Ce n’est pas grave ^^
edit: sinon j’ai un autre probleme sur un fichier se nomment A0074750.dll il y a des virus de toute sorte des trojan des trojan crypt des keylloger ect… svp aider moi !
Bon voila le scan :
ComboFix 09-10-23.01 - nathan 07/11/2009 8:32.2.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1607 [GMT 1:00]
Lancé depuis: c:\documents and settings\nathan\Bureau\Wazazuzu.com
Commutateurs utilisés :: c:\docume~1\nathan\Bureau\CFScript.txt
AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N’EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
- Mode FONCTIONNALITES REDUITES -
FILE ::
“c:\windows\NEXON_EU_DownloaderUpdater.exe”
“c:\windows\system32\100020a2.dll”
“c:\windows\system32\114ddc9c.dll”
“c:\windows\system32\11cd07a0.dll”
“c:\windows\system32\1865311e.dll”
“c:\windows\system32\1b62e530.dll”
“c:\windows\system32\1b7ab94.dll”
“c:\windows\system32\1c82b7c6.dll”
“c:\windows\system32\1ccfd7.dll”
“c:\windows\system32\1d5e5b34.dll”
“c:\windows\system32\1eae2acc.dll”
“c:\windows\system32\1f15fc92.dll”
“c:\windows\system32\20067df.dll”
“c:\windows\system32\21b1f2c.dll”
“c:\windows\system32\21e71f6.dll”
“c:\windows\system32\23766a8.dll”
“c:\windows\system32\24b1eeae.dll”
“c:\windows\system32\24c87be.dll”
“c:\windows\system32\29f0db2e.dll”
“c:\windows\system32\2b068d0.dll”
“c:\windows\system32\2c34fbdc.dll”
“c:\windows\system32\30bc5680.dll”
“c:\windows\system32\31449aa9.dll”
“c:\windows\system32\319b3cbc.dll”
“c:\windows\system32\32aef38.dll”
“c:\windows\system32\3c44bbd.dll”
“c:\windows\system32\41e898c.dll”
“c:\windows\system32\52c481e.dll”
“c:\windows\system32\74c9a8.dll”
“c:\windows\system32\81f7f86.dll”
“c:\windows\system32\863f026.dll”
“c:\windows\system32\bd26c4.dll”
“c:\windows\system32\c04b3e6.dll”
“c:\windows\system32\cd47d7e.dll”
“c:\windows\system32\db0d71b.dll”
“c:\windows\system32\dede378.dll”
“c:\windows\system32\e3bc5d8.dll”
“c:\windows\system32\e68fda4.dll”
“c:\windows\system32\ed2f31.dll”
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\NEXON_EU_DownloaderUpdater.exe
c:\windows\system32\100020a2.dll
c:\windows\system32\114ddc9c.dll
c:\windows\system32\11cd07a0.dll
c:\windows\system32\1865311e.dll
c:\windows\system32\1b62e530.dll
c:\windows\system32\1b7ab94.dll
c:\windows\system32\1c82b7c6.dll
c:\windows\system32\1ccfd7.dll
c:\windows\system32\1d5e5b34.dll
c:\windows\system32\1eae2acc.dll
c:\windows\system32\1f15fc92.dll
c:\windows\system32\20067df.dll
c:\windows\system32\21b1f2c.dll
c:\windows\system32\21e71f6.dll
c:\windows\system32\23766a8.dll
c:\windows\system32\24b1eeae.dll
c:\windows\system32\24c87be.dll
c:\windows\system32\29f0db2e.dll
c:\windows\system32\2b068d0.dll
c:\windows\system32\2c34fbdc.dll
c:\windows\system32\30bc5680.dll
c:\windows\system32\31449aa9.dll
c:\windows\system32\319b3cbc.dll
c:\windows\system32\32aef38.dll
c:\windows\system32\3c44bbd.dll
c:\windows\system32\41e898c.dll
c:\windows\system32\52c481e.dll
c:\windows\system32\74c9a8.dll
c:\windows\system32\81f7f86.dll
c:\windows\system32\863f026.dll
c:\windows\system32\bd26c4.dll
c:\windows\system32\c04b3e6.dll
c:\windows\system32\cd47d7e.dll
c:\windows\system32\db0d71b.dll
c:\windows\system32\dede378.dll
c:\windows\system32\e3bc5d8.dll
c:\windows\system32\e68fda4.dll
c:\windows\system32\ed2f31.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-07 au 2009-11-07 ))))))))))))))))))))))))))))))))))))
.
2009-11-06 21:29 . 2009-11-06 21:30 -------- d-----w- c:\program files\Patch MsnCreative
2009-11-06 20:36 . 2009-11-06 20:36 -------- d-----w- C:_OTM
2009-11-05 11:06 . 2009-11-05 11:06 -------- d-----w- c:\documents and settings\nathan\Application Data\Serif
2009-11-05 10:30 . 2009-11-05 10:30 -------- d-----w- c:\program files\Fichiers communs\Vbox
2009-11-05 10:30 . 2001-11-14 19:19 16384 ----a-w- c:\windows\system32\FileOps.exe
2009-11-05 10:30 . 2009-11-05 10:30 -------- d-----w- c:\windows\system32\Adobe
2009-11-05 10:27 . 2009-11-05 10:27 -------- d-----w- c:\program files\Serif
2009-11-05 10:22 . 2009-11-05 10:22 -------- d-----w- C:\Adobe Illustrator 10
2009-11-03 20:41 . 2009-11-05 10:06 -------- d-----w- c:\program files\SpeedFan
2009-11-03 11:11 . 2009-11-03 11:19 -------- d-----w- C:\ToolBar SD
2009-11-02 15:27 . 2009-11-02 15:27 10051 ----a-w- c:\windows\system32[OSH]WR public hook v2.zip
2009-11-02 15:26 . 2009-11-02 15:26 10051 ----a-w- c:\windows\system32[OSH]WR public hook v2.zip
2009-11-02 10:50 . 2009-11-02 10:50 -------- d-----w- c:\documents and settings\LocalService\Application Data\Media Player Classic
2009-11-02 08:44 . 2009-11-02 08:44 -------- d-----w- c:\program files\ESET
2009-10-30 23:40 . 2009-10-30 23:40 -------- d-----w- c:\program files\MSXML 4.0
2009-10-29 13:44 . 2009-10-29 14:10 -------- d-----w- c:\documents and settings\nathan\Application Data\Nero
2009-10-29 13:32 . 2009-10-29 13:33 -------- d-----w- c:\program files\Nero
2009-10-29 13:32 . 2009-10-29 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-10-29 13:32 . 2009-10-29 13:33 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-10-28 20:32 . 2009-03-30 09:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-28 20:32 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-28 20:32 . 2009-07-28 15:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-10-28 20:32 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-10-28 20:32 . 2009-10-28 20:32 -------- d-----w- c:\program files\Avira
2009-10-28 20:32 . 2009-10-28 20:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-10-27 17:29 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-27 17:29 . 2009-10-27 17:29 -------- d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-10-27 17:29 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-27 11:08 . 2009-10-27 11:10 235848 ----a-w- C:\BdUninstallTool2009.10.27-12.08.43.reg
2009-10-27 08:08 . 2009-10-27 08:08 -------- d-----w- c:\program files\CCleaner
2009-10-24 09:28 . 2009-10-24 09:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Toolbar4
2009-10-24 09:28 . 2009-10-28 21:18 -------- d-----w- c:\program files\BigSeekPro Toolbar
2009-10-24 09:28 . 2009-10-24 09:28 -------- d-----w- c:\program files\HyCam2
2009-10-23 14:54 . 2009-11-03 14:27 -------- d-----w- c:\documents and settings\nathan\Application Data\gtk-2.0
2009-10-23 14:54 . 2009-10-23 14:54 -------- d-----w- c:\documents and settings\nathan.thumbnails
2009-10-23 13:54 . 2009-11-05 10:19 -------- d-----w- c:\documents and settings\nathan.gimp-2.6
2009-10-23 13:54 . 2009-10-23 13:54 -------- d-----w- c:\program files\GIMP-2.0
2009-10-23 09:15 . 2009-10-23 09:16 -------- d-----w- C:\rsit
2009-10-20 15:54 . 2009-10-20 15:54 -------- d-----w- c:\documents and settings\nathan\Application Data\Malwarebytes
2009-10-20 15:54 . 2009-10-20 15:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-20 11:50 . 2009-10-20 11:50 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-19 18:32 . 2009-10-27 19:05 -------- d-----w- c:\documents and settings\nathan\Application Data\Cool Record Edit Pro
2009-10-19 18:27 . 2009-10-19 18:27 -------- d-sh–w- c:\documents and settings\LocalService\IETldCache
2009-10-19 18:25 . 2009-10-19 18:25 -------- d-----w- c:\documents and settings\nathan\Application Data\Free Sound Recorder
2009-10-19 18:23 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-10-19 18:23 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-10-19 18:23 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2009-10-19 18:23 . 2005-04-25 11:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-10-19 18:23 . 2005-04-15 10:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-10-19 18:23 . 2005-04-04 15:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-10-19 18:23 . 2005-03-28 13:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2009-10-19 18:23 . 2005-03-28 13:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2009-10-19 18:23 . 2005-02-24 09:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-10-19 18:23 . 2004-11-04 11:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-10-19 18:23 . 2009-10-19 18:23 -------- d-----w- c:\program files\Free Sound Recorder
