Analyse ComboFix du PC portable

eric2010 · le 4 janvier 2010

Bonjour,

Voici le log combo fix du portable :

ComboFix 10-01-03.05 - sandrine 04/01/2010 14:21:41.1.2 - x86

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2046.1347 [GMT 1:00]

Lancé depuis: c:\users\sandrine\Desktop\ComboFix.exe

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

SP: Norton Internet Security *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\KBL.LOG

.

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-04 au 2010-01-04 ))))))))))))))))))))))))))))))))))))

.

2010-01-04 13:28 . 2010-01-04 13:28 -------- d-----w- c:\users\sandrine\AppData\Local\temp

2010-01-04 13:28 . 2010-01-04 13:28 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-01-04 11:27 . 2010-01-04 11:27 -------- d-----w- c:\users\sandrine\AppData\Local\Symantec_Corporation

2010-01-04 10:56 . 2007-03-28 19:49 128104 ----a-w- c:\windows\system32\drivers\WimFltr.sys

2010-01-04 10:56 . 2007-03-28 19:29 37864 ----a-w- c:\windows\system32\drivers\v2imount.sys

2010-01-04 10:56 . 2007-03-28 19:23 14072 ----a-w- c:\windows\system32\drivers\vproeventmonitor.sys

2010-01-04 10:56 . 2007-03-28 19:29 131944 ----a-w- c:\windows\system32\drivers\symsnap.sys

2010-01-04 10:55 . 2010-01-04 13:03 -------- d-----w- c:\program files\Norton Ghost

2009-12-29 16:09 . 2009-12-29 16:09 -------- d-sh--we c:\windows\system32\config\systemprofile\Voisinage réseau

2009-12-29 16:09 . 2009-12-29 16:09 -------- d-sh--we c:\windows\system32\config\systemprofile\Voisinage d'impression

2009-12-29 16:09 . 2009-12-29 16:09 -------- d-sh--we c:\windows\system32\config\systemprofile\Modèles

2009-12-29 16:09 . 2009-12-29 16:09 -------- d-sh--we c:\windows\system32\config\systemprofile\Menu Démarrer

2009-12-29 16:09 . 2009-12-29 16:09 -------- d-sh--we c:\windows\system32\config\systemprofile\Mes documents

2009-12-21 14:19 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-12-21 14:19 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys

2009-12-21 12:37 . 2009-12-21 12:37 -------- d-----w- c:\programdata\Avira

2009-12-21 12:37 . 2009-12-21 12:37 -------- d-----w- c:\program files\Avira

2009-12-19 19:39 . 2009-12-21 15:22 -------- d-----w- c:\program files\Ad-Remover

2009-12-19 18:56 . 2009-12-21 15:36 -------- d-----w- c:\program files\ZHPDiag

2009-12-19 14:43 . 2010-01-04 13:03 -------- dc----w- c:\windows\system32\DRVSTORE

2009-12-19 14:35 . 2009-12-20 13:33 -------- d-----w- c:\programdata\Lavasoft

2009-12-19 13:44 . 2009-12-21 14:12 -------- d-----w- c:\program files\Navilog1

2009-12-19 12:48 . 2009-12-19 12:48 -------- d-----w- c:\program files\EMCO

2009-12-18 21:33 . 2009-12-18 21:34 -------- d-----w- c:\programdata\AOL

2009-12-18 19:56 . 2009-12-20 13:30 -------- d-----w- c:\program files\Alwil Software

2009-12-18 19:30 . 2009-12-18 19:30 -------- d-----w- c:\users\sandrine\AppData\Roaming\Malwarebytes

2009-12-18 19:30 . 2009-12-18 19:30 -------- d-----w- c:\programdata\Malwarebytes

2009-12-18 13:58 . 2009-12-18 14:04 -------- d-----w- c:\program files\Microsoft Silverlight

2009-12-18 13:57 . 2009-12-18 13:57 -------- d-----w- c:\program files\Microsoft

2009-12-18 12:54 . 2009-12-21 14:12 -------- d-----w- c:\program files\CCleaner

2009-12-18 12:45 . 2009-12-18 12:45 -------- d-----w- c:\program files\Trend Micro

2009-12-18 12:36 . 2009-12-21 14:14 -------- d-----w- c:\program files\Windows Portable Devices

2009-12-18 12:29 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

2009-12-18 12:26 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll

2009-12-18 10:55 . 2009-12-21 14:14 -------- d-----w- c:\windows\system32\vi-VN

2009-12-18 10:55 . 2009-12-21 14:14 -------- d-----w- c:\windows\system32\eu-ES

2009-12-18 10:55 . 2009-12-21 14:14 -------- d-----w- c:\windows\system32\ca-ES

2009-12-18 10:28 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll

2009-12-18 10:28 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll

2009-12-18 10:23 . 2009-04-11 06:28 679936 ----a-w- c:\windows\system32\msvcrt.dll

2009-12-18 09:35 . 2009-12-18 09:35 -------- d-----w- c:\windows\system32\EventProviders

2009-12-18 09:19 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll

2009-12-18 08:58 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll

2009-12-18 08:51 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-18 08:51 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-18 08:51 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-17 12:12 . 2009-04-11 06:28 199680 ----a-w- c:\windows\system32\WebClnt.dll

2009-12-17 12:11 . 2009-04-11 06:28 19968 ----a-w- c:\windows\system32\winrnr.dll

2009-12-17 11:43 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-12-17 11:42 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe

2009-12-17 11:42 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe

2009-12-17 11:42 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll

2009-12-17 11:42 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll

2009-12-17 11:42 . 2009-04-11 06:28 53248 ----a-w- c:\windows\system32\tsgqec.dll

2009-12-17 11:42 . 2009-04-11 06:28 136192 ----a-w- c:\windows\system32\aaclient.dll

2009-12-17 11:42 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll

2009-12-17 11:42 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys

2009-12-17 11:42 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-12-17 11:35 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-12-17 10:35 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll

2009-12-17 10:35 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe

2009-12-17 10:35 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-12-17 10:35 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll

2009-12-17 10:34 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll

2009-12-17 10:34 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-12-17 10:34 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll

2009-12-17 10:34 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll

2009-12-17 10:34 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-04 13:09 . 2007-11-27 06:50 672182 ----a-w- c:\windows\system32\perfh00C.dat

2010-01-04 13:09 . 2007-11-27 06:50 124770 ----a-w- c:\windows\system32\perfc00C.dat

2010-01-04 13:03 . 2007-11-26 22:19 -------- d-----w- c:\programdata\Symantec

2010-01-04 13:03 . 2007-11-26 22:19 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-01-04 11:27 . 2008-09-08 00:25 -------- d-----w- c:\users\sandrine\AppData\Roaming\Symantec

2010-01-04 10:55 . 2007-11-26 22:20 -------- d-----w- c:\program files\Symantec

2010-01-04 09:32 . 2008-09-08 06:48 3198 ----a-w- c:\users\sandrine\AppData\Roaming\wklnhst.dat

2009-12-29 16:12 . 2007-11-26 22:17 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-29 16:12 . 2007-11-27 00:04 -------- d-----w- c:\program files\CyberLink

2009-12-29 16:11 . 2007-11-27 00:30 -------- d-----w- c:\program files\Java

2009-12-29 15:38 . 2008-09-08 00:25 73048 ----a-w- c:\users\sandrine\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-21 16:01 . 2008-12-08 14:32 28124 ----a-w- c:\programdata\nvModes.dat

2009-12-21 14:56 . 2008-12-08 14:18 -------- d-----w- c:\users\sandrine\AppData\Roaming\GTek

2009-12-21 14:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar

2009-12-21 14:11 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-12-20 19:09 . 2009-09-02 10:34 8268 ----a-w- c:\users\sandrine\AppData\Local\d3d9caps.dat

2009-12-19 12:59 . 2008-01-10 23:53 -------- d-----w- c:\programdata\NVIDIA

2009-12-18 19:17 . 2009-06-30 16:07 -------- d-----w- c:\users\sandrine\AppData\Roaming\LimeWire

2009-12-18 12:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-12-18 12:36 . 2009-12-18 12:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

2009-12-18 12:36 . 2009-12-18 12:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-12-18 10:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal

2009-12-18 10:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration

2009-12-18 10:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar

2009-12-18 10:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery

2009-12-18 10:55 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender

2009-12-18 08:59 . 2007-11-26 23:59 -------- d-----w- c:\programdata\Microsoft Help

2009-12-18 08:35 . 2008-11-05 18:26 -------- d-----w- c:\program files\Pack Securite

2009-12-18 08:30 . 2008-11-05 18:27 -------- d-----w- c:\programdata\F-Secure

2009-11-21 06:40 . 2009-12-18 09:20 916480 ----a-w- c:\windows\system32\wininet.dll

2009-11-21 06:34 . 2009-12-18 09:20 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-11-21 06:34 . 2009-12-18 09:20 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-11-21 04:59 . 2009-12-18 09:20 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-10-08 21:08 . 2009-12-18 12:29 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-10-08 21:08 . 2009-12-18 12:29 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-10-08 21:07 . 2009-12-18 12:29 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-10-07 11:36 . 2009-12-17 11:41 243712 ----a-w- c:\windows\system32\rastls.dll

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-27 13515296]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-22 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^Users^sandrine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]

path=c:\users\sandrine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk

backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup

backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

2009-03-02 11:08 209153 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

2008-10-17 14:52 51048 ----a-w- c:\program files\Common Files\Symantec Shared\CCAPP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-06-16 07:03 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 15:24 54840 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]

2007-10-01 15:10 1783136 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2007-09-13 07:47 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2008-02-27 03:48 92704 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]

2007-09-04 12:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

2007-09-19 13:31 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2007-09-30 18:34 181544 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-08-17 13:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

2007-01-17 13:34 634880 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2008-12-22 15:45 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]

2007-09-15 08:29 102400 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2007-08-16 22:13 218408 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]

2007-01-08 14:53 311296 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(b):8c,b7,67,b4,d1,7f,ca,01

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081104.005\IDSvix86.sys [05/11/2008 02:44 270384]

R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\Hp\QuickPlay\000.fcl [11/01/2008 00:40 39408]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [21/12/2009 15:19 108289]

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [31/10/2008 20:47 149352]

S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [08/10/2008 22:55 21504]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\System32\drivers\massfilter.sys [15/09/2008 13:26 7168]

S3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [13/06/2008 13:13 41008]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\System32\drivers\ZTEusbnet.sys [11/05/2009 19:48 110080]

S3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\System32\drivers\zteusbvoice.sys [11/05/2009 19:48 104960]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contenu du dossier 'Tâches planifiées'

2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{3BF0EBA0-C0FC-48D4-91D4-7D1ABFFE3B54}.job

- c:\windows\system32\msfeedssync.exe [2009-12-18 04:59]

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=laptop

.

- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MSConfigStartUp-CardDetectorICON225 - c:\program files\CardDetector\ICON225\CardDetector.exe

MSConfigStartUp-kyaqeme - c:\users\sandrine\appdata\local\kyaqeme.exe

MSConfigStartUp-MobileConnect - c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-01-04 14:28

Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès

Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]

"ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl"

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Heure de fin: 2010-01-04 14:30:13

ComboFix-quarantined-files.txt 2010-01-04 13:30

Avant-CF: 81 838 333 952 octets libres

Après-CF: 81 789 796 352 octets libres

- - End Of File - - B45526D86AA116C65892533EE18CB329

Merci d'avance pour l'aide

Connexion

Pas encore inscrit ?

Analyse ComboFix du PC portable

Messages recommandés

eric2010

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer