ComboFix : Analyse rapport

[rf.cerf]

Bonjour à Tous,

J'ai utlisé ComboFix en mode sans échec sur mon ordi.

Tout semble s'être bien passé.

ComboFis à généré son rapport.

Quelqu'un peut-il me dire ce qu'il ressort de ce document que je colle tel quel ci-après:

 

ComboFix 08-09-19.09 - SYSTEM 2008-09-20 15:33:18.1 - NTFSx86 NETWORK

Lancé depuis: C:\Windows\system32\config\systemprofile\Desktop\ANTIBAGLE.exe

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Windows\system32\ban_list.txt

 

.

((((((((((((((((((((((((((((( Fichiers créés du 2008-08-20 au 2008-09-20 ))))))))))))))))))))))))))))))))))))

.

 

2008-09-20 15:39 . 2008-09-20 15:39 <REP> d-------- C:\Windows\System32\drivers\downld

2008-09-20 14:38 . 2008-09-03 13:57 333,288 --a------ C:\Windows\System32\sqlite3.dll

2008-09-20 13:57 . 2008-09-20 13:57 0 --a------ C:\Windows\nsreg.dat

2008-09-20 13:47 . 2008-09-20 13:47 <REP> d-------- C:\Users\All Users\Malwarebytes

2008-09-20 13:47 . 2008-09-20 13:47 <REP> d-------- C:\ProgramData\Malwarebytes

2008-09-20 13:47 . 2008-09-20 13:51 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-09-20 13:47 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys

2008-09-20 13:47 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys

2008-09-18 21:23 . 2003-09-22 16:01 11,520 --------- C:\Windows\System32\drivers\WDMSTUB.sys

2008-09-18 21:22 . 2004-05-12 08:49 1,089,536 --------- C:\Windows\System32\ROBOEX32.DLL

2008-09-18 21:22 . 2004-05-12 08:48 49,152 --------- C:\Windows\System32\INETWH32.dll

2008-09-18 21:00 . 2008-09-20 09:51 <REP> d-------- C:\Users\GD\eTrex

2008-09-18 20:29 . 2008-09-18 21:05 <REP> d-------- C:\Users\GD\AppData\Roaming\georando

2008-09-18 20:26 . 2006-05-16 10:54 57,344 --a------ C:\Windows\System32\Mfc42loc.dll

2008-09-18 20:14 . 2008-09-18 20:14 <REP> d-------- C:\Program Files\IGN France

2008-09-17 22:26 . 2008-09-17 22:26 <REP> d-------- C:\Users\GD\AppData\Roaming\GARMIN

2008-09-17 22:24 . 2008-09-17 22:24 <REP> d-------- C:\WebUpdater

2008-09-17 22:21 . 2008-09-18 21:25 <REP> d-------- C:\Garmin

2008-09-17 22:21 . 2007-03-09 00:18 18,432 --a------ C:\Windows\System32\drivers\grmngen.sys

2008-09-17 22:21 . 2007-03-09 00:18 8,320 --a------ C:\Windows\System32\drivers\grmnusb.sys

2008-09-14 00:52 . 2008-07-19 16:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys

2008-09-13 23:47 . 2008-09-13 23:50 <REP> d-------- C:\Program Files\Lavasoft

2008-09-13 23:20 . 2008-09-13 23:20 <REP> d-------- C:\Users\GD\AppData\Roaming\PeerNetworking

2008-09-13 03:54 . 2008-09-13 03:54 <REP> dr------- C:\Users\Public\Videos

2008-09-13 03:54 . 2008-09-13 03:54 <REP> dr------- C:\Users\Public\Pictures

2008-09-13 03:54 . 2008-09-13 03:54 <REP> dr------- C:\Users\Public\Downloads

2008-09-13 02:54 . 2008-09-13 02:54 <REP> d-------- C:\Program Files\Alwil Software

2008-09-13 02:15 . 2008-09-13 02:15 <REP> d-------- C:\Program Files\Sunbelt Software

2008-09-12 23:46 . 2008-09-20 11:07 <REP> d-------- C:\Users\GD\Samsung i900

2008-09-08 20:51 . 2008-09-13 03:54 <REP> dr------- C:\Users\Public\Music

2008-09-08 20:51 . 2008-09-08 20:51 <REP> dr------- C:\Users\Public\Documents

2008-09-07 13:36 . 2008-09-07 13:36 4,096 --a------ C:\Windows\d3dx.dat

2008-09-07 13:31 . 2008-09-07 21:47 <REP> d-------- C:\Program Files\AirXonix

2008-09-07 13:05 . 2008-09-07 13:28 <REP> d-------- C:\Users\GD\jeux

2008-09-05 00:26 . 2008-09-05 00:26 <REP> d--hs---- C:\Windows\ftpcache

2008-09-04 10:57 . 2008-09-04 10:57 1,811,656 --a------ C:\Windows\System32\wuaueng.dll

