Problème virus important ( dernier espoir) - Page 2
Résolu
Précédent
- 1
- 2
Voila! merci pour ton aide! je sais pas encore si c'est résolu et jai peur que sa rebloque a nouveau car pour le faire refonctionner apres c'est la galère!
ComboFix 09-04-23.A3 - Administrateur 23/04/2009 22:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1407 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081217-0] *On-access scanning disabled* (Outdated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrateur\Application Data\inst.exe
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo.dat
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo_nav.dat
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo_navps.dat
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure\Spyware-Secure trial.lnk
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure\Website.lnk
c:\windows\IE4 Error Log.txt
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-4-23 ))))))))))))))))))))))))))))))))))))
.
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-04-23 18:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-23 18:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-23 17:59 . 2009-04-23 18:23 -------- d-----w C:\FindyKill
2009-04-20 13:24 . 2009-04-20 13:28 106496 ----a-w c:\windows\DUMP5ad2.tmp
2009-04-20 05:35 . 2009-04-20 05:35 -------- d-----w c:\windows\system32\KB905474
2009-04-19 07:31 . 2009-04-19 07:43 3331 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\yuykosu.dat
2009-04-15 14:57 . 2009-04-15 14:57 864 ----a-w c:\windows\wininit.ini
2009-04-15 12:38 . 2009-04-15 14:57 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-15 09:31 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 09:31 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 09:31 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 09:31 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 09:31 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 09:31 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 09:31 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 09:31 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 09:31 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 09:29 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-15 09:29 . 2009-03-27 06:54 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 09:29 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 09:27 . 2009-03-10 20:26 1438080 ----a-w c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-04-15 09:27 . 2009-03-10 20:18 454024 ----a-w c:\windows\system32\KB905474\wgasetup.exe
2009-04-06 07:54 . 1996-11-06 10:04 302592 ----a-w c:\windows\unin040c.exe
2009-04-06 07:54 . 2009-04-06 07:54 -------- d-----w c:\documents and settings\Administrateur\WINDOWS
2009-04-01 13:12 . 2009-04-01 13:30 3 ----a-w c:\windows\sbacknt.bin
2009-03-30 05:33 . 2009-03-30 05:33 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-03-29 12:22 . 2009-03-29 12:22 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-03-29 12:20 . 2009-04-23 20:25 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-26 18:25 . 2009-04-01 13:04 152904 ----a-w c:\windows\system32\vghd.scr
2009-03-26 18:25 . 2009-03-26 18:25 -------- d-----w c:\documents and settings\Administrateur\Application Data\vghd
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 20:50 . 2008-12-01 15:29 -------- d-----w c:\documents and settings\Administrateur\Application Data\Free Download Manager
2009-04-23 20:49 . 2009-03-11 11:46 -------- d-----w c:\program files\Steam
2009-04-23 20:46 . 2007-09-17 11:59 1043592 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-04-23 20:37 . 2008-03-08 20:38 -------- d-----w c:\documents and settings\Administrateur\Application Data\Azureus
2009-04-23 20:25 . 2008-07-26 20:24 -------- d-----w c:\program files\eMule
2009-04-23 18:23 . 2009-04-23 18:16 3324 ----a-w C:\FindyKill.txt
2009-04-23 18:19 . 2002-09-06 20:59 85696 ----a-w c:\windows\system32\perfc00C.dat
2009-04-23 18:19 . 2002-09-06 20:59 513492 ----a-w c:\windows\system32\perfh00C.dat
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-22 13:47 . 2008-03-05 18:22 -------- d-----w c:\documents and settings\Administrateur\Application Data\LimeWire
2009-04-20 04:54 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP7157.tmp
2009-04-20 04:52 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP74e1.tmp
2009-04-19 11:47 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP8aac.tmp
2009-04-19 11:45 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP8721.tmp
2009-04-15 18:49 . 2009-04-15 18:49 -------- d-----w c:\program files\TVAnts
2009-04-15 16:55 . 2007-09-17 10:06 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-15 12:38 . 2009-04-15 12:38 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-12 16:19 . 2009-04-12 16:17 -------- d-----w c:\program files\DJ Mix Lite
2009-04-12 15:52 . 2009-04-12 15:46 -------- d-----w c:\program files\AtomixMP3
2009-04-10 17:04 . 2008-03-08 20:35 -------- d-----w c:\program files\Azureus
2009-04-07 20:05 . 2009-04-07 20:05 -------- d-----w c:\program files\SopCast
2009-04-07 14:44 . 2009-04-07 14:44 -------- d-----w c:\program files\Gameforge4D
2009-04-07 09:46 . 2009-04-07 09:46 -------- d-----w c:\program files\Aspyr