2009-10-19 18:11 . 2009-10-19 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\River Past G5
2009-10-19 18:11 . 2009-10-19 18:11 -------- d-----w- c:\program files\River Past
2009-10-19 18:11 . 2009-10-19 18:11 -------- d-----w- c:\documents and settings\nathan\Application Data\River Past G5
2009-10-18 19:41 . 2009-10-18 19:42 -------- d-----w- C:\RAM Cheat
2009-10-18 19:39 . 2009-10-19 18:22 -------- d-----w- c:\program files\Nouvelle Cible Studio
2009-10-18 11:00 . 2009-10-18 11:01 -------- d-----w- c:\program files\AC Tool
2009-10-17 12:17 . 2009-10-17 12:22 -------- d-----w- c:\documents and settings\nathan\Application Data\Audacity
2009-10-15 20:51 . 2009-10-15 21:26 -------- d-----w- c:\program files\sks32
2009-10-15 09:30 . 2009-10-15 09:43 -------- d-----w- c:\documents and settings\nathan\Local Settings\Application Data\Temporary Projects
2009-10-14 19:15 . 2009-10-14 19:15 -------- d-sh–w- c:\documents and settings\nathan\PrivacIE
2009-10-14 18:46 . 2009-10-14 18:46 -------- d-sh–w- c:\documents and settings\NetworkService\IETldCache
2009-10-14 18:46 . 2009-10-14 18:46 -------- d-sh–w- c:\documents and settings\nathan\IETldCache
2009-10-14 18:22 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-10-14 18:22 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-10-14 18:22 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-10-14 18:22 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-10-14 18:22 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-10-14 18:22 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-10-14 18:22 . 2009-10-14 18:22 -------- d-----w- c:\windows\ie8updates
2009-10-14 18:22 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-10-14 18:19 . 2009-10-14 18:20 -------- dc-h–w- c:\windows\ie8
2009-10-13 16:55 . 2009-10-30 20:09 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-10-13 11:41 . 2009-10-13 11:41 -------- d-----w- c:\program files\Axon Data
2009-10-11 20:35 . 2009-10-11 20:35 -------- d-----w- c:\documents and settings\nathan\Application Data\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
2009-10-11 20:05 . 2009-10-11 20:05 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR
2009-10-09 17:33 . 2009-10-20 16:22 -------- d-----w- c:\program files\iTALC
2009-10-09 17:32 . 2009-10-09 18:01 -------- d-----w- c:\documents and settings\nathan\Application Data\iTALC
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-07 07:34 . 2009-08-24 11:58 -------- d-----w- c:\program files\DNA
2009-11-07 07:34 . 2009-08-24 11:58 -------- d-----w- c:\documents and settings\nathan\Application Data\DNA
2009-11-06 22:28 . 2009-09-20 11:26 -------- d-----w- c:\program files\Metin2_France
2009-11-06 21:47 . 2009-09-03 17:30 -------- d-----w- c:\program files\Windows Live
2009-11-06 20:52 . 2009-10-05 14:13 -------- d-----w- c:\documents and settings\nathan\Application Data\Skype
2009-11-06 16:50 . 2009-10-05 14:18 -------- d-----w- c:\documents and settings\nathan\Application Data\skypePM
2009-11-05 10:30 . 2009-08-22 12:20 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-11-05 10:29 . 2009-08-19 20:22 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-11-05 10:25 . 2009-08-19 20:15 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-11-03 11:50 . 2009-09-04 15:14 -------- d-----w- c:\program files\GamersFirst
2009-11-03 10:44 . 2009-10-07 07:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-02 11:21 . 2009-10-01 17:35 -------- d-----w- c:\program files\Trainer Maker Kit
2009-10-27 15:12 . 2009-08-23 18:13 -------- d-----w- c:\program files\Cheat Engine
2009-10-27 11:06 . 2009-08-27 23:48 81984 ----a-w- c:\windows\system32\bdod.bin
2009-10-25 08:01 . 2001-09-28 11:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-25 08:01 . 2001-09-28 11:00 500454 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-24 13:10 . 2009-09-29 08:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-20 14:09 . 2009-09-30 11:26 -------- d-----w- c:\program files\Save Flash
