no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
antivirus
asmaak, le mar. 08 juil. 2008 à 05:29:17
la suite


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-08 to 2008-07-08 ))))))))))))))))))))))))))))))))))))
.

2008-07-08 02:45 . 2008-07-08 02:45 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-07-07 18:23 . 2005-05-03 18:43 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-07-07 01:52 . 2008-07-07 01:52 <REP> d-------- C:\WINDOWS\system32\ZoneLabs
2008-07-07 01:52 . 2008-07-07 01:52 <REP> d-------- C:\Program Files\Zone Labs
2008-07-07 01:52 . 2008-04-02 21:07 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2008-07-07 01:52 . 2008-07-07 01:52 352,624 --a------ C:\WINDOWS\system32\vsconfig.xml
2008-07-07 01:49 . 2008-07-07 01:53 <REP> d-------- C:\WINDOWS\Internet Logs
2008-07-06 22:06 . 2008-07-06 22:06 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\AVGTOOLBAR
2008-07-06 22:06 . 2008-07-07 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-06 21:38 . 2008-07-06 21:38 <REP> d-------- C:\Program Files\ma-config.com
2008-07-06 21:38 . 2008-07-06 22:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-07-04 22:34 . 2008-07-08 01:27 11 --a------ C:\WINDOWS\system32\jdc32_mm.vcd
2008-07-04 22:34 . 2008-07-04 22:34 0 --a------ C:\WINDOWS\consult.INI
2008-07-04 22:28 . 2008-07-06 22:14 <REP> d-------- C:\Program Files\cdmaroc
2008-07-01 13:48 . 2006-08-08 19:58 692,224 --a------ C:\WINDOWS\system32\lxcrdrs.dll
2008-07-01 13:48 . 2006-11-30 16:32 344,064 --a------ C:\WINDOWS\system32\lxcrcoin.dll
2008-07-01 13:48 . 2006-08-14 21:01 65,536 --a------ C:\WINDOWS\system32\lxcrcaps.dll
2008-07-01 13:48 . 2005-12-20 16:54 61,440 --a------ C:\WINDOWS\system32\lxcrcnv4.dll
2008-07-01 13:48 . 2006-03-23 08:33 40,960 --a------ C:\WINDOWS\system32\lxcrvs.dll
2008-07-01 13:47 . 2006-11-22 13:51 45,056 --a------ C:\WINDOWS\system32\LXPRMON.DLL
2008-07-01 13:47 . 2006-11-22 13:50 32,768 --a------ C:\WINDOWS\system32\LXPMONUI.DLL
2008-07-01 13:47 . 2006-11-22 14:08 12,288 --a------ C:\WINDOWS\system32\LXPMONRC.DLL
2008-07-01 13:46 . 2008-07-06 22:14 <REP> d-------- C:\Program Files\Lexmark 2400 Series
2008-06-25 22:06 . 2008-06-25 22:06 2,454,911 --a------ C:\fati2.rar
2008-06-25 15:04 . 2008-06-25 15:04 166,912 --a------ C:\WINDOWS\system32\MSCHRT20.oca
2008-06-25 15:04 . 2008-06-25 15:04 135,680 --a------ C:\WINDOWS\system32\MSCOMCT2.oca
2008-06-25 15:04 . 2008-06-25 15:04 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-06-25 15:04 . 2008-06-25 15:04 25,600 --a------ C:\WINDOWS\system32\MSCOMM32.oca
2008-06-25 13:48 . 2008-06-26 09:44 <REP> d-------- C:\fati2
2008-06-24 20:54 . 2008-06-24 20:54 <REP> d-------- C:\Program Files\SweetIM
2008-06-24 20:54 . 2008-06-24 20:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SweetIM
2008-06-23 11:45 . 2008-06-23 11:45 3,994,912 --a------ C:\amin.rar
2008-06-23 10:36 . 2008-06-25 16:16 <REP> d-------- C:\amin
2008-06-21 09:29 . 2008-06-21 10:46 <REP> d-------- C:\projet
2008-06-19 15:16 . 2008-06-19 15:16 <REP> d-------- C:\Program Files\Codemasters
2008-06-19 14:16 . 2008-06-19 14:16 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\Talkback
2008-06-19 13:56 . 2008-06-19 13:56 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2008-06-19 13:55 . 2008-06-19 13:55 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-06-19 07:58 . 2008-06-19 07:58 70,144 --a------ C:\WINDOWS\system32\MSDATLST.oca
2008-06-19 07:58 . 2008-06-19 07:58 69,632 --a------ C:\WINDOWS\system32\DBLIST32.oca
2008-06-11 15:33 . 2008-06-13 00:43 <REP> d-------- C:\Program Files\EasyPHP1-8
2008-06-11 15:24 . 2003-03-04 00:56 700,469 --a------ C:\WINDOWS\system32\myodbc3d.dll
2008-06-11 15:24 . 2003-03-04 00:22 360,448 --a------ C:\WINDOWS\system32\myodbc3.dll
2008-06-11 15:24 . 2002-07-26 17:02 153,088 --a------ C:\WINDOWS\system32\UNWISE.EXE
2008-06-11 15:24 . 2003-03-04 00:22 17,438 --a------ C:\WINDOWS\system32\myodbc3.lib
