Se connecter / S'enregistrer
Votre question

rapoort combofix

Tags :
  • Microsoft
  • Sécurité
Dernière réponse : dans Sécurité et virus
17 Avril 2008 19:19:19

bsr voila mon rapport et mnt je fé quoi merci urgent


ComboFix 08-04-11.1 - tchamaux 2008-04-17 18:01:44.5 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.397 [GMT 2:00]
Endroit: C:\Documents and Settings\tchamaux\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\AJiijkkj.ini
C:\WINDOWS\system32\AJiijkkj.ini2
C:\WINDOWS\system32\dpwbjjbr.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rbjjbwpd.ini

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-17 to 2008-04-17 ))))))))))))))))))))))))))))))))))))
.

2008-04-16 18:30 . 2008-04-16 18:30 <REP> d-------- C:\Documents and Settings\tchamaux\Application Data\DivX
2008-04-16 13:45 . 2008-04-17 12:47 1,570,404 ---hs---- C:\WINDOWS\system32\jjpljdww.ini
2008-04-16 13:43 . 2008-04-16 13:43 273,920 --------- C:\WINDOWS\system32\jkkjiiJA.dll
2008-04-16 13:30 . 2008-03-29 19:27 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-04-16 13:30 . 2008-03-29 19:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-04-16 13:29 . 2008-03-29 19:45 1,146,232 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-04-16 13:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-04-16 13:29 . 2008-03-29 19:23 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-04-16 13:29 . 2008-03-29 19:35 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-04-16 13:29 . 2008-01-17 17:34 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-04-16 13:29 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-16 13:29 . 2008-03-29 19:26 26,944 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-04-16 13:29 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-04-16 10:03 . 2008-04-16 10:03 207 --a------ C:\xmlin.ini
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-04-16 03:33 . 2008-04-07 20:16 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-04-16 03:33 . 2008-04-07 20:16 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-04-16 02:39 . 2008-04-16 02:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-16 02:34 . 2008-04-16 02:34 <REP> d-------- C:\Temp
2008-04-16 02:32 . 2008-04-16 02:32 <REP> d-------- C:\Program Files\QuickTime
2008-04-16 02:24 . 2007-01-18 14:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2008-04-15 04:16 . 2008-04-15 04:16 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\WinFlip
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\VisualTaskTips
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\VistaDriveIcon
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\TrueTransparency
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\Thoosje Sidebar V2.3
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\Styler
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\glass2k
2008-04-15 04:14 . 2008-04-15 04:14 <REP> d-------- C:\Program Files\Blaero Start Orb
2008-04-15 04:14 . 2008-04-15 04:14 6,912,054 --a------ C:\WINDOWS\startup.bmp
2008-04-15 04:14 . 2004-08-04 04:54 219,648 --a------ C:\WINDOWS\system32\uxtheme.backup
2008-04-15 04:09 . 2008-04-15 04:09 <REP> d-------- C:\WINDOWS\VistaMizer
2008-04-14 22:06 . 2008-04-14 22:06 <REP> d-------- C:\Program Files\UxTheme Multipatcher Fr
2008-04-14 15:50 . 2008-04-14 15:50 <REP> d-------- C:\Program Files\eMule
2008-04-14 15:34 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-04-14 15:32 . 2008-04-14 15:32 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-04-14 15:09 . 2008-04-14 15:09 <REP> d-------- C:\Program Files\Adverts
2008-04-14 15:08 . 2008-04-14 15:09 <REP> d-------- C:\Program Files\MessengerPlus! 3
2008-04-14 14:36 . 2008-04-14 14:36 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-04-14 12:23 . 2008-04-17 00:00 101,218 --a------ C:\WINDOWS\BMcb41afa2.xml
2008-04-11 21:01 . 2008-04-11 21:01 268 --ah----- C:\sqmdata12.sqm
2008-04-11 21:01 . 2008-04-11 21:01 244 --ah----- C:\sqmnoopt12.sqm
