been deleted!
Attempting to delete C:\windows\system32\tkcnmfim.dll
C:\windows\system32\tkcnmfim.dll Has been deleted!
Attempting to delete C:\windows\system32\twsvldmu.dll
C:\windows\system32\twsvldmu.dll Has been deleted!
Attempting to delete C:\windows\system32\ukicrbck.dll
C:\windows\system32\ukicrbck.dll Has been deleted!
Attempting to delete C:\windows\system32\wkcgnofp.dll
C:\windows\system32\wkcgnofp.dll Has been deleted!
Attempting to delete C:\windows\system32\ylpdqwgl.dll
C:\windows\system32\ylpdqwgl.dll Has been deleted!
Attempting to delete C:\windows\system32\ypqrlhwo.dll
C:\windows\system32\ypqrlhwo.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\windows\system32\__c00DD055.dat
C:\windows\system32\__c00DD055.dat Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ooogfawy.dll
C:\WINDOWS\system32\ooogfawy.dll Has been deleted!
Attempting to delete C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\ooogfawy.dllbox Has been deleted!
Performing Repairs to the registry.
Done!
C:\windows\system32\__c0017900.dat
C:\windows\system32\__c0028517.dat
C:\windows\system32\__c0062A1E.dat
C:\windows\system32\__c0076A11.dat
C:\windows\system32\__c00774AA.dat
C:\windows\system32\__c0085B98.dat
C:\windows\system32\__c008933C.dat
C:\windows\system32\__c00910D9.dat
C:\windows\system32\__c009BB5B.dat
C:\windows\system32\__c00AAC6.dat
C:\windows\system32\__c00AB040.dat
C:\windows\system32\__c00B55AC.dat
C:\windows\system32\__c00DD055.dat
C:\windows\system32\cmvfqaph.dll
C:\windows\system32\cthfwemo.dll
C:\windows\system32\dqvomlbu.dll
C:\windows\system32\egewhbyv.dllbox
C:\windows\system32\gcxnfqva.dll
C:\windows\system32\ghwwaauf.dll
C:\windows\system32\htmjwvcd.dll
C:\windows\system32\iwdhxbua.dll
C:\windows\system32\iytmbjhe.dll
C:\windows\system32\jsxdsfff.dll
C:\windows\system32\kcpktsbs.dll
C:\windows\system32\mhcgbelg.dll
C:\windows\system32\mxtwqvay.dll
C:\windows\system32\noqrswux.dll
C:\windows\system32\ofvwexqw.dll
C:\WINDOWS\system32\ooogfawy.dll
C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\rhbgjilt.dll
C:\windows\system32\riuhbjig.dll
C:\windows\system32\spxpjhas.dll
C:\windows\system32\tkcnmfim.dll
C:\windows\system32\twsvldmu.dll
C:\windows\system32\ukicrbck.dll
C:\windows\system32\wkcgnofp.dll
C:\windows\system32\ylpdqwgl.dll
C:\windows\system32\ypqrlhwo.dll
Beginning removal...
Attempting to delete C:\windows\system32\__c0017900.dat
C:\windows\system32\__c0017900.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0028517.dat
C:\windows\system32\__c0028517.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0062A1E.dat
C:\windows\system32\__c0062A1E.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0076A11.dat
C:\windows\system32\__c0076A11.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00774AA.dat
C:\windows\system32\__c00774AA.dat Has been deleted!
Attempting to delete C:\windows\system32\__c0085B98.dat
C:\windows\system32\__c0085B98.dat Has been deleted!
Attempting to delete C:\windows\system32\__c008933C.dat
C:\windows\system32\__c008933C.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00910D9.dat
C:\windows\system32\__c00910D9.dat Has been deleted!
Attempting to delete C:\windows\system32\__c009BB5B.dat
C:\windows\system32\__c009BB5B.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00AAC6.dat
C:\windows\system32\__c00AAC6.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00AB040.dat
C:\windows\system32\__c00AB040.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00B55AC.dat
C:\windows\system32\__c00B55AC.dat Has been deleted!
Attempting to delete C:\windows\system32\__c00DD055.dat
C:\windows\system32\__c00DD055.dat Could not be deleted.
Attempting to delete C:\windows\system32\cmvfqaph.dll
C:\windows\system32\cmvfqaph.dll Has been deleted!
Attempting to delete C:\windows\system32\cthfwemo.dll
C:\windows\system32\cthfwemo.dll Has been deleted!
Attempting to delete C:\windows\system32\dqvomlbu.dll
C:\windows\system32\dqvomlbu.dll Has been deleted!
Attempting to delete C:\windows\system32\egewhbyv.dllbox
C:\windows\system32\egewhbyv.dllbox Has been deleted!
Attempting to delete C:\windows\system32\gcxnfqva.dll
C:\windows\system32\gcxnfqva.dll Has been deleted!
