High-Tech Santé Médecine Droit-Finances

Réalisation

vidéo numérique

Rechercher : dans
Par :

Cooltoolbar

darkmaul64, le 30 nov 2007 à 22:34:03
 Signaler ce message aux modérateurs Revenir à la discussion

ça a pris un peu de temps mais voila :

ComboFix 07-11-19.4C - lionel 2007-11-30 22:26:56.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.1479 [GMT 1:00]
Running from: C:\Documents and Settings\lionel\Mes documents\Mes fichiers reçus\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\nsu16.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-28 to 2007-11-30 ))))))))))))))))))))))))))))))))))))
.

2007-11-30 22:13 3,682 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-30 22:12 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-30 22:12 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-30 22:12 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-30 22:12 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-30 22:12 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-30 20:26 79,868 --a------ C:\WINDOWS\system32\adssite-remove.ex­e
2007-11-30 20:20 16,384 --a------ C:\WINDOWS\system32\restart.exe
2007-11-30 19:42 184,320 --a------ C:\WINDOWS\system32\delnext.exe
2007-11-30 19:42 82,188 --a------ C:\WINDOWS\system32\zip.exe
2007-11-30 17:40 <REP> d-------- C:\Program Files\VistaCodecPack
2007-11-30 17:40 <REP> d-------- C:\Program Files\illiminable
2007-11-28 20:05 <REP> d-------- C:\Documents and Settings\lionel\Application Data\SUPERAntiSpyware.com
2007-11-28 20:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-27 18:42 <REP> d-------- C:\Program Files\Trend Micro
2007-11-21 21:23 <REP> d-------- C:\Program Files\GameSpy
2007-11-21 21:11 <REP> d-------- C:\Program Files\Electronic Arts
2007-11-20 21:11 <REP> dr-h----- C:\Documents and Settings\lionel\Application Data\SecuROM
2007-11-20 21:10 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2007-11-20 21:09 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2007-11-18 22:04 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 22:04 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 22:04 22,328 --a------ C:\Documents and Settings\lionel\Application Data\PnkBstrK.sys
2007-11-18 21:05 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-11-18 21:05 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-18 21:05 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-11-17 09:54 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2007-11-17 09:54 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2007-11-15 19:08 <REP> d-------- C:\Program Files\Microsoft IntelliType Pro
2007-11-15 19:08 <REP> d-------- C:\Program Files\Microsoft IntelliPoint
2007-11-15 18:31 <REP> d-------- C:\Documents and Settings\lionel\Application Data\Apple Computer
2007-11-13 18:49 <REP> d-------- C:\Program Files\QuickTime
2007-11-13 18:49 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-13 18:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-13 18:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-13 18:32 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-12 20:52 <REP> d-------- C:\Documents and Settings\lionel\Application Data\AdobeUM
2007-11-12 20:51 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2007-11-11 21:57 <REP> d-------- C:\Program Files\MediaCoder
2007-11-11 19:17 <REP> d-------- C:\divx
2007-11-11 15:40 <REP> d-------- C:\Program Files\Total Video Converter
2007-11-11 14:55 <REP> d-------- C:\Documents and Settings\lionel\Application Data\CyberLink
2007-11-11 14:35 <REP> d-------- C:\Documents and Settings\lionel\Application Data\Pinnacle Systems
2007-11-11 13:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-11 12:31 43 --a------ C:\WINDOWS\system32\blue.SITENAME
2007-11-11 10:54 <REP> d-------- C:\Program Files\proDAD
2007-11-11 10:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-11-11 10:53 <REP> d-------- C:\Program Files\AdorageI-SAL
2007-11-11 10:53 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2007-11-11 10:48 2,653,888 --a------ C:\WINDOWS\system32\LTRDG13n.OCX
2007-11-11 10:48 534,192 --a------ C:\WINDOWS\system32\LTRVW13N.OCX
2007-11-11 10:48 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2007-11-11 10:48 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-11-11 10:48 204,881 --------- C:\WINDOWS\system32\DiskIO.dll
2007-11-11 10:48 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2007-11-11 10:48 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2007-11-11 10:48 155,721 --------- C:\WINDOWS\system32\RALMain.dll
2007-11-11 10:48 126,976 --------- C:\WINDOWS\system32\AVIPrAx.dll
2007-11-11 10:48 73,728 --------- C:\WINDOWS\system32\MMAviAx.dll
2007-11-11 10:48 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-11-11 10:48 32,768 --------- C:\WINDOWS\system32\MLPagAx.dll
2007-11-11 10:47 1,013,248 --------- C:\WINDOWS\system32\Ltwvc13n.dll
2007-11-11 10:47 306,352 --------- C:\WINDOWS\system32\Ltrio13n.dll
2007-11-11 10:47 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.JP
2007-11-11 10:47 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.IT
2007-11-11 10:47 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.FR
2007-11-11 10:47 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.ES
2007-11-11 10:47 26,624 --------- C:\WINDOWS\system32\PSDrvCheck.DE
2007-11-11 10:47 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.NL
2007-11-11 10:47 16,896 --------- C:\WINDOWS\system32\PSDrvCheck.KO
2007-11-11 10:46 33,340 --a------ C:\WINDOWS\system32\dbmsqlgc.dll
2007-11-11 10:46 24,576 --a------ C:\WINDOWS\system32\dbmsgnet.dll
2007-11-11 10:45 <REP> d-------- C:\WINDOWS\Cache
2007-11-11 10:45 <REP> d-------- C:\Program Files\Microsoft SQL Server
2007-11-11 10:45 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll
2007-11-11 10:45 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll
2007-11-11 10:41 <REP> d-------- C:\Program Files\SmartSound Software
2007-11-11 10:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-11-11 10:41 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-11-11 10:39 196,096 --a------ C:\WINDOWS\system32\macd32.dll
2007-11-11 10:39 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
2007-11-11 10:39 138,752 --a------ C:\WINDOWS\system32\mase32.dll
2007-11-11 10:39 136,192 --a------ C:\WINDOWS\system32\mamc32.dll
2007-11-11 10:39 57,856 --a------ C:\WINDOWS\system32\masd32.dll
2007-11-11 10:39 41,219 --a------ C:\WINDOWS\RSETPATH.exe
2007-11-11 10:39 27,648 --a------ C:\WINDOWS\system32\ma32.dll
2007-11-11 10:38 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-11-11 10:38 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll
2007-11-11 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
2007-11-11 10:34 <REP> d-------- C:\Program Files\Pinnacle
2007-11-11 10:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-11-09 20:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft
2007-11-09 20:06 <REP> d-------- C:\NVIDIA
2007-11-09 20:06 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-11-09 20:04 <REP> d-------- C:\WINDOWS\Sun
2007-11-09 20:04 <REP> d-------- C:\Program Files\SystemRequirementsLab
2007-11-09 20:04 <REP> d-------- C:\Documents and Settings\lionel\Application Data\SystemRequirementsLab
2007-11-09 19:14 <REP> d-------- C:\Program Files\directx
2007-11-09 19:14 <REP> d-------- C:\Program Files\3DO
2007-11-09 18:45 <REP> d-------- C:\Program Files\Audacity

