Votre question
Fermé

Ramnit - rapport ComboFix

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Février 2011 17:22:02

Bonjour.

J'ai un gros problème et j'aimerais soumettre ce rapport ComboFix :

ComboFix 11-02-05.01 - Florian 06.02.2011 14:53:35.7.2 - x86
Lancé depuis: c:\documents and settings\Florian\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\~WRD1154.tmp
c:\documents and settings\Florian\Application Data\desktop.ini
c:\documents and settings\Florian\Application Data\igxpgd32.dat
c:\documents and settings\Florian\Application Data\inst.exe
c:\program files\Internet Explorer\complete.dat
c:\program files\Internet Explorer\dmlconf.dat
c:\windows\daemon.dll
c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SVCHOST32


((((((((((((((((((((((((((((( Fichiers créés du 2011-01-06 au 2011-02-06 ))))))))))))))))))))))))))))))))))))
.

2011-02-06 13:48 . 2011-02-06 13:48 -------- dc----w- c:\documents and settings\Florian\Application Data\Avira
2011-02-06 13:44 . 2011-02-06 13:45 -------- d-----w- c:\windows\system32\NtmsData
2011-02-06 13:41 . 2010-12-06 07:48 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-02-06 13:41 . 2010-12-06 07:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-02-06 13:41 . 2010-06-17 13:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-02-06 13:41 . 2010-06-17 13:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-02-06 13:41 . 2011-02-06 13:41 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2011-02-06 13:41 . 2011-02-06 13:41 -------- d-----w- c:\program files\Avira
2011-02-06 13:27 . 2011-02-06 13:23 6360005 ----a-w- c:\program files\nvu-1.0-win32-installer-fr.exe
2011-02-06 11:02 . 2010-02-02 09:13 59664 --s---w- c:\windows\system32\drivers\TfSysMon.sys
2011-02-06 11:02 . 2010-02-02 09:13 51984 --s---w- c:\windows\system32\drivers\TfFsMon.sys
2011-02-06 11:02 . 2010-02-02 09:13 33552 --s---w- c:\windows\system32\drivers\TfNetMon.sys
2011-02-06 10:54 . 2011-02-06 13:33 -------- d-----w- c:\program files\Spyware Doctor
2011-02-06 10:54 . 2011-02-06 12:10 -------- dc----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-02-06 10:54 . 2011-02-06 12:10 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-02-06 10:38 . 2011-02-06 10:55 -------- dc----w- c:\documents and settings\Florian\Application Data\GetRightToGo
2011-02-05 19:14 . 2011-02-05 19:14 -------- dcsh--w- c:\documents and settings\Florian\UserData
2011-02-05 18:04 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-05 08:28 . 2011-02-05 08:49 -------- d-----w- c:\program files\RegTweaker
2011-02-04 23:38 . 2011-02-05 20:14 -------- d-----w- c:\program files\temp
2011-02-04 23:37 . 2011-02-06 14:04 -------- d-----w- c:\program files\wetlipcc
2011-02-03 15:42 . 2011-02-03 15:42 -------- dc----w- c:\documents and settings\Florian\Application Data\Cat Girl Alliance
2011-01-30 21:57 . 2011-01-30 21:57 -------- d-----w- c:\program files\Prima
2011-01-30 21:52 . 2011-01-30 21:52 -------- dc----w- c:\documents and settings\Florian\Application Data\DAEMON Tools Pro
2011-01-30 21:52 . 2011-01-30 21:52 -------- dc----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2011-01-30 17:55 . 2002-08-30 13:00 57398 -c--a-w- c:\windows\system32\dllcache\imjpdadm.exe
2011-01-30 17:55 . 2002-08-30 13:00 45109 -c--a-w- c:\windows\system32\dllcache\imjpuex.exe
2011-01-30 17:55 . 2002-08-30 13:00 6656 -c--a-w- c:\windows\system32\dllcache\c_is2022.dll
2011-01-30 17:55 . 2002-08-30 13:00 6656 ----a-w- c:\windows\system32\c_is2022.dll
2011-01-30 15:51 . 2001-08-23 16:47 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-01-30 15:51 . 2001-08-23 16:47 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-01-30 15:51 . 2001-08-23 16:47 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-01-30 15:51 . 2001-08-23 16:47 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-01-30 15:51 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-01-30 15:51 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-01-30 15:51 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-01-30 15:51 . 2001-08-17 21:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-01-30 15:51 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-01-30 15:51 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-01-30 15:51 . 2008-04-14 03:31 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-01-30 15:51 . 2008-04-14 03:31 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-01-30 15:21 . 2011-01-30 19:12 -------- d-----w- c:\program files\ƒpƒNƒb‚¿‚Ⴄ‚¼!!
2011-01-12 17:01 . 2011-01-12 17:01 -------- d-----w- c:\documents and settings\Florian\Local Settings\Application Data\Help

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2007-08-11 08:36 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2006-03-02 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-06-28 08:14 . 2010-06-28 08:14 341907 ----a-w- c:\program files\RHosts.exe
2010-06-27 22:36 . 2010-06-27 22:36 6153352 ----a-w- c:\program files\mbam-setup.exe
2010-06-27 22:14 . 2010-06-27 22:14 1224471 ----a-w- c:\program files\UsbFix.exe
2010-06-27 07:44 . 2010-06-27 07:44 1940640 ----a-w- c:\program files\RegCureSetup_CB.exe
2010-05-07 20:22 . 2010-05-07 20:22 1535112 ----a-w- c:\program files\rcsetup137_slim.exe
2010-03-15 10:51 . 2010-03-15 10:50 2390808 ----a-w- c:\program files\mp3tagv246setup.exe
2010-01-08 22:15 . 2010-01-08 22:15 504320 ----a-w- c:\program files\daemon347.exe
2010-01-08 20:56 . 2010-01-08 20:55 5374528 ----a-w- c:\program files\isobuster_isobuster_2.6_francais_10024.exe
2009-11-28 15:16 . 2009-11-28 15:16 2161920 ----a-w- c:\program files\mp3tagv245asetup.exe
2009-11-24 09:00 . 2009-11-24 09:00 2147428 ----a-w- c:\program files\mp3tag_mp3tag_2.44_francais_12753.exe
2009-11-17 16:12 . 2009-11-17 16:12 220454 ----a-w- c:\program files\unlocker1.8.8.exe
2008-11-07 16:21 . 2008-11-07 16:21 2015356 -c--a-w- c:\program files\VirtualDub.exe
2008-07-19 12:13 . 2008-07-19 12:13 4782536 -c--a-w- c:\program files\daemon4300-lite.exe
2008-07-05 12:33 . 2008-07-05 12:33 10072368 -c--a-w- c:\program files\copytodvd4_setup-avangate_678.exe
2008-05-06 08:53 . 2008-05-06 08:53 35745976 -c--a-w- c:\program files\AVSVideoReMaker.exe
2008-02-26 12:39 . 2008-02-26 12:39 164993 -c--a-w- c:\program files\mp3DC202.exe
2008-01-18 09:23 . 2008-01-18 09:23 412199 -c--a-w- c:\program files\asftools310.exe
2008-01-01 16:30 . 2008-01-01 16:30 39262553 -c--a-w- c:\program files\WE55FraTrial.exe
2007-12-28 08:57 . 2007-12-28 08:57 15180000 -c--a-w- c:\program files\gimp-2.4.2-i686-setup.exe
2007-12-02 18:02 . 2007-12-02 18:02 19343592 -c--a-w- c:\program files\internet_video_converter_1.50_en_setup.exe
2007-11-10 08:21 . 2007-11-10 08:21 223388 -c--a-w- c:\program files\MXPie Patch v3.6.exe
2007-10-24 22:46 . 2007-10-24 22:46 734160 -c--a-w- c:\program files\VobSub_2.23.exe
2007-10-02 09:26 . 2007-10-02 09:26 513911 -c--a-w- c:\program files\ZyGoVideo2Win.exe
2007-10-02 08:52 . 2007-10-02 08:52 13856793 -c--a-w- c:\program files\quicktimealt176.exe
2007-08-14 22:03 . 2007-08-14 22:03 2007901 -c--a-w- c:\program files\CodecPackPl.exe
2007-08-14 06:59 . 2007-08-14 06:59 3294480 -c--a-w- c:\program files\DivXCodec.exe
2007-08-13 19:22 . 2007-08-13 19:22 823296 -c--a-w- c:\program files\winmx353.exe
2002-09-11 20:54 . 2008-01-01 16:08 1708852 -c--a-w- c:\program files\FPESETUP_wu.exe
2000-11-15 08:21 . 2007-12-03 17:07 267751 -c--a-w- c:\program files\hjsplit.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}]
2010-12-12 08:56 242176 ------w- c:\program files\RegTweaker\key.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-16 68856]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-07 323392]
"BitTorrent"="c:\program files\BitTorrent\bittorrent.exe" [2010-09-23 689016]
"Google Update"="c:\documents and settings\Florian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-26 136176]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006-08-03 53248]
"S3Trayp"="S3trayp.exe" [2006-07-10 176128]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-08-14 352256]
"lxczbmgr.exe"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-08 74672]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-02-08 295856]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-06 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-10-09 198160]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-03-02 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-03-02 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-03-02 455168]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-06 281768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,,c:\program files\wetlipcc\fklxspls.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-12-08 16:35 32768 -c--a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-16 07:42 68856 ------w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-10-09 07:06 198160 ------w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\FileZilla Client\\filezilla.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58295:TCP"= 58295:TCP:p ando P2P TCP Listening Port
"58295:UDP"= 58295:UDP:p ando P2P UDP Listening Port
"58489:TCP"= 58489:TCP:p ando P2P TCP Listening Port
"58489:UDP"= 58489:UDP:p ando P2P UDP Listening Port
"58475:TCP"= 58475:TCP:p ando P2P TCP Listening Port
"58475:UDP"= 58475:UDP:p ando P2P UDP Listening Port
"58341:TCP"= 58341:TCP:p ando P2P TCP Listening Port
"58341:UDP"= 58341:UDP:p ando P2P UDP Listening Port
"6699:TCP"= 6699:TCP:TCP-WinMx
"6257:UDP"= 6257:UDP:UDP-WinMx

R1 MpKsl6a12704a;MpKsl6a12704a;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2199C634-5E85-4870-A4A3-1F96AA4D1C91}\MpKsl6a12704a.sys [x]
R1 MpKsl6df85491;MpKsl6df85491;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2199C634-5E85-4870-A4A3-1F96AA4D1C91}\MpKsl6df85491.sys [x]
R1 MpKslc1c357bc;MpKslc1c357bc;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2199C634-5E85-4870-A4A3-1F96AA4D1C91}\MpKslc1c357bc.sys [x]
R1 tcuptzyx;tcuptzyx;c:\windows\system32\drivers\tcuptzyx.sys [x]
R3 AsAudioDevice_349;AsAudioDevice_349;c:\windows\system32\drivers\AsAudioDevice_349.sys [2008-11-18 16640]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-12-20 251760]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-02-02 33552]
R3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service [x]
S0 d347bus;d347bus;c:\windows\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
S0 d347prt;d347prt;c:\windows\System32\Drivers\d347prt.sys [2004-08-22 5248]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-08 691696]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-02-02 51984]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-02-02 59664]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;c:\program files\VMLaunch\BuddyVM.sys [2004-10-05 15872]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-06 135336]


--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contenu du dossier 'Tâches planifiées'

2011-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-630328440-725345543-1004Core.job
- c:\documents and settings\Florian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-26 13:32]

2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-630328440-725345543-1004UA.job
- c:\documents and settings\Florian\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-26 13:32]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.teletext.ch/TSR1/100-00.html
uInternet Settings,ProxyServer = http=127.0.0.1:8992
uInternet Settings,ProxyOverride = <local>
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{90EAE591-7E7E-434a-8E28-ECFD00071806} - c:\program files\PokerStars.FR\PokerStarsUpdate.exe
Trusted Zone: link.io\www
Trusted Zone: megaupload.com\www
FF - ProfilePath - c:\documents and settings\Florian\Application Data\Mozilla\Firefox\Profiles\tpv9lt36.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.teletext.ch/tsr1/100-00.html
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\real\realplayer\browserrecord\firefox\ext
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Facemoi - c:\facemoi\facemoi.exe
HKLM-Run-Facemoi - c:\facemoi\facemoi.exe
AddRemove-eBay Icon - c:\documents and settings\Florian\Application Data\Desktopicon\uninst.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-06 15:05
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2356)
c:\windows\system32\webcheck.dll
c:\progra~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\program files\Fichiers communs\Microsoft Shared\Web Components\10\1036\OWCI10.DLL
c:\progra~1\FICHIE~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\program files\Fichiers communs\Microsoft Shared\Web Components\11\1036\OWCI11.DLL
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\ImgUtil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxczcoms.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\VTTimer.exe
c:\windows\system32\S3trayp.exe
c:\program files\Lexmark 1200 Series\lxczbmon.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2011-02-06 15:09:39 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-02-06 14:09

Avant-CF: 15'388'868'608 octets libres
Après-CF: 15'464'312'832 octets libres

- - End Of File - - B8D9DB6EE18F67F703A3A2843C195587

Merci

Autres pages sur : ramnit rapport combofix

6 Février 2011 17:37:00

salut,


DOUBLON !


reste sur ton premier sujet > http://forum.zebulon.fr/probleme-t182795.html


Bonne chance ...


( j'espère que tu as ton CD de Windows car avec ce genre de merde , le formatage est souvant la seule solution )


:hello: 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS