Rapport combofix
ComboFix 09-11-18.06 - CDT 18/11/2009 14:38.2.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.603 [GMT 1:00]
Lancé depuis: c:\documents and settings\CDT\Bureau\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\CDT\Application Data\drivers\downld
c:\documents and settings\CDT\Mes documents\base registre.reg
c:\documents and settings\CDT\Mes documents\registre 22_10_2009.reg
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-18 au 2009-11-18 ))))))))))))))))))))))))))))))))))))
.
2009-11-18 11:31 . 2009-11-18 11:31 -------- d-----w- c:\program files\Trend Micro
2009-11-17 20:29 . 2009-11-17 20:29 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-17 20:28 . 2009-11-17 20:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp
2009-11-15 14:52 . 2009-11-15 14:52 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-11-15 14:52 . 2008-12-11 12:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-15 14:52 . 2009-11-15 14:52 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-11-12 20:09 . 2007-10-17 09:19 36864 ----a-w- c:\windows\system32\ascbalon.dll
2009-11-12 20:09 . 2007-10-17 09:19 20480 ----a-w- c:\windows\system32\SysRestore.dll
2009-11-12 20:09 . 2009-11-12 20:09 -------- d-----w- c:\program files\Ascentive
2009-11-11 20:37 . 2009-11-11 20:38 -------- d-----w- C:\mp3dooutput
2009-11-08 19:57 . 2009-11-08 19:57 -------- d-----w- c:\documents and settings\CDT\Application Data\Registry Mechanic
2009-11-08 18:06 . 2009-11-08 18:06 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-11-06 20:32 . 2009-11-06 20:32 -------- d-----w- c:\documents and settings\CDT\Application Data\Uniblue
2009-11-03 09:26 . 2009-11-03 09:26 -------- d-sh--w- c:\documents and settings\CDT\IECompatCache
2009-11-03 09:23 . 2009-11-03 09:23 -------- d-sh--w- c:\documents and settings\CDT\PrivacIE
2009-11-03 09:17 . 2009-11-03 09:17 -------- d-sh--w- c:\documents and settings\CDT\IETldCache
2009-11-03 09:15 . 2009-11-03 09:15 -------- d--h--w- c:\windows\msdownld.tmp
2009-11-03 09:14 . 2009-11-03 09:14 -------- d-----w- c:\windows\ie8updates
2009-11-03 09:11 . 2009-11-03 09:13 -------- dc-h--w- c:\windows\ie8
2009-11-03 09:08 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-11-03 09:07 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-03 09:07 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-03 09:07 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-03 09:07 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-03 09:07 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-03 09:07 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-03 07:47 . 2009-11-03 07:47 -------- d-----w- c:\program files\GNU
2009-11-03 07:31 . 2009-11-03 07:31 -------- d-----w- c:\documents and settings\CDT\Local Settings\Application Data\Shalsoft
2009-10-28 09:43 . 2009-10-28 09:43 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-10-27 13:22 . 2004-09-23 23:00 24223 ------w- c:\windows\system32\brlm03a.dll
2009-10-27 13:22 . 2004-08-15 23:00 73728 ------w- c:\windows\system32\brrbtool.exe
2009-10-27 13:22 . 2003-08-21 00:00 77824 ------w- c:\windows\system32\BROSNMP.DLL
2009-10-27 13:22 . 2004-12-03 00:26 188416 ------w- c:\windows\system32\PDRVINST.DLL
2009-10-27 13:22 . 2003-07-03 00:08 65536 ------w- c:\windows\system32\BRWEBUP.EXE
2009-10-27 13:22 . 2002-10-31 00:09 81920 ------w- c:\windows\system32\BrWebIns.dll
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- c:\program files\Brother
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- c:\program files\Common Files
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- C:\Brother
2009-10-27 13:05 . 2004-11-16 15:51 34816 ------w- c:\windows\system32\BrWiaNCp.dll
2009-10-27 13:05 . 2004-11-18 14:32 52224 ------w- c:\windows\system32\BrNetSti.dll
2009-10-27 13:05 . 2004-11-12 10:28 31744 ------w- c:\windows\system32\Brnsplg.dll
2009-10-27 13:05 . 2004-11-09 11:52 163840 ------w- c:\windows\system32\NSSearch.dll
2009-10-27 13:05 . 2002-11-26 12:43 106496 ------w- c:\windows\system32\BrMuSNMP.dll
2009-10-27 12:51 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-27 12:51 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-27 12:46 . 2009-10-27 13:23 65 ----a-w- c:\windows\system32\BD7010.dat
2009-10-27 12:46 . 2004-11-02 20:19 120832 ----a-w- c:\windows\system32\BrWia04b.dll
