Re nardino
J'ai téléchargé combofix et installé, c'était pas sorcier, mais l'attente du rapport était longue
Je te poste le rapport:
ComboFix 09-06-23.01 - naima 24/06/2009 23:17.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.502.178 [GMT 1:00]
Lancé depuis: c:\documents and settings\naima\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-599054991-3718194675-2334377287-500
c:\windows\system32\Drivers\jhpjpqv.sys
C:\Autorun.inf
c:\recycler\S-1-5-21-599054991-3718194675-2334377287-500\desktop.ini
c:\recycler\S-1-5-21-599054991-3718194675-2334377287-500\INFO2
c:\windows\system32\drivers\jhpjpqv.sys
c:\windows\system32\lsprst7.dll
c:\windows\system32\nsprs.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\waoptimizer.dll
D:\Autorun.inf
D:\Desktop.ini
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_WMOPTIMIZER
-------\Service_WMOptimizer
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-06-24 ))))))))))))))))))))))))))))))))))))
.
2009-06-24 12:45 . 2009-06-24 12:45 -------- d-----w- c:\documents and settings\All Users\Application Data\245D
2009-06-24 11:07 . 2009-06-24 11:07 -------- d-----w- c:\documents and settings\All Users\Application Data\36241
2009-06-23 22:13 . 2009-06-23 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\2A38A
2009-06-20 14:26 . 2009-06-20 14:26 -------- d-----w- c:\documents and settings\All Users\Application Data\373A9
2009-06-19 19:41 . 2009-06-19 19:41 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-19 09:00 . 2009-06-19 09:00 -------- d-----w- c:\documents and settings\All Users\Application Data\13203
2009-06-16 16:26 . 2009-06-16 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\36138
2009-06-16 16:02 . 2009-06-16 16:02 -------- d-----w- c:\documents and settings\All Users\Application Data\23EA
2009-06-15 08:46 . 2009-06-15 08:46 -------- d-----w- c:\documents and settings\All Users\Application Data\22213
2009-06-14 20:13 . 2008-04-14 02:34 155648 ----a-w- c:\windows\system32\wscript.exe
2009-06-14 20:13 . 2008-04-14 02:34 155648 ----a-w- c:\windows\system32\dllcache\wscript.exe
2009-06-13 10:32 . 2009-06-13 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\323A9
2009-06-11 11:47 . 2009-06-11 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\F138
2009-06-10 10:40 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 10:40 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 10:02 . 2009-06-10 10:02 -------- d-----w- c:\documents and settings\All Users\Application Data\182E
2009-06-06 09:28 . 2009-06-06 09:28 -------- d-----w- c:\documents and settings\All Users\Application Data\26399
2009-06-04 09:07 . 2009-06-04 09:07 -------- d-----w- c:\documents and settings\All Users\Application Data\15232
2009-06-03 17:29 . 2009-06-03 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\24148
2009-06-03 13:47 . 2009-06-03 13:47 -------- d-----w- c:\documents and settings\All Users\Application Data\382E
2009-06-01 13:06 . 2009-06-01 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\2E399
2009-05-29 22:56 . 2009-05-29 22:56 -------- d-----w- c:\documents and settings\All Users\Application Data\10251
2009-05-29 18:58 . 2009-05-29 19:05 -------- d-----w- c:\program files\SPSS Viewer
2009-05-29 08:11 . 2009-05-29 08:11 -------- d-----w- c:\documents and settings\All Users\Application Data\27271
2009-05-28 09:00 . 2009-05-28 09:00 -------- d-----w- c:\documents and settings\All Users\Application Data\13DA
2009-05-26 16:18 . 2009-05-26 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\1F3B9
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 01:36 . 2008-07-26 21:11 -------- d-----w- c:\documents and settings\naima\Application Data\Skype
2009-06-23 23:26 . 2008-07-26 21:13 -------- d-----w- c:\documents and settings\naima\Application Data\skypePM
2009-06-03 17:23 . 2009-05-11 17:04 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-29 22:49 . 2008-07-26 21:15 72592 ----a-w- c:\documents and settings\naima\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-23 07:57 . 2009-05-23 07:57 -------- d-----w- c:\documents and settings\All Users\Application Data\15160
2009-05-21 23:24 . 2009-05-21 23:24 -------- d-----w- c:\documents and settings\naima\Application Data\DivX