2008-04-11 18:56 . 2008-04-11 18:56 <REP> d-------- C:\Program Files\Alwil Software
2008-04-11 18:56 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-04-11 18:56 . 2003-03-18 20:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2008-04-11 18:56 . 2003-02-21 04:42 348,160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2008-04-11 18:02 . 2008-04-11 18:02 <REP> d-------- C:\Program Files\SpywareIsolator
2008-04-11 18:02 . 2008-04-11 18:02 0 --a------ C:\winxplogon.sys
2008-04-11 17:13 . 2008-04-11 17:13 268 --ah----- C:\sqmdata11.sqm
2008-04-11 17:13 . 2008-04-11 17:13 244 --ah----- C:\sqmnoopt11.sqm
2008-04-11 16:06 . 2008-04-11 16:06 268 --ah----- C:\sqmdata10.sqm
2008-04-11 16:06 . 2008-04-11 16:06 244 --ah----- C:\sqmnoopt10.sqm
2008-04-11 12:50 . 2008-04-11 12:50 268 --ah----- C:\sqmdata09.sqm
2008-04-11 12:50 . 2008-04-11 12:50 244 --ah----- C:\sqmnoopt09.sqm
2008-04-11 09:55 . 2008-04-11 09:55 268 --ah----- C:\sqmdata08.sqm
2008-04-11 09:55 . 2008-04-11 09:55 244 --ah----- C:\sqmnoopt08.sqm
2008-04-11 09:42 . 2004-08-03 23:08 26,496 --a------ C:\WINDOWS\system32\dllcache\usbstor.sys
2008-04-11 04:21 . 2008-04-11 04:21 268 --ah----- C:\sqmdata07.sqm
2008-04-11 04:21 . 2008-04-11 04:21 244 --ah----- C:\sqmnoopt07.sqm
2008-04-10 23:57 . 2008-04-10 23:57 268 --ah----- C:\sqmdata06.sqm
2008-04-10 23:57 . 2008-04-10 23:57 244 --ah----- C:\sqmnoopt06.sqm
2008-04-10 23:31 . 2008-04-10 23:31 268 --ah----- C:\sqmdata05.sqm
2008-04-10 23:31 . 2008-04-10 23:31 244 --ah----- C:\sqmnoopt05.sqm
2008-04-10 23:23 . 2008-04-10 23:23 268 --ah----- C:\sqmdata04.sqm
2008-04-10 23:23 . 2008-04-10 23:23 244 --ah----- C:\sqmnoopt04.sqm
2008-04-10 19:13 . 2008-04-10 19:13 268 --ah----- C:\sqmdata03.sqm
2008-04-10 19:13 . 2008-04-10 19:13 244 --ah----- C:\sqmnoopt03.sqm
2008-04-10 14:40 . 2008-04-10 14:40 244 --ah----- C:\sqmnoopt02.sqm
2008-04-10 14:40 . 2008-04-10 14:40 232 --ah----- C:\sqmdata02.sqm
2008-04-10 14:35 . 2008-04-10 14:35 268 --ah----- C:\sqmdata01.sqm
2008-04-10 14:35 . 2008-04-10 14:35 244 --ah----- C:\sqmnoopt01.sqm
2008-04-09 23:06 . 2008-04-09 23:06 268 --ah----- C:\sqmdata00.sqm
2008-04-09 23:06 . 2008-04-09 23:06 244 --ah----- C:\sqmnoopt00.sqm
2008-04-09 20:21 . 2008-04-09 20:21 <REP> d-------- C:\Documents and Settings\tchamaux\Application Data\TmpRecentIcons
2008-04-09 18:43 . 2008-04-09 18:43 51 --a------ C:\smp.bat
2008-04-09 18:21 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-09 18:21 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-04-09 18:21 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-09 18:02 . 2008-04-09 18:02 <REP> d-------- C:\Documents and Settings\tchamaux\Contacts
2008-04-09 18:01 . 2008-04-09 18:01 <REP> d-------- C:\WINDOWS\system32\DRVSTORE
2008-04-09 17:58 . 2008-04-09 17:58 <REP> d-------- C:\Documents and Settings\tchamaux\Application Data\uTorrent
2008-04-09 01:23 . 2008-04-09 01:23 5,120 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-09 01:20 . 2008-04-16 00:37 49,664 --ahs---- C:\WINDOWS\Thumbs.db
2008-04-09 00:48 . 2008-04-17 03:23 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-04-09 00:14 . 2008-04-09 00:14 <REP> d-------- C:\Program Files\WinShut XP
2008-04-09 00:14 . 2008-04-09 00:14 253,952 --------- C:\WINDOWS\Setup1.exe
2008-04-09 00:14 . 2008-04-09 00:14 74,752 --a------ C:\WINDOWS\ST6UNST.EXE
2008-04-09 00:09 . 2008-04-09 00:09 <REP> d-------- C:\Program Files\ClocX
2008-04-09 00:09 . 2008-04-09 00:09 <REP> d-------- C:\Program Files\CDex
2008-04-09 00:08 . 2008-04-09 00:08 <REP> d-------- C:\Program Files\CCleaner
2008-04-09 00:06 . 2008-04-09 00:06 <REP> d-------- C:\Program Files\DivX
2008-04-08 23:57 . 2005-07-29 17:12 2,977,792 --------- C:\WINDOWS\UNNMP.exe
2008-04-08 23:57 . 2005-09-16 14:10 49,857 --------- C:\WINDOWS\UNNMP.cfg
2008-04-08 23:55 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-04-08 23:54 . 2008-04-08 23:54 <REP> d-------- C:\Program Files\Fichiers communs\Nero

