no save
Identification
Assistance
Achat
News

Forum | virus/sécurité
infection virus nideiect
chtimic, le jeu. 13 nov. 2008 à 12:57:15
bonjour,
voici le rapport de combofix

ComboFix 08-11-11.01 - mic 2008-11-13 12:43:43.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1621 [GMT 1:00]
Lancé depuis: c:\documents and settings\mic\Bureau\killbagle.exe
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/B/COLOR
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\mic\Application Data\m
c:\documents and settings\mic\Application Data\m\data.oct
c:\documents and settings\mic\Application Data\m\list.oct
c:\documents and settings\mic\Application Data\m\shared\#1_Sound_Recorder_4.1_Cracked.zip
c:\documents and settings\mic\Application Data\m\shared\1-ACT Spyware Remover 2006 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\1st Simple HTML Editor 2.1.6.zip
c:\documents and settings\mic\Application Data\m\shared\3D Earth Space Tour 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\3D Happy Birthday Girl 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\96.1 KISS HD2 Radio 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\A1 SpeechTRON 1.zip
c:\documents and settings\mic\Application Data\m\shared\ABF_Magnifying_Tools_1.2_[Serial].zip
c:\documents and settings\mic\Application Data\m\shared\Able Image Browser 1.7.1.6.zip
c:\documents and settings\mic\Application Data\m\shared\AccSmart_-_Battery_Monitoring_Utility_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Active LogView 2.09.1.8.zip
c:\documents and settings\mic\Application Data\m\shared\Active Sound Studio Professional 2.1.zip
c:\documents and settings\mic\Application Data\m\shared\AdventNet_SNMP_API_-_Free_Edition_4.zip
c:\documents and settings\mic\Application Data\m\shared\AFSearch offline html search engine 9.55.zip
c:\documents and settings\mic\Application Data\m\shared\Amazing Waterfall 5.07.zip
c:\documents and settings\mic\Application Data\m\shared\Amiga_Explorer_2007.0.2_Key+Serial.zip
c:\documents and settings\mic\Application Data\m\shared\Arjan Mels' Font Viewer 1.14.1.564.zip
c:\documents and settings\mic\Application Data\m\shared\Aspose.Total for Reporting Services 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\AssetPak_1.7.19.zip
c:\documents and settings\mic\Application Data\m\shared\AutoTrace 0.31.1.zip
c:\documents and settings\mic\Application Data\m\shared\Back2Life_for_TC_2.3.zip
c:\documents and settings\mic\Application Data\m\shared\BangaBangarasoft_Family_1.zip
c:\documents and settings\mic\Application Data\m\shared\Batch_TIFF_Resizer_1.57_(Cracked).zip
c:\documents and settings\mic\Application Data\m\shared\BeCyIconGrabber 2.30.zip
c:\documents and settings\mic\Application Data\m\shared\BlackJack_Calculator_1.1_Serial.zip
c:\documents and settings\mic\Application Data\m\shared\Block-IT!_1.1_(Patch).zip
c:\documents and settings\mic\Application Data\m\shared\Bound_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\CellPos_1.30_Serial.zip
c:\documents and settings\mic\Application Data\m\shared\Championship_Chess_Pro_6.62.zip
c:\documents and settings\mic\Application Data\m\shared\Childishness Diary 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Chinese_Radicals_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\CHM EBook Editor 1.06.zip
c:\documents and settings\mic\Application Data\m\shared\Cleantouch_Multi-Level_Yarn_Trading_1.0_Key.zip
c:\documents and settings\mic\Application Data\m\shared\D'Notes_0.5.1_Build_103.zip
c:\documents and settings\mic\Application Data\m\shared\DataMite 1.21.zip
c:\documents and settings\mic\Application Data\m\shared\Deep Space 3D Screensaver 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\DesignWorks Lite 4.6.zip
c:\documents and settings\mic\Application Data\m\shared\Desktop Magnifier 1.7.2.zip
c:\documents and settings\mic\Application Data\m\shared\Distance Marker 2005.zip
c:\documents and settings\mic\Application Data\m\shared\dsDictionary 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Easy_DVD_Extractor_3.7.0.zip
