ComboFix 08-09-27.01 - DIDIER 2008-09-28 11:24:28.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2708 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\DIDIER\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\DIDIER\Cookies\didier@clickintext[2].txt
C:\WINDOWS\config.ini
C:\WINDOWS\system32\rtl60.bpl
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SROSA
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-28 ))))))))))))))))))))))))))))))))))))
.
2008-09-28 01:27 . 2008-09-28 01:27 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2008-09-27 23:35 . 2008-09-27 23:35 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-09-25 11:22 . 2008-09-25 11:22 <REP> d-------- C:\WINDOWS\Logs
2008-09-24 21:42 . 2005-06-15 11:20 3,200,256 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-09-22 21:32 . 2005-06-15 11:20 3,200,256 --a--c--- C:\WINDOWS\system32\drivers\OLD42.tmp
2008-09-20 23:41 . 2008-09-20 23:41 <REP> d-------- C:\Program Files\iTunes
2008-09-20 23:41 . 2008-09-20 23:41 <REP> d-------- C:\Program Files\iPod
2008-09-20 23:41 . 2008-09-20 23:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-20 23:32 . 2008-09-20 23:32 <REP> d-------- C:\Program Files\Bonjour
2008-09-20 15:06 . 2008-09-20 15:06 <REP> d-------- C:\Program Files\SoftwarePassport
2008-09-20 15:06 . 2008-09-20 15:06 <REP> d-------- C:\Program Files\Mindscape
2008-09-20 15:06 . 2008-09-20 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-09-20 14:50 . 2008-09-21 19:37 <REP> d-------- C:\Program Files\Alien Shooter
2008-09-20 12:24 . 2008-09-20 13:59 <REP> d-------- C:\Documents and Settings\DIDIER\Application Data\SPORE Creature Creator
2008-09-19 05:52 . 2008-09-19 05:52 <REP> d-------- C:\Program Files\ReflexiveArcade
2008-09-18 02:41 . 2008-09-18 02:41 42,320 --a--c--- C:\WINDOWS\system32\xfcodec.dll
2008-09-16 12:59 . 2008-09-16 12:59 <REP> d-------- C:\ProgramData
2008-09-16 12:59 . 2008-09-16 13:04 2,016 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-09-16 12:58 . 2008-09-16 13:22 <REP> d-------- C:\Program Files\Electronic Arts
2008-09-15 12:11 . 2008-09-15 13:25 <REP> d-------- C:\Program Files\Hero Editor
2008-09-15 12:11 . 2008-09-15 12:11 249,856 --------- C:\WINDOWS\Setup1.exe
2008-09-15 12:06 . 2008-09-15 12:11 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2008-09-15 12:06 . 2008-09-15 12:07 1,199 --a------ C:\WINDOWS\ST6UNST.000
2008-09-15 05:34 . 2008-09-15 05:34 <REP> d-------- C:\Program Files\Lavalys
2008-09-14 14:57 . 2008-09-14 14:57 <REP> d-------- C:\WINDOWS\InCD
2008-09-14 14:57 . 2008-09-14 14:57 <REP> d-------- C:\Program Files\Ahead
2008-09-14 14:57 . 2004-12-21 17:39 2,670,592 --------- C:\WINDOWS\NuNinst.exe
2008-09-14 14:57 . 2005-01-03 11:33 99,456 --------- C:\WINDOWS\system32\drivers\InCDfs.sys
2008-09-14 14:57 . 2005-01-07 09:22 58,046 --------- C:\WINDOWS\NuNinst.cfg
2008-09-14 14:57 . 2005-01-03 11:33 28,928 --------- C:\WINDOWS\system32\drivers\InCDpass.sys
2008-09-14 14:57 . 2005-01-03 11:33 27,776 --------- C:\WINDOWS\system32\drivers\InCDrm.sys
2008-09-14 14:57 . 2005-01-03 11:33 8,704 --------- C:\WINDOWS\system32\drivers\InCDrec.sys
2008-09-14 14:24 . 2008-09-14 15:30 <REP> d-------- C:\Photos mathilde
2008-09-13 10:13 . 2008-09-13 10:16 230 --a------ C:\WINDOWS\GTA-SA_Trn_Keys.gtk
2008-09-12 20:00 . 2008-09-13 10:20 917 --a------ C:\WINDOWS\GTA-SA_Trn_Settings.ini
2008-09-12 19:45 . 2008-09-12 19:45 <REP> d-------- C:\Program Files\Rockstar Games
2008-09-08 20:28 . 2008-08-22 16:25 134,132 --a------ C:\WINDOWS\_detmp.1
2008-09-08 20:28 . 1999-09-28 10:45 69,632 --a------ C:\WINDOWS\_detmp.2
2008-09-07 18:00 . 2008-09-07 18:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TDK
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-09-06 12:44 . 2008-09-16 20:13 <REP> d-------- C:\Program Files\Windows Live Safety Center
2008-09-02 11:58 . 2008-09-02 11:58 0 --a------ C:\WINDOWS\system32\SET978.tmp
2008-09-02 11:32 . 2008-09-02 11:32 <REP> d-------- C:\Program Files\MSN Content Plus Inc
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll
2008-08-28 15:17 . 2008-08-28 15:17 <REP> d-------- C:\Program Files\Apple Software Update
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 09:28 --------- d-----w C:\Program Files\Steam
2008-09-28 09:27 0 -c--a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-09-28 09:27 --------- d-----w C:\Program Files\Xfire