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 02:14 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-04-15 02:14 219,648 ----a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
2008-04-07 21:21 26 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-04-07 18:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-04-07 18:28 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-07 18:26 --------- d-----w C:\Program Files\Services en ligne
2008-03-21 20:30 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-03-21 20:30 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-03-21 20:30 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-03-21 20:30 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-03-21 20:30 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-03-21 20:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 22:32 3,473,408 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-15 09:23 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
.

------- Sigcheck -------

2008-02-16 11:02 808448 f1fc6bc09a699440c34c4542507ecfdc C:\WINDOWS\system32\wininet.dll
2008-02-16 11:02 808448 f1fc6bc09a699440c34c4542507ecfdc C:\WINDOWS\system32\dllcache\wininet.dll
2008-02-16 11:32 670208 dcb8a9f102663d962be60cde38a6c1d7 C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\wininet.dll
2008-02-16 11:02 663552 c9218cd3cd93586ffe9ae789282cae63 C:\WINDOWS\VistaMizer\old\wininet.dll
2008-02-16 11:02 663552 c9218cd3cd93586ffe9ae789282cae63 C:\WINDOWS\SoftwareDistribution\Download\58762acf47a35def24a27c268dd31801\sp2gdr\wininet.dll
2008-02-16 11:32 670208 dcb8a9f102663d962be60cde38a6c1d7 C:\WINDOWS\SoftwareDistribution\Download\58762acf47a35def24a27c268dd31801\sp2qfe\wininet.dll
2004-08-04 04:54 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB947864$\wininet.dll

2004-08-04 04:55 546304 bdbd27fa935d482a3d6890c69913f8a4 C:\WINDOWS\system32\winlogon.exe
2004-08-04 04:55 546304 bdbd27fa935d482a3d6890c69913f8a4 C:\WINDOWS\system32\dllcache\winlogon.exe
2004-08-04 04:55 506368 d2de785aeab0bb8ca4c14a8a199dbe4e C:\WINDOWS\VistaMizer\old\winlogon.exe

