Voilà j'ai terminé l'analyse! =)
J'avais fermé toutes les fenêtres et tout désactivé pour la durée de l'analyse, y compris ma connexion. (sans plus aucun
antivirus, firewall,
anti-spyware, je voulais pas rester en ligne). Alors, y a t-il des infections détectées ?
ComboFix 10-07-20.03 - Compaq_Propriétaire 21/07/2010 16:10:57.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.958.426 [GMT 2:00]
Lancé depuis: c:\documents and settings\Compaq_Propriétaire\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV:
avast! antivirus 4.8.0 [VPS 000000-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\real.txt
D:\Autorun.inf
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-21 au 2010-07-21 ))))))))))))))))))))))))))))))))))))
.
2010-07-20 21:34 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-20 17:19 . 2010-07-20 17:19 -------- d-----w- C:\Kill'em
2010-07-20 17:15 . 2010-07-20 17:19 -------- d-----w- c:\program files\List_Kill'em
2010-07-20 13:35 . 2010-07-20 13:35 -------- d-----w- c:\program files\CCleaner
2010-07-15 14:44 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-11 12:45 . 2010-07-20 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-07-02 14:32 . 2010-07-02 14:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Age of Empires 3
2010-07-02 14:29 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-21 14:00 . 2006-09-25 19:42 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-17 17:24 . 2006-04-24 22:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-11 12:49 . 2006-09-26 15:11 -------- d-----w- c:\program files\Alwil Software
2010-07-02 14:12 . 2006-09-16 15:49 -------- d-----w- c:\program files\Microsoft Games
2010-06-28 20:57 . 2010-07-14 12:01 165032 ----a-w- c:\windows\system32\asw119.tmp
2010-06-28 20:57 . 2006-09-26 15:11 165032 ------w- c:\windows\system32\aswBoot.exe
2010-06-23 23:09 . 2004-11-23 14:26 85544 ----a-w- c:\windows\system32\perfc00C.dat
2010-06-23 23:09 . 2004-11-23 14:26 512252 ----a-w- c:\windows\system32\perfh00C.dat
2010-06-20 17:25 . 2006-04-24 23:10 -------- d-----w- c:\program files\Google
2010-06-20 17:17 . 2008-12-10 15:15 -------- d-----w- c:\program files\IkAgora
2010-06-20 15:41 . 2010-06-20 15:41 58 ----a-w- c:\windows\winvidni.sys
2010-06-20 15:41 . 2010-06-20 15:41 -------- d-----w- c:\program files\Viable Software Alternatives
2010-06-20 10:42 . 2010-06-20 10:42 -------- d-----w- c:\program files\Eidos Interactive
2010-06-17 18:15 . 2010-06-17 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Age of Empires 3 XPack Trial
2010-06-14 14:31 . 2004-08-05 11:00 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-05 08:15 . 2009-11-27 19:17 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-04 21:26 . 2007-07-31 18:19 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-05-04 17:17 . 2004-08-05 11:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:17 . 2004-08-05 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:17 . 2004-08-05 11:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-05-02 08:08 . 2004-08-05 11:00 1851392 ----a-w- c:\windows\system32\win32k.sys
2008-01-08 11:49 . 2008-01-08 11:49 278528 -c--a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
2007-11-16 16:01 . 2007-11-16 16:00 18164640 -c--a-w- c:\program files\aaw2007.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-30 68856]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-23 15969280]
"PCMService"="c:\program files\CyberLink\PowerCinema\PCMService.exe" [2006-02-25 147456]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552]
"SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2002-06-06 861184]
"AOLSAV"="c:\progra~1\TECHCI~1\AOLSAV\AOLAgent.exe" [2004-04-26 75776]
"AOLDialer"="c:\program files\Fichiers communs\AOL\ACS\AOLDial.exe" [2007-06-21 70952]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-26 98304]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2003-08-19 1048576]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-04-24 180269]
"HostManager"="c:\program files\Fichiers communs\AOL\1166646123\ee\AOLSoftware.exe" [2006-11-17 50736]
"AVFX Engine"="c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 24576]
"V0220Mon.exe"="c:\windows\V0220Mon.exe" [2006-06-28 32768]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-04 344064]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
c:\documents and settings\Compaq_Propri'taire\Menu D'marrer\Programmes\D'marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
c:\documents and settings\Compaq_Propri'taire\Menu D'marrer\Programmes\D'marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
c:\documents and settings\Compaq_Propri'taire\Menu D'marrer\Programmes\D'marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
AOL 9.0 Ic"ne AOL.lnk - c:\program files\AOL 9.0\aoltray.exe [2006-9-26 156784]
D'marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
c:\documents and settings\Compaq_Propri'taire\Menu D'marrer\Programmes\D'marrage\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SharedAccess"=2 (0x2)
"napagent"=3 (0x3)
"MpfService"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"avast! Antivirus"=2 (0x2)
"AntiVirService"=2 (0x2)
"AntiVirSchedulerService"=2 (0x2)
"aawservice"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PCMService.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires\\EMPIRESX2.EXE"=
"c:\\Program Files\\Fichiers communs\\AOL\\1166646123\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Sierra\\Empire Earth II\\EE2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SightSpeed\\SightSpeed.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III - The WarChiefs Trial\\age3x.exe"=
"c:\\Program Files\\Eidos Interactive\\Pyro Studios\\Praetorians\\Praetorians.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21/10/2009 20:53 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/04/2008 14:59 114768]
R1 crlscsi;crlscsi;c:\windows\system32\drivers\crlscsi.sys [26/09/2006 18:18 6144]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/04/2008 14:59 20560]
R3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [25/12/2006 20:24 146112]
R3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [25/12/2006 20:24 6272]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30/01/2010 16:34 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 13:17 1181328]
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [16/09/2006 14:50 36048]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [22/11/2005 02:27 21120]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [01/03/2006 20:37 217088]
S4 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [03/01/2010 02:00 108289]
.
Contenu du dossier 'Tâches planifiées'
2010-07-21 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:54]
2010-07-21 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:54]
2010-07-21 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:54]
2010-07-21 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:54]
2010-07-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 19:54]
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 14:33]
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 14:33]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/webhp?hl=fr
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: &Recherche AOL Toolbar - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\documents and settings\Compaq_Propriétaire\Application Data\Mozilla\Firefox\Profiles\pxhahzpu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Neuf\TV_PC\VLC\npvlc.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-WinUsr - c:\program files\Winsudate\gibusr.exe
HKLM-Run-PCDrProfiler - (no file)
HKLM-Run-Install5G - e:\aolbox\Install.exe
AddRemove-Freeciv-2.0.8-gtk2 - c:\documents and settings\Compaq_Propriétaire\Mes documents\Game\jeux\Freeciv-2.0.8-gtk2\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-07-21 16:18
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AOLSAV = c:\progra~1\TECHCI~1\AOLSAV\AOLAgent.exe?exe???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PCD5SRVC{085326CB-51A3560A-05010003}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(780)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2010-07-21 16:22:14
ComboFix-quarantined-files.txt 2010-07-21 14:22
Avant-CF: 202 605 080 576 octets libres
Après-CF: 205 232 336 896 octets libres
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
- - End Of File - - 48F22E4C41848654FBA56573CFAB7C39