2009-10-27 12:46 . 2004-10-15 11:50 15295 ----a-w- c:\windows\system32\drivers\BrScnUsb.sys
2009-10-27 12:46 . 2004-09-21 12:11 37888 ----a-w- c:\windows\system32\BrUSi04b.dll
2009-10-27 12:46 . 2004-11-30 15:35 54784 ------w- c:\windows\system32\brinsstr.dll
2009-10-27 12:45 . 2004-12-10 15:35 147456 ------w- c:\windows\brunin03.dll
2009-10-27 12:43 . 2009-10-27 12:43 -------- d-----w- c:\program files\ScanSoft
2009-10-27 12:41 . 2009-10-28 08:44 57 ----a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
2009-10-27 12:41 . 2009-10-27 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2009-10-25 09:08 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup(3).dll
2009-10-25 07:19 . 2009-10-25 17:41 -------- d-----w- c:\program files\SpeedFan
2009-10-23 18:47 . 2009-10-23 18:47 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-22 09:48 . 2009-10-22 09:48 -------- d-----w- c:\documents and settings\CDT\Application Data\Yahoo!
2009-10-22 09:48 . 2009-10-22 09:48 -------- d-----w- c:\program files\CCleaner
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
2009-10-22 09:27 . 2009-10-25 08:45 -------- d-----w- c:\program files\Microsoft Bootvis
2009-10-21 19:23 . 2009-10-21 19:23 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-10-21 11:36 . 2009-10-21 11:36 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-21 11:36 . 2009-10-21 11:36 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-21 11:36 . 2009-10-21 11:36 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-21 11:36 . 2009-10-21 11:36 296976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-10-21 11:36 . 2009-10-21 11:36 128016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-10-21 11:09 . 2009-10-21 11:09 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-21 11:05 . 2009-10-21 11:36 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-21 11:05 . 2009-10-21 11:36 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-21 11:03 . 2009-11-18 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-21 11:03 . 2009-10-21 11:03 -------- d-----w- c:\program files\Kaspersky Lab
2009-10-19 20:12 . 2009-11-17 20:29 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-19 19:56 . 2009-10-19 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 13:42 . 2009-10-17 06:23 -------- d--h--w- c:\documents and settings\CDT\Application Data\drivers
2009-11-18 13:38 . 2004-08-05 10:00 546402 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-18 13:38 . 2004-08-05 10:00 101772 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-17 20:29 . 2009-03-12 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-14 19:08 . 2009-04-20 17:25 -------- d-----w- c:\documents and settings\CDT\Application Data\Vso
2009-11-14 08:50 . 2009-05-22 21:57 -------- d-----w- c:\documents and settings\CDT\Application Data\dvdcss
2009-11-12 20:09 . 2009-01-06 13:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 20:07 . 2009-03-12 20:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-11 20:13 . 2009-05-22 13:15 -------- d-----w- c:\documents and settings\CDT\Application Data\vlc
2009-11-08 19:57 . 2009-03-13 05:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-08 19:56 . 2009-04-22 15:36 -------- d-----w- c:\documents and settings\CDT\Application Data\VSO_HWE
2009-11-03 07:47 . 2009-01-18 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\GNU
2009-10-28 09:43 . 2009-01-06 18:39 -------- d-----w- c:\program files\Google
2009-10-27 13:22 . 2009-01-06 13:27 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-10-24 07:04 . 2009-01-06 13:18 23176 ----a-w- c:\documents and settings\CDT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-24 06:37 . 2009-01-08 18:07 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-23 18:17 . 2009-01-07 20:30 -------- d-----w- c:\program files\MSECACHE
2009-10-23 17:47 . 2009-01-11 09:49 -------- d-----w- c:\program files\IVCsoft
2009-10-21 19:23 . 2009-01-08 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-10-21 11:36 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-10-20 18:07 . 2009-10-18 10:25 77523 ----a-w- c:\windows\system32\drivers\klif.cab
2009-10-19 19:24 . 2009-04-12 10:14 -------- d-----w- c:\program files\Free Download Manager
2009-10-19 19:22 . 2009-04-12 10:14 -------- d-----w- c:\documents and settings\CDT\Application Data\Free Download Manager