2007-02-28 18:02 2318976 22abd90b3862c538b885b5b05ff5208c C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 18:02 2318976 22abd90b3862c538b885b5b05ff5208c C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2007-02-28 18:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2005-03-02 20:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 08:08 2061440 7a56a64eb50399613587e90292dd2aab C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2007-02-28 18:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\VistaMizer\old\ntkrnlpa.exe
2005-03-02 20:07 2058880 73fa9c95d235844a36968c7852c7dbdd C:\WINDOWS\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntkrnlpa.exe
2005-03-02 20:13 2059008 5311776074b6c13f983dc75baeac9c0c C:\WINDOWS\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntkrnlpa.exe
2007-02-28 08:08 2061440 7a56a64eb50399613587e90292dd2aab C:\WINDOWS\SoftwareDistribution\Download\47cec0c462f6cbdcf7ca5941c1ec0b4a\SP2QFE\ntkrnlpa.exe
2007-02-28 18:02 2059648 a1d5231403329478ae4fe2778c55c77f C:\WINDOWS\SoftwareDistribution\Download\47cec0c462f6cbdcf7ca5941c1ec0b4a\SP2GDR\ntkrnlpa.exe
2004-08-04 05:05 2058880 f252fae094c54572ece38a039f2103c4 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-02 20:07 2058880 73fa9c95d235844a36968c7852c7dbdd C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe

2007-02-28 18:02 2441728 60d11c4ee7a1213c778732efc75d8abd C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 18:02 2441728 60d11c4ee7a1213c778732efc75d8abd C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2007-02-28 18:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2005-03-02 20:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 18:08 2184192 8e244108562e0e452eb68dff64cb08a9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2007-02-28 18:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\VistaMizer\old\ntoskrnl.exe
2005-03-02 20:08 2181376 63729dd0f2aae36cc52b89c05505146c C:\WINDOWS\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2gdr\ntoskrnl.exe
2005-03-02 20:13 2181632 3e2a0a4a0c0b19fc113618a9562a3b2a C:\WINDOWS\SoftwareDistribution\Download\46faa4cd5c82200be099d1b1e8a12eed\sp2qfe\ntoskrnl.exe
2007-02-28 18:08 2184192 8e244108562e0e452eb68dff64cb08a9 C:\WINDOWS\SoftwareDistribution\Download\47cec0c462f6cbdcf7ca5941c1ec0b4a\SP2QFE\ntoskrnl.exe
2007-02-28 18:02 2182400 7d6d19aac51a4325f6039f083c22303c C:\WINDOWS\SoftwareDistribution\Download\47cec0c462f6cbdcf7ca5941c1ec0b4a\SP2GDR\ntoskrnl.exe
2004-08-04 04:49 2183040 7d38ce4398e6aa6339b4644feadcc0d8 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-02 20:08 2181376 63729dd0f2aae36cc52b89c05505146c C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe

2007-06-13 15:22 1555968 b9dd2a11ec8414088970c8c46a2e6668 C:\WINDOWS\explorer.exe
2007-06-13 15:22 1555968 b9dd2a11ec8414088970c8c46a2e6668 C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\VistaMizer\old\explorer.exe
2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\SoftwareDistribution\Download\aa7b28efbf5e224a2f6b995008501967\sp2gdr\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\SoftwareDistribution\Download\aa7b28efbf5e224a2f6b995008501967\sp2qfe\explorer.exe
2004-08-04 04:54 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
.
((((((((((((((((((((((((((((( snapshot_2008-04-16_ 3.25.05,64 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-16 11:18:36 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
- 2005-09-28 21:29:14 693,248 ----a-w C:\WINDOWS\system32\DivX.dll
+ 2008-03-31 21:25:46 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
- 2005-09-28 21:29:12 688,128 ----a-w C:\WINDOWS\system32\divx_xx07.dll
+ 2008-03-31 21:25:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
+ 2008-03-31 21:25:46 831,488 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
- 2005-09-28 21:29:12 688,128 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
+ 2008-03-31 21:25:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
- 2005-09-28 21:29:12 671,744 ----a-w C:\WINDOWS\system32\divx_xx11.dll
+ 2008-03-31 21:25:46 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
+ 2008-03-31 21:25:52 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
+ 2008-03-21 20:30:04 551,672 ------w C:\WINDOWS\system32\px.dll
+ 2008-03-21 20:30:04 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-03-21 20:30:04 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-03-21 20:30:06 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-03-21 20:30:04 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-03-21 20:30:06 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2008-03-21 20:30:04 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
+ 2008-03-21 20:30:06 379,640 ------w C:\WINDOWS\system32\pxwave.dll
+ 2008-03-21 20:30:04 88,824 ------w C:\WINDOWS\system32\vxblock.dll
- 2008-04-16 00:53:26 16,384 ----a-w C:\WINDOWS\TEMP\Perflib_Perfdata_6d0.dat
+ 2008-04-17 16:05:46 16,384 ----a-w C:\WINDOWS\TEMP\Perflib_Perfdata_6d0.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BB547AA1-C8F0-4399-921A-612B8947C47F}]
2008-04-16 13:43 273920 --------- C:\WINDOWS\system32\jkkjiiJA.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:54 25088]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-04-08 01:07 171448]
"µTorrent"="D:\Program Files\utorent\utorrent.exe" [2006-07-02 18:29 174163]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-04-14 15:09 190024]
"VisualTaskTips"="C:\Program Files\VisualTaskTips\VisualTaskTips.exe" [2007-09-05 19:20 36352]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2005-11-21 15:32 548864]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1825792]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2006-09-21 16:36 53248 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3Trayp.exe" [2006-10-10 05:14 176128 C:\WINDOWS\system32\S3Trayp.exe]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2005-04-16 17:08 172032]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-04-14 15:09 190024]
"Glass2k"="C:\Program Files\Glass2k\Glass2k.exe" [2007-10-17 01:04 56325]
"DrvIcon"="C:\Program Files\VistaDriveIcon\DrvIcon.exe" [2007-07-04 21:59 45056]
"DownloadAccelerator"="D:\Program Files\DAP\DAP.exe" [2008-04-16 02:27 3057152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 04:54 25088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkLEuTL]
jkkLEuTL.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\utorent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"D:\\Program Files\\DAP\\DAP.exe"=
"C:\\Program Files\\eMule\\eMule.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=
"C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\MSMSGS.EXE"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 LF30FS;LF30FS;C:\Program Files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [2004-11-19 18:07]
R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-04-08 01:16]
R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-04-08 01:16]
R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-15 09:38]
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys [2003-12-01 09:36]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29cee032-07fa-11dd-bff8-00730446cb43}]
\Shell\AutoRun\command - G:\RunDll32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6446dab6-0a6c-11dd-8003-00140b0f4231}]
\Shell\AutoRun\command - h.cmd
\Shell\explore\Command - h.cmd
\Shell\open\Command - h.cmd

.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-17 18:06:01
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\VisualTaskTips\VttHooks.dll
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRAM FILES\HUAWEI TECHNOLOGIES\HUAWEI SMARTAX MT810\DSLMON.EXE
C:\PROGRAM FILES\APOINT2K\APNTEX.EXE
C:\PROGRAM FILES\SPEEDBIT VIDEO ACCELERATOR\VIDEOACCELERATORSERVICE.EXE
C:\PROGRAM FILES\SPEEDBIT VIDEO ACCELERATOR\VIDEOACCELERATORENGINE.EXE
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\Setup\avast.setup
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-17 18:07:28 - machine was rebooted [tchamaux]
ComboFix-quarantined-files.txt 2008-04-17 16:07:20
ComboFix3.txt 2008-04-14 12:57:42
ComboFix2.txt 2008-04-16 01:40:36
Pre-Run: 2,617,270,272 octets libres
Post-Run: 2,606,456,832 octets libres
.
2008-04-15 15:34:58 --- E O F ---

Autres pages sur : rapoort combofix

a b 8 Sécurité
17 Avril 2008 19:55:49

1- PAS DE SMS
2- UNE EXPLICATION EST NECESSAIRE
3- TON CAS N'EST PAS PLUS URGENT QUE LES AUTRES
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS