Ecran bleu warning! spyware detected on your

[alex6993]

ComboFix 08-06-05.3 - marquet-auger-sebti 2008-06-06 18:20:09.1 - NTFSx86

Endroit: C:\Documents and Settings\marquet-auger-sebti\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

 

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

.

 

((((((((((((((((((((((((((((( Fichiers créés 2008-05-06 to 2008-06-06 ))))))))))))))))))))))))))))))))))))

.

 

2008-06-06 16:56 . 2008-06-06 17:38 <REP> d-------- C:\Program Files\a-squared Free

2008-06-06 09:21 . 2008-06-06 09:21 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\ArcSoft

2008-06-06 09:21 . 2008-06-06 09:21 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\Apple Computer

2008-06-06 09:20 . 2008-06-06 09:20 <REP> d-------- C:\Program Files\QuickTime

2008-06-06 09:20 . 2008-06-06 09:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-06-06 09:20 . 2008-06-06 09:20 1,409 --a------ C:\WINDOWS\QTFont.for

2008-06-06 09:19 . 2008-06-06 09:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer

2008-06-06 09:18 . 2008-06-06 09:18 <REP> d-------- C:\Program Files\SanDisk

2008-06-06 09:18 . 2008-06-06 09:18 <REP> d-------- C:\Program Files\Fichiers communs\ArcSoft

2008-06-06 09:18 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\system32\gdiplus.dll

2008-06-06 09:18 . 2005-06-21 10:29 245,408 --a------ C:\WINDOWS\system32\unicows.dll

2008-06-06 09:03 . 2008-06-06 09:03 <REP> d-------- C:\SanDisk

2008-06-06 08:56 . 2008-06-06 08:56 <REP> dr------- C:\Documents and Settings\LocalService\Favoris

2008-06-06 07:34 . 2008-06-05 18:26 52,736 --a------ C:\WINDOWS\system32\44E4.tmp

2008-06-05 21:15 . 2008-06-05 21:15 <REP> d-------- C:\Program Files\Trend Micro

2008-06-05 19:38 . 2008-06-05 19:59 139,264 --a------ C:\WINDOWS\War3Unin.exe

2008-06-05 19:38 . 2008-06-05 20:01 44,272 --a------ C:\WINDOWS\War3Unin.dat

2008-06-05 19:38 . 2008-06-05 19:59 2,829 --a------ C:\WINDOWS\War3Unin.pif

2008-06-05 19:24 . 2008-06-05 19:24 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\shcctaj0et4t

2008-06-05 19:06 . 2008-06-05 19:06 <REP> d-------- C:\Warcraft III Reign of Chaos, The Frozen Throne + Update Patch War3TFT_121b_English +CD Key

2008-06-05 18:53 . 2008-06-05 12:55 733,321,216 --a------ C:\Dead Silence French Dvdrip Xvid-Power.avi

2008-06-04 21:35 . 2008-06-04 21:35 92,160 --a------ C:\WINDOWS\system32\lphcataj0et4t.exe

2008-06-04 21:35 . 2008-06-06 17:41 90,838 --a------ C:\WINDOWS\system32\phcataj0et4t.bmp

2008-06-04 21:35 . 2008-06-06 17:41 52,736 --a------ C:\WINDOWS\system32\blphcataj0et4t.scr

2008-06-04 18:36 . 2008-06-04 18:40 <REP> d-------- C:\Program Files\eToro

2008-06-03 18:38 . 2007-08-07 14:56 7,064 --a------ C:\WINDOWS\system32\WMVCORE.lib

2008-06-03 18:10 . 2008-04-13 20:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys

2008-06-03 18:10 . 2008-04-13 20:45 60,032 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys

2008-06-03 13:58 . 2008-06-03 13:58 <REP> d-------- C:\Program Files\Windows Media Connect 2

2008-06-03 13:56 . 2008-06-03 13:56 <REP> d-------- C:\WINDOWS\system32\LogFiles

2008-06-03 13:56 . 2008-06-03 13:57 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF

2008-06-01 18:02 . 2008-06-01 18:00 286,720 --a------ C:\WINDOWS\iun506.exe

2008-06-01 18:00 . 2008-06-02 14:22 <REP> d-------- C:\WINDOWS\Prefs

2008-05-31 19:27 . 2008-05-31 19:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip

2008-05-29 13:15 . 2008-05-29 13:15 <REP> d-------- C:\Program Files\Empire Interactive

2008-05-29 13:10 . 2008-05-29 13:11 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\Media Player Classic

2008-05-28 13:08 . 2008-05-28 13:08 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\EPSON

2008-05-28 13:08 . 2008-05-28 13:08 29 --a------ C:\WINDOWS\DEBUGSM.INI

2008-05-25 19:15 . 2008-05-25 19:15 23,607 --a------ C:\WINDOWS\Microsoft Outlook.FAV

2008-05-22 14:39 . 2008-05-22 14:39 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\PTV AG

2008-05-22 14:37 . 2008-05-22 14:37 <REP> d-------- C:\Program Files\Fichiers communs\mapserv

2008-05-22 14:37 . 2008-05-22 14:37 <REP> d-------- C:\Program Files\Fichiers communs\GIS

2008-05-21 21:02 . 2008-05-21 21:03 <REP> d-------- C:\Program Files\Fichiers communs\Adobe

2008-05-19 16:57 . 2008-06-02 21:03 294,912 --a------ C:\WINDOWS\outlook.pst

2008-05-19 16:57 . 2008-05-19 16:57 9,112 --a------ C:\WINDOWS\extend.dat

2008-05-18 17:53 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-05-18 17:53 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\templates

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\Setup

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\rpplugins

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\producer

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\plugins

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\Netscape6

2008-05-18 16:04 . 2008-06-05 20:47 <REP> d-------- C:\Program Files\library

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\lang

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\Fichiers communs\xing shared

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\Fichiers communs\Real

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\Devices

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\DataCache

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\CDBurning

2008-05-18 16:04 . 2008-05-18 16:04 <REP> d-------- C:\Program Files\browserrecord

2008-05-18 16:04 . 2008-05-18 16:04 719,360 --a------ C:\Program Files\dbghelp.dll

2008-05-18 16:04 . 2008-05-18 16:04 692,224 --a------ C:\Program Files\dtdr3260.dll

2008-05-18 16:04 . 2008-05-18 16:04 659,456 --a------ C:\Program Files\rjbres.dll

2008-05-18 16:04 . 2008-05-18 16:04 339,968 --a------ C:\Program Files\rjdlg.dll

2008-05-18 16:04 . 2008-05-18 16:04 308,856 --a------ C:\Program Files\rpbrowserrecordplugin.dll

2008-05-18 16:04 . 2008-05-18 16:04 214,560 --a------ C:\Program Files\realplay.exe

2008-05-18 16:04 . 2008-05-18 16:04 153,176 --a------ C:\Program Files\RecordingManager.exe

2008-05-18 16:04 . 2008-05-18 16:04 139,264 --a------ C:\Program Files\DUNZIP32.dll

2008-05-18 16:04 . 2008-05-18 16:04 102,400 --a------ C:\Program Files\HXAudioDeviceHook.dll

2008-05-18 16:04 . 2008-05-18 16:04 98,304 --a------ C:\Program Files\rpshellextension.dll

2008-05-18 16:04 . 2008-05-18 16:04 95,816 --a------ C:\Program Files\rdsf3260.dll

2008-05-18 16:04 . 2008-05-18 16:04 86,016 --a------ C:\Program Files\rpplugprot.dll

2008-05-18 16:04 . 2008-05-18 16:04 81,920 --a------ C:\Program Files\tsasdk.dll

2008-05-18 16:04 . 2008-05-18 16:04 65,536 --a------ C:\Program Files\rjwmapln.dll

2008-05-18 16:04 . 2008-05-18 16:04 63,040 --a------ C:\Program Files\rpshell.dll