c:\documents and settings\mic\Application Data\m\shared\Easy_Java_1.2.zip
c:\documents and settings\mic\Application Data\m\shared\EasyEx html mail 2.03.zip
c:\documents and settings\mic\Application Data\m\shared\Easykeys 1.36 Cracked.zip
c:\documents and settings\mic\Application Data\m\shared\Ergo_Romanian_1.5.zip
c:\documents and settings\mic\Application Data\m\shared\Excel Search and Replace 2.0.zip
c:\documents and settings\mic\Application Data\m\shared\FAR Manager Password Recovery 1.0.145.2006.zip
c:\documents and settings\mic\Application Data\m\shared\Fincalc 6.0.zip
c:\documents and settings\mic\Application Data\m\shared\FinePrint 5.85.zip
c:\documents and settings\mic\Application Data\m\shared\FlexCell_Grid_Control_for_.NET_2.0_2.4.0_[Crack].zip
c:\documents and settings\mic\Application Data\m\shared\Free Vista Icons 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\GaussSum 2.1.0.zip
c:\documents and settings\mic\Application Data\m\shared\GDS Images and Document Maps 2.0.zip
c:\documents and settings\mic\Application Data\m\shared\Haihaisoft Universal Player 1.0.5.5.zip
c:\documents and settings\mic\Application Data\m\shared\HoliDates_UK_2.71.zip
c:\documents and settings\mic\Application Data\m\shared\Hotels 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\HTMLHelp_ePublisher_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\HTMLtoRTF Converter Pro 2.07.03.zip
c:\documents and settings\mic\Application Data\m\shared\Huge_Clock_2.3.zip
c:\documents and settings\mic\Application Data\m\shared\IM2001_1.3.zip
c:\documents and settings\mic\Application Data\m\shared\IT_Outsourcing_Toolkit_3.1_[Patch].zip
c:\documents and settings\mic\Application Data\m\shared\Jmol 11.1.26.zip
c:\documents and settings\mic\Application Data\m\shared\Kaspersky.Anti-Virus.V.6.0.0.300.Final.Keyfile.Kaspersky.zip
c:\documents and settings\mic\Application Data\m\shared\Kaspersky.Intenet.Security.V.6.0.1.411.New.Key.2008.zip
c:\documents and settings\mic\Application Data\m\shared\Kaspersky.Internet.Security.6.0.0.300.Final.German.Incl.Key.zip
c:\documents and settings\mic\Application Data\m\shared\KFSensor_4.2.zip
c:\documents and settings\mic\Application Data\m\shared\Kijiji_Montreal_1.1.zip
c:\documents and settings\mic\Application Data\m\shared\LabelsWin Lite 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Last_Changed_Files_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Lexipedia 1.1.zip
c:\documents and settings\mic\Application Data\m\shared\Li'l Atomic Clock 1.0.1.zip
c:\documents and settings\mic\Application Data\m\shared\LingvoSoft Talking Dictionary 2006 Russian Armenian 3.1.41.zip
c:\documents and settings\mic\Application Data\m\shared\LingvoSoft_Suite_2006_English_Dutch_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Liquid_Screen_Saver_Maker_4.5_(Cracked).zip
c:\documents and settings\mic\Application Data\m\shared\London Live Camera 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Macro Express 3.7a (Key+Serial).zip
c:\documents and settings\mic\Application Data\m\shared\Mall23_eCommerce_4.21.zip
c:\documents and settings\mic\Application Data\m\shared\Manny's_Simple_Finance_Program_1.04_[Patch].zip
c:\documents and settings\mic\Application Data\m\shared\MarketBrowser_1.0_[KeyGen].zip
c:\documents and settings\mic\Application Data\m\shared\McAfee.VShield.7.10.EN.zip
c:\documents and settings\mic\Application Data\m\shared\MkAlbum 2.8.zip
c:\documents and settings\mic\Application Data\m\shared\Monex_Portable_Edition_0.7.1.1b.zip
c:\documents and settings\mic\Application Data\m\shared\MSDict_English_Phrases_Dictionary_(Symbian_UIQ)_2.40.zip
c:\documents and settings\mic\Application Data\m\shared\MSN_Content_Adder_2.zip
c:\documents and settings\mic\Application Data\m\shared\MySQL Oracle Import, Export & Convert Software 7.0.zip
c:\documents and settings\mic\Application Data\m\shared\Nature Clock Screensaver 1.zip