Attempting to delete C:\windows\system32\ghwwaauf.dll
C:\windows\system32\ghwwaauf.dll Has been deleted!
Attempting to delete C:\windows\system32\htmjwvcd.dll
C:\windows\system32\htmjwvcd.dll Has been deleted!
Attempting to delete C:\windows\system32\iwdhxbua.dll
C:\windows\system32\iwdhxbua.dll Has been deleted!
Attempting to delete C:\windows\system32\iytmbjhe.dll
C:\windows\system32\iytmbjhe.dll Has been deleted!
Attempting to delete C:\windows\system32\jsxdsfff.dll
C:\windows\system32\jsxdsfff.dll Has been deleted!
Attempting to delete C:\windows\system32\kcpktsbs.dll
C:\windows\system32\kcpktsbs.dll Has been deleted!
Attempting to delete C:\windows\system32\mhcgbelg.dll
C:\windows\system32\mhcgbelg.dll Has been deleted!
Attempting to delete C:\windows\system32\mxtwqvay.dll
C:\windows\system32\mxtwqvay.dll Has been deleted!
Attempting to delete C:\windows\system32\noqrswux.dll
C:\windows\system32\noqrswux.dll Has been deleted!
Attempting to delete C:\windows\system32\ofvwexqw.dll
C:\windows\system32\ofvwexqw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ooogfawy.dll
C:\WINDOWS\system32\ooogfawy.dll Could not be deleted.
Attempting to delete C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\ooogfawy.dllbox Has been deleted!
Attempting to delete C:\windows\system32\rhbgjilt.dll
C:\windows\system32\rhbgjilt.dll Has been deleted!
Attempting to delete C:\windows\system32\riuhbjig.dll
C:\windows\system32\riuhbjig.dll Has been deleted!
Attempting to delete C:\windows\system32\spxpjhas.dll
C:\windows\system32\spxpjhas.dll Has been deleted!
Attempting to delete C:\windows\system32\tkcnmfim.dll
C:\windows\system32\tkcnmfim.dll Has been deleted!
Attempting to delete C:\windows\system32\twsvldmu.dll
C:\windows\system32\twsvldmu.dll Has been deleted!
Attempting to delete C:\windows\system32\ukicrbck.dll
C:\windows\system32\ukicrbck.dll Has been deleted!
Attempting to delete C:\windows\system32\wkcgnofp.dll
C:\windows\system32\wkcgnofp.dll Has been deleted!
Attempting to delete C:\windows\system32\ylpdqwgl.dll
C:\windows\system32\ylpdqwgl.dll Has been deleted!
Attempting to delete C:\windows\system32\ypqrlhwo.dll
C:\windows\system32\ypqrlhwo.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\windows\system32\__c00DD055.dat
C:\windows\system32\__c00DD055.dat Could not be deleted.
Attempting to delete C:\WINDOWS\system32\ooogfawy.dll
C:\WINDOWS\system32\ooogfawy.dll Has been deleted!
Attempting to delete C:\windows\system32\ooogfawy.dllbox
C:\windows\system32\ooogfawy.dllbox Has been deleted!
Performing Repairs to the registry.
Done!
en fait g déja fait plusieur manipulation et je vais poster les rapport :-) désolé j'aurais du le stipuler dans mon message de départ j'ai encor 3 autre rapport a poster..je le fait immédiatement.
rapport virtumundoBeGone
[11/30/2007, 12:04:26] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\£i£@$\Bureau\VirtumundoBeGone.exe" )
[11/30/2007, 12:04:28] - Detected System Information:
[11/30/2007, 12:04:28] - Windows Version: 5.1.2600, Service Pack 2
[11/30/2007, 12:04:28] - Current Username: £i£@$ (Admin)
[11/30/2007, 12:04:28] - Windows is in NORMAL mode.
[11/30/2007, 12:04:28] - Searching for Browser Helper Objects:
[11/30/2007, 12:04:28] - BHO 1: {014069b0-1c3d-425d-addb-daf494315ae7} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - Checking for HKLM\...\Winlogon\Notify\xfdanyvb
[11/30/2007, 12:04:28] - Key not found: HKLM\...\Winlogon\Notify\xfdanyvb, continuing.
[11/30/2007, 12:04:28] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/30/2007, 12:04:28] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/30/2007, 12:04:28] - BHO 4: {28D5CE80-BCA7-4B16-BA76-A72BDF4C145E} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - Checking for HKLM\...\Winlogon\Notify\jkhhi
[11/30/2007, 12:04:28] - Key not found: HKLM\...\Winlogon\Notify\jkhhi, continuing.
[11/30/2007, 12:04:28] - BHO 5: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet Helper)
[11/30/2007, 12:04:28] - BHO 6: {64F56FC1-1272-44CD-BA6E-39723696E350} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - No filename found. Continuing.