2009-10-15 08:17 . 2009-08-21 21:51 -------- d-----w- c:\documents and settings\All Users\Application Data\2DBoy
2009-10-14 18:02 . 2009-09-29 08:07 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-09 18:07 . 2009-08-19 20:24 14072 ----a-w- c:\documents and settings\nathan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-08 21:36 . 2009-10-07 07:09 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-08 10:45 . 2009-09-29 07:22 -------- d-----w- c:\program files\Workspace Macro Pro 6.5
2009-10-07 14:06 . 2009-10-07 07:05 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2009-10-07 14:03 . 2009-10-07 14:03 -------- d-----w- c:\program files\Fichiers communs\Merge Modules
2009-10-07 13:35 . 2009-09-20 07:08 -------- d-----w- c:\program files\Steam
2009-10-07 13:34 . 2009-09-08 15:16 -------- d-----w- c:\program files\001
2009-10-07 07:09 . 2009-10-07 07:09 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-07 07:08 . 2009-10-07 07:08 -------- d-----w- c:\program files\Microsoft Synchronization Services
2009-10-07 07:05 . 2009-10-07 07:05 -------- d-----w- c:\program files\Microsoft.NET
2009-10-07 07:04 . 2009-10-07 07:04 -------- d-----w- c:\program files\Microsoft SDKs
2009-10-05 14:18 . 2009-10-05 14:18 56 —ha-w- c:\windows\system32\ezsidmv.dat
2009-10-05 14:13 . 2009-10-05 14:12 -------- d-----r- c:\program files\Skype
2009-10-05 14:12 . 2009-10-05 14:12 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-10-05 14:12 . 2009-10-05 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-02 17:54 . 2009-08-28 11:36 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2009-09-29 13:34 . 2009-08-24 06:46 -------- d-----w- c:\program files\Dofus
2009-09-29 09:18 . 2009-09-19 18:40 38 ----a-w- c:\documents and settings\nathan\jagex_runescape_preferences.dat
2009-09-29 09:18 . 2009-09-19 18:40 45 ----a-w- c:\documents and settings\nathan\jagex_runescape_preferences2.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\wsbl.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_white.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_summ.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\ph_black.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\pcwords2.dat
2009-09-25 17:21 . 2009-09-25 17:21 0 ----a-w- c:\windows\system32\pcwords.dat
2009-09-25 06:46 . 2009-09-03 17:53 -------- d-----w- c:\program files\Fichiers communs\Akamai
2009-09-25 05:36 . 2009-09-25 05:36 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-24 15:43 . 2009-08-20 15:52 -------- d-----w- c:\documents and settings\nathan\Application Data\SlimBrowser
2009-09-20 20:22 . 2009-09-20 20:22 -------- d-----w- c:\program files\MSBuild
2009-09-20 20:22 . 2009-09-20 20:22 -------- d-----w- c:\program files\Reference Assemblies
2009-09-19 18:38 . 2009-09-19 18:38 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-19 18:38 . 2009-09-19 18:38 -------- d-----w- c:\program files\Java
2009-09-16 13:58 . 2009-09-16 11:46 -------- d-----w- c:\program files\Fichiers communs\Blizzard Entertainment
2009-09-14 10:00 . 2009-09-14 09:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonEU
2009-09-13 16:25 . 2009-09-13 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-09-13 09:08 . 2009-09-13 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-09-13 09:08 . 2009-09-13 09:08 -------- d-----w- c:\program files\Pando Networks
2009-09-12 19:16 . 2009-09-12 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-09-11 14:18 . 2004-08-19 14:09 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2004-08-19 14:09 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 20:17 . 2009-09-03 19:40 96 —ha-w- c:\windows\system32\HsInfo.dat
2009-08-29 07:56 . 2004-08-19 14:09 916480 ------w- c:\windows\system32\wininet.dll
2009-08-28 11:42 . 2009-08-28 11:42 4 ----a-w- c:\windows\system32\aspdict-en.dat
2009-08-28 11:42 . 2009-08-28 11:42 16 ----a-w- c:\windows\system32\asdict.dat
2009-08-26 08:01 . 2004-08-19 14:09 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-21 22:21 . 2009-08-21 22:21 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-20 16:08 . 2009-08-20 16:06 4212 —h–w- c:\windows\system32\zllictbl.dat
2009-08-19 17:04 . 2009-08-19 17:04 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2008-07-20 11:07 . 2008-07-20 11:07 4107582 ----a-w- c:\program files\back.bmp
.