c:\documents and settings\mic\Application Data\m\shared\NikSaver 1.6.2 build 192.zip
c:\documents and settings\mic\Application Data\m\shared\NOD.32.antivirus.zip
c:\documents and settings\mic\Application Data\m\shared\Norton.AntiVirus.2007.14.0.0.1+crack-multilenguaje-byzven.zip
c:\documents and settings\mic\Application Data\m\shared\Onyx Ceph 2.7.7.zip
c:\documents and settings\mic\Application Data\m\shared\Outlook Email Address Extractor Pro 2.1.zip
c:\documents and settings\mic\Application Data\m\shared\Pin_Action_Bowling_1.12.04.zip
c:\documents and settings\mic\Application Data\m\shared\Popup_Annihilator_Pro_3.0.zip
c:\documents and settings\mic\Application Data\m\shared\ProgeCAD 2006 Professional 6.1.11.zip
c:\documents and settings\mic\Application Data\m\shared\Qir'at Quran Reciter 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\QwikSecure File Protection System 3.01 [KeyGen].zip
c:\documents and settings\mic\Application Data\m\shared\Rapid_File_Defragmentor_1.4_build_614.zip
c:\documents and settings\mic\Application Data\m\shared\Rebate_Genie_1.0.5.zip
c:\documents and settings\mic\Application Data\m\shared\rebuilt.Kaspersky.Internet.Security.v6.0.0.300.FR.Incl-Key.zip
c:\documents and settings\mic\Application Data\m\shared\SAM (Beauty Salon Software) 6.1.zip
c:\documents and settings\mic\Application Data\m\shared\SANITARY_1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Simple_Contact_Manager_2.5.001.zip
c:\documents and settings\mic\Application Data\m\shared\SlideMate_3.8.zip
c:\documents and settings\mic\Application Data\m\shared\Slimf's_Bowliebash_1.1.zip
c:\documents and settings\mic\Application Data\m\shared\Smartworks-PE_4.5.zip
c:\documents and settings\mic\Application Data\m\shared\Softdiv Audio Converter 3.5.zip
c:\documents and settings\mic\Application Data\m\shared\Sort_Text_Lists_Alphabetically_Software_7.0.zip
c:\documents and settings\mic\Application Data\m\shared\Sploidz 1.zip
c:\documents and settings\mic\Application Data\m\shared\Stator-AFM (Standard) 2.0 Build 216.zip
c:\documents and settings\mic\Application Data\m\shared\Stock NeuroMaster 1.31.zip
c:\documents and settings\mic\Application Data\m\shared\Symantec.AntiVirus.Corporate.Edition.v10.2.276.For.WinVista.zip
c:\documents and settings\mic\Application Data\m\shared\SyncJe Personal Server for Outlook 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Tadpole_0.5.zip
c:\documents and settings\mic\Application Data\m\shared\TextSpeech_Pro_1.0.0.zip
c:\documents and settings\mic\Application Data\m\shared\Timers_OCX_1.1_[Key+Serial].zip
c:\documents and settings\mic\Application Data\m\shared\Toponoky_1.0_Beta.zip
c:\documents and settings\mic\Application Data\m\shared\Total PDF Printer 1.0.zip
c:\documents and settings\mic\Application Data\m\shared\Trisnap 2.0.zip
c:\documents and settings\mic\Application Data\m\shared\True_Trend_Charts_2.0.4_[Cracked].zip
c:\documents and settings\mic\Application Data\m\shared\TsiLang Dictionary Manager 2.1.4.5.zip
c:\documents and settings\mic\Application Data\m\shared\Video Bitrate Calculator 1.0.0.2.zip
c:\documents and settings\mic\Application Data\m\shared\Visual Fractal 1.2.zip
c:\documents and settings\mic\Application Data\m\shared\VivoStatic_3.0_[Crack].zip
c:\documents and settings\mic\Application Data\m\shared\WaveBox_1.1.zip
c:\documents and settings\mic\Application Data\m\shared\WendzelNNTPd_1.0.0.zip
c:\documents and settings\mic\Application Data\m\shared\Willy_Wonka_and_the_Chocolate_Factory_Trailer.zip
c:\documents and settings\mic\Application Data\m\shared\WinBackup 2.0.555.zip
c:\documents and settings\mic\Application Data\m\shared\YoGen Audio Recorder 3.1.7.zip
c:\documents and settings\mic\Application Data\m\srvlist.oct
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\mdelk.exe
I:\autorun.inf
I:\nideiect.com
N:\autorun.inf
N:\nideiect.com

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Service_srosa


((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.

