TAZEBAMA et HOOK

Bonjour tt le monde,

J'ai un TAZABAMA et un HOOK sur mon PC. J'ai effectué un scan avec COMBO FIX mais il n'arrive pas à les supprimer. HELP PLEAAAASE! Voici le rapport:



ComboFix 10-04-18.04 - skitiwi 19/04/2010 23:59:05.4.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.535 [GMT 0:00]
Lancé depuis: d:\documents and settings\skitiwi\Mes documents\Téléchargements\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\zPharaoh.exe
D:\autorun.inf
d:\documents and settings.\hook.dl_
d:\documents and settings.\tazebama.dl_
d:\documents and settings.\tazebama.dll
d:\documents and settings\skitiwi\Application Data\msn.exe
d:\documents and settings\skitiwi\Application Data\tazebama
d:\documents and settings\skitiwi\Application Data\tazebama\tazebama.log
d:\documents and settings\skitiwi\Application Data\tazebama\zPharaoh.dat
d:\windows\system32\winxp.exe
D:\zPharaoh.exe
d:\documents and settings.\hook.dl_ . . . . impossible à supprimer
d:\documents and settings.\tazebama.dl_ . . . . impossible à supprimer
d:\documents and settings.\tazebama.dll . . . . impossible à supprimer

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-03-20 au 2010-04-20 ))))))))))))))))))))))))))))))))))))
.

2010-04-20 00:16 . 2010-04-20 00:18 155531 --sh--r- D:\zPharaoh.exe
2010-04-20 00:16 . 2010-04-20 00:18 -------- d-----w- d:\documents and settings\skitiwi\Application Data\tazebama
2010-04-19 17:09 . 2010-04-19 17:09 -------- d-----w- d:\windows\Sun
2010-04-19 17:06 . 2010-04-19 17:06 -------- d-----w- d:\program files\Fichiers communs\Java
2010-04-19 17:06 . 2010-04-19 17:06 503808 ----a-w- d:\documents and settings\skitiwi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46c81c77-n\msvcp71.dll
2010-04-19 17:06 . 2010-04-19 17:06 499712 ----a-w- d:\documents and settings\skitiwi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46c81c77-n\jmc.dll
2010-04-19 17:06 . 2010-04-19 17:06 348160 ----a-w- d:\documents and settings\skitiwi\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-46c81c77-n\msvcr71.dll
2010-04-19 17:06 . 2010-04-19 17:06 61440 ----a-w- d:\documents and settings\skitiwi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6801415c-n\decora-sse.dll
2010-04-19 17:06 . 2010-04-19 17:06 12800 ----a-w- d:\documents and settings\skitiwi\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-6801415c-n\decora-d3d.dll
2010-04-19 17:05 . 2010-04-19 17:05 411368 ----a-w- d:\windows\system32\deployJava1.dll
2010-04-19 17:05 . 2010-04-19 17:05 -------- d-----w- d:\program files\Java
2010-04-19 16:50 . 2010-04-20 00:16 32768 ----a-w- d:\documents and settings\tazebama.dll
2010-04-19 15:14 . 2008-09-26 18:01 621056 ----a-w- d:\windows\system32\drivers\mod7700.sys
2010-04-19 15:14 . 2008-09-26 18:01 113664 ----a-w- d:\windows\system32\drivers\ewusbnet.sys
2010-04-19 15:14 . 2008-09-26 18:01 101376 ----a-w- d:\windows\system32\drivers\ewusbmdm.sys
2010-04-19 15:14 . 2008-09-26 18:00 24448 ----a-w- d:\windows\system32\drivers\ewdcsc.sys
2010-04-19 14:38 . 2004-08-05 12:00 46592 -c--a-w- d:\windows\system32\dllcache\svcext51.dll
2010-04-19 14:37 . 2004-08-05 12:00 229439 -c--a-w- d:\windows\system32\dllcache\multibox.dll
2010-04-19 14:36 . 2004-08-05 12:00 10129408 -c--a-w- d:\windows\system32\dllcache\hwxkor.dll
2010-04-19 14:35 . 2004-08-05 12:00 24064 -c--a-w- d:\windows\system32\dllcache\compfilt.dll
2010-04-19 14:34 . 2004-08-05 12:00 68608 -c--a-w- d:\windows\system32\dllcache\isatq.dll
2010-04-19 14:31 . 2004-08-05 12:00 16384 -c--a-w- d:\windows\system32\dllcache\isignup.exe
2010-04-19 13:45 . 2004-08-05 12:00 24661 -c--a-w- d:\windows\system32\dllcache\spxcoins.dll
2010-04-19 13:45 . 2004-08-05 12:00 24661 ----a-w- d:\windows\system32\spxcoins.dll
2010-04-19 13:45 . 2004-08-05 12:00 13312 -c--a-w- d:\windows\system32\dllcache\irclass.dll
2010-04-19 13:45 . 2004-08-05 12:00 13312 ----a-w- d:\windows\system32\irclass.dll
2010-04-17 21:44 . 2010-04-17 21:44 -------- d-----w- d:\program files\SuperCopier
2010-04-16 18:44 . 2008-11-26 17:21 1236208 ----a-w- d:\windows\system32\aswBoot.exe
2010-04-06 20:53 . 2010-04-16 17:40 -------- d-----w- d:\documents and settings\All Users\Application Data\Alwil Software
2010-04-06 17:16 . 2010-04-19 21:56 664 ----a-w- d:\windows\system32\d3d9caps.dat
2010-04-06 16:11 . 2010-04-19 15:14 -------- d-----w- d:\program files\Internet Mobile+
2010-04-05 20:15 . 2010-04-09 14:04 -------- d-----w- d:\documents and settings\skitiwi\Local Settings\Application Data\Temp
2010-04-05 20:14 . 2010-04-09 14:02 -------- d-----w- d:\documents and settings\skitiwi\Local Settings\Application Data\Google
2010-04-05 12:07 . 2010-04-05 12:07 -------- d-----w- d:\program files\MSECache
2010-04-03 22:23 . 2010-04-19 16:55 -------- d-----w- d:\documents and settings\skitiwi\Application Data\vlc
2010-04-03 21:39 . 2010-04-19 16:51 2081503 ----a-w- d:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2010-04-03 21:15 . 2010-04-03 21:15 -------- d-----w- d:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-04-03 21:15 . 2010-04-03 21:15 -------- d-----w- d:\documents and settings\All Users\Application Data\McAfee
2010-04-03 21:15 . 2010-04-06 21:47 -------- d-----w- d:\program files\McAfee Security Scan
2010-04-03 21:14 . 2010-04-19 16:51 1182519 ----a-w- d:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe
2010-04-03 21:14 . 2010-04-04 12:20 -------- d-----w- d:\documents and settings\All Users\Application Data\NOS
2010-04-03 16:48 . 2010-04-03 16:48 -------- d-----w- d:\program files\Microsoft
2010-04-03 16:47 . 2010-04-03 16:48 -------- d-----w- d:\program files\Windows Live
2010-04-03 16:09 . 2006-10-26 19:56 33104 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-04-03 16:09 . 2006-10-26 19:56 32592 ----a-w- d:\windows\system32\msonpmon.dll
2010-04-03 16:08 . 2010-04-03 16:08 -------- d-----w- d:\program files\Microsoft Works
2010-04-03 16:07 . 2010-04-03 16:07 -------- d-----w- d:\program files\MSBuild
2010-04-03 16:03 . 2010-04-03 16:07 -------- d--h--w- d:\windows\ShellNew
2010-04-03 16:02 . 2010-04-03 16:02 -------- d-----w- d:\documents and settings\skitiwi\Local Settings\Application Data\Microsoft Help
2010-04-03 16:02 . 2010-04-05 12:06 -------- d-----w- d:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-03 16:02 . 2010-04-03 16:02 -------- d-----r- D:\MSOCache
2010-04-03 15:31 . 2010-04-20 00:16 -------- d-----w- d:\documents and settings\skitiwi\Tracing
2010-04-03 15:30 . 2010-04-03 15:30 -------- d-----w- d:\program files\Windows Live SkyDrive
2010-04-03 15:18 . 2010-04-03 15:18 -------- d-----w- d:\program files\MagicISO
2010-04-03 15:17 . 2010-04-07 11:29 -------- d-----w- d:\documents and settings\skitiwi\Local Settings\Application Data\Adobe
2010-04-03 14:49 . 2010-04-03 14:49 -------- d-----w- d:\program files\Fichiers communs\Adobe
2010-04-03 14:48 . 2010-04-03 14:48 -------- d-----w- d:\program files\VideoLAN
2010-04-03 14:22 . 2010-04-03 14:22 -------- d-----w- d:\program files\Fichiers communs\Windows Live
2010-04-03 13:44 . 2010-04-03 13:44 -------- d-----w- d:\program files\ltmoh
2010-04-03 13:44 . 2005-05-03 13:10 68096 ----a-w- d:\windows\agrsmdel.exe
2010-04-03 13:44 . 2010-04-03 13:44 -------- d-----w- d:\windows\Options
2010-04-03 13:42 . 2010-04-19 16:51 267119 ----a-w- d:\windows\system32\cselect.exe
2010-04-03 13:42 . 2005-10-15 15:29 88203 ----a-w- d:\windows\agrsmmsg.exe
2010-04-03 13:42 . 2003-12-05 01:48 77824 ----a-w- d:\windows\system32\tosmreg.exe
2010-04-03 13:42 . 2003-10-31 19:59 45056 ----a-w- d:\windows\system32\csellang.dll
2010-04-03 13:42 . 2005-11-15 18:00 1122656 ----a-w- d:\windows\system32\drivers\AGRSM.sys
2010-04-03 13:34 . 2010-04-19 23:31 -------- d--h--w- d:\windows\$hf_mig$
2010-04-03 13:33 . 2010-04-03 13:33 81920 ----a-w- d:\windows\ALCFDRTM.EXE
2010-04-03 13:14 . 2010-04-19 15:03 68464 ----a-w- d:\documents and settings\skitiwi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-03 13:06 . 2010-04-03 13:06 -------- d-----w- d:\windows\system32\Lang

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-19 14:50 . 2004-08-05 12:00 71686 ----a-w- d:\windows\system32\perfc00C.dat
2010-04-19 14:50 . 2004-08-05 12:00 458886 ----a-w- d:\windows\system32\perfh00C.dat
2010-04-19 14:30 . 2010-04-03 12:18 23032 ----a-w- d:\windows\system32\emptyregdb.dat
2010-04-16 18:44 . 2010-04-06 20:53 -------- d-----w- d:\program files\Alwil Software
2010-04-13 21:06 . 2010-04-03 12:56 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-04-13 21:04 . 2010-04-13 21:04 -------- d-----w- d:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-04-09 18:46 . 2010-04-09 14:07 -------- d-----w- d:\program files\MetaTrader - Alpari UK
2010-04-06 21:47 . 2010-04-06 21:47 -------- d-----w- d:\documents and settings\LocalService\Application Data\McAfee
2010-04-04 14:11 . 2010-04-03 12:21 86331 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-03 15:17 . 2010-04-03 12:56 -------- d-----w- d:\program files\Fichiers communs\InstallShield
2010-04-03 12:58 . 2010-04-03 12:58 663552 ----a-w- d:\windows\system32\NETw5c32.dll
2010-04-03 12:58 . 2010-04-03 12:58 4202496 ----a-w- d:\windows\system32\drivers\NETw5x32.sys
2010-04-03 12:58 . 2010-04-03 12:58 2756608 ----a-w- d:\windows\system32\NETw5r32.dll
2010-04-03 12:58 . 2010-04-03 12:58 0 ----a-w- d:\windows\nsreg.dat
2010-04-03 12:56 . 2010-04-03 12:56 -------- d-----w- d:\program files\Realtek
2010-04-03 12:55 . 2010-04-03 12:56 86016 ----a-w- d:\windows\SoundMan.exe
2010-04-03 12:55 . 2010-04-03 12:56 364544 ----a-w- d:\windows\RtlUpd.exe
2010-04-03 12:55 . 2010-04-03 12:56 9709568 ----a-w- d:\windows\RTLCPL.exe
2010-04-03 12:55 . 2010-04-03 12:56 4271616 ----a-w- d:\windows\system32\drivers\RtkHDAud.sys
2010-04-03 12:55 . 2010-04-03 12:56 16206848 ----a-w- d:\windows\RTHDCPL.exe
2010-04-03 12:55 . 2010-04-03 12:56 69632 ----a-w- d:\windows\Alcmtr.exe
2010-04-03 12:55 . 2010-04-03 12:56 2808832 ----a-w- d:\windows\alcwzrd.exe
2010-04-03 12:55 . 2010-04-03 12:56 2158592 ----a-w- d:\windows\MicCal.exe
2010-04-03 12:55 . 2010-04-03 12:57 176 ----a-w- d:\windows\system32\drivers\RTHDAEQ1.dat
2010-04-03 12:55 . 2010-04-03 12:57 176 ----a-w- d:\windows\system32\drivers\RTHDAEQ0.dat
2010-04-03 12:55 . 2010-04-03 12:57 40960 ----a-w- d:\windows\system32\ChCfg.exe
2010-04-03 12:31 . 2010-04-03 12:31 -------- d-----w- d:\program files\HSDPA USB MODEM
2010-04-03 12:22 . 2010-04-03 12:22 -------- d-----w- d:\program files\microsoft frontpage
2010-04-03 12:20 . 2010-04-03 12:20 -------- d-----w- d:\program files\Services en ligne
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="d:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-19 4040383]
"Google Update"="d:\documents and settings\skitiwi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-19 292703]
"SuperCopier.exe"="d:\program files\SuperCopier\SuperCopier.exe" [2003-04-24 683520]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LtMoh"="d:\program files\ltmoh\Ltmoh.exe" [2004-08-18 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="d:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-04-19 1109295]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-03 16206848]
"SunJavaUpdateSched"="d:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-04-19 404567]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="d:\windows\system32\tscupgrd.exe" [2004-08-05 44544]

d:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
McAfee Security Scan Plus.lnk - d:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

S3 McComponentHostService;McAfee Security Scan Component Host Service;d:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 12:49 227232]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;d:\windows\system32\drivers\cmusbser.sys [03/04/2010 12:31 97408]
.
Contenu du dossier 'Tâches planifiées'

2010-04-18 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-115176313-725345543-1003Core.job
- d:\documents and settings\skitiwi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-09 16:56]

2010-04-19 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-115176313-725345543-1003UA.job
- d:\documents and settings\skitiwi\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-09 16:56]
.
.
------- Examen supplémentaire -------
.
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {BD73D52F-2C8D-498A-9E90-EC8C55648D81} = 154.15.199.142 8.8.8.8
FF - ProfilePath - d:\documents and settings\skitiwi\Application Data\Mozilla\Firefox\Profiles\vgimt42x.default\
FF - plugin: d:\documents and settings\skitiwi\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- PARAMETRES FIREFOX ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "https://www.mozilla.org/en-US/firefox/new/?redirect_source=firefox-com");
d:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-explo - d:\documents and settings\skitiwi\Application Data\msn.exe
HKLM-Run-regdiit - d:\windows\system32\winxp.exe
ActiveSetup-{14DY8H0U-61A8-2HPH-7865-156WH8P06461} - d:\documents and settings\skitiwi\Application Data\msn.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-20 00:17
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(2860)
d:\windows\system32\msi.dll
.
------------------------ Autres processus actifs ------------------------
.
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\windows\AGRSMMSG.exe
d:\windows\RTHDCPL.EXE
d:\documents and settings\tazebama.dl_
.
**************************************************************************
.
Heure de fin: 2010-04-20 00:23:18 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-04-20 00:23
ComboFix2.txt 2010-04-03 15:13

Avant-CF: 31 798 509 568 octets libres
Après-CF: 32 699 805 696 octets libres

- - End Of File - - 3F94FE516A05188C0676989D8DEB7B5A