2008-06-11 15:24 . 2008-06-11 15:24 100 --a------ C:\WINDOWS\system32\UNWISE.INI
2008-06-11 09:39 . 2008-06-11 09:48 174 --a------ C:\clients.dat
2008-06-11 09:04 . 2008-06-11 09:04 266,752 --a------ C:\WINDOWS\system32\MSCOMCTL.oca
2008-06-09 14:16 . 2008-07-04 19:09 <REP> d-------- C:\Documents and Settings\Amouna\Application Data\OpenOffice.org2
2008-06-09 14:14 . 2008-07-07 00:09 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-06-08 17:11 . 2007-11-01 15:35 103,424 --a------ C:\WINDOWS\system32\MyDIT_GenClassCoInst.dll
2008-06-08 17:11 . 2007-10-16 11:40 97,408 --a------ C:\WINDOWS\system32\drivers\cmusbser.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-08 02:28 --------- d-----w C:\Documents and Settings\Amouna\Application Data\skypePM
2008-07-08 02:28 --------- d-----w C:\Documents and Settings\Amouna\Application Data\Skype
2008-07-08 02:24 --------- d-----w C:\Program Files\lx_cats
2008-07-06 23:44 --------- d-----w C:\Program Files\LimeWire
2008-07-06 23:43 --------- d-----w C:\Program Files\BitComet
2008-07-06 19:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-07-06 19:39 --------- d-----w C:\Program Files\Realtek
2008-07-05 14:26 --------- d-----w C:\Program Files\eMule
2008-07-04 22:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-01 13:47 --------- d-----w C:\Program Files\Lexmark Fax Solutions
2008-07-01 13:46 --------- d-----w C:\Program Files\Lexmark Toolbar
2008-06-19 15:44 --------- d-----w C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-06-19 13:56 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-06-13 09:57 --------- d-----w C:\Documents and Settings\Amouna\Application Data\dvdcss
2008-06-05 15:05 --------- d-----w C:\Program Files\TVUPlayer
2008-06-05 13:06 --------- d-----w C:\Documents and Settings\Amouna\Application Data\TVU Networks
2008-06-05 13:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-06-02 08:09 --------- d-----w C:\Program Files\SWiSHmax
2008-05-30 11:08 --------- d-----w C:\Program Files\SereneScreen
2008-05-29 08:54 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-29 02:21 --------- d-----w C:\Documents and Settings\Amouna\Application Data\LimeWire
2008-05-28 19:44 505 ----a-w C:\WINDOWS\system32\drivers\CMV3p.txt
2008-05-28 19:44 32 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-05-28 19:44 --------- d-----w C:\Program Files\SAGEM
2008-05-25 00:11 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-05-25 00:08 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-25 00:08 --------- d-----w C:\Documents and Settings\Amouna\Application Data\DAEMON Tools
2008-05-17 16:04 --------- d-----w C:\Program Files\ESET
2008-05-17 16:01 --------- d-----w C:\Program Files\Common Files
2008-05-11 21:40 --------- d-----w C:\Program Files\Globe7
2008-05-11 21:06 --------- d-----w C:\Documents and Settings\Amouna\Application Data\Globe7
2008-05-11 20:44 --------- d-----w C:\Documents and Settings\Amouna\Application Data\VoipCheapCom
2008-05-11 20:34 --------- d-----w C:\Documents and Settings\Amouna\Application Data\VoipBuster
2008-04-22 20:36 92,064 ----a-w C:\Documents and Settings\Amouna\mqdmmdm.sys
2008-04-22 20:36 9,232 ----a-w C:\Documents and Settings\Amouna\mqdmmdfl.sys
2008-04-22 20:36 79,328 ----a-w C:\Documents and Settings\Amouna\mqdmserd.sys
2008-04-22 20:36 66,656 ----a-w C:\Documents and Settings\Amouna\mqdmbus.sys
2008-04-22 20:36 6,208 ----a-w C:\Documents and Settings\Amouna\mqdmcmnt.sys
2008-04-22 20:36 5,936 ----a-w C:\Documents and Settings\Amouna\mqdmwhnt.sys
2008-04-22 20:36 4,048 ----a-w C:\Documents and Settings\Amouna\mqdmcr.sys
2008-04-22 20:36 25,600 ----a-w C:\Documents and Settings\Amouna\usbsermptxp.sys
2008-04-22 20:36 22,768 ----a-w C:\Documents and Settings\Amouna\usbsermpt.sys