((((((((((((((((((((((((((((( SnapShot@2009-10-28_21.20.27 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-30 15:45 . 2008-09-30 15:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
- 2009-10-29 13:32 . 2009-10-29 13:32 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
- 2009-11-07 07:35 . 2009-11-07 07:35 16384 c:\windows\Temp\Perflib_Perfdata_bc8.dat
- 2009-11-07 07:34 . 2009-11-07 07:34 16384 c:\windows\Temp\Perflib_Perfdata_6e8.dat
- 2003-04-18 15:29 . 2003-04-18 15:29 82432 c:\windows\system32\msxml4r.dll
- 2009-11-05 10:30 . 2001-11-14 19:24 12288 c:\windows\system32\Adobe\SVG Viewer 3.0\SVGRSRC.dll
- 2009-11-05 10:30 . 2001-10-26 21:11 45056 c:\windows\system32\Adobe\SVG Viewer 3.0\SVG3ACE.dll
- 2009-10-29 13:33 . 2009-10-29 13:33 23040 c:\windows\Installer\10f0d3c.msi
- 2009-10-29 13:32 . 2009-10-29 13:32 43520 c:\windows\Installer\10f0d24.msi
- 2009-10-30 23:40 . 2009-10-30 23:40 32768 c:\windows\Installer{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2009-11-07 07:12 . 2009-11-07 07:12 47616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\a31f5136a236dae58c03db56ea2a1a7a\WindowsLiveWriter.ni.exe
- 2009-11-07 07:12 . 2009-11-07 07:12 99840 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0cce8134aebab15d6c31143f850af1a7\WindowsLive.Writer.Api.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\1ded203bd27031c3a5e3441f94b528c0\Microsoft.VisualC.ni.dll
- 2006-09-24 13:28 . 2006-09-24 13:28 5248 c:\windows\system32\speedfan.sys
- 1996-04-03 19:33 . 1996-04-03 19:33 5248 c:\windows\system32\giveio.sys
- 2009-11-05 10:30 . 2001-10-26 20:34 933888 c:\windows\system32\Adobe\SVG Viewer 3.0\SVG3CT.dll
- 2009-11-05 10:30 . 2001-10-26 19:56 167936 c:\windows\system32\Adobe\SVG Viewer 3.0\SVG3BIB.dll
- 2009-11-05 10:30 . 2001-10-26 20:33 921600 c:\windows\system32\Adobe\SVG Viewer 3.0\SVG3AGM.dll
- 2009-11-05 10:30 . 2001-10-26 21:11 315459 c:\windows\system32\Adobe\SVG Viewer 3.0\NPSVG3.dll
- 2008-02-12 16:38 . 2008-02-12 16:38 212480 c:\windows\PCDLIB32.DLL
- 2009-10-30 23:40 . 2009-10-30 23:40 432640 c:\windows\Installer\34b9ed2.msi
- 2009-11-06 21:47 . 2009-11-06 21:47 570368 c:\windows\Installer\2a219a.msi
- 2009-10-29 13:32 . 2009-10-29 13:32 106496 c:\windows\Installer\10f0d1e.msi
- 2009-11-04 11:00 . 2008-07-08 13:04 406392 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
- 2009-11-04 11:00 . 2008-07-08 13:03 234872 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
- 2009-11-07 07:12 . 2009-11-07 07:12 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\9d1a36d51bb6a24f943e73c0011e342a\WindowsLiveLocal.WriterPlugin.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 118784 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\feb5009ee6406995983c67d61254b713\WindowsLive.Writer.Extensibility.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 594944 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ef0daf9b5b7002d4d3493671db79fec5\WindowsLive.Writer.HtmlEditor.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 174080 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ea3b7fc0ae639a2cd268d9a0aab47d15\WindowsLive.Writer.BrowserControl.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\dd20f981722448ea96d2c0995eeaf9b7\WindowsLive.Writer.Mshtml.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 851968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ac50120d9dfafb4868aa4531456cf2e7\WindowsLive.Writer.BlogClient.