2009-10-17 06:31 . 2009-01-06 15:20 3976 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-17 06:31 . 2009-01-06 15:20 540704 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-17 06:31 . 2009-01-06 15:20 13214240 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-17 06:31 . 2009-01-06 15:20 107460 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-12 18:46 . 2009-01-10 09:45 -------- d-----w- c:\program files\RegCleaner
2009-10-08 19:09 . 2009-10-08 19:09 5936 ----a-w- c:\windows\bcmD3.tmp
2009-10-08 18:28 . 2009-10-08 18:28 6040 ----a-w- c:\windows\bcm4D.tmp
2009-10-06 20:25 . 2009-01-06 13:10 -------- d-----w- c:\program files\Dell
2009-10-06 13:52 . 2009-10-06 13:52 -------- d-----w- c:\program files\MSBuild
2009-10-06 13:52 . 2009-10-06 13:52 -------- d-----w- c:\program files\Reference Assemblies
2009-10-06 09:03 . 2009-10-06 09:03 -------- d-----w- c:\program files\Toshiba
2009-10-06 07:51 . 2009-10-06 07:51 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 15:45 . 2009-04-16 19:20 -------- d-----w- c:\documents and settings\CDT\Application Data\Skype
2009-10-04 15:25 . 2009-10-04 15:25 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-10-04 15:20 . 2009-04-06 18:10 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-10-04 15:20 . 2009-04-06 18:10 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-10-04 15:08 . 2009-04-16 19:24 -------- d-----w- c:\documents and settings\CDT\Application Data\skypePM
2009-09-27 16:49 . 2009-09-26 08:03 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-11 14:18 . 2004-08-05 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2004-08-05 10:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2006-03-04 03:35 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:01 . 2004-08-05 10:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-22 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-08 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 303376]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mljihfe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qwggwse
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Lphant\\eLePhantClient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GNU\\GNUnet\\bin\\gnunetd.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 19:41 33808]
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [25/03/2009 17:04 159128]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [08/11/2009 19:06 583640]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [15/11/2009 15:52 603904]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 16:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 19:59 19472]
S2 gupdate1c9a4c849d5dfdc;Service Google Update (gupdate1c9a4c849d5dfdc);c:\program files\Google\Update\GoogleUpdate.exe [14/03/2009 18:14 133104]
S3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [02/11/2006 12:32 97536]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2009-11-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-06 17:57]
2009-11-18 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://news.google.fr/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 172.16.0.1:3128
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-flec003 - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 14:48
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3612)
c:\windows\system32\webcheck.dll
c:\progra~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\program files\Fichiers communs\Microsoft Shared\Web Components\10\1036\OWCI10.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\windows\system32\nvsvc32.exe
c:\program files\SigmaTel\C-Major Audio\WDM\StacSV.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-11-18 14:49 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-18 13:48
ComboFix2.txt 2009-10-21 10:59
Avant-CF: 49 085 607 936 octets libres
Après-CF: 49 071 919 104 octets libres
- - End Of File - - C9E799F76ED0E9C6D20651FD4C7C4515
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.603 [GMT 1:00]
Lancé depuis: c:\documents and settings\CDT\Bureau\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\CDT\Application Data\drivers\downld
c:\documents and settings\CDT\Mes documents\base registre.reg
c:\documents and settings\CDT\Mes documents\registre 22_10_2009.reg
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-10-18 au 2009-11-18 ))))))))))))))))))))))))))))))))))))
.