2009-05-21 13:26 . 2008-04-19 17:49 -------- d-----w- c:\program files\DivX
2009-05-21 13:18 . 2009-05-21 13:17 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-05-21 10:04 . 2009-05-21 10:04 -------- d-----w- c:\documents and settings\All Users\Application Data\2C213
2009-05-20 20:44 . 2009-05-20 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-05-20 20:43 . 2009-05-20 20:43 -------- d-----w- c:\program files\NCH Software
2009-05-20 20:42 . 2009-05-20 20:42 -------- d-----w- c:\documents and settings\naima\Application Data\NCH Swift Sound
2009-05-20 20:14 . 2008-12-30 15:29 -------- d-----w- c:\program files\ma-config.com
2009-05-20 20:14 . 2008-12-30 15:29 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-05-20 16:26 . 2009-05-20 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\F1D4
2009-05-17 14:06 . 2009-05-17 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\13FA
2009-05-17 13:50 . 2008-04-24 13:53 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-16 08:53 . 2009-03-08 13:00 132640 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-05-15 10:03 . 2009-03-08 13:00 168208 ----a-w- c:\windows\system32\guard32.dll
2009-05-15 10:02 . 2009-03-08 13:00 82080 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-05-15 10:02 . 2009-03-08 13:00 24096 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-05-14 16:43 . 2009-05-14 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\38DA
2009-05-14 13:56 . 2009-05-14 23:22 402800 ----a-w- c:\documents and settings\naima\Application Data\Mozilla\Firefox\Profiles\uewijchu.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
2009-05-14 09:16 . 2009-05-14 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\5157
2009-05-13 05:04 . 2004-08-05 02:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-12 16:11 . 2009-05-12 16:11 -------- d-----w- c:\documents and settings\All Users\Application Data\351F
2009-05-11 17:04 . 2009-05-11 17:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-11 17:03 . 2009-05-11 17:03 54624 ----a-w- c:\windows\system32\5d840.sys
2009-05-10 16:25 . 2009-05-10 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\1B280
2009-05-08 18:24 . 2009-05-08 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\14E
2009-05-07 22:07 . 2009-05-07 22:07 -------- d-----w- c:\program files\Xilisoft
2009-05-07 15:33 . 2008-09-25 02:02 348672 ----a-w- c:\windows\system32\localspl.dll
2009-05-06 17:37 . 2009-05-06 17:37 1025 ----a-w- c:\windows\system32\clauth2.dll
2009-05-06 17:37 . 2009-05-06 17:37 1025 ----a-w- c:\windows\system32\clauth1.dll
2009-05-06 12:52 . 2009-05-04 16:23 186 ----a-w- c:\documents and settings\All Users\Application Data\SafeNet Sentinel\Sentinel RMS Development Kit\System\prsgrc.dll
2009-05-04 16:20 . 2009-05-04 16:20 -------- d-----w- c:\program files\SPSSInc
2009-05-04 16:20 . 2009-05-04 16:20 1025 ----a-w- c:\windows\system32\sysprs7.dll
2009-05-03 16:49 . 2009-05-03 16:49 -------- d-----w- c:\documents and settings\All Users\Application Data\14BB
2009-05-02 15:52 . 2009-05-02 15:52 -------- d-----w- c:\documents and settings\All Users\Application Data\1A1B5
2009-04-30 08:43 . 2009-04-30 08:43 -------- d-----w- c:\documents and settings\All Users\Application Data\48B
2009-04-30 08:42 . 2009-04-30 08:42 -------- d-----w- c:\documents and settings\All Users\Application Data\24362
2009-04-27 16:23 . 2009-04-27 16:23 -------- d-----w- c:\documents and settings\All Users\Application Data\1F30C
2009-04-19 19:50 . 2008-09-25 02:01 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 20:25 . 2009-05-21 13:22 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-04-15 20:25 . 2009-05-21 13:22 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-04-15 20:25 . 2009-05-21 13:22 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-04-15 20:25 . 2009-05-21 13:22 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-04-15 20:25 . 2009-05-21 13:22 129784 ------w- c:\windows\system32\pxafs.dll
2009-04-15 20:25 . 2005-04-25 01:03 43528 ------w- c:\windows\system32\drivers\pxhelp20.sys