[11/30/2007, 12:04:28] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/30/2007, 12:04:28] - BHO 8: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - No filename found. Continuing.
[11/30/2007, 12:04:28] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/30/2007, 12:04:28] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/30/2007, 12:04:28] - BHO 11: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[11/30/2007, 12:04:28] - BHO 12: {F28ED85C-A8AE-4e69-B92E-6279C02010DC} (FShow)
[11/30/2007, 12:04:28] - Finished Searching Browser Helper Objects
[11/30/2007, 12:04:28] - Finishing up...
[11/30/2007, 12:04:28] - Nothing found! Exiting...
[11/30/2007, 12:04:26] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\£i£@$\Bureau\VirtumundoBeGone.exe" )
[11/30/2007, 12:04:28] - Detected System Information:
[11/30/2007, 12:04:28] - Windows Version: 5.1.2600, Service Pack 2
[11/30/2007, 12:04:28] - Current Username: £i£@$ (Admin)
[11/30/2007, 12:04:28] - Windows is in NORMAL mode.
[11/30/2007, 12:04:28] - Searching for Browser Helper Objects:
[11/30/2007, 12:04:28] - BHO 1: {014069b0-1c3d-425d-addb-daf494315ae7} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - Checking for HKLM\...\Winlogon\Notify\xfdanyvb
[11/30/2007, 12:04:28] - Key not found: HKLM\...\Winlogon\Notify\xfdanyvb, continuing.
[11/30/2007, 12:04:28] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[11/30/2007, 12:04:28] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[11/30/2007, 12:04:28] - BHO 4: {28D5CE80-BCA7-4B16-BA76-A72BDF4C145E} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - Checking for HKLM\...\Winlogon\Notify\jkhhi
[11/30/2007, 12:04:28] - Key not found: HKLM\...\Winlogon\Notify\jkhhi, continuing.
[11/30/2007, 12:04:28] - BHO 5: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} (BitComet Helper)
[11/30/2007, 12:04:28] - BHO 6: {64F56FC1-1272-44CD-BA6E-39723696E350} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - No filename found. Continuing.
[11/30/2007, 12:04:28] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[11/30/2007, 12:04:28] - BHO 8: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[11/30/2007, 12:04:28] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/30/2007, 12:04:28] - No filename found. Continuing.
[11/30/2007, 12:04:28] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[11/30/2007, 12:04:28] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[11/30/2007, 12:04:28] - BHO 11: {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} (EpsonToolBandKicker Class)
[11/30/2007, 12:04:28] - BHO 12: {F28ED85C-A8AE-4e69-B92E-6279C02010DC} (FShow)
[11/30/2007, 12:04:28] - Finished Searching Browser Helper Objects
[11/30/2007, 12:04:28] - Finishing up...
[11/30/2007, 12:04:28] - Nothing found! Exiting...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
et le dernier rapport combofix
ComboFix 07-11-19.4C - £i£@$ 2007-11-30 12:30:40.2 - NTFSx86 MINIMAL
Running from: C:\Documents and Settings\£i£@$\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-30 ))))))))))))))))))))))))))))))))))))
.
2007-11-30 11:37 144,480 --a------ C:\WINDOWS\system32\srlbkuqx.dll
2007-11-29 23:06 793,623 ---hs---- C:\WINDOWS\system32\bpkoiufm.ini
2007-11-29 23:06 85,056 --a------ C:\WINDOWS\system32\mfuiokpb.dll
2007-11-29 23:06 77,888 --a------ C:\WINDOWS\system32\xfdanyvb.dll
2007-11-29 23:05 71,232 --a------ C:\WINDOWS\system32\ndvbnwtu.exe
2007-11-28 23:09 2,225,365 ---hs---- C:\WINDOWS\system32\srlnpenr.ini
2007-11-28 23:09 85,056 --a------ C:\WINDOWS\system32\rnepnlrs.dll
2007-11-28 23:06 81,984 --a------ C:\WINDOWS\system32\achkvlrc.dll
2007-11-28 23:06 71,232 --a------ C:\WINDOWS\system32\ojbuiiau.exe
2007-11-27 23:06 2,228,929 ---hs---- C:\WINDOWS\system32\frwilrwq.ini
2007-11-27 23:06 78,912 --a------ C:\WINDOWS\system32\othwobaq.dll
2007-11-27 23:05 71,232 --a------ C:\WINDOWS\system32\psqglnne.exe
2007-11-27 09:29 <REP> d-------- C:\Documents and Settings\lee\Bureau
2007-11-26 23:08 2,053,362 ---hs---- C:\WINDOWS\system32\smsslxkr.ini
2007-11-26 23:07 80,960 --a------ C:\WINDOWS\system32\wojsxqox.dll
2007-11-26 23:06 71,232 --a------ C:\WINDOWS\system32\gdoydanc.exe
2007-11-25 23:12 2,005,646 ---hs---- C:\WINDOWS\system32\ertaltdk.ini
2007-11-25 23:12 79,936 --a------ C:\WINDOWS\system32\wowidccu.dll
2007-11-25 23:06 71,232 --a------ C:\WINDOWS\system32\fhsbxftw.exe
2007-11-24 23:12 2,007,244 ---hs---- C:\WINDOWS\system32\eycpdkoy.ini
2007-11-24 23:10 81,472 --a------ C:\WINDOWS\system32\rqkdvxhw.dll
2007-11-24 23:06 71,232 --a------ C:\WINDOWS\system32\ntgwbict.exe
2007-11-23 17:27 2,010,052 ---hs---- C:\WINDOWS\system32\bcjxouul.ini
2007-11-23 17:24 71,232 --a------ C:\WINDOWS\system32\glvkfuye.exe
2007-11-23 15:26 <REP> d-------- C:\Documents and Settings\úiú@$\Mes documents
2007-11-23 15:18 <REP> d-------- C:\Program Files\1964
2007-11-22 17:29 1,741,283 ---hs---- C:\WINDOWS\system32\dnjhuqwk.ini
2007-11-22 17:26 79,936 --a------ C:\WINDOWS\system32\spebwfda.dll
2007-11-22 17:26 71,232 --a------ C:\WINDOWS\system32\clhjhrxw.exe
2007-11-21 22:18 <REP> d-------- C:\Program Files\Winamp
2007-11-21 22:18 <REP> d-------- C:\Documents and Settings\£i£@$\Application Data\Winamp
2007-11-21 17:25 1,776,770 ---hs---- C:\WINDOWS\system32\wexhfnjr.ini
2007-11-21 17:23 80,960 --a------ C:\WINDOWS\system32\okasqysk.dll
2007-11-21 17:22 71,232 --a------ C:\WINDOWS\system32\cyrethba.exe
2007-11-20 17:38 84,544 --a------ C:\WINDOWS\system32\gblqopwa.dll
2007-11-20 17:32 1,624,900 ---hs---- C:\WINDOWS\system32\gbrkhavs.ini
2007-11-20 17:23 71,232 --a------ C:\WINDOWS\system32\hylbfyqg.exe
2007-11-20 10:27 <REP> d-------- C:\WatchNow
2007-11-19 17:23 1,643,869 ---hs---- C:\WINDOWS\system32\fdauslvd.ini
2007-11-19 17:23 83,008 --a------ C:\WINDOWS\system32\wtkxyoxc.dll
2007-11-19 17:22 71,232 --a------ C:\WINDOWS\system32\xfavafci.exe
2007-11-18 17:32 79,424 --a------ C:\WINDOWS\system32\cewupshs.dll
2007-11-18 17:29 1,456,003 ---hs---- C:\WINDOWS\system32\gsrfdbbb.ini
2007-11-18 17:21 71,232 --a------ C:\WINDOWS\system32\ewhlebdg.exe
2007-11-17 14:50 144,480 --a------ C:\WINDOWS\system32\kteofwmf.dll
2007-11-17 14:50 144,480 --a------ C:\WINDOWS\system32\egewhbyv.dll.vir
2007-11-17 14:03 <REP> d-------- C:\Program Files\Alwil Software
2007-11-17 13:40 <REP> d-------- C:\VundoFix Backups
2007-11-17 13:21 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2007-11-17 09:31 1,413,322 ---hs---- C:\WINDOWS\system32\wgynjojr.ini
2007-11-17 09:31 82,496 --a------ C:\WINDOWS\system32\aprbeubu.dll
2007-11-17 09:31 71,232 --a------ C:\WINDOWS\system32\ppkqakdj.exe
2007-11-16 09:40 81,984 --a------ C:\WINDOWS\system32\oalplqha.dll
2007-11-16 09:38 1,321,911 ---hs---- C:\WINDOWS\system32\fvqxaoht.ini
2007-11-16 09:31 71,232 --a------ C:\WINDOWS\system32\rfsliwps.exe
2007-11-15 09:36 79,936 --a------ C:\WINDOWS\system32\aanouesd.dll
2007-11-15 09:24 71,232 --a------ C:\WINDOWS\system32\qxynqcot.exe
2007-11-14 10:28 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-14 09:35 1,247,378 ---hs---- C:\WINDOWS\system32\focyrcka.ini
2007-11-14 09:29 71,232 --a------ C:\WINDOWS\system32\jukmlkmr.exe
2007-11-13 10:45 <REP> d-------- C:\Program Files\Panda Security
2007-11-13 10:41 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-13 10:41 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-13 10:41 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-13 10:41 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-13 01:04 669,233 ---hs---- C:\WINDOWS\system32\mwbbvccc.ini
2007-11-13 01:01 144,480 --a------ C:\WINDOWS\system32\alhedyur.dll
2007-11-13 00:58 81,472 --a------ C:\WINDOWS\system32\jwfnhhej.dll
2007-11-13 00:58 71,232 --a------ C:\WINDOWS\system32\etokncyw.exe
2007-11-12 12:50 <REP> d--h----- C:\Program Files\FShow
2007-11-08 19:47 <REP> d--h----- C:\WINDOWS\PIF
2007-11-08 00:37 <REP> d-------- C:\Program Files\MessengerDiscovery
2007-11-08 00:37 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.ocx
2007-11-07 20:34 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2007-11-01 22:44 <REP> d-------- C:\Program Files\Veoh Networks
2007-11-01 14:01 <REP> d-------- C:\Documents and Settings\All Users\Administrateur
2007-10-05 22:52 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-10-05 22:52 <REP> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs
2007-10-05 22:52 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2007-10-05 22:52 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2007-10-05 22:52 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2007-10-05 22:52 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2007-10-05 22:52 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2007-10-05 22:52 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2007-10-05 22:52 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2007-10-05 22:51 <REP> d-------- C:\Program Files\Samsung
2007-10-05 22:51 2,729,472 --a------ C:\WINDOWS\system32\fun_avcodec.dll
2007-10-05 22:51 684,032 --a------ C:\WINDOWS\system32\fun_mp4_enc.dll
2007-10-05 22:51 671,744 --a------ C:\WINDOWS\system32\FunDecFilter.ax
2007-10-05 22:51 532,480 --a------ C:\WINDOWS\system32\FunEncFilter.ax
2007-10-05 22:51 77,824 --a------ C:\WINDOWS\system32\fun_mp4_dec.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 11:28 3,670,016 ---ha-w C:\Documents and Settings\£i£@$\NTUSER.DAT
2007-11-30 11:28 3,670,016 ---ha-w C:\Documents and Settings\£i£@$\NTUSER.DAT
2007-11-30 11:27 2,108 ----a-w C:\Documents and Settings\£i£@$\Application Data\wklnhst.dat
2007-11-30 11:21 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\OpenOffice.org2
2007-11-29 16:19 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\EPSON
2007-11-23 16:25 83,520 ----a-w C:\WINDOWS\system32\uskmryst.dll
2007-11-21 21:21 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\Winamp