2008-11-13 07:23 . 2008-11-13 07:23 197 --a------ c:\windows\system32\MRT.INI
2008-11-13 07:19 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 07:19 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 19:47 . 2008-11-12 20:45 <REP> d-------- c:\program files\FindyKill
2008-11-11 21:27 . 2008-11-11 21:27 173 --a------ C:\curr_ver.tmp
2008-11-11 21:13 . 2008-11-11 21:13 <REP> d-------- c:\program files\ESET
2008-11-11 20:49 . 2008-11-11 20:49 <REP> d-------- c:\program files\CCleaner
2008-11-08 15:24 . 2008-04-14 03:33 159,232 --a------ c:\windows\system32\ptpusd.dll
2008-11-08 15:24 . 2008-04-13 19:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2008-11-08 15:24 . 2008-04-13 19:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-11-08 15:24 . 2001-08-23 17:47 5,632 --a------ c:\windows\system32\ptpusb.dll
2008-11-08 15:15 . 2008-11-08 15:24 <REP> d-------- c:\documents and settings\mic\Application Data\FUJIFILM
2008-11-08 15:14 . 2008-11-08 15:14 <REP> d-------- c:\program files\REGSHAVE
2008-11-08 15:14 . 2008-11-11 21:24 <REP> d-------- c:\program files\FinePixViewer
2008-11-08 15:14 . 2003-09-03 16:45 274,432 --a------ c:\windows\system32\FFTIFF16.dll
2008-11-08 15:14 . 2006-07-12 14:39 208,896 --a------ c:\windows\system32\FFRafShellEx.dll
2008-11-08 15:14 . 2004-07-24 21:28 155,648 --a------ c:\windows\system32\FFRAFLIB.DLL
2008-11-08 15:14 . 2001-11-25 12:11 81,924 --------- c:\windows\system32\drivers\VC4CB104.SYS
2008-11-08 15:14 . 2002-02-05 17:33 69,632 --------- c:\windows\system32\FREGSHEX.DLL
2008-11-08 15:14 . 2002-02-27 12:27 65,536 --------- c:\windows\system32\FINFCHECK.dll
2008-11-08 15:14 . 2002-06-25 10:06 45,056 --------- c:\windows\system32\FINFCOPY.dll
2008-11-08 15:14 . 2002-02-13 11:00 45,056 --------- c:\windows\system32\FCLKBTN.DLL
2008-11-08 14:14 . 2008-11-08 14:14 <REP> d-------- c:\program files\Syncrosoft
2008-11-08 14:14 . 2008-11-08 14:14 <REP> d-------- c:\documents and settings\All Users\Application Data\Pinnacle
2008-11-08 14:14 . 2004-05-19 23:27 737,280 --a------ c:\windows\system32\SYNSOACC.dll
2008-11-08 14:14 . 2004-05-10 14:58 147,456 --a------ c:\windows\system32\SynsoLChk.dll
2008-11-08 14:14 . 2003-07-31 19:28 147,425 --a------ c:\windows\system32\SYNSOACC-Aide.chm
2008-11-08 14:14 . 2003-05-26 14:29 120,468 --a------ c:\windows\system32\SYNSOACC-Hilfe.chm
2008-11-08 14:14 . 2003-05-26 14:29 114,279 --a------ c:\windows\system32\SYNSOACC-Help.chm
2008-11-08 14:14 . 2002-11-25 07:36 45,056 --a------ c:\windows\system32\Synsopos.exe
2008-11-08 14:14 . 2002-11-25 04:46 16,896 --a------ c:\windows\system32\drivers\SynasUSB.sys
2008-11-08 14:05 . 2008-11-08 14:05 <REP> d-------- c:\documents and settings\mic\Application Data\Propellerhead Software
2008-11-08 14:04 . 2008-11-08 14:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Propellerhead Software
2008-11-07 22:29 . 2008-11-07 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\ATI
2008-11-07 22:29 . 2008-11-07 22:29 0 --a------ c:\windows\ativpsrm.bin
2008-11-07 22:27 . 2008-11-07 22:37 <REP> d-------- c:\program files\ATI
2008-11-07 22:24 . 2008-11-07 22:24 <REP> d-------- C:\ATI
2008-11-07 21:21 . 2008-11-07 21:21 <REP> d-------- c:\program files\Mindscape
2008-11-07 14:21 . 2008-11-07 14:29 <REP> d-------- c:\documents and settings\mic\Application Data\Steinberg
2008-11-07 14:02 . 2008-11-07 14:02 <REP> d-------- c:\program files\Steinberg