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2009-04-15 14:53 . 2004-08-05 02:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-10 01:30 . 2009-04-10 01:30 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-04-04 12:08 . 2008-12-11 14:11 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-04 12:06 . 2009-04-04 12:06 152576 ----a-w- c:\documents and settings\naima\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[7] 2004-08-05 02:00 14336 1BD6C2F707A275CB7C16FD99FE0F31CA c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\svchost.exe
[7] 2008-04-14 02:34 14336 E4BDF223CD75478BF44567B4D5C2634D c:\windows\system32\dllcache\svchost.exe
[-] 2007-03-08 15:50 579072 4D88AAF39ADABFE45958EA1384E2C4FF c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2004-08-05 02:00 578048 E46FB493E3B33704F0715020CF52106B c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2005-03-02 18:20 578048 C34920EB988CE98910BD6B0417F334EB c:\windows\$NtUninstallKB925902$\user32.dll
[7] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\user32.dll
[7] 2008-04-14 02:33 579584 E853F84D3CE2FAA2A802E33CF89AC023 c:\windows\system32\dllcache\user32.dll
[7] 2004-08-05 02:00 82944 BC41F51A39D3B255805FDB759B7814AE c:\windows\$NtServicePackUninstall$\ws2_32.dll
[7] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\ws2_32.dll
[7] 2008-04-14 02:33 82432 FB836F9E62D82904C983AD21296A5D9C c:\windows\system32\dllcache\ws2_32.dll
[-] 2006-01-09 18:02 666112 5404E2EAD19D7E2A5C4086015062343C c:\windows\$hf_mig$\KB912945\SP2QFE\wininet.dll
[-] 2007-12-07 00:47 670208 C057D734B1951393FD07E2607513D4D9 c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll
[7] 2007-12-07 01:42 825344 F4FD487241D3AC291046A22CEBD2CF71 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[7] 2008-03-01 12:34 827392 5A0093F59B505C008ED0CEE615563C72 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[7] 2008-04-23 07:19 827392 78D3D2B0BE6AD3E6D82CCB115CF74310 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-06-23 15:40 827904 52589BAE67DD9859724287372668690B c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 09:10 827904 4B0E70D44297877A313045BD059770E1 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-10-16 19:33 827904 37D1A1BFE3D9904F2C3D11592456F9C0 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 23:47 827904 4E192082A5FCE9EF19198A24CDEA3442 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2009-05-13 05:08 915456 722E8ABB39238BAD1B1E13D97C49DB4D c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2004-08-05 02:00 660480 58FE94EF42E074F4CAD8BF02E70E6478 c:\windows\$NtUninstallKB912945$\wininet.dll
[-] 2007-12-07 01:07 663552 C5A40DE381481D288ADDEE45FC67F652 c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2006-01-09 18:02 662528 E795F45061710E1ED8E80DD4188F5B26 c:\windows\$NtUninstallKB944533_0$\wininet.dll
[-] 2007-12-07 00:47 670208 C057D734B1951393FD07E2607513D4D9 c:\windows\$NtUninstallKB947864$\wininet.dll
[-] 2008-02-16 09:32 670208 DCB8A9F102663D962BE60CDE38A6C1D7 c:\windows\ie7\wininet.dll
[7] 2007-08-13 17:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB944533-IE7\wininet.dll
[7] 2007-12-07 02:08 824832 4FC90BECE54FAC81B0090B94E27BFB6B c:\windows\ie7updates\KB947864-IE7\wininet.dll
[7] 2008-03-01 12:58 826368 8E027981DDFFA690D456FE18B37415A0 c:\windows\ie7updates\KB950759-IE7\wininet.dll
[7] 2008-04-23 04:16 826368 02D6AABD5F5A32C61478B5CDFE50E4A8 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-06-23 16:28 826368 AC0BD61DC2C64906FBFE50E005FEFA2C c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-08-26 08:11 826368 E30CACD98479B36A3DBFA3267BF62DD0 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-10-16 20:18 826368 CFBFA47415E85018E2CDC509E5E3D011 c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-12-20 22:47 826368 0551C946E305CEE0A79BA744DC141BFC c:\windows\ie8\wininet.dll
[7] 2009-03-08 03:34 914944 6CE32F7778061CCC5814D5E0F282D369 c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2008-04-14 02:33 670208 4A6E04EA20F48D750D9BFED8600D516B c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2007-12-07 02:08 824832 4FC90BECE54FAC81B0090B94E27BFB6B c:\windows\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\SP2GDR\wininet.dll