2007-11-20 09:26 --------- d-----w C:\Program Files\MSN Messenger
2007-11-20 00:11 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\vlc
2007-11-14 08:32 81,472 ----a-w C:\WINDOWS\system32\uwbtemmn.dll
2007-11-08 20:12 --------- d-----w C:\Program Files\Windows Live
2007-11-07 23:17 --------- d-----w C:\Program Files\BitComet
2007-11-04 13:59 --------- d-----w C:\Program Files\Power Audio Recoder
2007-10-29 21:34 --------- d-----w C:\Program Files\Soulseek
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-24 07:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-05 22:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-22 07:53 360,580 ----a-w C:\WINDOWS\eSellerateEngine.dll
2007-09-21 13:21 18,914 ----a-w C:\WINDOWS\system32\program1.exe
2007-09-05 22:22 289,144 ----a-w C:\WINDOWS\system32\VCCLSID.exe
2007-08-22 12:57 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 12:57 669,696 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 12:57 620,032 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 12:57 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 12:57 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 12:57 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 12:57 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 12:57 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 12:57 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 12:57 3,085,824 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 12:57 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 12:57 205,824 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 12:57 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 12:57 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 12:57 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 12:57 1,498,624 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 12:57 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 12:57 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:19 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-05-01 14:13 3,464 ----a-w C:\Documents and Settings\Administrateur\Application Data\wklnhst.dat
2006-02-19 09:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
1997-11-05 17:02 88,496 ----a-w C:\Documents and Settings\Administrateur\SOUTIEN.EXE
1996-12-28 18:22 347 ----a-w C:\Documents and Settings\Administrateur\SETUP.BAT
1996-06-23 13:43 781 ----a-w C:\Documents and Settings\Administrateur\SOUT_FRA.DAT
1993-03-02 18:54 787 ----a-w C:\Documents and Settings\Administrateur\SOUT_ESP.DAT
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{014069b0-1c3d-425d-addb-daf494315ae7}]
2007-11-29 23:07 77888 --a------ C:\WINDOWS\system32\xfdanyvb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F28ED85C-A8AE-4e69-B92E-6279C02010DC}]
2007-11-12 12:50 97280 --a------ C:\Program Files\FShow\win-browser.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 12:00]
"Steam"="" []
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-11-13 15:48]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-10-08 09:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-05 19:52]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe" [2007-09-13 10:42]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-01-03 02:04]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28]
"d0138b6d"="C:\WINDOWS\system32\mfuiokpb.dll" [2007-11-29 23:06]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 12:00 C:\WINDOWS\system32\rundll32.exe]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2005-09-29 02:11]
C:\Documents and Settings\œiœ@$\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 15:54:56]
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-01-03 01:32:47]
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-01-03 01:32:47]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^SM.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\SM.lnk
backup=C:\WINDOWS\pss\SM.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
ARPWRMSG.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 20:34 64512 --a------ C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fdlbtkcgbl]
c:\windows\system32\fdlbtkcgbl.exe fdlbtkcgbl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ftutil2]
rundll32.exe ftutil2.dll,SetWriteCacheMode
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\messengerskinner]
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2005-07-22 22:14 237568 --a------ C:\WINDOWS\SMINST\RECGUARD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winmsnsvc]
2006-11-26 21:01 20480 --a------ C:\WINDOWS\system32\winmsnsvc.exe
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 C-Dilla;C-Dilla;\??\C:\WINDOWS\system32\drivers\CDANT.SYS
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
S3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-30 12:34:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-30 12:34:51
C:\ComboFix2.txt ... 2007-11-30 12:22
.
