RAPPORT COMBOFIX AIDEZ MOI SVP
jeto27
Messages postés
38
Statut
Membre
-
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,
mon ordi rame enormement et apres bon nombre de scan (hijackthis,spybot,navilog..)rien a faire les pub n'apparaissent plus certe mais le pc est toujours aussi long
on m'a conseiller de mettre un rapport combofix alors svp aidez moi sa fait 3 jours que je galere
merci d'avance
ComboFix 08-04-03.2 - Profichet 2008-04-03 18:37:54.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.482 [GMT 2:00]Endroit: C:\Documents and Settings\Profichet\Mes documents\Combo-Fix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Profichet\err.log
C:\Documents and Settings\Profichet\ResErrors.log
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))
.
2008-04-02 16:12 . 2008-04-02 16:13 <REP> d-------- C:\Program Files\Crawler
2008-04-02 16:11 . 2008-04-03 17:28 <REP> d-------- C:\Program Files\Spyware Terminator
2008-04-02 16:11 . 2008-04-03 17:15 <REP> d-------- C:\Documents and Settings\Profichet\Application Data\Spyware Terminator
2008-04-02 16:11 . 2008-04-03 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-04-02 16:11 . 2008-04-02 16:17 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-04-02 15:24 . 2008-04-02 15:36 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-02 14:50 . 2008-04-02 14:51 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-04-02 14:33 . 2008-04-02 17:32 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-02 14:33 . 2008-04-02 17:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-02 14:28 . 2008-04-02 14:41 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-02 14:04 . 2007-07-01 05:36 1,048,576 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-02 14:04 . 2007-12-07 04:08 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-02 14:04 . 2007-12-07 04:08 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-02 14:04 . 2007-12-07 04:08 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-02 14:04 . 2007-12-07 04:08 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-02 14:04 . 2007-12-06 13:00 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-02 14:03 . 2007-12-07 04:08 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-02 14:03 . 2007-07-01 05:31 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-02 14:03 . 2007-12-07 04:08 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-31 22:18 . 2008-03-31 22:18 <REP> d-------- C:\Documents and Settings\Profichet\Application Data\Malwarebytes
2008-03-31 22:18 . 2008-03-31 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-31 22:07 . 2008-03-31 22:07 <REP> d-------- C:\Program Files\Trend Micro
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-31 21:18 . 2006-04-13 08:27 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-31 21:18 . 2006-04-13 16:19 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-31 21:18 . 2006-04-13 08:27 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-31 21:18 . 2006-04-13 08:49 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-31 20:53 . 2008-03-31 20:53 28,016,808 --a------ C:\upload_moi_GAËLLE.tar.gz
2008-03-31 18:27 . 2008-03-31 18:27 <REP> d-------- C:\Program Files\Avira
2008-03-31 18:27 . 2008-03-31 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-31 14:01 . 2008-03-31 14:01 <REP> d-------- C:\VundoFix Backups
2008-03-31 12:16 . 2008-03-31 12:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-31 12:02 . 2008-03-31 12:02 <REP> d-------- C:\Program Files\CCleaner
2008-03-31 11:16 . 2008-03-31 19:36 <REP> d-------- C:\Program Files\Navilog1
2008-03-25 18:28 . 2008-03-25 18:28 268 --ah----- C:\sqmdata01.sqm
2008-03-25 18:28 . 2008-03-25 18:28 244 --ah----- C:\sqmnoopt01.sqm
2008-03-03 19:36 . 2008-03-03 19:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-03 15:45 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-03 15:45 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-03 15:45 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-02 21:49 56,256 ----a-w C:\Documents and Settings\Profichet\Application Data\wklnhst.dat
2008-04-02 13:53 --------- d-----w C:\Documents and Settings\Profichet\Application Data\OpenOffice.org2
2008-04-02 11:48 --------- d-----w C:\Program Files\Java
2008-03-02 13:17 --------- d-----w C:\Program Files\Windows Live
2008-03-02 13:15 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-02 13:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-21 20:59 --------- d-----w C:\Program Files\VideoLAN
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2006-10-15 07:10 47,360 ----a-w C:\Documents and Settings\Profichet\Application Data\pcouffin.sys
2005-09-23 22:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
2001-10-05 09:53 21,866 ----a-w C:\Program Files\Fichiers communs\tppupd2k.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 15:20 401491]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 10:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-08 18:07 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41 49152]
"TPP Auto Loader"="C:\WINDOWS\TPPALDR.EXE" [2001-10-05 11:54 118784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-31 18:35 249896]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-04-02 16:17 2957824]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 10:00 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22 288472]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"C:\\Documents and Settings\\Profichet\\Mes documents\\Emule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-02 16:17]
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 11:06]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-31 13:30:48 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-03 18:45:00
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-03 18:47:33
ComboFix-quarantined-files.txt 2008-04-03 16:47:06
Pre-Run: 39,048,777,728 octets libres
Post-Run: 39,039,205,376 octets libres
.