[7] 2007-12-07 01:42 825344 F4FD487241D3AC291046A22CEBD2CF71 c:\windows\SoftwareDistribution\Download\2dce20bc43d87c5ad11562143f87f0c5\SP2QFE\wininet.dll
[7] 2008-03-01 12:58 826368 8E027981DDFFA690D456FE18B37415A0 c:\windows\SoftwareDistribution\Download\eaa17b1d205a9fb8b12c43359acd2d18\SP2GDR\wininet.dll
[7] 2008-03-01 12:34 827392 5A0093F59B505C008ED0CEE615563C72 c:\windows\SoftwareDistribution\Download\eaa17b1d205a9fb8b12c43359acd2d18\SP2QFE\wininet.dll
[7] 2009-05-13 05:04 915456 FEADC209186574B0471D694FF5634F70 c:\windows\system32\wininet.dll
[7] 2009-05-13 05:04 915456 FEADC209186574B0471D694FF5634F70 c:\windows\system32\dllcache\wininet.dll
[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2004-08-05 02:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
[7] 2004-08-05 02:00 506368 D2DE785AEAB0BB8CA4C14A8A199DBE4E c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\winlogon.exe
[7] 2008-04-14 02:34 512000 DD73D6B9F6B4CB630CF35B438B540174 c:\windows\system32\dllcache\winlogon.exe
[7] 2004-08-05 02:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\dllcache\ndis.sys
[7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
[7] 2004-08-05 02:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\dllcache\ip6fw.sys
[7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
[7] 2009-02-09 11:17 2068224 ED5E20AE4AC5A63A4FF43FFE704A5153 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 18:26 2068096 755B50949D0DBC0F0136B0DB58765331 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2007-02-28 16:08 2019328 3E3DF9F5D56B719F055E7D652E79F96B c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2004-08-03 22:49 2017280 35567C8C50986C2BC5C3EFD79CB045E4 c:\windows\$NtUninstallKB909095$\ntkrnlpa.exe
[-] 2005-10-12 18:23 2017280 8B0A9B799F4C49CBD11BD52717AC9F76 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[7] 2008-08-14 13:23 2025984 F2DEC52ED964AD57220B1F5AA32B5C61 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2008-04-14 02:07 2025984 92E82482CDB39929CF7B541A9648AFAE c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[7] 2009-02-10 18:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2008-04-14 02:07 2067968 B71A8F101CEFAF82FC5EC16130A54A3F c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[7] 2009-02-09 11:23 2025984 C9E530E1258352CC8689173AEFD3A3CF c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-10 18:06 2068096 F751E041E682F53EAF34F7FAEA78994D c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2009-02-10 18:16 2191232 BEF458B8424553279E95E250D1E0CE7E c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 18:26 2191232 D79210549BBF09B7638E860440504299 c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2007-02-28 16:08 2139648 DE41F3B43B9F15E08CCD4B98A7BB2CA3 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2004-08-03 22:48 2150400 36F32A5A83DF734E022734D93860A9A4 c:\windows\$NtUninstallKB909095$\ntoskrnl.exe
[-] 2005-10-12 18:22 2138112 6D658AF0B1A9803F6BEA45D62436BACB c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[7] 2008-08-14 13:23 2147328 E422F0930804A5D6E697E5D7DBFD9863 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2008-04-14 02:07 2147328 B10C36956EB7A8B1586DBE3B43875280 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[7] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2008-04-14 02:08 2191104 099D639DA1EF6968D4E41795BB507E6B c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[7] 2009-02-09 11:23 2147328 907C6FCD8D5FB812D74C204060911EA6 c:\windows\system32\ntoskrnl.exe
[7] 2009-02-09 11:24 2191104 AB896577F35CF5FED7A9F87D3C3205ED c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\explorer.exe
[-] 2007-06-13 13:10 1037312 B795475444D6D57A572C14B9E1A29839 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 13:22 1037312 D0288319660EDCFED07C7E74C4EA38A5 c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2004-08-05 02:00 1036288 4C33E5B9A6197B6ED215F6CFBA0A2DAA c:\windows\$NtUninstallKB938828$\explorer.exe
[7] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 02:34 1037824 F2317622D29F9FF0F88AEECD5F60F0DD c:\windows\system32\dllcache\explorer.exe
[7] 2009-02-09 11:16 111104 62789101F9C2401ED598AA2CDE7450C0 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2004-08-05 02:00 108544 732E0B1ABAACE15D80EC19056B0A2AF9 c:\windows\$NtServicePackUninstall$\services.exe
[7] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 02:34 109056 54CB50058851D95E56EC70D09F70857F c:\windows\ServicePackFiles\i386\services.exe
[7] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\services.exe
[7] 2009-02-09 11:23 111104 C3FB1D70CB88722267949694BA51759E c:\windows\system32\dllcache\services.exe
[7] 2004-08-05 02:00 13312 9F3744A5C6F49291A7A685040A013399 c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\lsass.exe
[7] 2008-04-14 02:34 13312 91E6024D6D4DCDECDB36C43ECF9BBECB c:\windows\system32\dllcache\lsass.exe
[7] 2004-08-05 02:00 15360 5584247B568C2E53934873F4B655FE6A c:\windows\$NtServicePackUninstall$\ctfmon.exe
[7] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\ctfmon.exe
[7] 2008-04-14 02:33 15360 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 c:\windows\system32\dllcache\ctfmon.exe
[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2004-08-05 02:00 57856 B4EF928E4FAD79364A80ACBA6D999934 c:\windows\$NtUninstallKB896423$\spoolsv.exe
[7] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\ServicePackFiles\i386\spoolsv.exe
[7] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\spoolsv.exe
[7] 2008-04-14 02:34 57856 460E4CE148BD07218DA0B6A3D31885A9 c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-04-14 02:34 112640 7E3DEFE771CB451B0FF630BFA435417E c:\windows\ServicePackFiles\i386\wuauclt.exe
[7] 2008-10-16 13:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 13:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe
[7] 2004-08-05 02:00 25088 D6D65EA32B190401B57EDB6706F29669 c:\windows\$NtServicePackUninstall$\userinit.exe
[7] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\userinit.exe
[7] 2008-04-14 02:34 26624 E74DDB12188C2FF57A78624DBF7332FC c:\windows\system32\dllcache\userinit.exe
[7] 2004-08-05 02:00 297984 7D521B8CF926459E270D18C559323815 c:\windows\$NtServicePackUninstall$\termsrv.dll
[7] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\termsrv.dll
[7] 2008-04-14 02:33 297984 710BC85A8C22626EE094439E3EA0D38C c:\windows\system32\dllcache\termsrv.dll
[-] 2007-04-16 16:11 1051136 62E3F0E9ABFCBCEE62C51546F622C455 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[7] 2009-03-21 14:00 1056768 C3AF0EEE26B59484E674673E3016AAB7 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:53 1049600 6F1FE2AE7B22EB9CED1BFF533C9455EA c:\windows\$NtServicePackUninstall$\kernel32.dll
[7] 2004-08-05 02:00 1048576 7830E20C74611281B1BDAE5888CD50F5 c:\windows\$NtUninstallKB935839$\kernel32.dll
[7] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 02:33 1054720 3AC8886DFA5AB641417DF4D3B7F5512E c:\windows\ServicePackFiles\i386\kernel32.dll
[7] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\kernel32.dll
[7] 2009-03-21 14:07 1054720 98F08549604D090B6B2514AF845F329F c:\windows\system32\dllcache\kernel32.dll
[7] 2004-08-05 02:00 17408 B02E4DDBE0E98F42F3B61292DDB3A104 c:\windows\$NtServicePackUninstall$\powrprof.dll
[7] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\powrprof.dll
[7] 2008-04-14 02:33 17408 9F2C862E39BF8E8FC51C3F6A6BCEB415 c:\windows\system32\dllcache\powrprof.dll
[7] 2004-08-05 02:00 110080 39EE5FAF56260EBB8D77A08F525EBBB4 c:\windows\$NtServicePackUninstall$\imm32.dll
[7] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\imm32.dll
[7] 2008-04-14 02:33 110080 0469B73DB32E5520F342C5E163AA3CCA c:\windows\system32\dllcache\imm32.dll
[7] 2004-08-05 02:00 1548288 ACF04FB3448D2C2CD3A851C138EC8AB6 c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[7] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\sfcfiles.dll
[7] 2008-04-14 02:33 1571840 E17C85D5B5CF477638433B851A98499E c:\windows\system32\dllcache\sfcfiles.dll
[7] 2004-08-05 02:00 176640 CE66077813D83C2D6908CDC64AE7E55A c:\windows\$NtServicePackUninstall$\appmgmts.dll
[7] 2008-04-14 02:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\ServicePackFiles\i386\appmgmts.dll
[7] 2008-04-14 02:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\system32\appmgmts.dll
[7] 2008-04-14 02:33 176640 F36C9F78FC902C8DCE4D3B576BB0435A c:\windows\system32\dllcache\appmgmts.dll
