Aller au contenu

Faby

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français

Faby's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Faby
    Merci beaucoup. Pour le moment je n'ai pas vu les trojans comme d'habitude Porvu que ça dure! Merci
  2. Faby
    Bonjour! Mon PC est infecté par des virus de type Torjan, que Antivir identifie à chaque demarrager, mais n' arrive pas à supprimer! Hier j'ai lancé un scan avec combofix mais ce matin SURPISE: encore mise en grade de Antivir que les torjan là . Que faire? Merci aux experts de m'aider. Voici le rapport de combofix: ComboFix 08-10-25.01 - GTZ 2008-10-27 14:07:11.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.113 [GMT 1:00] Lancé depuis: C:\Documents and Settings\GTZ\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\instant access C:\Program Files\instant access\Center\sexe69.lnk C:\Program Files\instant access\DesktopIcons\sexe69.lnk C:\Program Files\instant access\Multi\20061116151106\Common\module.php C:\Program Files\instant access\Multi\20061116151106\dialerexe.ini C:\Program Files\instant access\Multi\20061116151106\js\js_api_dialer.php C:\Program Files\instant access\Multi\20061116151106\medias\button1.jpg C:\Program Files\instant access\Multi\20061116151106\medias\button2.jpg C:\Program Files\instant access\Multi\20061116151106\medias\button3.jpg C:\Program Files\instant access\Multi\20061116151106\medias\button4.jpg C:\Program Files\instant access\Multi\20061116151106\medias\dialer.ico C:\WINDOWS\dialerexe.ini . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CELINDRV ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-27 au 2008-10-27 )))))))))))))))))))))))))))))))))))) . 2008-10-24 16:55 . 2008-10-24 16:55 <REP> d-------- C:\Documents and Settings\GTZ\Application Data\zweitgeist 2008-10-23 07:35 . 2007-07-30 18:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-10-15 08:50 . 2008-10-15 08:50 <REP> d-------- C:\Retrospect 2008-10-14 10:23 . 2004-08-03 22:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys 2008-10-14 10:23 . 2004-08-03 22:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys 2008-10-14 10:23 . 2008-10-14 10:23 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-10-14 10:23 . 2008-10-14 10:23 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2008-10-14 07:35 . 2008-10-14 07:35 <REP> d-------- C:\Program Files\Common Files\PCSuite 2008-10-14 07:35 . 2008-10-14 07:35 <REP> d-------- C:\Program Files\Common Files\Nokia 2008-10-14 07:32 . 2008-10-14 07:32 <REP> d-------- C:\Program Files\PC Connectivity Solution 2008-10-14 07:32 . 2007-09-17 14:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys 2008-10-14 07:30 . 2008-05-07 06:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll 2008-10-14 07:30 . 2008-05-07 06:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-10-14 07:30 . 2008-05-07 06:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys 2008-10-14 07:30 . 2008-05-07 06:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys 2008-10-14 07:30 . 2008-05-07 06:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys 2008-10-14 07:30 . 2008-06-06 08:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys 2008-10-14 07:13 . 2008-10-14 07:13 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Installations 2008-10-13 10:34 . 2008-10-13 10:34 <REP> d-------- C:\Documents and Settings\Invité\C 2008-10-13 10:34 . 2008-10-13 10:34 <REP> d-------- C:\Documents and Settings\Invité\C 2008-10-08 10:38 . 2008-10-08 10:38 0 --a------ C:\WINDOWS\nsreg.dat 2008-10-04 12:54 . 2008-10-15 07:43 <REP> d-------- C:\Documents and Settings\GTZ\Application Data\Nokia 2008-10-04 12:41 . 2008-10-14 07:32 <REP> d-------- C:\Program Files\DIFX 2008-10-04 12:40 . 2008-10-15 07:43 <REP> d-------- C:\Documents and Settings\GTZ\Application Data\PC Suite 2008-10-04 12:40 . 2008-10-04 12:41 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite 2008-10-04 12:39 . 2008-10-14 07:35 <REP> d-------- C:\Program Files\Nokia 2008-10-04 12:39 . 2008-05-07 06:38 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2008-10-04 12:37 . 2008-10-14 07:34 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Downloaded Installations 2008-10-02 10:26 . 2008-10-22 07:28 7,680 --ahs---- C:\WINDOWS\system32\Thumbs.db . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-27 13:24 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RetroExp 2008-10-27 13:17 --------- d-----w C:\Program Files\Symantec AntiVirus 2008-10-21 06:18 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! 