Aller au contenu

tamsou7

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par tamsou7

  1. tamsou7
    ComboFix 10-03-05.03 - MASTER 06/03/2010 14:48:34.1.2 - x86 NETWORK Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.510.253 [GMT 1:00] Lancé depuis: c:\documents and settings\MASTER\Bureau\Tamsou7.exe AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\MASTER\LOCALS~1\Temp\tmp1.tmp c:\docume~1\MASTER\LOCALS~1\Temp\tmp2.tmp c:\documents and settings\Administrateur.MASTER-464D5772\Application Data\avdrn.dat c:\documents and settings\Administrateur.MASTER-464D5772\Application Data\wiaservg.log c:\documents and settings\Administrateur.MASTER-464D5772\Bureau\Antimalware Defender.lnk c:\documents and settings\Administrateur.MASTER-464D5772\oashdihasidhasuidhiasdhiashdiuasdhasd c:\documents and settings\Administrateur.MASTER-464D5772\reader_s.exe c:\documents and settings\Administrateur.MASTER-464D5772\SyncMan.exe c:\documents and settings\Administrateur\Application Data\avdrn.dat c:\documents and settings\Administrateur\Application Data\wiaservg.log c:\documents and settings\Administrateur\reader_s.exe c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd c:\documents and settings\MASTER\Application Data\avdrn.dat c:\documents and settings\MASTER\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Defender.lnk c:\documents and settings\MASTER\Application Data\wiaservg.log c:\documents and settings\MASTER\Bureau\Antimalware Defender.lnk c:\documents and settings\MASTER\csrss.exe c:\documents and settings\MASTER\oashdihasidhasuidhiasdhiashdiuasdhasd c:\documents and settings\MASTER\reader_s.exe C:\lsass.exe c:\program files\Antimalware Defender c:\program files\Dr. Guard c:\program files\Dr. Guard\drg.db c:\program files\Dr. Guard\drgext.dll c:\program files\Dr. Guard\drghook.dll c:\program files\Dr. Guard\drguard.exe c:\program files\Dr. Guard\uninstall.exe c:\recycler\S-1-5-21-0047244358-0826223966-428070403-3805 c:\recycler\S-1-5-21-0243936033-3052116371-381863308-1811 c:\recycler\S-1-5-21-0420647622-7669398836-658272004-1332 c:\recycler\S-1-5-21-0458168799-4480507171-735754364-2696 c:\recycler\S-1-5-21-0566399933-0463200321-718687124-0907 c:\recycler\S-1-5-21-0621563554-4684928920-942044346-1570 c:\recycler\S-1-5-21-0667513399-5659632336-779973723-5538 c:\recycler\S-1-5-21-0759569690-1342349572-371567203-8549 c:\recycler\S-1-5-21-0794442555-3796621335-825558533-0830 c:\recycler\S-1-5-21-0997747962-5429107749-359665263-7498 c:\recycler\S-1-5-21-1107099697-7235732470-713733946-3047 c:\recycler\S-1-5-21-1331198216-5643662902-530620313-6601 c:\recycler\S-1-5-21-1417150013-9645002818-798922690-4438 c:\recycler\S-1-5-21-1422039133-3574537284-822403505-9694 c:\recycler\S-1-5-21-1568782033-7551901052-902477829-3965 c:\recycler\S-1-5-21-1718063519-4169578607-038020062-8643 c:\recycler\S-1-5-21-1823087825-9854929730-730552739-6586 c:\recycler\S-1-5-21-1974493954-8425629058-650390449-7100 c:\recycler\S-1-5-21-2053325135-0385509746-698446296-3156 c:\recycler\S-1-5-21-2157712207-8124754130-653618681-4099 c:\recycler\S-1-5-21-2194845302-4517207276-927542583-1024 c:\recycler\S-1-5-21-2248199536-3925386484-207684684-1537 c:\recycler\S-1-5-21-2420317413-8611615035-706057683-6578 c:\recycler\S-1-5-21-2510640689-7916173766-717892282-3335 c:\recycler\S-1-5-21-2632212545-4690247666-411222984-7343 c:\recycler\S-1-5-21-2722284804-8104295008-906005780-9945 c:\recycler\S-1-5-21-2889787115-7184497221-803847157-9034 c:\recycler\S-1-5-21-3013843012-6794351288-987058805-3646 c:\recycler\S-1-5-21-3073598253-9659449804-727642768-9325 c:\recycler\S-1-5-21-3172502359-5411693508-678183744-4048 c:\recycler\S-1-5-21-3212835429-3767081796-328502310-3105 c:\recycler\S-1-5-21-3370872439-8786738635-653895064-9299 c:\recycler\S-1-5-21-3391503781-9611390697-168634388-6333 c:\recycler\S-1-5-21-3397823606-0531720612-054755442-6706 c:\recycler\S-1-5-21-3409591208-4313941077-005515636-3718 c:\recycler\S-1-5-21-3419831833-3642905192-120462004-2453 c:\recycler\S-1-5-21-3480050041-7928214529-865335710-2005 