Instal.console de recup.via combofix
Résolu/Fermé
nova83
Messages postés
154
Date d'inscription
samedi 8 mars 2008
Statut
Membre
Dernière intervention
17 novembre 2023
-
29 août 2010 à 17:25
nova83 Messages postés 154 Date d'inscription samedi 8 mars 2008 Statut Membre Dernière intervention 17 novembre 2023 - 6 sept. 2010 à 00:12
nova83 Messages postés 154 Date d'inscription samedi 8 mars 2008 Statut Membre Dernière intervention 17 novembre 2023 - 6 sept. 2010 à 00:12
A voir également:
- Instal.console de recup.via combofix
- Virus résistant à combofix - Forum Virus
7 réponses
Utilisateur anonyme
29 août 2010 à 17:41
29 août 2010 à 17:41
Bonjour
Voici le lien ;prends le temps de lire et applique.
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
Voici le lien ;prends le temps de lire et applique.
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
@+
nova83
Messages postés
154
Date d'inscription
samedi 8 mars 2008
Statut
Membre
Dernière intervention
17 novembre 2023
3
29 août 2010 à 18:02
29 août 2010 à 18:02
bonjour Guillaume5188,
merci pour ton intervention
c'est justement ce tuto que j'ai lu, mais bon, devant les mises en garde,j'ai un peu de mal à metre en application mais bon, faut bien que je me decide
merci encore et bonne journnée
merci pour ton intervention
c'est justement ce tuto que j'ai lu, mais bon, devant les mises en garde,j'ai un peu de mal à metre en application mais bon, faut bien que je me decide
merci encore et bonne journnée
nova83
Messages postés
154
Date d'inscription
samedi 8 mars 2008
Statut
Membre
Dernière intervention
17 novembre 2023
3
29 août 2010 à 18:26
29 août 2010 à 18:26
re
je viens de relire je m'aprete donc à telecharger le programme je posterais le log
merci à+
je viens de relire je m'aprete donc à telecharger le programme je posterais le log
merci à+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
nova83
Messages postés
154
Date d'inscription
samedi 8 mars 2008
Statut
Membre
Dernière intervention
17 novembre 2023
3
29 août 2010 à 19:56
29 août 2010 à 19:56
re
voici le 2ème
2010-08-29 17:00 . 2008-01-21 08:40 755692 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-29 17:00 . 2008-01-21 08:40 156442 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-27 19:02 . 2010-08-26 16:48 20 ---h--w- c:\programdata\PKP_DLdu.DAT
2010-08-27 19:02 . 2010-08-26 16:50 20 ---h--w- c:\programdata\PKP_DLdw.DAT
2010-08-27 19:01 . 2010-08-26 16:55 20 ---h--w- c:\programdata\PKP_DLbx.DAT
2010-08-26 17:00 . 2008-10-31 04:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-26 16:57 . 2010-08-26 16:57 20 ---h--w- c:\programdata\PKP_DLck.DAT
2010-08-26 16:57 . 2010-08-26 16:48 -------- d-----w- c:\programdata\Ultima_T15
2010-08-26 16:57 . 2010-08-26 16:48 -------- d-----w- c:\programdata\EnterNHelp
2010-08-26 16:48 . 2010-08-26 16:48 -------- d-----w- c:\programdata\grep
2010-08-20 20:45 . 2008-10-31 04:41 -------- d-----w- c:\programdata\CyberLink
2010-08-16 10:20 . 2010-08-16 10:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-11 09:05 . 2010-08-09 10:14 -------- d-----w- c:\program files\ATI
2010-08-11 09:05 . 2010-08-09 10:17 -------- d-----w- c:\program files\ATI Technologies
2010-08-10 19:33 . 2008-10-31 05:01 -------- d-----w- c:\programdata\Microsoft Help
2010-08-10 19:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-10 12:16 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-10 12:15 . 2010-08-10 12:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-10 06:30 . 2008-10-31 05:03 -------- d-----w- c:\program files\Microsoft.NET
2010-08-10 05:49 . 2010-08-09 10:12 -------- d-----w- c:\program files\Microsoft
2010-08-09 16:52 . 2008-10-31 04:49 -------- d-----w- c:\program files\Acer GameZone
2010-08-09 11:27 . 2008-10-31 05:03 -------- d-----w- c:\program files\Microsoft Works
2010-08-09 10:51 . 2008-10-31 04:38 -------- d-----w- c:\programdata\SiteAdvisor
2010-08-09 10:17 . 2010-08-09 10:11 -------- d-----w- c:\program files\Windows Live
2010-08-09 10:17 . 2010-08-09 10:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-09 10:17 . 2010-08-09 10:17 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-09 10:15 . 2010-08-09 10:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-09 10:13 . 2010-08-09 10:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-09 10:12 . 2010-08-09 10:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Modèles