2008-04-02 16:19:49 --- E O F ---
mon ordi rame enormement et apres bon nombre de scan (hijackthis,spybot,navilog..)rien a faire les pub n'apparaissent plus certe mais le pc est toujours aussi long
on m'a conseiller de mettre un rapport combofix alors svp aidez moi sa fait 3 jours que je galere
merci d'avance
ComboFix 08-04-03.2 - Profichet 2008-04-03 18:37:54.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.482 [GMT 2:00]Endroit: C:\Documents and Settings\Profichet\Mes documents\Combo-Fix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Profichet\err.log
C:\Documents and Settings\Profichet\ResErrors.log
.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-03 to 2008-04-03 ))))))))))))))))))))))))))))))))))))
.
2008-04-02 16:12 . 2008-04-02 16:13 <REP> d-------- C:\Program Files\Crawler
2008-04-02 16:11 . 2008-04-03 17:28 <REP> d-------- C:\Program Files\Spyware Terminator
2008-04-02 16:11 . 2008-04-03 17:15 <REP> d-------- C:\Documents and Settings\Profichet\Application Data\Spyware Terminator
2008-04-02 16:11 . 2008-04-03 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-04-02 16:11 . 2008-04-02 16:17 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-04-02 15:24 . 2008-04-02 15:36 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-02 14:50 . 2008-04-02 14:51 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-04-02 14:33 . 2008-04-02 17:32 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-02 14:33 . 2008-04-02 17:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-02 14:28 . 2008-04-02 14:41 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-04-02 14:04 . 2007-07-01 05:36 1,048,576 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-02 14:04 . 2007-12-07 04:08 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-02 14:04 . 2007-12-07 04:08 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-02 14:04 . 2007-12-07 04:08 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-02 14:04 . 2007-12-07 04:08 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-02 14:04 . 2007-12-06 13:00 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-02 14:03 . 2007-12-07 04:08 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-02 14:03 . 2007-07-01 05:31 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-02 14:03 . 2007-12-07 04:08 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-31 22:18 . 2008-03-31 22:18 <REP> d-------- C:\Documents and Settings\Profichet\Application Data\Malwarebytes
2008-03-31 22:18 . 2008-03-31 22:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-31 22:07 . 2008-03-31 22:07 <REP> d-------- C:\Program Files\Trend Micro
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-03-31 21:18 . 2006-04-13 16:19 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-03-31 21:18 . 2006-04-13 08:27 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2008-03-31 21:18 . 2006-04-13 16:19 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-03-31 21:18 . 2006-04-13 08:27 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2008-03-31 21:18 . 2006-04-13 08:49 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-03-31 20:53 . 2008-03-31 20:53 28,016,808 --a------ C:\upload_moi_GAËLLE.tar.gz
2008-03-31 18:27 . 2008-03-31 18:27 <REP> d-------- C:\Program Files\Avira
2008-03-31 18:27 . 2008-03-31 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-31 14:01 . 2008-03-31 14:01 <REP> d-------- C:\VundoFix Backups
2008-03-31 12:16 . 2008-03-31 12:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-31 12:02 . 2008-03-31 12:02 <REP> d-------- C:\Program Files\CCleaner
2008-03-31 11:16 . 2008-03-31 19:36 <REP> d-------- C:\Program Files\Navilog1
2008-03-25 18:28 . 2008-03-25 18:28 268 --ah----- C:\sqmdata01.sqm
2008-03-25 18:28 . 2008-03-25 18:28 244 --ah----- C:\sqmnoopt01.sqm
2008-03-03 19:36 . 2008-03-03 19:36 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-03 15:45 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-03 15:45 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-03 15:45 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-02 21:49 56,256 ----a-w C:\Documents and Settings\Profichet\Application Data\wklnhst.dat
2008-04-02 13:53 --------- d-----w C:\Documents and Settings\Profichet\Application Data\OpenOffice.org2
2008-04-02 11:48 --------- d-----w C:\Program Files\Java
2008-03-02 13:17 --------- d-----w C:\Program Files\Windows Live
2008-03-02 13:15 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-02 13:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-21 20:59 --------- d-----w C:\Program Files\VideoLAN
2008-01-11 05:36 44,544 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2006-10-15 07:10 47,360 ----a-w C:\Documents and Settings\Profichet\Application Data\pcouffin.sys
2005-09-23 22:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
2001-10-05 09:53 21,866 ----a-w C:\Program Files\Fichiers communs\tppupd2k.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-24 15:20 401491]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 10:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-08 18:07 68856]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 03:41 49152]
"TPP Auto Loader"="C:\WINDOWS\TPPALDR.EXE" [2001-10-05 11:54 118784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-31 18:35 249896]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-04-02 16:17 2957824]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 10:00 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22 288472]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide de HP Photosmart Premier.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide de HP Photosmart Premier.lnk
backup=C:\WINDOWS\pss\Démarrage rapide de HP Photosmart Premier.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"C:\\Documents and Settings\\Profichet\\Mes documents\\Emule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-02 16:17]
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-22 11:06]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-31 13:30:48 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-03 18:45:00
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-04-03 18:47:33
ComboFix-quarantined-files.txt 2008-04-03 16:47:06
Pre-Run: 39,048,777,728 octets libres
Post-Run: 39,039,205,376 octets libres
.
2008-04-02 16:19:49 --- E O F ---
A voir également:
- RAPPORT COMBOFIX AIDEZ MOI SVP
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
- Acheter un rapport de stage - Forum Programmation