2008-11-07 13:59 . 2001-01-23 07:05 159,811 --a------ c:\windows\system32\Wnaspi32.dll
2008-11-07 03:01 . 2008-11-07 03:01 <REP> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-06 15:12 . 2008-11-06 15:12 <REP> d-------- c:\program files\Fichiers communs\mapserv
2008-11-06 15:12 . 2008-11-06 15:12 <REP> d-------- c:\program files\Fichiers communs\GIS
2008-11-06 10:51 . 2008-11-06 10:51 43,520 --a------ c:\windows\system32\CmdLineExt03.dll
2008-11-05 21:15 . 2004-10-11 18:21 372,736 -ra------ c:\windows\system32\LVUI2RC.dll
2008-11-05 21:15 . 2004-10-11 18:22 211,712 -ra------ c:\windows\system32\drivers\LV561AV.SYS
2008-11-05 21:15 . 2004-10-11 18:18 204,800 -ra------ c:\windows\system32\LVUI2.dll
2008-11-05 21:15 . 2004-10-11 18:16 204,800 -ra------ c:\windows\system32\lvcodec2.dll
2008-11-05 21:15 . 2004-10-11 18:14 106,496 -ra------ c:\windows\system32\lvcoinst.dll
2008-11-05 21:15 . 2008-04-14 03:33 54,784 --a------ c:\windows\system32\vfwwdm32.dll
2008-11-05 21:15 . 2008-04-14 03:33 54,784 --a--c--- c:\windows\system32\dllcache\vfwwdm32.dll
2008-11-05 21:15 . 2004-10-11 18:18 22,016 -ra------ c:\windows\system32\drivers\LVUSBSta.sys
2008-11-05 21:15 . 2004-10-11 17:58 6,812 -ra------ c:\windows\system32\lvcoinst.ini
2008-11-05 21:08 . 2008-11-05 21:08 <REP> d-------- c:\program files\Fichiers communs\Logitech
2008-11-05 21:08 . 2004-12-14 19:16 53,248 -ra------ c:\windows\system32\InstMed.exe
2008-11-05 13:55 . 2008-11-05 13:55 <REP> d-------- c:\program files\Xvid
2008-11-04 18:48 . 2008-11-04 18:48 <REP> d-------- c:\program files\Fichiers communs\Adobe
2008-11-04 18:48 . 2008-11-04 18:48 <REP> d-------- c:\documents and settings\mic\Application Data\AdobeUM
2008-11-04 14:28 . 2008-11-04 14:28 <REP> d-------- c:\program files\SuperCopier2
2008-11-04 14:22 . 2008-11-04 14:22 <REP> d-------- c:\program files\Realtek AC97
2008-11-04 14:22 . 2006-11-17 05:40 18,804,736 --a------ c:\windows\system32\alsndmgr.cpl
2008-11-04 14:22 . 2006-12-08 15:20 10,528,768 --a------ c:\windows\system32\RTLCPL.exe
2008-11-04 14:22 . 2008-09-24 10:40 4,122,368 -ra------ c:\windows\system32\drivers\alcxwdm.sys
2008-11-04 14:22 . 2007-04-16 15:28 577,536 --a------ c:\windows\soundman.exe
2008-11-04 14:22 . 2006-07-31 11:19 315,392 --a------ c:\windows\alcupd.exe
2008-11-04 14:22 . 2006-07-31 11:27 217,088 --a------ c:\windows\Alcrmv.exe
2008-11-04 14:22 . 2006-10-18 02:53 147,456 --a------ c:\windows\system32\RtlCPAPI.dll
2008-11-04 14:22 . 2002-02-05 13:54 141,016 --a------ c:\windows\system32\alsndmgr.wav
2008-11-04 14:22 . 2006-08-01 15:02 49,152 --a------ c:\windows\system32\ChCfg.exe
2008-11-03 16:31 . 2008-11-03 16:31 <REP> d-------- c:\program files\Eden Flirt
2008-11-03 12:58 . 2008-11-03 12:57 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-11-03 12:57 . 2008-11-03 12:57 22,328 --a------ c:\documents and settings\mic\Application Data\PnkBstrK.sys
2008-11-03 12:56 . 2008-11-05 13:14 <REP> d-------- c:\windows\system32\LogFiles
2008-11-03 12:56 . 2008-11-03 12:56 103,736 --a------ c:\windows\system32\PnkBstrB.exe
2008-11-03 12:56 . 2008-11-03 12:56 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2008-11-03 12:56 . 2008-11-03 12:56 319 --a------ c:\windows\game.ini
2008-11-03 12:50 . 2008-11-03 12:50 <REP> d--hs---- c:\windows\ftpcache
2008-11-03 10:49 . 2008-11-03 10:49 <REP> d-------- c:\program files\MSBuild
2008-11-03 10:49 . 2008-11-03 10:49 <REP> d-------- c:\program files\Microsoft Works