2008-09-28 09:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-28 09:12 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-28 09:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-28 09:10 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\Xfire
2008-09-28 09:05 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\Azureus
2008-09-28 07:58 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\MailWasherPro
2008-09-27 23:27 --------- d-----w C:\Program Files\eMule
2008-09-27 06:35 --------- d-----w C:\Program Files\Diablo II
2008-09-25 16:12 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\Canon
2008-09-21 12:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-20 21:39 --------- d-----w C:\Program Files\QuickTime
2008-09-20 21:39 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-09-20 13:06 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-09-16 10:59 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-09-10 17:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-10 13:26 --------- d-----w C:\Program Files\StuffPlug3
2008-09-08 18:22 --------- d-----w C:\Program Files\Notepad++
2008-09-03 13:10 137,472 -c--a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-03 13:10 111,928 -c--a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-09-03 10:54 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-02 16:26 --------- d-----w C:\Program Files\Google
2008-08-26 09:52 --------- d-----w C:\Program Files\AxBx
2008-08-22 21:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-08-22 20:23 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\skypePM
2008-08-22 14:23 --------- d-----w C:\Program Files\Infogrames
2008-08-19 17:00 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-16 20:10 --------- d-----w C:\Documents and Settings\DIDIER\Application Data\Notepad++
2008-08-14 21:06 --------- d-----w C:\Program Files\NFO viewer
2008-08-14 08:58 --------- d-----w C:\Program Files\MagicTune Premium
2008-08-14 08:58 --------- d-----w C:\Program Files\MagicISO
2008-08-14 08:58 --------- d-----w C:\Program Files\GénéaTiqueMX
2008-08-14 08:58 --------- d-----w C:\Program Files\DivX
2008-08-14 08:58 --------- d-----w C:\Program Files\ASUS WiFi-AP Solo(2)
2008-08-14 08:58 --------- d-----w C:\Program Files\AdorageI-SAL
2008-07-31 08:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll
2008-07-31 08:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll
2008-07-31 08:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll
2008-07-24 14:02 21,840 -c--atw C:\WINDOWS\system32\SIntfNT.dll
2008-07-24 14:02 17,212 -c--atw C:\WINDOWS\system32\SIntf32.dll
2008-07-24 14:02 12,067 -c--atw C:\WINDOWS\system32\SIntf16.dll
2008-07-24 13:58 2,829 -c--a-w C:\WINDOWS\DIIUnin.pif
2008-07-24 13:58 102,400 -c--a-w C:\WINDOWS\DIIUnin.exe
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 -c--a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 45,768 -c--a-w C:\WINDOWS\system32\wups2(2).dll
2008-07-18 20:10 36,552 -c--a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-12 06:18 467,984 ----a-w C:\WINDOWS\system32\d3dx10_39.dll
2008-07-12 06:18 3,851,784 ----a-w C:\WINDOWS\system32\D3DX9_39.dll
2008-07-12 06:18 1,493,528 ----a-w C:\WINDOWS\system32\D3DCompiler_39.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 17:00 5,250,856 -c--a-w C:\Program Files\vnc-P4_4_2-x86_x64_win32.exe
2002-07-26 16:02 153,088 -c--a-w C:\Program Files\UNWISE.EXE
2007-12-25 23:35 56 -csh--r C:\WINDOWS\system32\BB5F9E300F.sys
2007-10-04 09:32 5 -csha-w C:\WINDOWS\system32\cbaa7_s.dll
2007-12-25 23:35 1,890 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}"= "C:\Program Files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]
[HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]
2008-03-13 11:30 1524248 --a------ C:\Program Files\blueshirtstudio\tbblue.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}"= "C:\Program Files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BFCDCEBE-E1FB-40F9-B4E2-7BB1138EF76C}"= "C:\Program Files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]
[HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-02 68856]
"Steam"="c:\program files\steam\steam.exe" [2008-07-21 1271032]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-11-06 67128]