--- E O F ---
ComboFix 07-11-19.4C - £i£@$ 2007-11-30 12:30:40.2 - NTFSx86 MINIMAL
Running from: C:\Documents and Settings\£i£@$\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-30 ))))))))))))))))))))))))))))))))))))
.
2007-11-30 11:37 144,480 --a------ C:\WINDOWS\system32\srlbkuqx.dll
2007-11-29 23:06 793,623 ---hs---- C:\WINDOWS\system32\bpkoiufm.ini
2007-11-29 23:06 85,056 --a------ C:\WINDOWS\system32\mfuiokpb.dll
2007-11-29 23:06 77,888 --a------ C:\WINDOWS\system32\xfdanyvb.dll
2007-11-29 23:05 71,232 --a------ C:\WINDOWS\system32\ndvbnwtu.exe
2007-11-28 23:09 2,225,365 ---hs---- C:\WINDOWS\system32\srlnpenr.ini
2007-11-28 23:09 85,056 --a------ C:\WINDOWS\system32\rnepnlrs.dll
2007-11-28 23:06 81,984 --a------ C:\WINDOWS\system32\achkvlrc.dll
2007-11-28 23:06 71,232 --a------ C:\WINDOWS\system32\ojbuiiau.exe
2007-11-27 23:06 2,228,929 ---hs---- C:\WINDOWS\system32\frwilrwq.ini
2007-11-27 23:06 78,912 --a------ C:\WINDOWS\system32\othwobaq.dll
2007-11-27 23:05 71,232 --a------ C:\WINDOWS\system32\psqglnne.exe
2007-11-27 09:29 <REP> d-------- C:\Documents and Settings\lee\Bureau
2007-11-26 23:08 2,053,362 ---hs---- C:\WINDOWS\system32\smsslxkr.ini
2007-11-26 23:07 80,960 --a------ C:\WINDOWS\system32\wojsxqox.dll
2007-11-26 23:06 71,232 --a------ C:\WINDOWS\system32\gdoydanc.exe
2007-11-25 23:12 2,005,646 ---hs---- C:\WINDOWS\system32\ertaltdk.ini
2007-11-25 23:12 79,936 --a------ C:\WINDOWS\system32\wowidccu.dll
2007-11-25 23:06 71,232 --a------ C:\WINDOWS\system32\fhsbxftw.exe
2007-11-24 23:12 2,007,244 ---hs---- C:\WINDOWS\system32\eycpdkoy.ini
2007-11-24 23:10 81,472 --a------ C:\WINDOWS\system32\rqkdvxhw.dll
2007-11-24 23:06 71,232 --a------ C:\WINDOWS\system32\ntgwbict.exe
2007-11-23 17:27 2,010,052 ---hs---- C:\WINDOWS\system32\bcjxouul.ini
2007-11-23 17:24 71,232 --a------ C:\WINDOWS\system32\glvkfuye.exe
2007-11-23 15:26 <REP> d-------- C:\Documents and Settings\úiú@$\Mes documents
2007-11-23 15:18 <REP> d-------- C:\Program Files\1964
2007-11-22 17:29 1,741,283 ---hs---- C:\WINDOWS\system32\dnjhuqwk.ini
2007-11-22 17:26 79,936 --a------ C:\WINDOWS\system32\spebwfda.dll
2007-11-22 17:26 71,232 --a------ C:\WINDOWS\system32\clhjhrxw.exe
2007-11-21 22:18 <REP> d-------- C:\Program Files\Winamp
2007-11-21 22:18 <REP> d-------- C:\Documents and Settings\£i£@$\Application Data\Winamp
2007-11-21 17:25 1,776,770 ---hs---- C:\WINDOWS\system32\wexhfnjr.ini
2007-11-21 17:23 80,960 --a------ C:\WINDOWS\system32\okasqysk.dll
2007-11-21 17:22 71,232 --a------ C:\WINDOWS\system32\cyrethba.exe
2007-11-20 17:38 84,544 --a------ C:\WINDOWS\system32\gblqopwa.dll
2007-11-20 17:32 1,624,900 ---hs---- C:\WINDOWS\system32\gbrkhavs.ini
2007-11-20 17:23 71,232 --a------ C:\WINDOWS\system32\hylbfyqg.exe
2007-11-20 10:27 <REP> d-------- C:\WatchNow
2007-11-19 17:23 1,643,869 ---hs---- C:\WINDOWS\system32\fdauslvd.ini
2007-11-19 17:23 83,008 --a------ C:\WINDOWS\system32\wtkxyoxc.dll
2007-11-19 17:22 71,232 --a------ C:\WINDOWS\system32\xfavafci.exe
2007-11-18 17:32 79,424 --a------ C:\WINDOWS\system32\cewupshs.dll
2007-11-18 17:29 1,456,003 ---hs---- C:\WINDOWS\system32\gsrfdbbb.ini
2007-11-18 17:21 71,232 --a------ C:\WINDOWS\system32\ewhlebdg.exe
2007-11-17 14:50 144,480 --a------ C:\WINDOWS\system32\kteofwmf.dll
2007-11-17 14:50 144,480 --a------ C:\WINDOWS\system32\egewhbyv.dll.vir
2007-11-17 14:03 <REP> d-------- C:\Program Files\Alwil Software
2007-11-17 13:40 <REP> d-------- C:\VundoFix Backups
2007-11-17 13:21 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2007-11-17 09:31 1,413,322 ---hs---- C:\WINDOWS\system32\wgynjojr.ini
2007-11-17 09:31 82,496 --a------ C:\WINDOWS\system32\aprbeubu.dll
2007-11-17 09:31 71,232 --a------ C:\WINDOWS\system32\ppkqakdj.exe
2007-11-16 09:40 81,984 --a------ C:\WINDOWS\system32\oalplqha.dll
2007-11-16 09:38 1,321,911 ---hs---- C:\WINDOWS\system32\fvqxaoht.ini
2007-11-16 09:31 71,232 --a------ C:\WINDOWS\system32\rfsliwps.exe
2007-11-15 09:36 79,936 --a------ C:\WINDOWS\system32\aanouesd.dll