2009-04-07 08:39 . 2008-12-27 19:58 -------- d-----w c:\documents and settings\All Users\Application Data\Vso
2009-04-07 08:07 . 2007-09-17 13:41 -------- d-----w c:\program files\CapCom
2009-04-07 08:07 . 2007-09-17 09:55 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-06 09:42 . 2008-12-25 20:58 107888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-04-06 07:56 . 2009-04-06 07:56 -------- d-----w c:\program files\LucasArts
2009-04-05 10:45 . 2009-04-05 10:44 -------- d-----w c:\program files\Attack on Pearl Harbor
2009-04-01 13:41 . 2008-08-04 18:59 -------- d-----w c:\program files\LimeWire
2009-04-01 13:04 . 2009-03-26 18:25 -------- d-----w c:\program files\vghd
2009-03-30 18:57 . 2008-06-23 17:45 -------- d-----w c:\program files\DivX
2009-03-30 18:57 . 2009-03-30 18:57 -------- d-----w c:\program files\Fichiers communs\DivX Shared
2009-03-29 12:24 . 2008-08-08 18:27 -------- d-----w c:\program files\Google
2009-03-22 15:20 . 2009-03-22 15:20 -------- d-----w c:\program files\Avira
2009-03-22 15:20 . 2009-03-22 15:20 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-03-19 09:56 . 2009-03-19 09:46 -------- d-----w c:\program files\Microsoft
2009-03-19 09:56 . 2009-03-19 09:56 -------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-03-19 09:55 . 2008-03-05 18:06 -------- d-----w c:\program files\Windows Live
2009-03-19 09:55 . 2009-03-19 09:55 -------- d-----w c:\program files\Microsoft Sync Framework
2009-03-19 09:53 . 2009-03-19 09:53 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-03-19 09:46 . 2009-03-19 09:46 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-19 09:34 . 2009-03-19 09:34 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\program files\iTunes
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\program files\iPod
2009-03-12 18:43 . 2008-03-16 15:42 -------- d-----w c:\program files\Fichiers communs\Apple
2009-03-12 18:42 . 2007-09-17 12:19 -------- d-----w c:\program files\QuickTime Alternative
2009-03-12 18:28 . 2008-04-03 15:26 -------- d-----w c:\program files\Safari
2009-03-10 20:18 . 2007-04-10 12:00 265088 ----a-w c:\windows\system32\WgaLogon(4).dll
2009-03-10 20:18 . 2007-04-10 12:00 265088 ----a-w c:\windows\system32\WgaLogon(3).dll
2009-03-07 12:23 . 2009-03-07 12:23 -------- d-----w c:\documents and settings\Administrateur\Application Data\The Creative Assembly
2009-03-06 21:59 . 2007-09-17 10:29 77240 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-06 19:18 . 2007-09-17 14:42 -------- d-----w c:\program files\Codemasters
2009-03-06 18:57 . 2007-10-28 18:35 -------- d-----w c:\program files\Cyanide
2009-03-06 18:56 . 2008-09-08 17:02 -------- d-----w c:\program files\Ubisoft
2009-03-06 14:20 . 2004-08-19 17:09 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-05 22:59 . 2009-03-12 18:40 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-05 22:59 . 2008-03-16 15:42 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-03 00:13 . 2006-12-13 12:46 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-27 13:04 . 2008-08-18 11:31 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-24 19:34 . 2009-02-24 19:34 90112 ----a-w c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34 815104 ----a-w c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34 684032 ----a-w c:\windows\system32\DivX.dll
2009-02-23 15:42 . 2008-03-05 15:59 -------- d-----w c:\program files\D-Link
2009-02-22 15:44 . 2009-02-13 19:00 18555 ----a-w C:\crtdbg.txt
2009-02-20 17:10 . 2006-12-13 12:45 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:05 . 2006-12-13 12:49 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2005-03-02 19:13 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2006-12-13 12:48 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-19 17:10 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2006-12-13 12:54 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-12-13 12:50 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2004-08-19 17:09 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2004-08-19 17:09 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2002-09-06 20:59 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2004-08-19 17:09 56832 ----a-w c:\windows\system32\secur32.dll
2008-12-27 19:50 . 2008-12-27 19:50 47360 ----a-w c:\documents and settings\Administrateur\Application Data\pcouffin.sys
2008-06-10 15:52 . 2008-08-12 15:55 626977212 ----a-w c:\program files\Postal2STP-FreeMP.exe
2008-04-23 08:33 . 2008-08-12 15:54 528345264 ----a-w c:\program files\tmnationsforever_setup.exe
2008-03-27 18:29 . 2008-08-12 19:01 719940817 ----a-w c:\program files\FlyffFR_complet_acte2.exe
2007-09-17 11:56 . 2007-09-17 11:56 137 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\fusioncache.dat
2006-12-14 19:26 . 2007-09-17 09:27 16239227 ----a-r c:\program files\metamorphose.ccp
2005-12-23 12:54 . 2008-09-12 19:02 74 ----a-w c:\program files\rld-hopb.cue
2005-12-23 12:54 . 2008-09-12 19:02 671103216 ----a-w c:\program files\rld-hopb.bin
2005-12-23 12:28 . 2008-09-12 19:01 74 ----a-w c:\program files\rld-hopa.cue
2005-12-23 12:28 . 2008-09-12 19:00 722508528 ----a-w c:\program files\rld-hopa.bin