2008-11-03 10:48 . 2008-11-03 10:48 <REP> d-------- c:\program files\Microsoft.NET
2008-11-03 10:47 . 2008-11-03 10:47 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-03 10:46 . 2008-11-03 10:49 <REP> d-------- c:\windows\SHELLNEW
2008-11-03 10:46 . 2008-11-03 10:46 <REP> dr-h----- C:\MSOCache
2008-11-03 10:46 . 2008-11-13 07:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-02 22:11 . 2008-11-02 22:11 <REP> d-------- c:\documents and settings\mic\Application Data\Media Player Classic
2008-11-02 21:43 . 2008-11-02 21:43 1,172 --a------ c:\windows\mozver.dat
2008-11-02 20:00 . 2008-03-01 13:58 6,066,176 -----c--- c:\windows\system32\dllcache\ieframe.dll
2008-11-02 20:00 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2008-11-02 20:00 . 2007-03-08 06:10 1,048,576 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-02 20:00 . 2008-03-01 13:58 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2008-11-02 20:00 . 2008-03-01 13:58 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2008-11-02 20:00 . 2008-03-01 13:58 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2008-11-02 20:00 . 2008-03-01 13:58 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2008-11-02 20:00 . 2008-03-01 13:58 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2008-11-02 20:00 . 2008-02-22 11:00 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2008-11-02 19:59 . 2008-11-02 19:59 268 --ah----- C:\sqmdata01.sqm
2008-11-02 19:59 . 2008-11-02 19:59 244 --ah----- C:\sqmnoopt01.sqm
2008-11-02 19:38 . 2008-11-02 19:38 <REP> d-------- c:\program files\Alcohol Soft
2008-11-02 19:32 . 2008-11-02 19:32 685,816 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-02 19:23 . 2008-11-10 19:34 <REP> d-------- c:\program files\eMule
2008-11-02 19:17 . 2008-11-02 19:17 <REP> d-------- c:\program files\K-Lite Codec Pack
2008-11-02 19:13 . 2008-11-02 19:13 <REP> d-------- c:\documents and settings\mic\Application Data\Logitech
2008-11-02 19:13 . 2008-11-02 19:13 <REP> d-------- c:\documents and settings\All Users\Application Data\LogiShrd
2008-11-02 19:07 . 2008-11-02 19:07 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-02 19:07 . 2008-11-02 19:07 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-11-02 19:07 . 2008-11-02 19:07 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2008-11-02 19:06 . 2008-11-02 19:06 <REP> d-------- c:\documents and settings\All Users\Application Data\Logitech
2008-11-02 19:06 . 2008-05-02 02:38 301,656 --a------ c:\windows\system32\BtCoreIf.dll
2008-11-02 19:06 . 2008-05-02 02:39 170,512 --a------ c:\windows\system32\kemutb.dll
2008-11-02 19:06 . 2008-05-02 02:39 145,936 --a------ c:\windows\system32\KemUtil.dll
2008-11-02 19:06 . 2008-05-02 02:40 117,264 --a------ c:\windows\system32\KemWnd.dll
2008-11-02 19:06 . 2008-05-02 02:40 84,496 --a------ c:\windows\system32\KemXML.dll
2008-11-02 19:05 . 2008-11-05 21:07 <REP> d-------- c:\program files\Logitech
2008-11-02 19:05 . 2008-11-02 19:06 <REP> d-------- c:\program files\Fichiers communs\Logishrd
2008-11-02 19:05 . 2008-11-02 19:05 <REP> d-------- c:\documents and settings\mic\Application Data\InstallShield
2008-11-02 18:59 . 2008-11-04 14:17 <REP> d-------- c:\program files\ma-config.com
2008-11-02 18:59 . 2008-11-04 14:17 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2008-11-02 18:53 . 2008-11-02 18:53 268 --ah----- C:\sqmdata00.sqm
2008-11-02 18:53 . 2008-11-02 18:53 244 --ah----- C:\sqmnoopt00.sqm