"Eraser"="C:\PROGRA~1\Eraser\eraser.exe" [2007-07-28 277328]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2008-06-13 2752512]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Auto EPSON Stylus Photo R240 Series sur DIDIER-P0NCSG1Z"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]
"USBToolTip"="C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2004-04-06 61440]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2005-07-04 69632]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2005-06-29 212992]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-09-06 413696]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 406016]
"PCLEPCI"="C:\PROGRA~1\Pinnacle\PPE\PPE.EXE" [2004-02-03 49152]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-06-15 86016]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-04-28 570664]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-01-03 1385472]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 81920]
"AsusStartupHelp"="C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 363008]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"Ai Quicker Help"="C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe" [2006-11-09 3165696]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"36X Raid Configurer"="C:\WINDOWS\System32\JMRaidSetup.exe" [2006-11-16 1953792]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 C:\WINDOWS\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-05 15360]
C:\Documents and Settings\DIDIER\Menu D‚marrer\Programmes\D‚marrage\
e-Backup 1.42 Scheduler.lnk - C:\Documents and Settings\DIDIER\Application Data\Microsoft\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe [2007-10-04 3638]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-09-18 3089232]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "C:\Program Files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll
"VIDC.MJPX"= PICVideo MJPEG Codec
"VIDC.XFR1"= xfcodec.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
--a------ 2008-07-19 16:38 78008 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"DisablePagingExecutive"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"C:\\Documents and Settings\\DIDIER\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\ASUS\\ASUSUpdate\\Update.exe"=
"C:\\Program Files\\Steam\\SteamApps\\therockeur042\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\therockeur042\\day of defeat source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\therockeur042\\half-life 2 deathmatch\\hl2.exe"=
"C:\\Program Files\\Mumble\\murmur.exe"=
"C:\\Program Files\\Soulseek-Test\\slsk.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\ARMYMEN\\amrts.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Diablo II\\Diablo II.exe"=
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:eMule
"4672:UDP"= 4672:UDP:Emule
"5900:TCP"= 5900:TCP:vnc
"5800:TCP"= 5800:TCP:VNC
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
S1 M9207;LifeView M9207 USB Digital TV BOX;C:\WINDOWS\system32\DRIVERS\M9207BDA.sys [2005-09-23 36096]
S2 Netiris;Netiris Agent;C:\Program Files\Captel\Netiris\agent.exe [2003-03-04 176128]
S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-03-01 69120]
S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 18848]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [ ]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [ ]
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [ ]
.
Contenu du dossier 'Tâches planifiées'
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-RunOnce-Shockwave Updater - C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SIMBAR={D98F579D-68EF-4703-BB18-BDC9F7B7DB38}; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET
.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\tbkonjx2.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr
fficial
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Vous devez être
connecté pour voir les liens.
Rootkit scan 2008-09-28 11:28:06
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\logishrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDHRemote.exe
C:\Program Files\Fichiers communs\logishrd\LQCVFX\COCIManager.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-28 11:31:56 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-09-28 09:31:53
Avant-CF: 238ÿ662ÿ758ÿ400 octets libres
Après-CF: 238,798,159,872 octets libres
317 --- E O F --- 2008-09-10 17:03:11