2007-11-15 09:24 71,232 --a------ C:\WINDOWS\system32\qxynqcot.exe
2007-11-14 10:28 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-14 09:35 1,247,378 ---hs---- C:\WINDOWS\system32\focyrcka.ini
2007-11-14 09:29 71,232 --a------ C:\WINDOWS\system32\jukmlkmr.exe
2007-11-13 10:45 <REP> d-------- C:\Program Files\Panda Security
2007-11-13 10:41 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-13 10:41 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-13 10:41 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-13 10:41 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-13 01:04 669,233 ---hs---- C:\WINDOWS\system32\mwbbvccc.ini
2007-11-13 01:01 144,480 --a------ C:\WINDOWS\system32\alhedyur.dll
2007-11-13 00:58 81,472 --a------ C:\WINDOWS\system32\jwfnhhej.dll
2007-11-13 00:58 71,232 --a------ C:\WINDOWS\system32\etokncyw.exe
2007-11-12 12:50 <REP> d--h----- C:\Program Files\FShow
2007-11-08 19:47 <REP> d--h----- C:\WINDOWS\PIF
2007-11-08 00:37 <REP> d-------- C:\Program Files\MessengerDiscovery
2007-11-08 00:37 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.ocx
2007-11-07 20:34 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2007-11-01 22:44 <REP> d-------- C:\Program Files\Veoh Networks
2007-11-01 14:01 <REP> d-------- C:\Documents and Settings\All Users\Administrateur
2007-10-05 22:52 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-10-05 22:52 <REP> d-------- C:\WINDOWS\system32\Samsung PC Studio Codecs
2007-10-05 22:52 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2007-10-05 22:52 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2007-10-05 22:52 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2007-10-05 22:52 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2007-10-05 22:52 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2007-10-05 22:52 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2007-10-05 22:52 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2007-10-05 22:51 <REP> d-------- C:\Program Files\Samsung
2007-10-05 22:51 2,729,472 --a------ C:\WINDOWS\system32\fun_avcodec.dll
2007-10-05 22:51 684,032 --a------ C:\WINDOWS\system32\fun_mp4_enc.dll
2007-10-05 22:51 671,744 --a------ C:\WINDOWS\system32\FunDecFilter.ax
2007-10-05 22:51 532,480 --a------ C:\WINDOWS\system32\FunEncFilter.ax
2007-10-05 22:51 77,824 --a------ C:\WINDOWS\system32\fun_mp4_dec.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 11:28 3,670,016 ---ha-w C:\Documents and Settings\£i£@$\NTUSER.DAT
2007-11-30 11:28 3,670,016 ---ha-w C:\Documents and Settings\£i£@$\NTUSER.DAT
2007-11-30 11:27 2,108 ----a-w C:\Documents and Settings\£i£@$\Application Data\wklnhst.dat
2007-11-30 11:21 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\OpenOffice.org2
2007-11-29 16:19 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\EPSON
2007-11-23 16:25 83,520 ----a-w C:\WINDOWS\system32\uskmryst.dll
2007-11-21 21:21 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\Winamp
2007-11-20 09:26 --------- d-----w C:\Program Files\MSN Messenger
2007-11-20 00:11 --------- d-----w C:\Documents and Settings\£i£@$\Application Data\vlc
2007-11-14 08:32 81,472 ----a-w C:\WINDOWS\system32\uwbtemmn.dll
2007-11-08 20:12 --------- d-----w C:\Program Files\Windows Live
2007-11-07 23:17 --------- d-----w C:\Program Files\BitComet
2007-11-04 13:59 --------- d-----w C:\Program Files\Power Audio Recoder
2007-10-29 21:34 --------- d-----w C:\Program Files\Soulseek
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-24 07:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-05 22:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-22 07:53 360,580 ----a-w C:\WINDOWS\eSellerateEngine.dll
2007-09-21 13:21 18,914 ----a-w C:\WINDOWS\system32\program1.exe
2007-09-05 22:22 289,144 ----a-w C:\WINDOWS\system32\VCCLSID.exe