2008-10-20 08:14 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-10-02 13:41 --------- d-----w C:\Documents and Settings\GTZ\Application Data\AdobeUM 2008-10-02 06:33 --------- d-----w C:\Program Files\Google 2008-09-16 06:38 --------- d-----w C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Softland 2008-09-15 08:26 --------- d-----w C:\Program Files\Softland 2008-09-08 14:06 --------- d-----w C:\Documents and Settings\GTZ\Application Data\vlc 2008-09-08 13:08 --------- d-----w C:\Program Files\VideoLAN 2008-08-28 11:10 21,656 ----a-w C:\WINDOWS\system32\dopdfmn6.dll 2008-08-28 11:10 18,072 ----a-w C:\WINDOWS\system32\dopdfmi6.dll 2008-08-28 10:09 --------- d-----w C:\Program Files\Retrospect . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-08 68856] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352] "Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-19 4347120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-20 729178] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-12-21 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-12-21 126976] "Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-09-07 213054] "eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816] "UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-04-27 122941] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2004-12-09 790528] "WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2004-12-08 184320] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 385024] "RoxioDragToDisc"="C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2005-02-04 1695744] "StatusClient 2.6"="C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2004-02-27 61440] "TomcatStartup 2.5"="C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-05-11 188416] "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-01-07 49152] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-18 48752] "vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2005-05-09 85088] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-21 266497] "RetroExpress"="C:\PROGRA~1\RETROS~1\RETROS~1.0\RetroExpress.exe" [2007-01-22 9385504] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "AGRSMMSG"="AGRSMMSG.exe" [2004-08-24 C:\WINDOWS\AGRSMMSG.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 C:\WINDOWS\system32\bthprops.cpl] C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\ Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 217193] DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2005-12-09 184320] [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au] "NoAutoUpdate"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] 2004-10-15 11:27 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=ztepri.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\Retrospect\\Retrospect Express HD 2.0\\Retrospect.exe"= "C:\\Program Files\\Retrospect\\Retrospect Express HD 2.0\\retrorun.exe"= "C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"= R3 EraserUtilDrvI7;EraserUtilDrvI7;C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys [2008-09-17 99376] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{012a40c4-11cb-11dd-942a-0012f0d3ad4d}] \Shell\AutoRun\command - E:\rdsfk.com \Shell\explore\Command - E:\rdsfk.com \Shell\open\Command - E:\rdsfk.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0551a68b-2b28-11dd-944f-0012f0d3ad4d}] \Shell\Autoexec\command - wscript "The_Cars.vbs" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "The_Cars.vbs" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2887c68a-1e80-11dc-92d0-0012f0d3ad4d}] \Shell\Auto\command - wscript "esta ig.vbs" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d0385e2-0881-11dc-92ba-0012f0d3ad4d}] \Shell\Auto\command - E:\Cn911.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4085ffe4-ffef-11dc-9410-0012f0d3ad4d}] \Shell\AutoRun\command - E:\6l6w8.com \Shell\explore\Command - E:\6l6w8.com \Shell\open\Command - E:\6l6w8.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{408c6734-dc65-11db-9285-0012f0d3ad4d}] \Shell\Auto\command - E:\bittorrent.