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Menu Démarrer
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Favoris
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Bureau
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\program files\Fichiers communs
2010-07-07 02:29 . 2010-07-07 02:29 5882368 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-07-07 01:55 . 2010-07-07 01:55 15461888 ----a-w- c:\windows\system32\atioglxx.dll
2010-07-07 01:54 . 2010-07-07 01:54 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-07-07 01:54 . 2010-07-07 01:54 513024 ----a-w- c:\windows\system32\aticfx32.dll
2010-07-07 01:51 . 2010-07-07 01:51 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:51 . 2010-07-07 01:51 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-07-07 01:50 . 2010-07-07 01:50 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-07-07 01:49 . 2010-07-07 01:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:49 . 2010-07-07 01:49 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-07-07 01:46 . 2010-07-07 01:46 3826688 ----a-w- c:\windows\system32\atidxx32.dll
2010-07-07 01:29 . 2010-07-07 01:29 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-07-07 01:29 . 2010-07-07 01:29 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-07-07 01:27 . 2010-07-07 01:27 4323840 ----a-w- c:\windows\system32\aticaldd.dll
2010-07-07 01:24 . 2010-07-07 01:24 50176 ----a-w- c:\windows\system32\coinst.dll
2010-07-07 01:16 . 2010-07-07 01:16 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 16896 ----a-w- c:\windows\system32\atigktxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 210944 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-07-07 01:14 . 2010-07-07 01:14 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-07-07 01:14 . 2010-07-07 01:14 22528 ----a-w- c:\windows\system32\atiu9pag.dll
2010-07-07 01:14 . 2010-07-07 01:14 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-07-07 01:14 . 2010-07-07 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-07 01:11 . 2010-07-07 01:11 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-07-07 01:11 . 2010-07-07 01:11 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-06-26 06:05 . 2010-08-10 19:30 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-10 19:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02 . 2010-08-10 19:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25 . 2010-08-10 19:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-21 13:37 . 2010-08-10 19:30 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:31 . 2010-08-10 19:30 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 15:04 . 2010-08-10 19:30 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 15:04 . 2010-08-10 19:30 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-16 16:04 . 2010-08-10 19:30 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-15 22:28 . 2010-06-15 22:28 2857 ----a-w- c:\windows\system32\atipblag.dat
2010-06-11 16:16 . 2010-08-10 19:30 274944 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:15 . 2010-08-10 19:30 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-08 17:35 . 2010-08-10 19:30 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-08 17:35 . 2010-08-10 19:30 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-02 02:55 . 2010-08-21 20:31 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-08-21 20:30 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 163872]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):27,a4,e2,87,68,38,cb,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-15 136176]
R3 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-20 269448]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 WMSvc;Service de gestion Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-21 11264]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-10 691696]
S0 nvamacpi;Nvidia Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2008-07-22 24608]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 176128]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=0810&m=aspire_m7711
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
FF - ProfilePath - c:\users\joce & jean\AppData\Roaming\Mozilla\Firefox\Profiles\cwfn0bz3.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\users\joce & jean\AppData\Roaming\Mozilla\Firefox\Profiles\cwfn0bz3.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-29 19:09