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-12-15 14:00 . 2008-10-16 15:09 16384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2008-12-15 14:00 . 2008-10-16 15:09 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-12-13 11:29 . 2008-12-13 11:29 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008121320081214\index.dat
2008-12-15 14:00 . 2008-10-16 15:09 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-07-07 09:27 398776 ----a-w c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2008-09-02 14:07 398784 ----a-w c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]
[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]
[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"L07FXLRD_2288406"="c:\program files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" [2006-06-13 351000]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 1306624]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 68856]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-22 2772992]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2008-11-12 2474031]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-13 306088]
"Steam"="c:\program files\Steam\Steam.exe" [2009-04-07 1410296]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2008-08-01 5480448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe" [2007-03-14 1388544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"D-Link D-Link Wireless G DWA-110"="c:\program files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2007-05-04 1662976]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-11 342312]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-28 1626112]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide1"="move" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-9-17 692224]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\EA Sports\\FIFA 09\\FIFA09.exe"=
"c:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe"=
"c:\\Program Files\\THQ\\MotoGP URT 3 Demo\\motogp_demo.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Electronic Arts\\Le Seigneur des Anneaux® - L’Age des Conquêtes™\\Conquest.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds_RADEON.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Mes documents\\Azureus Downloads\\Left.4.Dead.Full.English-iAPULA\\left4dead.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\empire total war\\Empire.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R2 gupdate1c9b06912271298;Service Google Update (gupdate1c9b06912271298);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
R3 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [2008-02-01 151552]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-04-06 38496]
R3 oflpydin;oflpydin; [x]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\rt2870.sys [2007-03-13 476416]
S0 jahci;jahci; [x]
S1 aswSP;avast! Self Protection; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Autorun.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2009-04-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]
2009-04-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-08 12:20]
2009-04-23 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 12:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-yuykosu - c:\documents and settings\administrateur\local settings\application data\yuykosu.exe
HKU-Default-RunOnce-nltide2 - rundll32 advpack.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/search?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4SUNA_frFR287FR291&q=google
mStart Page = hxxp://fr.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\b4ar0709.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin6.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin7.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 22:50
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-725345543-1547161642-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:06,12,be,a8,f1,d3,79,db,3b,02,7e,8c,b3,3d,42,12,a5,cd,2f,0d,f4,
9c,d1,fe,3d,a4,f2,1b,44,41,2b,6d,cb,87,ff,73,00,32,70,26,50,69,30,c4,40,9e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(632)
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\windows\system32\ConnAPI.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\eappprxy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\progra~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\progra~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-23 22:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-23 20:54
Avant-CF: 5 232 316 416 octets libres
Après-CF: 5 180 784 640 octets libres
378 --- E O F --- 2009-04-15 16:58
ComboFix 09-04-23.A3 - Administrateur 23/04/2009 22:44.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1407 [GMT 2:00]
Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081217-0] *On-access scanning disabled* (Outdated)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrateur\Application Data\inst.exe
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo.dat
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo_nav.dat
c:\documents and settings\Administrateur\Local Settings\Application Data\ciaoo_navps.dat
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure\Spyware-Secure trial.lnk
c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Spyware-Secure\Website.lnk
c:\windows\IE4 Error Log.txt
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-4-23 ))))))))))))))))))))))))))))))))))))
.