[7] 2004-08-05 02:00 25216 E798705E8DC7FAB596EF6BFDF167E007 c:\windows\$NtServicePackUninstall$\kbdclass.sys
[7] 2008-04-14 02:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-14 02:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\system32\dllcache\kbdclass.sys
[7] 2008-04-14 02:05 25216 16813155807C6881F4BFBF6657424659 c:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688]
"DHTray"="c:\windows\system32\DHTray.exe" [2007-07-19 335872]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2009-03-15 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-15 1794320]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-15 1794320]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\cssdll32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe]
"Debugger"=c:\windows\system32\wscript.exe /E:vbs c:\windows\system32\winjpg.jpg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dwwinxp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe]
"Debugger"=StripMyRights.exe /D /L N
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outlook.exe]
"Debugger"=StripMyRights.exe /D /L N
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Google Update"="c:\documents and settings\naima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"A0380mon"=c:\windows\system32\A0380mon.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"Scheduler"=c:\windows\SMINST\Scheduler.exe
"DLA"=c:\windows\System32\DLA\DLACTRLW.EXE
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe"
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Reminder"=c:\windows\Creator\Remind_XP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Filters\\ac3config.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\aMSN\\bin\\wish.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [03/10/2008 17:14 28544]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [08/03/2009 14:00 132640]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [08/03/2009 14:00 24096]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [15/10/2007 02:52 540184]
S3 5d840;5d840;c:\windows\system32\5d840.sys [11/05/2009 18:03 54624]
S3 A0380VID;USB2.0 PC Camera;c:\windows\system32\drivers\A0380Vid.sys [24/03/2008 17:19 3933184]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/05/2009 14:37 234864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 21:22 34064]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [24/03/2009 12:03 7808]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2009-06-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-06-24 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2008-11-25 16:58]
2009-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-150535731-2425761550-839633919-1005.job
- c:\documents and settings\naima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-26 19:14]
2009-06-24 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 11:14]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
IE: Crawler Search - tbr:iemenu
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
hxxp://www.zebulon.fr/scan8/oscan8.cabFF - ProfilePath - c:\documents and settings\naima\Application Data\Mozilla\Firefox\Profiles\uewijchu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://google.com/FF - prefs.js: keyword.URL -
hxxp://search.speedbit.com/searchresult ... default&q=FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\naima\Application Data\Mozilla\Firefox\Profiles\uewijchu.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\documents and settings\naima\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-24 23:26
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|é•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'lsass.exe'(1132)
c:\windows\system32\guard32.dll
- - - - - - - > 'explorer.exe'(2244)
c:\windows\system32\guard32.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\COMODO\Firewall\cmdagent.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Heure de fin: 2009-06-24 23:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-24 22:43
Avant-CF: 26 262 917 120 octets libres
Après-CF: 26 408 169 472 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
437 --- E O F --- 2009-06-11 18:56
Bonne lecture
a+ ^^