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-21 20:22 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-10-25 16:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 16:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 16:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 16:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-20 00:56 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-10-20 00:56 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-10-20 00:56 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-10-07 13:25 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-07 03:35 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-10-07 03:35 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-10-07 02:06 --------- d-----w C:\Program Files\Intel
2007-10-07 01:55 --------- d-----w C:\Program Files\MSXML 4.0
2007-10-07 01:49 --------- d-----w C:\Program Files\Services en ligne
2007-10-07 01:48 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-10-04 16:14 6,854,464 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2005-05-11 21:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]
"WOOKIT"="C:\Program Files\Wanadoo\Shell.exe" [2004-08-23 13:50]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-03-02 09:38]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-03-02 09:38]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-03-02 09:38]
"SigmatelSysTrayApp"="sttray.exe" []
"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [2006-09-21 09:36]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 18:42]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 16:20]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-26 11:12]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"eCarteBleue-SG-P3"="C:\Program Files\e-Carte Bleue\SG\e-Carte Bleue\ECB-SG.exe" [2002-12-20 07:52]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-11 00:26]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 09:51]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2004-06-03 09:50]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Magnify"="Magnify.exe" [2004-08-05 13:00 C:\WINDOWS\system32\magnify.exe]

R3 hpnuhst;HP NUSB Host;C:\WINDOWS\system32\DRIVERS\hpnuhst.sys
R3 HPNUHUB;HP NUSB Hub;C:\WINDOWS\system32\DRIVERS\hpnuhub.sys
S3 HPNUCMP;HP NUSB Composite;C:\WINDOWS\system32\DRIVERS\hpnucmp.sys
S3 RTLWUSB;Wireless Adapter;C:\WINDOWS\system32\DRIVERS\hpl8187.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e59690c-8325-11dc-977a-0019d1aeb9f2}]
\Shell\AutoRun\command - G:\autorun.exe
\Shell\setup\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e72a55d-838c-11dc-977c-0019d1aeb9f2}]
\Shell\AutoRun\command - F:\welcome.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-29 06:39:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-30 19:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-30 22:31:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-30 22:32:13 - machine was rebooted
.
--- E O F ---

Posez votre question Répondre
Ils ont besoin de votre aide