c:\recycler\S-1-5-21-3524273112-0083317532-154694490-9502 c:\recycler\S-1-5-21-3822204451-8152265316-570777200-7212 c:\recycler\S-1-5-21-3826693832-9983299110-547552896-6082 c:\recycler\S-1-5-21-3837385293-9874616842-422388384-5139 c:\recycler\S-1-5-21-3862845815-3103680456-804265959-7232 c:\recycler\S-1-5-21-3947451495-8864283958-743106877-7199 c:\recycler\S-1-5-21-4064007399-0754387342-244994051-0314 c:\recycler\S-1-5-21-4173791241-4834633024-951989371-9479 c:\recycler\S-1-5-21-4253995215-5848622038-516840159-6587 c:\recycler\S-1-5-21-4298619840-4171366680-229581665-3908 c:\recycler\S-1-5-21-4378925588-2801233133-124172890-6108 c:\recycler\S-1-5-21-4485097369-3934399786-078052080-0711 c:\recycler\S-1-5-21-4982471994-1651807610-783025164-1523 c:\recycler\S-1-5-21-5011698683-8757309510-012508177-1100 c:\recycler\S-1-5-21-5236935386-3433102782-483858566-2678 c:\recycler\S-1-5-21-5441516236-0841271410-089826368-2777 c:\recycler\S-1-5-21-5542653265-6637817719-799890292-4711 c:\recycler\S-1-5-21-5779233686-1546310448-566865826-6410 c:\recycler\S-1-5-21-5794697907-0711335609-226246356-7189 c:\recycler\S-1-5-21-5835114251-0773631278-779397255-7261 c:\recycler\S-1-5-21-5911904615-7464443201-234189702-8907 c:\recycler\S-1-5-21-6019950313-3719015736-125293410-1607 c:\recycler\S-1-5-21-6334488206-1125504624-115297350-8283 c:\recycler\S-1-5-21-6353747725-3630474816-233505027-8014 c:\recycler\S-1-5-21-6460768339-4114418697-562129161-8567 c:\recycler\S-1-5-21-6467225381-7050888226-926515928-5250 c:\recycler\S-1-5-21-6701826170-4169283416-484767856-7933 c:\recycler\S-1-5-21-6737479114-9885694608-723531329-7062 c:\recycler\S-1-5-21-7004358437-1983612761-717375242-6556 c:\recycler\S-1-5-21-7262345708-6354247776-236120946-9237 c:\recycler\S-1-5-21-7355307877-3788431189-950701538-5605 c:\recycler\S-1-5-21-7495333095-3372479459-680045854-9191 c:\recycler\S-1-5-21-7607990987-2300426659-680350399-9851 c:\recycler\S-1-5-21-7662805535-7388597635-679889000-8178 c:\recycler\S-1-5-21-8013008125-8432520048-410683645-5339 c:\recycler\S-1-5-21-8074458345-9035262130-149991377-3827 c:\recycler\S-1-5-21-8102216435-9214438382-637578217-1707 c:\recycler\S-1-5-21-8228105932-4478993877-796063377-4435 c:\recycler\S-1-5-21-8312226472-3824187438-709430190-8875 c:\recycler\S-1-5-21-8354373069-8933133231-433754268-7569 c:\recycler\S-1-5-21-8477343599-1104377587-388123058-7998 c:\recycler\S-1-5-21-8625749682-9881351651-742054500-7164 c:\recycler\S-1-5-21-8755483421-5617165518-650228757-6169 c:\recycler\S-1-5-21-8776731890-5069218289-404300865-2387 c:\recycler\S-1-5-21-9211230184-0279537079-538839958-7101 c:\recycler\S-1-5-21-9300703735-4017101441-150869337-1123 c:\recycler\S-1-5-21-9303713725-8315770474-762785044-3363 c:\recycler\S-1-5-21-9345663624-4381274063-184926343-5905 c:\recycler\S-1-5-21-9381090102-9301123813-940978842-8056 c:\recycler\S-1-5-21-9563482873-4636558868-923224889-7714 c:\recycler\S-1-5-21-9564355668-0657206703-052713557-4831 c:\recycler\S-1-5-21-9820541149-1075671830-961771494-4871 c:\recycler\S-1-5-21-9905247646-7049052823-387828865-5598 c:\windows\cidrive32.exe c:\windows\logfile32.txt c:\windows\msa.exe c:\windows\msb.exe c:\windows\msc.exe c:\windows\msd.exe c:\windows\mse.exe c:\windows\msf.exe c:\windows\msg.exe c:\windows\msh.exe c:\windows\msi.exe c:\windows\msj.exe c:\windows\msk.exe c:\windows\msl.exe c:\windows\msm.exe c:\windows\msn.exe c:\windows\mso.exe c:\windows\msp.exe c:\windows\msq.exe c:\windows\msr.exe c:\windows\system32\1236999731.dat c:\windows\system32\acctres.dlli.exe c:\windows\system32\acelpdecc.exe c:\windows\system32\acelpdeccw.exe c:\windows\system32\ahui.exei.exe c:\windows\system32\drivers\KGootkit.sys c:\windows\system32\drivers\PDFRAME.sys c:\windows\system32\firewall.exe c:\windows\system32\isass.exe c:\windows\system32\lssas.exe c:\windows\system32\reader_s.exe c:\windows\system32\regedit.exe c:\windows\system32\sshnas21.dll c:\windows\system32\svvchost.exe c:\windows\system32\SyncMan.exe c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job c:\windows\system32\drivers\ndis.sys . . . est infecté!! Une copie infectée de c:\windows\system32\midimap.dll a été trouvée et désinfectée Copie restaurée à partir de - c:\windows\system32\dllcache\midimap.dll c:\windows\system32\drivers\cdrom.sys était absent Copie restaurée à partir de - c:\system volume information\_restore{DF92646D-79D5-4FC4-8BD7-EAA44F7635D5}\RP16\A0042718.