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-04-23 18:05 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-23 18:05 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-23 17:59 . 2009-04-23 18:23 -------- d-----w C:\FindyKill
2009-04-20 13:24 . 2009-04-20 13:28 106496 ----a-w c:\windows\DUMP5ad2.tmp
2009-04-20 05:35 . 2009-04-20 05:35 -------- d-----w c:\windows\system32\KB905474
2009-04-19 07:31 . 2009-04-19 07:43 3331 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\yuykosu.dat
2009-04-15 14:57 . 2009-04-15 14:57 864 ----a-w c:\windows\wininit.ini
2009-04-15 12:38 . 2009-04-15 14:57 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-15 09:31 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 09:31 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 09:31 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 09:31 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 09:31 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 09:31 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 09:31 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 09:31 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 09:31 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 09:29 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-15 09:29 . 2009-03-27 06:54 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 09:29 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 09:27 . 2009-03-10 20:26 1438080 ----a-w c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-04-15 09:27 . 2009-03-10 20:18 454024 ----a-w c:\windows\system32\KB905474\wgasetup.exe
2009-04-06 07:54 . 1996-11-06 10:04 302592 ----a-w c:\windows\unin040c.exe
2009-04-06 07:54 . 2009-04-06 07:54 -------- d-----w c:\documents and settings\Administrateur\WINDOWS
2009-04-01 13:12 . 2009-04-01 13:30 3 ----a-w c:\windows\sbacknt.bin
2009-03-30 05:33 . 2009-03-30 05:33 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-03-29 12:22 . 2009-03-29 12:22 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-03-29 12:20 . 2009-04-23 20:25 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-03-26 18:25 . 2009-04-01 13:04 152904 ----a-w c:\windows\system32\vghd.scr
2009-03-26 18:25 . 2009-03-26 18:25 -------- d-----w c:\documents and settings\Administrateur\Application Data\vghd
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 20:50 . 2008-12-01 15:29 -------- d-----w c:\documents and settings\Administrateur\Application Data\Free Download Manager
2009-04-23 20:49 . 2009-03-11 11:46 -------- d-----w c:\program files\Steam
2009-04-23 20:46 . 2007-09-17 11:59 1043592 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-04-23 20:37 . 2008-03-08 20:38 -------- d-----w c:\documents and settings\Administrateur\Application Data\Azureus
2009-04-23 20:25 . 2008-07-26 20:24 -------- d-----w c:\program files\eMule
2009-04-23 18:23 . 2009-04-23 18:16 3324 ----a-w C:\FindyKill.txt
2009-04-23 18:19 . 2002-09-06 20:59 85696 ----a-w c:\windows\system32\perfc00C.dat
2009-04-23 18:19 . 2002-09-06 20:59 513492 ----a-w c:\windows\system32\perfh00C.dat
2009-04-23 18:05 . 2009-04-23 18:05 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-22 13:47 . 2008-03-05 18:22 -------- d-----w c:\documents and settings\Administrateur\Application Data\LimeWire
2009-04-20 04:54 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP7157.tmp
2009-04-20 04:52 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP74e1.tmp
2009-04-19 11:47 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP8aac.tmp
2009-04-19 11:45 . 2007-09-17 11:08 106496 ----a-w c:\windows\DUMP8721.tmp
2009-04-15 18:49 . 2009-04-15 18:49 -------- d-----w c:\program files\TVAnts
2009-04-15 16:55 . 2007-09-17 10:06 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-15 12:38 . 2009-04-15 12:38 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-12 16:19 . 2009-04-12 16:17 -------- d-----w c:\program files\DJ Mix Lite
2009-04-12 15:52 . 2009-04-12 15:46 -------- d-----w c:\program files\AtomixMP3
2009-04-10 17:04 . 2008-03-08 20:35 -------- d-----w c:\program files\Azureus
2009-04-07 20:05 . 2009-04-07 20:05 -------- d-----w c:\program files\SopCast
2009-04-07 14:44 . 2009-04-07 14:44 -------- d-----w c:\program files\Gameforge4D
2009-04-07 09:46 . 2009-04-07 09:46 -------- d-----w c:\program files\Aspyr
2009-04-07 08:39 . 2008-12-27 19:58 -------- d-----w c:\documents and settings\All Users\Application Data\Vso
2009-04-07 08:07 . 2007-09-17 13:41 -------- d-----w c:\program files\CapCom
2009-04-07 08:07 . 2007-09-17 09:55 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-06 09:42 . 2008-12-25 20:58 107888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-04-06 07:56 . 2009-04-06 07:56 -------- d-----w c:\program files\LucasArts
2009-04-05 10:45 . 2009-04-05 10:44 -------- d-----w c:\program files\Attack on Pearl Harbor
2009-04-01 13:41 . 2008-08-04 18:59 -------- d-----w c:\program files\LimeWire
2009-04-01 13:04 . 2009-03-26 18:25 -------- d-----w c:\program files\vghd
2009-03-30 18:57 . 2008-06-23 17:45 -------- d-----w c:\program files\DivX
2009-03-30 18:57 . 2009-03-30 18:57 -------- d-----w c:\program files\Fichiers communs\DivX Shared
2009-03-29 12:24 . 2008-08-08 18:27 -------- d-----w c:\program files\Google
2009-03-22 15:20 . 2009-03-22 15:20 -------- d-----w c:\program files\Avira
2009-03-22 15:20 . 2009-03-22 15:20 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-03-19 09:56 . 2009-03-19 09:46 -------- d-----w c:\program files\Microsoft
2009-03-19 09:56 . 2009-03-19 09:56 -------- d-----w c:\program files\Microsoft Office Outlook Connector
2009-03-19 09:55 . 2008-03-05 18:06 -------- d-----w c:\program files\Windows Live
2009-03-19 09:55 . 2009-03-19 09:55 -------- d-----w c:\program files\Microsoft Sync Framework
2009-03-19 09:53 . 2009-03-19 09:53 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-03-19 09:46 . 2009-03-19 09:46 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-19 09:34 . 2009-03-19 09:34 -------- d-----w c:\program files\Fichiers communs\Windows Live
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\program files\iTunes
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 18:43 . 2009-03-12 18:43 -------- d-----w c:\program files\iPod
2009-03-12 18:43 . 2008-03-16 15:42 -------- d-----w c:\program files\Fichiers communs\Apple
2009-03-12 18:42 . 2007-09-17 12:19 -------- d-----w c:\program files\QuickTime Alternative
2009-03-12 18:28 . 2008-04-03 15:26 -------- d-----w c:\program files\Safari
2009-03-10 20:18 . 2007-04-10 12:00 265088 ----a-w c:\windows\system32\WgaLogon(4).dll
2009-03-10 20:18 . 2007-04-10 12:00 265088 ----a-w c:\windows\system32\WgaLogon(3).dll
2009-03-07 12:23 . 2009-03-07 12:23 -------- d-----w c:\documents and settings\Administrateur\Application Data\The Creative Assembly
2009-03-06 21:59 . 2007-09-17 10:29 77240 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-06 19:18 . 2007-09-17 14:42 -------- d-----w c:\program files\Codemasters
2009-03-06 18:57 . 2007-10-28 18:35 -------- d-----w c:\program files\Cyanide
2009-03-06 18:56 . 2008-09-08 17:02 -------- d-----w c:\program files\Ubisoft
2009-03-06 14:20 . 2004-08-19 17:09 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-05 22:59 . 2009-03-12 18:40 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-03-05 22:59 . 2008-03-16 15:42 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-03 00:13 . 2006-12-13 12:46 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-27 13:04 . 2008-08-18 11:31 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-24 19:34 . 2009-02-24 19:34 90112 ----a-w c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34 815104 ----a-w c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34 684032 ----a-w c:\windows\system32\DivX.dll
2009-02-23 15:42 . 2008-03-05 15:59 -------- d-----w c:\program files\D-Link
2009-02-22 15:44 . 2009-02-13 19:00 18555 ----a-w C:\crtdbg.txt
2009-02-20 17:10 . 2006-12-13 12:45 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:05 . 2006-12-13 12:49 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2005-03-02 19:13 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2006-12-13 12:48 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2004-08-19 17:10 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2006-12-13 12:54 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-12-13 12:50 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2004-08-19 17:09 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2004-08-19 17:09 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 10:39 . 2002-09-06 20:59 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2004-08-19 17:09 56832 ----a-w c:\windows\system32\secur32.dll
2008-12-27 19:50 . 2008-12-27 19:50 47360 ----a-w c:\documents and settings\Administrateur\Application Data\pcouffin.sys
2008-06-10 15:52 . 2008-08-12 15:55 626977212 ----a-w c:\program files\Postal2STP-FreeMP.exe
2008-04-23 08:33 . 2008-08-12 15:54 528345264 ----a-w c:\program files\tmnationsforever_setup.exe
2008-03-27 18:29 . 2008-08-12 19:01 719940817 ----a-w c:\program files\FlyffFR_complet_acte2.exe
2007-09-17 11:56 . 2007-09-17 11:56 137 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\fusioncache.dat
2006-12-14 19:26 . 2007-09-17 09:27 16239227 ----a-r c:\program files\metamorphose.ccp
2005-12-23 12:54 . 2008-09-12 19:02 74 ----a-w c:\program files\rld-hopb.cue
2005-12-23 12:54 . 2008-09-12 19:02 671103216 ----a-w c:\program files\rld-hopb.bin
2005-12-23 12:28 . 2008-09-12 19:01 74 ----a-w c:\program files\rld-hopa.cue
2005-12-23 12:28 . 2008-09-12 19:00 722508528 ----a-w c:\program files\rld-hopa.bin
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:2009-02-24 19:34 34:32 . c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-12-15 14:00 . 2008-10-16 15:09 16384 --sha-w c:\windows\system32\config\systemprofile\Cookies\index.dat
2008-12-15 14:00 . 2008-10-16 15:09 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2008-12-13 11:29 . 2008-12-13 11:29 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008121320081214\index.dat
2008-12-15 14:00 . 2008-10-16 15:09 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-07-07 09:27 398776 ----a-w c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2008-09-02 14:07 398784 ----a-w c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]
[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2008-09-02 529856]
[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"L07FXLRD_2288406"="c:\program files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" [2006-06-13 351000]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2005-11-30 1306624]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 68856]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-22 2772992]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2008-11-12 2474031]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-12-13 306088]
"Steam"="c:\program files\Steam\Steam.exe" [2009-04-07 1410296]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"eMuleAutoStart"="c:\program files\eMule\emule.exe" [2008-08-01 5480448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe" [2007-03-14 1388544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-05 177472]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"D-Link D-Link Wireless G DWA-110"="c:\program files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2007-05-04 1662976]
"QuickTime Task"="c:\program files\QuickTime Alternative\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-11 342312]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-28 1626112]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide1"="move" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-02-20 124928]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-9-17 692224]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\EA Sports\\FIFA 09\\FIFA09.exe"=
"c:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe"=
"c:\\Program Files\\THQ\\MotoGP URT 3 Demo\\motogp_demo.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Electronic Arts\\Le Seigneur des Anneaux® - L’Age des Conquêtes™\\Conquest.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds_RADEON.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Mes documents\\Azureus Downloads\\Left.4.Dead.Full.English-iAPULA\\left4dead.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\empire total war\\Empire.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R2 gupdate1c9b06912271298;Service Google Update (gupdate1c9b06912271298);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 133104]
R3 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [2008-02-01 151552]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-04-06 38496]
R3 oflpydin;oflpydin; [x]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\rt2870.sys [2007-03-13 476416]
S0 jahci;jahci; [x]
S1 aswSP;avast! Self Protection; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Autorun.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Tâches planifiées'
2009-04-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]
2009-04-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-08 12:20]
2009-04-23 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-29 12:22]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-yuykosu - c:\documents and settings\administrateur\local settings\application data\yuykosu.exe
HKU-Default-RunOnce-nltide2 - rundll32 advpack.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/search?sourceid=navclient&hl=fr&ie=UTF-8&rlz=1T4SUNA_frFR287FR291&q=google
mStart Page = hxxp://fr.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\b4ar0709.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin6.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin7.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 22:50
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-725345543-1547161642-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:06,12,be,a8,f1,d3,79,db,3b,02,7e,8c,b3,3d,42,12,a5,cd,2f,0d,f4,
9c,d1,fe,3d,a4,f2,1b,44,41,2b,6d,cb,87,ff,73,00,32,70,26,50,69,30,c4,40,9e,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(632)
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\windows\system32\ConnAPI.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\eappprxy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\progra~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.exe
c:\progra~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-23 22:55 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-23 20:54
Avant-CF: 5 232 316 416 octets libres
Après-CF: 5 180 784 640 octets libres
378 --- E O F --- 2009-04-15 16:58
Précédent
- 1
- 2