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 322048 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9603a068ba2de2c7ec244454e8ad0763\WindowsLive.Writer.SpellChecker.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 843776 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8b674da2d622aec8a9c150e4f7437c4f\WindowsLive.Writer.Controls.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 108544 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7ca3eb94ab1ae6867d35382ecf407260\WindowsLive.Writer.Passport.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 428032 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7c494448c732a975d727098bad24f42b\WindowsLive.Writer.Localization.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 334848 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\75a1c524a87004611e911be710454234\WindowsLive.Writer.Interop.Mshtml.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\63d852a9374556240906cbd19946f7b0\WindowsLive.Writer.Instrumentation.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\627621628abc220fd9c02f442178e41c\WindowsLive.Writer.FileDestinations.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\60e6ca35b86ce10970a63fa5ea8b1d9c\WindowsLive.Writer.HtmlParser.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 313856 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\551d4211cde9574615ad847741667699\WindowsLive.Writer.Interop.SHDocVw.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\311874611f12ea8440bc760c3203cbd3\WindowsLive.Writer.Interop.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\f5d7a7417ffcd9af285e64946ba48f74\WindowsLive.Client.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\af21e3011fb4e107b13ea5c40c351ec4\System.Runtime.Remoting.ni.dll
- 2008-09-30 15:42 . 2008-09-30 15:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
- 2009-10-29 13:32 . 2009-10-29 13:32 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
- 2008-09-30 15:43 . 2008-09-30 15:43 1286152 c:\windows\system32\msxml4.dll
- 2004-08-19 14:09 . 2009-10-22 09:17 5939712 c:\windows\system32\mshtml.dll
- 2009-07-18 16:03 . 2009-10-22 09:17 5939712 c:\windows\system32\dllcache\mshtml.dll
- 2009-11-05 10:30 . 2001-10-26 21:10 1929284 c:\windows\system32\Adobe\SVG Viewer 3.0\SVGCore.dll
- 2009-11-05 10:29 . 2009-11-05 10:29 6618624 c:\windows\Installer\2eb2f7.msi
- 2009-10-29 13:33 . 2009-10-29 13:33 3930112 c:\windows\Installer\10f0d42.msi
- 2009-10-29 13:33 . 2009-10-29 13:33 3547648 c:\windows\Installer\10f0d36.msi
- 2009-10-29 13:33 . 2009-10-29 13:33 3548160 c:\windows\Installer\10f0d30.msi
- 2009-10-29 13:33 . 2009-10-29 13:33 3621888 c:\windows\Installer\10f0d2a.msi
- 2009-11-04 11:00 . 2009-08-29 07:56 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 1105920 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\f431bc9e7c51a50035c19abea4cbcaa2\WindowsLive.Writer.ApplicationFramework.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 2002432 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf704776939a6c4d0fac5ad70099300b\WindowsLive.Writer.CoreServices.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 6392832 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7e735c4d2b299eb78cf8cb2c70865978\WindowsLive.Writer.PostEditor.ni.dll
- 2009-11-07 07:12 . 2009-11-07 07:12 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\ffa1018e8022964eb51025c2c6d8727a\System.Data.OracleClient.ni.dll
.
– Instantané actualisé –
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“BitTorrent DNA”=“c:\program files\DNA\btdna.exe” [2009-10-07 323392]
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe” [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“nwiz”=“c:\program files\NVIDIA Corporation\nView\nwiz.exe” [2009-07-08 1657376]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2009-07-14 13877248]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2009-07-14 86016]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-09-19 149280]
“Malwarebytes Anti-Malware (reboot)”=“c:\program files\Malwarebytes’ Anti-Malware\mbam.exe” [2009-09-10 1312080]
“avgnt”=“c:\program files\Avira\AntiVir Desktop\avgnt.exe” [2009-03-02 209153]
“SoundMan”=“SOUNDMAN.EXE” - c:\windows\soundman.exe [2006-08-03 577536]
c:\documents and settings\nathan\Menu D?marrer\Programmes\D?marrage
Notification de cadeaux MSN.lnk - c:\documents and settings\nathan\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-11-6 135680]
c:\documents and settings\nathan\Menu D?marrer\Programmes\D?marrage
Notification de cadeaux MSN.lnk - c:\documents and settings\nathan\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-11-6 135680]
c:\documents and settings\nathan\Menu D?marrer\Programmes\D?marrage
Notification de cadeaux MSN.lnk - c:\documents and settings\nathan\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-11-6 135680]
c:\documents and settings\All Users\Menu D?marrer\Programmes\D?marrage
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2009-11-5 110592]
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2009-10-28 2665328]
c:\documents and settings\nathan\Menu D?marrer\Programmes\D?marrage
Notification de cadeaux MSN.lnk - c:\documents and settings\nathan\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-11-6 135680]
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
“c:\Program Files\DNA\btdna.exe”=
“c:\Program Files\Messenger\msmsgs.exe”=
“c:\Program Files\Windows Live\Messenger\wlcsdk.exe”=
“c:\Program Files\Windows Live\Messenger\msnmsgr.exe”=
“c:\Program Files\Windows Live\Sync\WindowsLiveSync.exe”=
“c:\Program Files\Pando Networks\Media Booster\PMB.exe”=
“c:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe”=
“c:\nexon\Combat Arms\Engine.exe”= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
“c:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe”=
“c:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe”=
“c:\Program Files\Steam\SteamApps\bestounet88\counter-strike source\hl2.exe”=
“c:\Program Files\Metin2_France\metin2.bin”=
“c:\Program Files\Steam\SteamApps\bestounet88\half-life 2 deathmatch\hl2.exe”=
“c:\Program Files\iTALC\ica.exe”=
“c:\Program Files\Metin2_France\metin2client.bin”=
“c:\WINDOWS\system32\dpvsetup.exe”=
“c:\WINDOWS\system32\rundll32.exe”=
“c:\Program Files\Skype\Phone\Skype.exe”=
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
“57493:TCP”= 57493:TCP:Pando Media Booster
“57493:UDP”= 57493:UDP:Pando Media Booster
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [13/10/2009 17:55 33824]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [28/10/2009 21:32 108289]
R2 icas;iTALC Client;c:\program files\iTALC\ica.exe [09/10/2009 18:34 844800]
S3 DBKDRVR54;DBKDRVR54;c:\program files\Cheat Engine\dbk32.sys [20/09/2009 09:36 36096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contenu du dossier ‘Tâches planifiées’
2009-11-07 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-08-25 20:18]
.
.
------- Examen supplémentaire -------
.
uStart Page = www.google.com…
mWindow Title =
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - download.eset.com…
FF - ProfilePath - c:\documents and settings\nathan\Application Data\Mozilla\Firefox\Profiles\jgq821ft.default
FF - prefs.js: browser.startup.homepage - fr.msn.com…
FF - prefs.js: keyword.URL - www.bing.com…
FF - prefs.js: browser.search.selectedEngine - Bing
FF - component: c:\program files\Mozilla Firefox\extensions{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-11-07 08:34
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés …
Recherche d’éléments en démarrage automatique cachés …
Recherche de fichiers cachés …
Scan terminé avec succès
Fichiers cachés: 0
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
“ImagePath”="??\c:\docume~1\nathan\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
-
-
-
-
-
-
-
‘explorer.exe’(3944)
c:\windows\system32\msi.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\wazazuzu\CF10184.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
c:\wazazuzu\PEV.cfxxe
.
.
Heure de fin: 2009-11-07 8:37 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-07 07:37
ComboFix2.txt 2009-10-28 21:23
Avant-CF: 6 563 938 304 octets libres
Après-CF: 6 524 796 928 octets libres
-
- End Of File - - 0C602E5189078F41DEA1AB9A2620E5DC
Sinon pour un endroit ou l’on pourrait parler seul comme skype ou msn tu aurait sa ?
Edité le 07/11/2009 à 13:19