2008-09-04 10:57 . 2008-09-04 10:57 1,524,736 --a------ C:\Windows\System32\wucltux.dll

2008-09-04 10:57 . 2008-09-04 10:57 53,448 --a------ C:\Windows\System32\wuauclt.exe

2008-09-04 10:57 . 2008-09-04 10:57 45,768 --a------ C:\Windows\System32\wups2.dll

2008-09-04 10:56 . 2008-09-04 10:56 563,912 --a------ C:\Windows\System32\wuapi.dll

2008-09-04 10:56 . 2008-09-04 10:56 83,456 --a------ C:\Windows\System32\wudriver.dll

2008-09-04 10:56 . 2008-09-04 10:56 36,552 --a------ C:\Windows\System32\wups.dll

2008-09-04 10:55 . 2008-09-04 10:55 163,904 --a------ C:\Windows\System32\wuwebv.dll

2008-09-04 10:55 . 2008-09-04 10:55 31,232 --a------ C:\Windows\System32\wuapp.exe

2008-09-02 19:18 . 2008-09-02 19:18 <REP> d-------- C:\Users\GD\AppData\Roaming\Retriever

2008-09-02 19:18 . 2008-09-13 04:01 <REP> d-------- C:\Program Files\Retriever

2008-09-02 19:07 . 2008-09-02 19:07 <REP> d-------- C:\Program Files\Windows Mobile Device Handbook

2008-08-31 11:43 . 2008-08-31 11:43 <REP> d-------- C:\Users\GD\AppData\Roaming\EPSON

2008-08-28 20:31 . 2008-08-28 20:31 <REP> d-------- C:\Windows\Sun

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-09-20 13:39 --------- d---a-w C:\ProgramData\TEMP

2008-09-20 13:08 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard

2008-09-20 13:04 --------- d-----w C:\ProgramData\Spybot - Search & Destroy

2008-09-20 12:42 --------- d-----w C:\Program Files\Spybot - Search & Destroy

2008-09-20 11:16 --------- d-----w C:\Users\GD\AppData\Roaming\uTorrent

2008-09-18 19:22 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-09-13 21:47 --------- d-----w C:\ProgramData\Lavasoft

2008-09-13 19:33 --------- d-----w C:\ProgramData\Microsoft Help

2008-09-13 02:38 --------- d-----w C:\Users\GD\AppData\Roaming\DNA

2008-09-13 02:01 --------- d-----w C:\Program Files\Spyware Doctor

2008-09-13 02:01 --------- d-----w C:\Program Files\Common Files\PC Tools

2008-09-13 01:54 174 --sha-w C:\Program Files\desktop.ini

2008-09-13 01:03 --------- d-----w C:\Program Files\PC Tools Firewall Plus

2008-09-13 00:11 --------- d-----w C:\Program Files\eMule

2008-09-07 11:34 --------- d-----w C:\Program Files\DNA

2008-09-02 17:16 --------- d-----w C:\Program Files\Samsung

2008-08-23 20:26 --------- d-----w C:\ProgramData\Roxio

2008-08-23 10:01 --------- d-----w C:\Users\GD\AppData\Roaming\dvdcss

2008-08-14 04:04 --------- d-----w C:\Program Files\DAEMON Tools Toolbar

2008-08-14 04:04 --------- d-----w C:\Program Files\DAEMON Tools Lite

2008-08-13 20:05 --------- d-----w C:\ProgramData\NOS

2008-08-13 19:59 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys

2008-08-13 19:59 --------- d-----w C:\Users\GD\AppData\Roaming\DAEMON Tools

2008-08-11 16:27 --------- d-----w C:\Program Files\NOS

2008-08-10 21:47 --------- d-----w C:\Program Files\Common Files\FotoNation

2008-08-10 21:44 --------- d-----w C:\Program Files\Common Files\Adobe

2007-12-07 23:07 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

2007-12-07 23:07 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

2007-12-07 23:07 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-27 1232896]

"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [2005-02-23 831496]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]

"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 1421824]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

"3gp Player"="C:\Program Files\3gp Player\3gpPlayer.exe" [2007-09-20 634368]

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 5308416]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-09-13 243200]

"MSPService"="C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]

"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400]

"toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]

"ACTIVBOARD"="C:\Program Files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [2007-11-09 2598808]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]

"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 1185264]

"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 1961576]

"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-10-17 87584]

"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 734264]

"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 155648]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]

"Windows Mobile Device Center"="C:\Windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-04-10 1107848]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-09-14 78008]

"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 C:\Windows\RtHDVCpl.exe]

 

C:\Users\GD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 360448]

æTorrent.lnk - C:\Program Files\uTorrent\uTorrent.exe [2007-12-06 269104]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

"LoadAppInit_DLLs"=1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2645309779-2091674713-3319002456-1002]

"EnableNotificationsRef"=dword:00000005

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{6864A86B-3175-448A-AA8E-31EDB7A6FA91}"= C:\Program Files\CyberLink\MagicSports\MagicSports.exe:CyberLink MagicSports

"{CCF6260A-0FCF-4766-930E-0E268C47EC4A}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{B8E448F5-3316-4F16-B222-62B8972B8D4C}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{B6229119-C717-45BD-83E0-B2813B644DE3}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype

"{A3811144-E254-4CB7-BAE3-AB5CF0A5A2EC}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype

"{916A8A23-8850-4520-993B-BAC4C49B84CB}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{7348B8DF-02BE-4B10-A593-A823BA86C95D}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{FC037E34-1101-483B-8521-A2CCBE311B5B}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove

"{9C6A0BF3-F443-4D63-9D77-4843E4339808}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent

"{13C8B9C7-8E89-4F00-8042-AAA8BAFF21ED}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent

"{9189E6D4-502D-4D79-B32F-2F33FBA9D72C}"= UDP:C:\Program Files\DNA\btdna.exe:DNA

"{44AD5FA0-E571-4848-883B-BCFB5F106868}"= TCP:C:\Program Files\DNA\btdna.exe:DNA

"{C29C567A-0F92-47CE-9AA5-4E06E984F03C}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{3F0169C8-CDDA-4977-AC50-4830A318B3EE}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent

"{1F40178F-7BD1-4195-A839-9B8A17693552}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{22994BB6-0249-42A0-B98A-DDED7E8EB7DA}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"{3575EA6B-CE10-423F-BBD2-9186BC494EA9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

 

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\Windows\system32\drivers\sfdrv01a.sys [2006-07-05 63352]

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]

R1 pctfw2;pctfw2;C:\Windows\System32\drivers\pctfw2.sys [2007-11-09 209816]

R1 pctmp;PC Tools Firewall Memory Protection Driver;C:\Windows\system32\drivers\pctmp.sys [2007-11-09 40856]

R1 pctssipc;PC Tools Security Suite IPC Driver;C:\Windows\system32\drivers\pctssipc.sys [2007-11-09 18328]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 600912]

S3 getPlus® Helper;getPlus® Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-06-26 31592]

S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2007-12-29 306432]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20cf1079-841c-11dd-9456-001c252cbb3a}]

\shell\AutoRun\command - K:\nideiect.com

\shell\explore\Command - K:\nideiect.com

\shell\open\Command - K:\nideiect.com

 

*Newly Created Service* - PGFILTER

.

Contenu du dossier 'Tâches planifiées'

.

- - - - ORPHELINS SUPPRIMES - - - -

 

WebBrowser-{32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)

HKLM-Run-NWEReboot - (no file)

HKLM-Run-RegistryMechanic - (no file)

 

 

.

------- Examen supplémentaire -------

.

FireFox -: Profile - C:\Users\GD\AppData\Roaming\Mozilla\Firefox\Profiles\no08pq6d.default\

FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/ig

FF -: plugin - C:\Program Files\DNA\plugins\npbtdna.dll

FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

FF -: plugin - C:\Users\GD\AppData\Roaming\Mozilla\plugins\npGoogleGadgetPluginFirefoxWin.dll

.

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-20 15:39:22

Windows 6.0.6000 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

 

**************************************************************************

.

------------------------ Autres processus actifs ------------------------

.

C:\Program Files\PC Tools Firewall Plus\FWService.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Windows\System32\audiodg.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Program Files\Packard Bell\FIJI\AOSD.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\System32\msiexec.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\Program Files\SpywareGuard\sgbhp.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Windows\WindowsMobile\WmdHost.exe

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\OFFICE~1\SETUP.EXE

C:\Windows\System32\wbem\unsecapp.exe

C:\Windows\System32\VSSVC.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\System32\conime.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Windows\System32\msiexec.exe

C:\Windows\System32\msiexec.exe

C:\Windows\Installer\MSI630.tmp

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

.

**************************************************************************

.

Heure de fin: 2008-09-20 15:48:38 - La machine a redémarré [GD]

ComboFix-quarantined-files.txt 2008-09-20 13:48:32

 

Avant-CF: Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application.

Après-CF: 295,643,471,872 octets libres

 

257 --- E O F --- 2008-01-27 12:07:33

 

Merci d'avance a celui qui prendra le temps de l'analyser

GD

[Falkra]

J'ai utlisé ComboFix en mode sans échec sur mon ordi.

Tout semble s'être bien passé.

ComboFis à généré son rapport.

 

Combofix ne doit pas être utilisé en dehors d'une supervision sur forum par un membre qualifié.

 

 

 

Mets à jour MBAM (malwarebytes). Fais une recherche rapide et poste le rapport obtenu stp.