2007-08-22 12:57 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 12:57 669,696 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 12:57 620,032 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 12:57 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 12:57 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 12:57 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 12:57 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 12:57 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 12:57 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 12:57 3,085,824 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 12:57 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 12:57 205,824 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 12:57 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 12:57 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 12:57 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 12:57 1,498,624 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 12:57 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 12:57 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:19 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-05-01 14:13 3,464 ----a-w C:\Documents and Settings\Administrateur\Application Data\wklnhst.dat
2006-02-19 09:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
1997-11-05 17:02 88,496 ----a-w C:\Documents and Settings\Administrateur\SOUTIEN.EXE
1996-12-28 18:22 347 ----a-w C:\Documents and Settings\Administrateur\SETUP.BAT
1996-06-23 13:43 781 ----a-w C:\Documents and Settings\Administrateur\SOUT_FRA.DAT
1993-03-02 18:54 787 ----a-w C:\Documents and Settings\Administrateur\SOUT_ESP.DAT
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{014069b0-1c3d-425d-addb-daf494315ae7}]
2007-11-29 23:07 77888 --a------ C:\WINDOWS\system32\xfdanyvb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F28ED85C-A8AE-4e69-B92E-6279C02010DC}]
2007-11-12 12:50 97280 --a------ C:\Program Files\FShow\win-browser.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 12:00]
"Steam"="" []
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2007-11-13 15:48]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-10-08 09:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-03-05 19:52]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-7550Xp Wireless Laser Mini Mouse\Mouse32a.exe" [2007-09-13 10:42]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-01-03 02:04]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28]
"d0138b6d"="C:\WINDOWS\system32\mfuiokpb.dll" [2007-11-29 23:06]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 12:00 C:\WINDOWS\system32\rundll32.exe]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2005-09-29 02:11]
C:\Documents and Settings\œiœ@$\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe [2007-02-02 15:54:56]
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-01-03 01:32:47]
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-01-03 01:32:47]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^SM.lnk]
path=C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\SM.lnk
backup=C:\WINDOWS\pss\SM.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
ARPWRMSG.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 20:34 64512 --a------ C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fdlbtkcgbl]
c:\windows\system32\fdlbtkcgbl.exe fdlbtkcgbl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ftutil2]
rundll32.exe ftutil2.dll,SetWriteCacheMode
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\messengerskinner]
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2005-07-22 22:14 237568 --a------ C:\WINDOWS\SMINST\RECGUARD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winmsnsvc]
2006-11-26 21:01 20480 --a------ C:\WINDOWS\system32\winmsnsvc.exe
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 C-Dilla;C-Dilla;\??\C:\WINDOWS\system32\drivers\CDANT.SYS
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys
S3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-30 12:34:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-30 12:34:51
C:\ComboFix2.txt ... 2007-11-30 12:22
.
--- E O F ---
