SOS virus Win 32 et 64
mark21
-
mark21 -
mark21 -
Bonjour,
J'ai effectué un scan avec Cmbo fix car mon anti virus avast à détecté 2 virus win 64 et win 32 , voici le rapport pouvez vous m'aider pour la suite à suivre afin d'éradiquer ces deux virus.
Merci d'avance.
ComboFix 12-06-07.03 - OEMUSER 07/06/2012 12:11:22.1.4 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2359.1765 [GMT 2:00]
Lancé depuis: c:\documents and settings\OEMUSER\Bureau\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\IWONGIE\bar\1.bin\vrBAr.dll
c:\program files\IWONGEI\Installr\1.bin
c:\program files\IWONGIE\bar\1.bin\vrBAr.dll
c:\program files\IWONGIE\bar\1.bin\vrSRcas.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-05-07 au 2012-06-07 ))))))))))))))))))))))))))))))))))))
.
.
2012-06-06 16:20 . 2012-06-06 16:23 -------- d-----w- C:\ZHP
2012-06-06 16:20 . 2012-06-06 18:37 -------- d-----w- c:\program files\ZHPDiag
2012-06-06 14:22 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-06 14:22 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-06 14:22 . 2012-03-06 23:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-06-06 14:21 . 2012-03-06 23:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-06-06 14:21 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-06-06 14:21 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-06 14:21 . 2012-03-06 23:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-06-06 14:21 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-06 14:21 . 2012-03-06 23:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-06-06 14:21 . 2012-03-06 23:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-06-06 14:21 . 2012-03-06 22:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-06-06 14:20 . 2012-03-06 22:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-06-06 14:20 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-06 14:20 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-06 14:20 . 2012-06-06 14:20 -------- d-----w- c:\program files\AVAST Software
2012-06-06 14:20 . 2012-06-06 14:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-06-05 12:28 . 2012-06-05 12:28 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-31 13:22 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2012-04-11 13:51 . 2008-04-13 19:07 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:51 . 2008-04-14 12:00 1862400 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-08 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-08 170008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-08 145432]
"RTHDCPL"="RTHDCPL.EXE" [2010-12-08 19552360]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2010-12-08 59936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-09 1594664]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-12-08 960080]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IWONGIE Browser Plugin Loader"="c:\progra~1\IWONGIE\bar\1.bin\vrbrmon.exe" [2011-03-01 20480]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\OEMUSER\Menu Démarrer\Programmes\Démarrage\
Notification de cadeaux MSN.lnk - c:\documents and settings\OEMUSER\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2011-3-17 135680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2011-9-24 333088]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [06/06/2012 16:20 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [06/06/2012 16:21 196440]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [06/06/2012 16:22 112984]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [06/06/2012 16:21 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [06/06/2012 16:21 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [06/06/2012 16:22 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [06/06/2012 16:22 20696]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [06/06/2012 16:20 134920]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [13/10/2011 18:21 249648]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [20/12/2010 15:40 325200]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/12/2010 15:52 2320920]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [20/12/2010 15:50 132480]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\drivers\IntcDAud.sys [20/12/2010 15:49 251904]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [20/12/2010 15:40 214568]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [21/10/2011 16:23 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 14:16 130384]
S2 IWONGIEService;IWON Service;c:\progra~1\IWONGIE\bar\1.bin\vrbarsvc.exe [01/03/2011 22:36 28766]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/12/2010 15:50 1691480]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [20/12/2010 15:53 193640]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14/04/2008 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 14:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Examen supplémentaire -------
.
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - c:\program files\IWONGIE\bar\1.bin\vrSrcAs.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-07 12:16
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Heure de fin: 2012-06-07 12:17:50
ComboFix-quarantined-files.txt 2012-06-07 10:17
.
Avant-CF: 36 039 921 664 octets libres
Après-CF: 37 433 692 160 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
.
- - End Of File - - 56249081AC58511AAB079816E817CCE0
J'ai effectué un scan avec Cmbo fix car mon anti virus avast à détecté 2 virus win 64 et win 32 , voici le rapport pouvez vous m'aider pour la suite à suivre afin d'éradiquer ces deux virus.
Merci d'avance.
ComboFix 12-06-07.03 - OEMUSER 07/06/2012 12:11:22.1.4 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2359.1765 [GMT 2:00]
Lancé depuis: c:\documents and settings\OEMUSER\Bureau\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~1\IWONGIE\bar\1.bin\vrBAr.dll
c:\program files\IWONGEI\Installr\1.bin
c:\program files\IWONGIE\bar\1.bin\vrBAr.dll
c:\program files\IWONGIE\bar\1.bin\vrSRcas.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-05-07 au 2012-06-07 ))))))))))))))))))))))))))))))))))))
.
.
2012-06-06 16:20 . 2012-06-06 16:23 -------- d-----w- C:\ZHP
2012-06-06 16:20 . 2012-06-06 18:37 -------- d-----w- c:\program files\ZHPDiag
2012-06-06 14:22 . 2012-03-06 23:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-06-06 14:22 . 2012-03-06 23:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-06-06 14:22 . 2012-03-06 23:04 112984 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-06-06 14:21 . 2012-03-06 23:03 196440 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-06-06 14:21 . 2012-03-06 23:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-06-06 14:21 . 2012-03-06 23:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-06-06 14:21 . 2012-03-06 23:02 24408 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-06-06 14:21 . 2012-03-06 23:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-06-06 14:21 . 2012-03-06 23:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-06-06 14:21 . 2012-03-06 23:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-06-06 14:21 . 2012-03-06 22:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-06-06 14:20 . 2012-03-06 22:44 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-06-06 14:20 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-06-06 14:20 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-06 14:20 . 2012-06-06 14:20 -------- d-----w- c:\program files\AVAST Software
2012-06-06 14:20 . 2012-06-06 14:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-06-05 12:28 . 2012-06-05 12:28 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-31 13:22 . 2008-04-14 12:00 606208 ----a-w- c:\windows\system32\crypt32.dll
2012-04-11 13:51 . 2008-04-13 19:07 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:51 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:51 . 2008-04-14 12:00 1862400 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-08 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-08 170008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-08 145432]
"RTHDCPL"="RTHDCPL.EXE" [2010-12-08 19552360]
"AzMixerSel"="c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe" [2010-12-08 59936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-12-09 1594664]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-12-08 960080]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IWONGIE Browser Plugin Loader"="c:\progra~1\IWONGIE\bar\1.bin\vrbrmon.exe" [2011-03-01 20480]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\OEMUSER\Menu Démarrer\Programmes\Démarrage\
Notification de cadeaux MSN.lnk - c:\documents and settings\OEMUSER\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2011-3-17 135680]
Outil de détection de support PMB.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2011-9-24 333088]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [06/06/2012 16:20 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [06/06/2012 16:21 196440]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [06/06/2012 16:22 112984]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [06/06/2012 16:21 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [06/06/2012 16:21 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [06/06/2012 16:22 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [06/06/2012 16:22 20696]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [06/06/2012 16:20 134920]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [13/10/2011 18:21 249648]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [20/12/2010 15:40 325200]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/12/2010 15:52 2320920]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [20/12/2010 15:50 132480]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\drivers\IntcDAud.sys [20/12/2010 15:49 251904]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [20/12/2010 15:40 214568]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [21/10/2011 16:23 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 14:16 130384]
S2 IWONGIEService;IWON Service;c:\progra~1\IWONGIE\bar\1.bin\vrbarsvc.exe [01/03/2011 22:36 28766]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20/12/2010 15:50 1691480]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [20/12/2010 15:53 193640]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14/04/2008 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 14:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Examen supplémentaire -------
.
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - c:\program files\IWONGIE\bar\1.bin\vrSrcAs.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-07 12:16
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Heure de fin: 2012-06-07 12:17:50
ComboFix-quarantined-files.txt 2012-06-07 10:17
.
Avant-CF: 36 039 921 664 octets libres
Après-CF: 37 433 692 160 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
.
- - End Of File - - 56249081AC58511AAB079816E817CCE0
A voir également:
- SOS virus Win 32 et 64
- Winrar 64 - Télécharger - Compression & Décompression
- 32 ou 64 bits - Guide
- Power iso 32 bit - Télécharger - Gravure
- Clé windows 10 pro 64 bits gratuit - Guide
- Virus mcafee - Accueil - Piratage