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(1908)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\CISVC.EXE
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\locator.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2010-08-29 19:13:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-08-29 17:13
Avant-CF: 530 081 902 592 octets libres
Après-CF: 529 260 109 824 octets libres
- - End Of File - - 72AFFA50BE25B90F6181218D4707DF41
voici le 2ème
2010-08-29 17:00 . 2008-01-21 08:40 755692 ----a-w- c:\windows\system32\perfh00C.dat
2010-08-29 17:00 . 2008-01-21 08:40 156442 ----a-w- c:\windows\system32\perfc00C.dat
2010-08-27 19:02 . 2010-08-26 16:48 20 ---h--w- c:\programdata\PKP_DLdu.DAT
2010-08-27 19:02 . 2010-08-26 16:50 20 ---h--w- c:\programdata\PKP_DLdw.DAT
2010-08-27 19:01 . 2010-08-26 16:55 20 ---h--w- c:\programdata\PKP_DLbx.DAT
2010-08-26 17:00 . 2008-10-31 04:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-26 16:57 . 2010-08-26 16:57 20 ---h--w- c:\programdata\PKP_DLck.DAT
2010-08-26 16:57 . 2010-08-26 16:48 -------- d-----w- c:\programdata\Ultima_T15
2010-08-26 16:57 . 2010-08-26 16:48 -------- d-----w- c:\programdata\EnterNHelp
2010-08-26 16:48 . 2010-08-26 16:48 -------- d-----w- c:\programdata\grep
2010-08-20 20:45 . 2008-10-31 04:41 -------- d-----w- c:\programdata\CyberLink
2010-08-16 10:20 . 2010-08-16 10:20 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-08-11 09:05 . 2010-08-09 10:14 -------- d-----w- c:\program files\ATI
2010-08-11 09:05 . 2010-08-09 10:17 -------- d-----w- c:\program files\ATI Technologies
2010-08-10 19:33 . 2008-10-31 05:01 -------- d-----w- c:\programdata\Microsoft Help
2010-08-10 19:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-10 12:16 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-10 12:15 . 2010-08-10 12:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-10 08:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-10 06:30 . 2008-10-31 05:03 -------- d-----w- c:\program files\Microsoft.NET
2010-08-10 05:49 . 2010-08-09 10:12 -------- d-----w- c:\program files\Microsoft
2010-08-09 16:52 . 2008-10-31 04:49 -------- d-----w- c:\program files\Acer GameZone
2010-08-09 11:27 . 2008-10-31 05:03 -------- d-----w- c:\program files\Microsoft Works
2010-08-09 10:51 . 2008-10-31 04:38 -------- d-----w- c:\programdata\SiteAdvisor
2010-08-09 10:17 . 2010-08-09 10:11 -------- d-----w- c:\program files\Windows Live
2010-08-09 10:17 . 2010-08-09 10:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-09 10:17 . 2010-08-09 10:17 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-09 10:15 . 2010-08-09 10:15 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-09 10:13 . 2010-08-09 10:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-09 10:12 . 2010-08-09 10:12 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Modèles
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Menu Démarrer
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Favoris
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\programdata\Bureau
2010-08-09 08:29 . 2010-08-09 08:29 -------- d-sh--we c:\program files\Fichiers communs
2010-07-07 02:29 . 2010-07-07 02:29 5882368 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-07-07 01:55 . 2010-07-07 01:55 15461888 ----a-w- c:\windows\system32\atioglxx.dll
2010-07-07 01:54 . 2010-07-07 01:54 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-07-07 01:54 . 2010-07-07 01:54 513024 ----a-w- c:\windows\system32\aticfx32.dll
2010-07-07 01:51 . 2010-07-07 01:51 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-07-07 01:51 . 2010-07-07 01:51 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-07-07 01:50 . 2010-07-07 01:50 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-07-07 01:49 . 2010-07-07 01:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-07-07 01:49 . 2010-07-07 01:49 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-07-07 01:46 . 2010-07-07 01:46 3826688 ----a-w- c:\windows\system32\atidxx32.dll
2010-07-07 01:29 . 2010-07-07 01:29 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-07-07 01:29 . 2010-07-07 01:29 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-07-07 01:27 . 2010-07-07 01:27 4323840 ----a-w- c:\windows\system32\aticaldd.dll
2010-07-07 01:24 . 2010-07-07 01:24 50176 ----a-w- c:\windows\system32\coinst.dll
2010-07-07 01:16 . 2010-07-07 01:16 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 16896 ----a-w- c:\windows\system32\atigktxx.dll
2010-07-07 01:15 . 2010-07-07 01:15 210944 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-07-07 01:14 . 2010-07-07 01:14 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-07-07 01:14 . 2010-07-07 01:14 22528 ----a-w- c:\windows\system32\atiu9pag.dll
2010-07-07 01:14 . 2010-07-07 01:14 23040 ----a-w- c:\windows\system32\atitmpxx.dll
2010-07-07 01:14 . 2010-07-07 01:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-07-07 01:11 . 2010-07-07 01:11 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-07-07 01:11 . 2010-07-07 01:11 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-06-26 06:05 . 2010-08-10 19:30 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-10 19:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02 . 2010-08-10 19:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25 . 2010-08-10 19:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-21 13:37 . 2010-08-10 19:30 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:31 . 2010-08-10 19:30 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 15:04 . 2010-08-10 19:30 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 15:04 . 2010-08-10 19:30 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-16 16:04 . 2010-08-10 19:30 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-15 22:28 . 2010-06-15 22:28 2857 ----a-w- c:\windows\system32\atipblag.dat
2010-06-11 16:16 . 2010-08-10 19:30 274944 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:15 . 2010-08-10 19:30 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-08 17:35 . 2010-08-10 19:30 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-08 17:35 . 2010-08-10 19:30 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-02 02:55 . 2010-08-21 20:31 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-08-21 20:30 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 163872]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):27,a4,e2,87,68,38,cb,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-15 136176]
R3 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-20 269448]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 WMSvc;Service de gestion Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-21 11264]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-10 691696]
S0 nvamacpi;Nvidia Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2008-07-22 24608]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-07-07 176128]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
.
------- Examen supplémentaire -------
.
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vp32&d=0810&m=aspire_m7711
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
FF - ProfilePath - c:\users\joce & jean\AppData\Roaming\Mozilla\Firefox\Profiles\cwfn0bz3.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\users\joce & jean\AppData\Roaming\Mozilla\Firefox\Profiles\cwfn0bz3.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-29 19:09
Windows 6.0.6002 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'Explorer.exe'(1908)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\CISVC.EXE
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\mqsvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\locator.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Heure de fin: 2010-08-29 19:13:09 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-08-29 17:13
Avant-CF: 530 081 902 592 octets libres
Après-CF: 529 260 109 824 octets libres
- - End Of File - - 72AFFA50BE25B90F6181218D4707DF41
Utilisateur anonyme
29 août 2010 à 20:38
29 août 2010 à 20:38
Re
Je ne t'ai pas demandé de rapport ;mais tu peux me le poster
en utilisant ci-joint.
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Je ne t'ai pas demandé de rapport ;mais tu peux me le poster
en utilisant ci-joint.
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/index.php
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
nova83
Messages postés
154
Date d'inscription
samedi 8 mars 2008
Statut
Membre
Dernière intervention
17 novembre 2023
3
6 sept. 2010 à 00:12
6 sept. 2010 à 00:12
salut à toi,
je suis arrivé à faire ce que je voulais
merci pour ton aide
à+
je suis arrivé à faire ce que je voulais
merci pour ton aide
à+