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_KGOOTKIT -------\Legacy_MDMHELPSVC -------\Legacy_MSUPDATE -------\Legacy_SHELLHWDETECTIONRSVP -------\Legacy_SSHNAS -------\Legacy_TERMSERVICEERSVC -------\Legacy_WMPNETWORKSVCDCOMLAUNCH -------\Legacy__VOIDcwostheexy -------\Legacy__VOIDeewiwtsspp -------\Legacy__VOIDmxthxwmqec -------\Legacy__VOIDnnentixfti -------\Legacy__VOIDnsmqppevxi -------\Legacy__VOIDqdcxbdmyni -------\Legacy__VOIDqspfthwecv -------\Legacy__VOIDxxymebbxnq -------\Service__VOIDcwostheexy -------\Service__VOIDeewiwtsspp -------\Service__VOIDmxthxwmqec -------\Service__VOIDnnentixfti -------\Service__VOIDnsmqppevxi -------\Service__VOIDqdcxbdmyni -------\Service__VOIDqspfthwecv -------\Service__VOIDxxymebbxnq -------\Service_KGootkit -------\Service_MDMhelpsvc -------\Service_msupdate -------\Service_ShellHWDetectionRSVP -------\Service_SSHNAS -------\Service_TermServiceERSvc -------\Service_WMPNetworkSvcDcomLaunch ((((((((((((((((((((((((((((( Fichiers créés du 2010-02-06 au 2010-03-06 )))))))))))))))))))))))))))))))))))) . 2010-03-06 13:54 . 2008-04-14 23:30 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys 2010-03-05 16:42 . 2010-03-05 16:42 -------- d-----w- c:\program files\Fichiers communs\PCCamera 2010-03-05 16:42 . 2010-03-05 16:42 -------- d-----w- c:\program files\Trust 2010-03-05 16:06 . 2010-03-05 17:55 -------- d-----w- c:\windows\SxsCaPendDel 2010-03-04 14:31 . 2010-03-04 14:31 -------- d-----w- c:\documents and settings\MASTER\Application Data\Vivox 2010-03-04 14:22 . 2010-03-06 12:08 -------- d-----w- c:\documents and settings\MASTER\Application Data\IMVU 2010-03-04 14:22 . 2010-03-04 14:22 76782 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\Uninstall.exe 2010-03-04 14:21 . 2010-03-04 14:22 -------- d-----w- c:\documents and settings\MASTER\Application Data\IMVUClient 2010-03-03 13:12 . 2006-07-22 06:40 143360 ----a-w- c:\windows\system32\RtlCPAPI.dll 2010-03-03 11:28 . 2010-03-03 11:28 -------- d-----w- c:\windows\_VOIDqdcxbdmyni 2010-03-03 10:03 . 2010-03-03 10:03 126 ----a-w- c:\windows\awfu.bat 2010-03-02 17:24 . 2010-03-02 17:24 92312 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\IMVUupdater.exe 2010-03-02 17:24 . 2010-03-02 17:24 52992 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\IMVUClient.exe 2010-03-02 17:24 . 2010-03-02 17:24 21760 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\IMVUQualityAgent.exe 2010-03-02 14:59 . 2010-03-03 12:46 -------- d-----w- c:\windows\system32\config\systemprofile\Tracing 2010-03-02 14:57 . 2010-03-02 14:57 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-03-02 11:44 . 2010-03-02 11:44 126 ----a-w- c:\windows\system32\socblhm.bat 2010-03-02 11:44 . 2010-03-02 11:44 130 ----a-w- c:\windows\owaiukxq.bat 2010-03-02 11:44 . 2010-03-02 11:44 127 ----a-w- c:\documents and settings\MASTER\coujstet.bat 2010-03-01 16:43 . 2010-03-01 16:43 121856 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\WriteMiniDump.exe 2010-03-01 16:42 . 2010-03-01 16:42 45568 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\ui\plugins\npvivoxproxy.dll 2010-03-01 16:42 . 2010-03-01 16:42 1259008 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\SceneWindow.dll 2010-03-01 16:41 . 2010-03-01 16:41 54784 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\ui\plugins\nphwndproxy.dll 2010-03-01 16:41 . 2010-03-01 16:41 16896 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\MemoryHook.dll 2010-03-01 16:40 . 2010-03-01 16:40 320000 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\cal3d.dll 2010-03-01 16:40 . 2010-03-01 16:40 198656 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\boost_python.dll 2010-03-01 16:39 . 2010-03-01 16:39 29184 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\CallStack.dll 2010-03-01 16:39 . 2010-03-01 16:39 260096 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\audiere.dll 2010-03-01 15:49 . 2010-03-01 15:49 -------- d-----w- c:\windows\_VOIDcwostheexy 2010-03-01 15:47 . 2010-03-01 15:47 130 ----a-w- c:\windows\iynkxawd.bat 2010-03-01 10:47 . 2010-03-01 10:47 129 ----a-w- c:\windows\bowxbaq.bat 2010-03-01 00:23 . 2010-03-06 11:14 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-02-28 22:29 . 2010-02-28 22:29 -------- d-----w- c:\windows\_VOIDqspfthwecv 2010-02-28 19:58 . 2010-02-28 19:59 -------- d-----w- c:\windows\_VOIDnsmqppevxi 2010-02-28 19:58 . 2010-02-28 19:58 -------- d-----w- c:\windows\_VOIDnnentixfti 2010-02-27 12:51 . 2010-02-27 12:51 -------- d-----w- c:\windows\_VOIDxxymebbxnq 2010-02-27 12:50 . 2010-02-27 12:50 -------- d-----w- c:\windows\_VOIDmxthxwmqec 2010-02-27 12:49 . 2010-03-06 13:57 791552 ----a-w- c:\windows\system32\drivers\ftchf.sys 2010-02-27 11:38 . 2010-03-05 15:00 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-02-27 11:38 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-02-27 11:38 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-02-27 11:38 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-02-27 11:38 . 2010-02-27 11:38 -------- d-----w- c:\program files\Avira 2010-02-27 11:38 . 2010-02-27 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-02-27 11:34 . 2010-02-27 11:34 -------- d-----w- c:\documents and settings\Administrateur.MASTER-464D5772\Local Settings\Application Data\Mozilla 2010-02-26 23:10 . 2010-02-26 23:10 -------- d-----w- c:\documents and settings\Administrateur\Tracing 2010-02-26 21:16 . 2010-02-26 21:16 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla 2010-02-26 08:19 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll 2010-02-26 07:32 . 2008-04-13 09:40 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys 2010-02-26 07:32 . 2008-04-13 09:40 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys 2010-02-26 07:32 . 2008-04-13 09:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2010-02-26 07:32 . 2008-04-13 09:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys 2010-02-26 07:32 . 2008-04-13 06:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2010-02-26 07:32 . 2008-04-13 06:11 8192 ----a-w- c:\windows\system32\drivers\Changer.sys 2010-02-26 07:31 . 2010-02-26 07:31 304160 ----a-w- C:\PA207.DAT 2010-02-26 07:26 . 2007-11-02 10:07 6656 ----a-w- c:\windows\system32\CoInst_080213.dll 2010-02-26 07:26 . 2010-03-05 16:42 -------- d-----w- c:\windows\PixArt 2010-02-26 07:08 . 2010-02-26 07:08 -------- d-----w- c:\windows\ie8updates 2010-02-25 21:07 . 2010-02-25 21:07 503808 ----a-w- c:\documents and settings\MASTER\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6b018d26-n\msvcp71.dll 2010-02-25 21:07 . 2010-02-25 21:07 499712 ----a-w- c:\documents and settings\MASTER\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6b018d26-n\jmc.dll 2010-02-25 21:07 . 2010-02-25 21:07 348160 ----a-w- c:\documents and settings\MASTER\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6b018d26-n\msvcr71.dll 2010-02-25 21:06 . 2010-02-25 21:06 61440 ----a-w- c:\documents and settings\MASTER\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2a5d41ee-n\decora-sse.dll 2010-02-25 21:06 . 2010-02-25 21:06 12800 ----a-w- c:\documents and settings\MASTER\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2a5d41ee-n\decora-d3d.dll 2010-02-25 21:06 . 2010-02-25 21:06 -------- d-----w- c:\program files\Fichiers communs\Java 2010-02-25 21:06 . 2010-02-25 21:05 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-25 21:05 . 2010-02-25 21:05 -------- d-----w- c:\program files\Java 2010-02-25 12:00 . 2010-02-26 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-25 12:00 . 2010-02-26 08:19 -------- d-----w- c:\program files\Alwil Software 2010-02-25 11:33 . 2009-12-21 19:01 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-02-25 11:33 . 2009-12-21 19:01 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-02-25 11:33 . 2009-12-21 19:01 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-02-25 11:33 . 2009-12-21 19:01 1986048 -c----w- c:\windows\system32\dllcache\iertutil.dll 2010-02-25 11:33 . 2009-12-21 19:01 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-02-25 10:33 . 2009-12-04 17:25 456832 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-02-25 07:01 . 2005-02-25 03:35 22752 ----a-w- c:\windows\system32\spupdsvc.exe 2010-02-25 07:00 . 2008-04-14 23:30 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2010-02-24 23:42 . 2010-02-24 23:42 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-02-24 23:42 . 2010-03-06 11:22 -------- d-----w- c:\documents and settings\MASTER\Application Data\skypePM 2010-02-24 23:40 . 2010-03-06 13:55 -------- d-----w- c:\documents and settings\MASTER\Application Data\Skype 2010-02-24 23:40 . 2010-02-24 23:40 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-02-24 23:40 . 2010-02-24 23:40 -------- d-----r- c:\program files\Skype 2010-02-24 23:40 . 2010-02-24 23:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-02-24 22:40 . 2010-02-26 07:30 -------- d-----w- c:\documents and settings\MASTER\Application Data\Snapfish 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-02-24 19:29 . 2010-02-24 19:30 -------- d-----w- c:\program files\Real 2010-02-24 19:24 . 2010-03-02 11:32 -------- d-----w- c:\program files\Fichiers communs\DVDVideoSoft 2010-02-24 19:24 . 2010-03-02 11:32 -------- d-----w- c:\program files\DVDVideoSoft 2010-02-24 19:23 . 2010-03-06 11:04 -------- d-----w- c:\documents and settings\MASTER\Tracing 2010-02-24 19:21 . 2010-02-24 19:21 -------- d-----w- c:\program files\Microsoft 2010-02-24 19:21 . 2010-02-24 19:21 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-02-24 19:20 . 2010-02-24 19:21 -------- d-----w- c:\program files\Windows Live 2010-02-24 18:48 . 2010-02-24 18:48 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2010-02-24 18:47 . 2010-02-24 19:23 79120 ----a-w- c:\documents and settings\MASTER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-24 18:35 . 2010-02-24 18:50 -------- d-----w- c:\documents and settings\MASTER\Local Settings\Application Data\Temp 2010-02-24 18:35 . 2010-02-24 18:51 -------- d-----w- c:\documents and settings\MASTER\Local Settings\Application Data\Google 2010-02-24 18:32 . 2010-02-24 18:32 -------- d-----w- c:\program files\ChameleonTom 2010-02-24 18:27 . 2010-02-24 18:27 -------- d-----w- c:\windows\Downloaded Installations 2010-02-24 18:26 . 2010-02-24 18:26 -------- d-----w- C:\download 2010-02-24 17:57 . 2008-04-13 14:03 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2010-02-24 17:57 . 2008-04-13 14:03 21504 ----a-w- c:\windows\system32\hidserv.dll 2010-02-24 17:57 . 2008-04-13 17:05 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-02-24 17:57 . 2008-04-13 17:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-02-24 17:57 . 2001-08-23 11:34 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2010-02-24 17:57 . 2001-08-23 11:34 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys 2010-02-24 17:57 . 2008-04-13 09:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-02-24 17:57 . 2008-04-13 09:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-02-24 17:57 . 2008-04-13 09:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2010-02-24 17:57 . 2008-04-13 09:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2010-02-24 08:22 . 2010-02-24 08:22 -------- d-----w- c:\documents and settings\MASTER\Application Data\Simple Star 2010-02-24 08:22 . 2004-11-17 21:24 421888 ----a-w- c:\windows\Nero PhotoShow.scr 2010-02-24 08:22 . 2010-02-24 08:22 -------- d-----w- C:\Demo Album 2010-02-24 08:21 . 2010-02-24 08:21 -------- d-----w- c:\documents and settings\MASTER\Application Data\Ahead 2010-02-24 08:18 . 2010-02-24 08:18 -------- d-----w- c:\program files\Fichiers communs\Nero 2010-02-24 08:08 . 2010-02-24 08:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2010-02-24 08:08 . 2010-03-05 16:09 -------- d-----w- c:\program files\Ahead 2010-02-24 01:32 . 2010-02-24 01:32 442368 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\sqlite3.dll 2010-02-23 16:35 . 2010-02-23 16:35 -------- d-----w- C:\dx 2300 2010-02-23 14:12 . 2010-02-23 14:12 0 ----a-w- c:\windows\nsreg.dat 2010-02-23 14:12 . 2010-02-23 14:12 -------- d-----w- c:\documents and settings\MASTER\Local Settings\Application Data\Mozilla 2010-02-23 14:11 . 2010-02-23 14:12 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-02-23 14:10 . 2001-03-08 18:30 24064 ------w- c:\windows\system32\msxml3a.dll 2010-02-23 14:10 . 2010-02-24 19:29 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-02-23 14:10 . 2010-02-24 19:29 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-02-23 14:10 . 2010-02-26 21:29 -------- d-----w- c:\program files\CyberLink . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-05 16:42 . 2010-02-23 11:08 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-05 15:58 . 2010-02-23 11:08 -------- d-----w- c:\program files\Realtek 2010-02-28 10:20 . 2010-02-28 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2010-02-28 10:20 . 2010-02-28 10:20 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe 2010-02-28 10:20 . 2010-02-28 10:20 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe 2010-02-28 10:20 . 2010-02-28 10:20 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe 2010-02-28 10:20 . 2010-02-28 10:20 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe 2010-02-28 10:19 . 2010-02-28 10:20 34503600 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_fre_web.exe 2010-02-26 21:19 . 2008-04-14 23:30 212480 ----a-w- c:\windows\system32\drivers\ndis.sys 2010-02-26 07:30 . 2008-04-14 23:30 367658 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-26 07:30 . 2008-04-14 23:30 48616 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-26 07:04 . 2010-02-26 07:04 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\pdytbs.dat 2010-02-25 06:35 . 2009-09-19 03:20 219648 ----a-w- c:\windows\system32\uxtheme.dll 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-02-24 19:30 . 2010-02-24 19:30 300616 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-02-24 19:30 . 2010-02-24 19:30 118784 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-02-24 19:30 . 2010-02-24 19:30 329312 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-02-24 19:30 . 2010-02-24 19:29 -------- d-----w- c:\program files\Fichiers communs\Real 2010-02-24 19:29 . 2010-02-24 19:29 -------- d-----w- c:\program files\Fichiers communs\xing shared 2010-02-24 18:27 . 2010-02-23 11:04 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2010-02-24 18:04 . 2010-02-24 18:02 21275 ----a-w- c:\windows\system32\drivers\AegisP.sys 2010-02-24 18:04 . 2010-02-24 18:02 -------- d-----w- c:\program files\RALINK 2010-02-23 11:52 . 2010-02-23 10:53 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-23 11:14 . 2010-02-23 11:14 -------- d-----w- c:\program files\Microsoft.NET 2010-02-23 11:14 . 2010-02-23 11:14 -------- d-----w- c:\program files\Microsoft Works 2010-02-23 10:55 . 2010-02-23 10:55 -------- d-----w- c:\program files\microsoft frontpage 2010-02-23 10:52 . 2010-02-23 10:52 -------- d-----w- c:\program files\Services en ligne 2010-02-23 10:50 . 2010-02-23 10:50 21892 ----a-w- c:\windows\system32\emptyregdb.dat 2010-02-23 10:49 . 2010-02-23 10:49 -------- d-----w- c:\program files\Windows Media Connect 2 2010-02-19 00:45 . 2010-02-19 00:45 7506576 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\1VivoxVoice.exe 2010-02-19 00:45 . 2010-02-19 00:45 266384 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\npvivoxvoiceplugin.dll 2010-02-15 22:19 . 2010-02-15 22:19 3771296 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\ui\plugins\NPSWF32.dll 2010-02-15 22:19 . 2010-02-15 22:19 4780688 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\vivoxsdk.dll 2010-02-15 22:19 . 2010-02-15 22:19 330896 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\libsndfile-1.dll 2010-02-15 22:19 . 2010-02-15 22:19 275088 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\vivoxoal.dll 2010-02-15 22:19 . 2010-02-15 22:19 246416 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\ortp.dll 2010-02-15 22:19 . 2010-02-15 22:19 184832 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\ssleay32.dll 2010-02-15 22:19 . 2010-02-15 22:19 1034896 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\dbghelp.dll 2010-02-15 22:19 . 2010-02-15 22:19 1006080 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\libeay32.dll 2010-02-15 22:17 . 2010-02-15 22:17 271929 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\pixomatic.dll 2010-02-15 22:13 . 2010-02-15 22:13 49664 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\w9xpopen.exe 2010-02-15 22:13 . 2010-02-15 22:13 110080 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\pywintypes26.dll 2010-02-15 22:13 . 2010-02-15 22:13 353280 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\pythoncom26.dll 2010-02-15 22:13 . 2010-02-15 22:13 2251264 ----a-w- c:\documents and settings\MASTER\Application Data\IMVUClient\python26.dll 2010-01-01 07:58 . 2009-08-27 02:44 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:01 . 2009-10-13 21:26 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-17 07:41 . 2010-02-23 10:48 347648 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2008-04-14 23:30 33280 ----a-w- c:\windows\system32\csrsrv.dll . ------- Sigcheck ------- [-] 2010-02-26 . 1DF7F42665C94B825322FAE71721130D . 212480 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys [-] 2010-02-26 . 1DF7F42665C94B825322FAE71721130D . 212480 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys [-] 2009-09-19 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [-] 2008-04-14 . 917C64008889003E6EA19CF0793CBD72 . 551424 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [7] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe [-] 2008-04-14 . BCC393F205C17911ED52870968336E8E . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll [7] 2008-04-14 . B4AA331468315B6A174C3F0D5B3BC135 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll [-] 2009-10-13 . 56ABE03512BFA0B5EAD63939B5152BFA . 2308608 . . [5.1.2600.5857] . . c:\windows\system32\ntoskrnl.exe [-] 2008-04-14 . DE4A4AC7328FC80156034E7EB283676D . 579584 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [7] 2008-04-14 . E853F84D3CE2FAA2A802E33CF89AC023 . 579584 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll [-] 2008-04-14 . B45DA298E42C7A44BA96AED93B1D7359 . 1544704 . . [6.00.2900.5512] . . c:\windows\explorer.exe [7] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe [-] 2009-10-13 . A572FDC9769681146A1F34025EC39585 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2008-04-14 . E21578B40C046A3F0FF371A9755145E5 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [7] 2008-04-14 . 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe [-] 2009-10-13 . 590C8193927678C235F3F616A5759CEB . 2187264 . . [5.1.2600.5857] . . c:\windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ ihaupd32.exe [2008-4-15 33280] c:\documents and settings\Administrateur.MASTER-464D5772\Menu D‚marrer\Programmes\D‚marrage\ 61fe13dc-a76b-4e7f-a72f-78726c27a1f0_24.lnk - c:\windows\system32\rundll32.exe [2008-4-15 35328] ihaupd32.exe [2008-4-15 24064] c:\documents and settings\MASTER\Menu D‚marrer\Programmes\D‚marrage\ 61fe13dc-a76b-4e7f-a72f-78726c27a1f0_24.lnk - c:\windows\system32\rundll32.exe [2008-4-15 35328] IMVU.lnk - c:\documents and settings\MASTER\Application Data\IMVUClient\IMVUQualityAgent.exe [2010-3-2 21760] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ 61fe13dc-a76b-4e7f-a72f-78726c27a1f0_24.lnk - c:\windows\system32\rundll32.exe [2008-4-15 35328] Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2010-2-24 606208] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 Si3112r;ATI-4379 Serial ATA Controller;c:\windows\system32\drivers\SI3112r.sys [13/10/2009 21:39 97920] R0 Si3124;Si3124;c:\windows\system32\drivers\si3124.sys [13/10/2009 21:38 76208] R0 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [13/10/2009 21:38 210736] R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [13/10/2009 21:39 108544] S0 199985444;199985444;c:\windows\system32\drivers\199985444.sys --> c:\windows\system32\drivers\199985444.sys [?] S0 2224596009;2224596009;c:\windows\system32\drivers\2224596009.sys --> c:\windows\system32\drivers\2224596009.sys [?] S1 bced7bd;bced7bd;c:\windows\system32\drivers\bced7bd.sys --> c:\windows\system32\drivers\bced7bd.sys [?] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [27/02/2010 12:38 108289] S2 darkness;IpSec service;c:\windows\system\svchost.exe --> c:\windows\system\svchost.exe [?] --- Autres Services/Pilotes en mémoire --- *Deregistered* - ftchf . Contenu du dossier 'Tâches planifiées' 2010-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-484763869-1644491937-1003Core.job - c:\documents and settings\MASTER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-24 18:35] 2010-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-484763869-1644491937-1003UA.job - c:\documents and settings\MASTER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-24 18:35] 2010-03-06 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-343818398-484763869-1644491937-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38] 2010-03-06 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-343818398-484763869-1644491937-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38] 2010-03-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-484763869-1644491937-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38] 2010-03-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-484763869-1644491937-500.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38] . . ------- Examen supplémentaire ------- . IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\MASTER\Application Data\Mozilla\Firefox\Profiles\5ckpo1gq.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\MASTER\Local Settings\Application Data\Google\Update\1.2.183.17\npGoogleOneClick8.dll . - - - - ORPHELINS SUPPRIMES - - - - BHO-{61fe13dc-a76b-4e71-a72f-78726c27a1f0} - c:\windows\system32\61fe13dc-a76b-4e7f-a72f-78726c27a1f0_24.avi SSODL-GootkitSSO-{EBE342C8-C105-4E3D-8BB6-72F80A6824DC} - c:\windows\System32\msxsltsso.dll AddRemove-Antimalware Defender - c:\program files\Antimalware Defender\Antimalware Defender.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-06 14:56 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe >>UNKNOWN [0x82288580]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf86aaf28 \Driver\ACPI -> ACPI.sys @ 0xf853ccb8 \Driver\atapi -> atapi.sys @ 0xf83a0852 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: -> SendCompleteHandler -> 0x0 PacketIndicateHandler -> 0x0 SendHandler -> 0x0 user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ftchf] . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(736) c:\windows\system32\SETUPAPI.dll c:\windows\system32\sfc_os.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(796) c:\windows\system32\setupapi.dll c:\windows\system32\scecli.dll c:\windows\system32\psbase.dll - - - - - - - > 'Explorer.EXE'(1908) c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2010-03-06 15:03:04 - La machine a redémarré ComboFix-quarantined-files.txt 2010-03-06 14:02 Avant-CF: 28 710 748 160 octets libres Après-CF: 29 019 959 296 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 26524564DB4F65FD99F6CCD03ECDC810
  2. tamsou7

    LE son ne marche plus

    tamsou7 a posté un sujet dans Hardware

    Bonjour Le son de mon PC ne marche plus merci d'avance !
  3. tamsou7
    bonjour merci de m'avoir aider mais c'est toujours le même problème !
  4. tamsou7
    salut tout le monde j'ai beaucoup de problèmes : j'ai windows xp professionnel service pack3 1- l'antivirus(Antivir, free antivirus) ne protège plus, quand je l'ouvre il ne s'ouvre pas, par contre en mode sans échec il s'ouvre et fait l'analyse 2- quand j'installe un programme il me dit de redémarrer . j'accepte et il ne redémarre pas 3- quand je le dit de arrêter l'ordinateur il n'exécute pas 4- quand j'ouvre internet explorer il se ferme tout seule 5- le son de mon PC ne marche plus merci d'avance pour votre aide et votre patience
×
×
  • Créer...