2008-11-02 18:02 . 2008-11-02 18:26 <REP> d-------- c:\documents and settings\mic\Contacts
2008-11-02 18:02 . 2008-11-02 18:02 <REP> d-------- c:\documents and settings\mic\Application Data\Iminent
2008-11-02 18:00 . 2008-11-02 18:01 <REP> d-------- c:\program files\Iminent
2008-11-02 17:56 . 2008-11-02 17:57 <REP> d--h----- c:\documents and settings\All Users\Application Data\{D007B483-C907-4C86-A4E2-E9A50F17891F}
2008-11-02 17:53 . 2008-11-02 17:53 <REP> d----c--- c:\windows\system32\DRVSTORE

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-08 14:16 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-07 21:29 --------- d-----w c:\documents and settings\mic\Application Data\ATI
2008-11-07 21:27 --------- d-----w c:\program files\ATI Technologies
2008-11-02 10:50 --------- d-----w c:\program files\Alice_Triway_WiFi
2008-11-02 10:41 --------- d-----w c:\program files\Fichiers communs\ATI Technologies
2008-11-02 10:35 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-11-02 10:28 --------- d-----w c:\program files\AMD
2008-11-02 10:24 --------- d-----w c:\program files\NVIDIA Corporation
2008-11-02 09:54 --------- d-----w c:\program files\microsoft frontpage
2008-11-02 09:53 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-09-24 03:09 3,331,072 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2008-09-24 01:18 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IMBooster"="c:\program files\Iminent\imbooster.exe" [2008-08-19 536576]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 220544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-02-24 266240]
"EdenFlirt"="c:\program files\Eden Flirt\EdenFlirt.exe" [2008-07-03 499712]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-12-14 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-12-14 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-12-14 217088]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
ExifLauncher2.lnk - c:\program files\FinePixViewer\QuickDCF2.exe [2008-11-08 303104]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-02 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Alice_Triway_WiFi\\Wizard\\CTD_FirmwareUpgrader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Mindscape\\Mission Président - Geo-Political Simulator\\EReg.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10101:TCP"= 10101:TCP:10101
"10111:UDP"= 10111:UDP:10111

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\DRIVERS\nvcchflt.sys [2005-02-10 16640]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-11-02 195752]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d21a4415-a8c9-11dd-9f47-806d6172696f}]
\Shell\AutoRun\command - J:\Autorun.exe root.ini
.
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\mic\Application Data\Mozilla\Firefox\Profiles\xyagux6d.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://tempsreel.nouvelobs.com/index.html
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-13 12:46:51
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Heure de fin: 2008-11-13 12:51:21 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-13 11:51:18

Avant-CF: 4 880 248 832 octets libres
Après-CF: 4,705,583,104 octets libres

383 --- E O F --- 2008-11-13 06:23:34
PrécédentChiquitine29
nov. 08
chtimic
nov. 08
Suivant
REPONSES
Jadema
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Chiquitine29
nov. 08
chtimic
nov. 08
chtimic
nov. 08
Version Web
Mentions légales (c)2009
Réalisé par RedShift
no save