2005-07-04 17:06 319,617 --sh--w C:\WINDOWS\system32\SalaatTime.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SalaatTime"="C:\Program Files\Salaat Time\SalaatTime.exe" [2005-04-27 06:06 692224]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-30 17:17 22058792]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 09:39 486856]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Azkary"="C:\Program Files\Azkary\Azkary" [X]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-19 13:55 185896]
"SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-06-15 13:40 111928]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2007-01-11 18:57 291760]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [2006-12-11 16:11 82864]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-12-11 16:12 295856]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-11-21 17:27 106496]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2003-04-02 02:20 12288]
"TouchPadHotKey"="C:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe" [2007-06-26 13:58 360448]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 18:14 36975]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 12:00 208952]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 15:37 40960]
"AttuneClientEngine"="C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe" [2000-07-24 23:47 356728]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-10 15:21 16384000 C:\WINDOWS\RTHDCPL.exe]
"SiSPower"="SiSPower.dll" [2007-04-11 03:06 53248 C:\WINDOWS\system32\SiSPower.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Microsoft Visual Studio\\COMMON\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=
"C:\\Program Files\\Ares\\Ares.exe"=
"C:\\Program Files\\Corel\\Graphics10\\Register\\NAVBrowser.exe"=
"<NO NAME>"=
"C:\\K-ZeroSoft\\WeTalk\\WeTalk_I.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\system32\\lxcrcoms.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"15665:TCP"= 15665:TCP:BitComet 15665 TCP
"15665:UDP"= 15665:UDP:BitComet 15665 UDP
"5000:TCP"= 5000:TCP:AresChatServer

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 15:11]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 23:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 23:16]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 12:00]
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-09-15 11:07]
S2 WebDev 11;WebDev 11 (PC SOFT);C:\WebDev 11\Programmes\Moteur\Windows\WD110Admin.exe []
S3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-09-19 11:03]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 09:13]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2007-10-16 11:40]
S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2005-04-14 01:00]
S3 ZSMC302;VIMICRO USB PC Camera;C:\WINDOWS\system32\Drivers\usbVM31b.sys [2004-09-07 16:11]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-03-03 20:44:16 C:\WINDOWS\Tasks\Low Battery Alarm Program.job"
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-VoipCheapCom - C:\Program Files\VoipCheapCom\VoipCheapCom.exe
HKCU-Run-VoipBuster - C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
HKCU-Run-SGooPE - C:\Program Files\CallIT\SGooPE\SGOOPE.EXE
HKCU-Run-BitComet - C:\Program Files\BitComet\BitComet.exe
HKCU-Run-eyeBeam SIP Client - (no file)
HKLM-Run-SynTPEnh - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-PHIME2002ASync - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
HKLM-Run-PHIME2002A - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
HKLM-Run-ISUSPM - C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
HKLM-Run-Corel Reminder - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-08 02:45:52
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\lxcrcoms.exe
.
**************************************************************************
Précédentasmaak
juil. 08
jlpjlp
juil. 08
Suivant
REPONSES
barback
juil. 08
asmaak
juil. 08
jlpjlp
juil. 08
asmaak
juil. 08
asmaak
juil. 08
asmaak
juil. 08
jlpjlp
juil. 08
asmaak
juil. 08
asmaak
juil. 08
asmaak
juil. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save