2009-11-18 11:31 . 2009-11-18 11:31 -------- d-----w- c:\program files\Trend Micro
2009-11-17 20:29 . 2009-11-17 20:29 -------- d-----w- c:\windows\system32\wbem\Repository
2009-11-17 20:28 . 2009-11-17 20:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp
2009-11-15 14:52 . 2009-11-15 14:52 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-11-15 14:52 . 2008-12-11 12:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-15 14:52 . 2009-11-15 14:52 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-11-12 20:09 . 2007-10-17 09:19 36864 ----a-w- c:\windows\system32\ascbalon.dll
2009-11-12 20:09 . 2007-10-17 09:19 20480 ----a-w- c:\windows\system32\SysRestore.dll
2009-11-12 20:09 . 2009-11-12 20:09 -------- d-----w- c:\program files\Ascentive
2009-11-11 20:37 . 2009-11-11 20:38 -------- d-----w- C:\mp3dooutput
2009-11-08 19:57 . 2009-11-08 19:57 -------- d-----w- c:\documents and settings\CDT\Application Data\Registry Mechanic
2009-11-08 18:06 . 2009-11-08 18:06 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-11-06 20:32 . 2009-11-06 20:32 -------- d-----w- c:\documents and settings\CDT\Application Data\Uniblue
2009-11-03 09:26 . 2009-11-03 09:26 -------- d-sh--w- c:\documents and settings\CDT\IECompatCache
2009-11-03 09:23 . 2009-11-03 09:23 -------- d-sh--w- c:\documents and settings\CDT\PrivacIE
2009-11-03 09:17 . 2009-11-03 09:17 -------- d-sh--w- c:\documents and settings\CDT\IETldCache
2009-11-03 09:15 . 2009-11-03 09:15 -------- d--h--w- c:\windows\msdownld.tmp
2009-11-03 09:14 . 2009-11-03 09:14 -------- d-----w- c:\windows\ie8updates
2009-11-03 09:11 . 2009-11-03 09:13 -------- dc-h--w- c:\windows\ie8
2009-11-03 09:08 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-11-03 09:07 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-03 09:07 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-03 09:07 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-03 09:07 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-03 09:07 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-03 09:07 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-03 07:47 . 2009-11-03 07:47 -------- d-----w- c:\program files\GNU
2009-11-03 07:31 . 2009-11-03 07:31 -------- d-----w- c:\documents and settings\CDT\Local Settings\Application Data\Shalsoft
2009-10-28 09:43 . 2009-10-28 09:43 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-10-27 13:22 . 2004-09-23 23:00 24223 ------w- c:\windows\system32\brlm03a.dll
2009-10-27 13:22 . 2004-08-15 23:00 73728 ------w- c:\windows\system32\brrbtool.exe
2009-10-27 13:22 . 2003-08-21 00:00 77824 ------w- c:\windows\system32\BROSNMP.DLL
2009-10-27 13:22 . 2004-12-03 00:26 188416 ------w- c:\windows\system32\PDRVINST.DLL
2009-10-27 13:22 . 2003-07-03 00:08 65536 ------w- c:\windows\system32\BRWEBUP.EXE
2009-10-27 13:22 . 2002-10-31 00:09 81920 ------w- c:\windows\system32\BrWebIns.dll
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- c:\program files\Brother
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- c:\program files\Common Files
2009-10-27 13:22 . 2009-10-27 13:22 -------- d-----w- C:\Brother
2009-10-27 13:05 . 2004-11-16 15:51 34816 ------w- c:\windows\system32\BrWiaNCp.dll
2009-10-27 13:05 . 2004-11-18 14:32 52224 ------w- c:\windows\system32\BrNetSti.dll
2009-10-27 13:05 . 2004-11-12 10:28 31744 ------w- c:\windows\system32\Brnsplg.dll
2009-10-27 13:05 . 2004-11-09 11:52 163840 ------w- c:\windows\system32\NSSearch.dll
2009-10-27 13:05 . 2002-11-26 12:43 106496 ------w- c:\windows\system32\BrMuSNMP.dll
2009-10-27 12:51 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-27 12:51 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-27 12:46 . 2009-10-27 13:23 65 ----a-w- c:\windows\system32\BD7010.dat
2009-10-27 12:46 . 2004-11-02 20:19 120832 ----a-w- c:\windows\system32\BrWia04b.dll
2009-10-27 12:46 . 2004-10-15 11:50 15295 ----a-w- c:\windows\system32\drivers\BrScnUsb.sys
2009-10-27 12:46 . 2004-09-21 12:11 37888 ----a-w- c:\windows\system32\BrUSi04b.dll
2009-10-27 12:46 . 2004-11-30 15:35 54784 ------w- c:\windows\system32\brinsstr.dll
2009-10-27 12:45 . 2004-12-10 15:35 147456 ------w- c:\windows\brunin03.dll
2009-10-27 12:43 . 2009-10-27 12:43 -------- d-----w- c:\program files\ScanSoft
2009-10-27 12:41 . 2009-10-28 08:44 57 ----a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
2009-10-27 12:41 . 2009-10-27 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2009-10-25 09:08 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup(3).dll
2009-10-25 07:19 . 2009-10-25 17:41 -------- d-----w- c:\program files\SpeedFan
2009-10-23 18:47 . 2009-10-23 18:47 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-22 09:48 . 2009-10-22 09:48 -------- d-----w- c:\documents and settings\CDT\Application Data\Yahoo!
2009-10-22 09:48 . 2009-10-22 09:48 -------- d-----w- c:\program files\CCleaner
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_4ae13d6c.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_2cd672ae.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_294823.exe
2009-10-22 09:27 . 2009-10-25 08:45 1078 ----a-r- c:\documents and settings\CDT\Application Data\Microsoft\Installer\{0F9196C6-58B4-445B-B56E-B1200FECC151}\_18be6784.exe
2009-10-22 09:27 . 2009-10-25 08:45 -------- d-----w- c:\program files\Microsoft Bootvis
2009-10-21 19:23 . 2009-10-21 19:23 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-10-21 11:36 . 2009-10-21 11:36 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-21 11:36 . 2009-10-21 11:36 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-21 11:36 . 2009-10-21 11:36 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-21 11:36 . 2009-10-21 11:36 296976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-10-21 11:36 . 2009-10-21 11:36 128016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-10-21 11:09 . 2009-10-21 11:09 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-21 11:05 . 2009-10-21 11:36 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-21 11:05 . 2009-10-21 11:36 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-21 11:03 . 2009-11-18 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-10-21 11:03 . 2009-10-21 11:03 -------- d-----w- c:\program files\Kaspersky Lab
2009-10-19 20:12 . 2009-11-17 20:29 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-10-19 19:56 . 2009-10-19 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 13:42 . 2009-10-17 06:23 -------- d--h--w- c:\documents and settings\CDT\Application Data\drivers
2009-11-18 13:38 . 2004-08-05 10:00 546402 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-18 13:38 . 2004-08-05 10:00 101772 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-17 20:29 . 2009-03-12 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-14 19:08 . 2009-04-20 17:25 -------- d-----w- c:\documents and settings\CDT\Application Data\Vso
2009-11-14 08:50 . 2009-05-22 21:57 -------- d-----w- c:\documents and settings\CDT\Application Data\dvdcss
2009-11-12 20:09 . 2009-01-06 13:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-12 20:07 . 2009-03-12 20:20 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-11 20:13 . 2009-05-22 13:15 -------- d-----w- c:\documents and settings\CDT\Application Data\vlc
2009-11-08 19:57 . 2009-03-13 05:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-08 19:56 . 2009-04-22 15:36 -------- d-----w- c:\documents and settings\CDT\Application Data\VSO_HWE
2009-11-03 07:47 . 2009-01-18 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\GNU
2009-10-28 09:43 . 2009-01-06 18:39 -------- d-----w- c:\program files\Google
2009-10-27 13:22 . 2009-01-06 13:27 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-10-24 07:04 . 2009-01-06 13:18 23176 ----a-w- c:\documents and settings\CDT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-24 06:37 . 2009-01-08 18:07 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-23 18:17 . 2009-01-07 20:30 -------- d-----w- c:\program files\MSECACHE
2009-10-23 17:47 . 2009-01-11 09:49 -------- d-----w- c:\program files\IVCsoft
2009-10-21 19:23 . 2009-01-08 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-10-21 11:36 . 2009-05-24 13:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-10-20 18:07 . 2009-10-18 10:25 77523 ----a-w- c:\windows\system32\drivers\klif.cab
2009-10-19 19:24 . 2009-04-12 10:14 -------- d-----w- c:\program files\Free Download Manager
2009-10-19 19:22 . 2009-04-12 10:14 -------- d-----w- c:\documents and settings\CDT\Application Data\Free Download Manager
2009-10-17 06:31 . 2009-01-06 15:20 3976 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-17 06:31 . 2009-01-06 15:20 540704 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-17 06:31 . 2009-01-06 15:20 13214240 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-17 06:31 . 2009-01-06 15:20 107460 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-12 18:46 . 2009-01-10 09:45 -------- d-----w- c:\program files\RegCleaner
2009-10-08 19:09 . 2009-10-08 19:09 5936 ----a-w- c:\windows\bcmD3.tmp
2009-10-08 18:28 . 2009-10-08 18:28 6040 ----a-w- c:\windows\bcm4D.tmp
2009-10-06 20:25 . 2009-01-06 13:10 -------- d-----w- c:\program files\Dell
2009-10-06 13:52 . 2009-10-06 13:52 -------- d-----w- c:\program files\MSBuild
2009-10-06 13:52 . 2009-10-06 13:52 -------- d-----w- c:\program files\Reference Assemblies
2009-10-06 09:03 . 2009-10-06 09:03 -------- d-----w- c:\program files\Toshiba
2009-10-06 07:51 . 2009-10-06 07:51 -------- d-----w- c:\program files\Driver-Soft
2009-10-04 15:45 . 2009-04-16 19:20 -------- d-----w- c:\documents and settings\CDT\Application Data\Skype
2009-10-04 15:25 . 2009-10-04 15:25 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-10-04 15:20 . 2009-04-06 18:10 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-10-04 15:20 . 2009-04-06 18:10 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-10-04 15:08 . 2009-04-16 19:24 -------- d-----w- c:\documents and settings\CDT\Application Data\skypePM
2009-09-27 16:49 . 2009-09-26 08:03 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-11 14:18 . 2004-08-05 10:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2004-08-05 10:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:56 . 2006-03-04 03:35 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:01 . 2004-08-05 10:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 14:09 . 2009-08-20 14:09 1193832 ----a-w- c:\windows\system32\FM20.DLL
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-22 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-28 8429568]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-08 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 303376]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mljihfe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qwggwse
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Lphant\\eLePhantClient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GNU\\GNUnet\\bin\\gnunetd.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 19:41 33808]
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [25/03/2009 17:04 159128]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [08/11/2009 19:06 583640]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [15/11/2009 15:52 603904]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 16:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 19:59 19472]
S2 gupdate1c9a4c849d5dfdc;Service Google Update (gupdate1c9a4c849d5dfdc);c:\program files\Google\Update\GoogleUpdate.exe [14/03/2009 18:14 133104]
S3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [02/11/2006 12:32 97536]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
2009-11-18 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-06 17:57]
2009-11-18 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://news.google.fr/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 172.16.0.1:3128
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-flec003 - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-18 14:48
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3612)
c:\windows\system32\webcheck.dll
c:\progra~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\program files\Fichiers communs\Microsoft Shared\Web Components\10\1036\OWCI10.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\SCardSvr.exe
c:\windows\system32\nvsvc32.exe
c:\program files\SigmaTel\C-Major Audio\WDM\StacSV.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-11-18 14:49 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-11-18 13:48
ComboFix2.txt 2009-10-21 10:59
Avant-CF: 49 085 607 936 octets libres
Après-CF: 49 071 919 104 octets libres
- - End Of File - - C9E799F76ED0E9C6D20651FD4C7C4515
Autres pages sur : rapport combofix
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumRapport combofix
- ForumVirus de compète_voici le rapport combofix
- ForumRapport ComboFix
- ForumAnalyse de rapport suite combofix pour le virus backdoor.tidserv!inf
- ForumRapport combofix et rootkit
- ForumRapport Combofix [Problème Bagle]
- ForumRapport Combofix
- ForumCombofix Rapport après utilisation
- Forumrapport combofix pouvez vous m aider merci
- Voir plus