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fb6e7dc-333e-11db-91c8-0012f0d3ad4d}] \Shell\AutoRun\command - E:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c368e30-1c06-11dd-943b-0012f0d3ad4d}] \Shell\Autoexec\command - wscript "The_Cars.vbs" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "The_Cars.vbs" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96b75dd8-9355-11dc-9366-0012f0d3ad4d}] \Shell\1\Command - RUNAUT~1\autorun.pif \Shell\2\Command - RUNAUT~1\autorun.pif \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNAUT~1\autorun.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a305f5a-ff85-11db-92b4-0012f0d3ad4d}] \Shell\Auto\command - wscript "Sex City.jpg.wsf" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4631ac1-2d43-11dd-9456-0012f0d3ad4d}] \Shell\Autoexec\command - wscript "The_Cars.vbs" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "The_Cars.vbs" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a986818c-de80-11db-928a-0012f0d3ad4d}] \Shell\Auto\command - E:\Cn911.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31f86cc-2cc8-11dd-9454-0012f0d3ad4d}] \Shell\AutoRun\command - E:\2.bat \Shell\explore\Command - E:\2.bat \Shell\open\Command - E:\2.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31f86ce-2cc8-11dd-9454-0012f0d3ad4d}] \Shell\AutoRun\command - cl.bat \Shell\explore\Command - cl.bat \Shell\open\Command - cl.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9ff9abf-3042-11dc-92e6-0012f0d3ad4d}] \Shell\Auto\command - E:\Cn911.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d4703206-baa5-11da-9137-0012f0d3ad4d}] \Shell\Autoexec\command - wscript "The_Cars.vbs" \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "The_Cars.vbs" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d78be294-e28f-11db-928e-0012f0d3ad4d}] \Shell\Auto\command - E:\Cn911.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df2e49de-ee84-11dc-93fc-0012f0d3ad4d}] \Shell\AutoRun\command - E:\v.com \Shell\explore\Command - E:\v.com \Shell\open\Command - E:\v.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2fb75bd-7587-11dc-933f-0012f0d3ad4d}] \Shell\AutoRun\command - E:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2fb75be-7587-11dc-933f-0012f0d3ad4d}] \Shell\AutoOpen\command - F:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e61534d2-336c-11dc-92eb-0012f0d3ad4d}] \Shell\Auto\command - E:\Cn911.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e768be56-bce2-11db-925a-0012f0d3ad4d}] \Shell\Auto\command - bittorrent.exe e \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebc7926d-ac85-11dc-9385-0012f0d3ad4d}] \Shell\1\Command - E:\RUNAUT~1\autorun.pif \Shell\2\Command - E:\RUNAUT~1\autorun.pif \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNAUT~1\autorun.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe1fcfb0-0160-11dd-9414-0012f0d3ad4d}] \Shell\AutoRun\command - E:\uqhqx1.cmd \Shell\explore\Command - E:\uqhqx1.cmd \Shell\open\Command - E:\uqhqx1.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fee35660-2896-11dd-944a-0012f0d3ad4d}] \Shell\AutoRun\command - E:\2.bat \Shell\explore\Command - E:\2.bat \Shell\open\Command - E:\2.bat . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-Cn911 - C:\WINDOWS\system32\ODBCJET.exe HKLM-Explorer_Run-scrnsave - C:\WINDOWS\system32\scrnsave.exe ShellExecuteHooks-{51351752-5628-1547-FFAB-BADC13512AF5} - C:\WINDOWS\system32\ztepri.dll ShellExecuteHooks-{252D2432-37A2-324F-2A54-21BF5CF2F1A2} - C:\WINDOWS\system32\jhapri.dll Notify-WgaLogon - (no file) . ------- Examen supplémentaire ------- . FireFox -: Profile - C:\Documents and Settings\GTZ\Application Data\Mozilla\Firefox\Profiles\biyiboxx.default\ FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\browser\nppdf32.dll FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-27 14:19:16 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????4?3?6?6??????? ???B???????????????B? ?????? Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . ------------------------ Autres processus actifs ------------------------ . C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Retrospect\Retrospect Express HD 2.0\retrorun.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe C:\Program Files\Retrospect\Retrospect Express HD 2.0\Retrospect.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avwsc.exe . ************************************************************************** . Heure de fin: 2008-10-27 14:32:17 - La machine a redémarré [GTZ] ComboFix-quarantined-files.txt 2008-10-27 13:31:59 Avant-CF: 15,169,593,344 octets libres Après-CF: 15,335,399,424 octets libres 275 --- E O F --- 2007-07-24 16:06:00
×
×
  • Créer...