2008-05-18 16:04 . 2008-05-18 16:04 57,344 --a------ C:\Program Files\tpasdk.dll

2008-05-18 16:04 . 2008-05-18 16:04 53,248 --a------ C:\Program Files\rpau3260.dll

2008-05-18 16:04 . 2008-05-18 16:04 43,088 --a------ C:\Program Files\rpshellsearch.dll

2008-05-18 16:04 . 2008-05-18 16:04 41,472 --a------ C:\Program Files\mmcdda32.dll

2008-05-18 16:04 . 2008-05-18 16:04 36,352 --a------ C:\Program Files\ierjplug.dll

2008-05-18 16:04 . 2008-05-18 16:04 32,768 --a------ C:\Program Files\rpwa3260.dll

2008-05-18 16:04 . 2008-05-18 16:04 19,456 --a------ C:\Program Files\tnetdtct.dll

2008-05-18 16:04 . 2008-05-18 16:04 19,456 --a------ C:\Program Files\rjprog.dll

2008-05-18 16:04 . 2008-05-18 16:04 14,336 --a------ C:\Program Files\wmdmhelper.dll

2008-05-18 16:04 . 2008-05-18 16:04 9,216 --a------ C:\Program Files\rphelperapp.exe

2008-05-18 16:04 . 2008-05-18 16:04 7,168 --a------ C:\Program Files\realjbox.exe

2008-05-18 16:04 . 2008-05-18 16:04 6,656 --a------ C:\Program Files\fixrjb.exe

2008-05-18 16:04 . 2008-05-18 16:04 1,001 --a------ C:\Program Files\autoplaylist.dat

2008-05-18 16:04 . 2008-05-18 16:04 480 --a------ C:\Program Files\keys.dat

2008-05-18 16:04 . 2008-05-18 16:04 71 --a------ C:\Program Files\strs23.dat

2008-05-18 16:04 . 2008-05-18 16:04 15 --a------ C:\Program Files\strs26.dat

2008-05-18 14:53 . 2008-06-06 17:41 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\OpenOffice.org2

2008-05-18 14:48 . 2008-05-18 14:49 <REP> d-------- C:\Program Files\OpenOffice.org 2.4

2008-05-18 14:48 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl

2008-05-18 14:23 . 2008-05-18 14:23 120,872 --a------ C:\WINDOWS\system32\MSForms.TWD

2008-05-18 14:22 . 2008-05-18 14:22 38,468 --a------ C:\WINDOWS\marquet-auger-sebti.acl

2008-05-18 13:53 . 2008-06-06 15:07 1,474,560 --ah----- C:\ffastun0.ffx

2008-05-18 13:53 . 2008-06-06 15:07 212,992 --ah----- C:\ffastun.ffo

2008-05-18 13:53 . 2008-06-06 15:07 4,379 --ah----- C:\ffastun.ffa

2008-05-18 13:41 . 2008-06-06 15:07 696,320 --ah----- C:\ffastun.ffl

2008-05-18 13:40 . 2008-05-18 13:40 <REP> d-------- C:\WINDOWS\SendTo

2008-05-18 13:39 . 2008-05-18 13:39 69,632 --a------ C:\WINDOWS\system32\system.mdw

2008-05-18 13:39 . 2008-05-18 13:39 6,347 --a------ C:\WINDOWS\system32\mapisvc.inf

2008-05-18 13:39 . 2008-05-18 13:39 616 --a------ C:\WINDOWS\ODBC.INI

2008-05-18 13:39 . 2008-05-18 13:39 22 --a------ C:\WINDOWS\exchng.ini

2008-05-18 13:35 . 2008-05-18 13:35 <REP> d-------- C:\WINDOWS\Aide

2008-05-18 13:34 . 2008-05-18 13:40 <REP> d-------- C:\WINDOWS\forms

2008-05-18 13:34 . 2008-05-18 13:34 <REP> d-------- C:\Program Files\Windows Messaging

2008-05-18 13:25 . 2008-05-18 13:35 65,536 --a------ C:\WINDOWS\IFinst27.exe

2008-05-18 02:47 . 2003-07-20 20:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd

2008-05-18 02:47 . 2005-01-04 11:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys

2008-05-18 02:33 . 2008-05-18 02:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield

2008-05-18 02:30 . 2005-08-11 15:29 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl

2008-05-18 02:18 . 2008-05-18 02:18 80 --ah----- C:\WINDOWS\system32\HsInfo.dat

2008-05-18 01:33 . 2008-05-18 01:33 <REP> d-------- C:\WINDOWS\system32\fr

2008-05-18 01:33 . 2008-05-18 01:33 <REP> d-------- C:\WINDOWS\system32\bits

2008-05-18 01:33 . 2008-05-18 01:33 <REP> d-------- C:\WINDOWS\l2schemas

2008-05-18 01:31 . 2008-05-18 01:31 <REP> d-------- C:\WINDOWS\ServicePackFiles

2008-05-18 01:27 . 2008-05-18 01:27 <REP> d-------- C:\WINDOWS\EHome

2008-05-18 01:20 . 2004-08-04 00:38 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys

2008-05-18 01:11 . 2008-05-18 01:11 1,169 --a------ C:\WINDOWS\mozver.dat

2008-05-18 00:45 . 2008-05-18 00:45 268 --ah----- C:\sqmdata03.sqm

2008-05-18 00:45 . 2008-05-18 00:45 244 --ah----- C:\sqmnoopt03.sqm

2008-05-18 00:38 . 2008-05-18 00:38 <REP> d-------- C:\Documents and Settings\marquet-auger-sebti\Application Data\vlc

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-06-06 14:57 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared

2008-06-06 14:43 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-06-02 17:22 --------- d-----w C:\Program Files\Norton Internet Security

2008-05-18 12:48 --------- d-----w C:\Program Files\Java

2008-05-18 00:47 --------- d-----w C:\Program Files\Common Files

2008-05-17 18:27 --------- d-----w C:\Program Files\Fichiers communs\InstallShield

2008-05-17 18:10 --------- d-----w C:\Program Files\Symantec

2008-05-17 15:55 --------- d-----w C:\Program Files\Talkway

2008-05-17 15:55 --------- d-----w C:\Program Files\Motive

2008-05-17 15:55 --------- d-----w C:\Program Files\Fichiers communs\Talkway

2008-05-17 15:55 --------- d-----w C:\Program Files\Club-Internet

2008-05-17 15:51 --------- d-----w C:\Program Files\Fichiers communs\Motive

2008-05-17 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive

2008-05-17 15:38 155,995 ----a-w C:\WINDOWS\java\Packages\BN3J1VFR.ZIP

2008-05-17 15:38 --------- d-----w C:\Program Files\BroadJump

2008-05-17 15:30 --------- d-----w C:\Documents and Settings\marquet-auger-sebti\Application Data\Symantec

2008-05-17 15:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

2008-05-17 15:18 --------- d-----w C:\Program Files\Philips

2008-05-17 15:17 --------- d-----w C:\Program Files\Altiris

2008-05-17 15:16 --------- d-----w C:\Program Files\Flat Panel Adjust

2008-05-17 14:33 --------- d-----w C:\Program Files\microsoft frontpage

2008-05-17 14:33 --------- d-----w C:\Program Files\Fichiers communs\Java

2008-05-17 14:30 --------- d-----w C:\Program Files\Services en ligne

2008-04-14 02:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin

2008-04-14 02:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe

2008-04-14 02:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll

2008-04-14 02:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll

2008-04-14 02:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll

2008-04-14 02:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll

2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys

2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys

2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys

2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys

2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys

2008-04-14 02:08 2,191,104 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-04-14 02:07 2,067,968 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-04-14 02:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll

2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys

2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys

2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys

2008-04-14 02:04 93,184 ----a-w C:\WINDOWS\system32\msxml6r.dll

2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys

2008-04-14 02:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll

2008-04-14 02:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys

2008-04-14 02:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll

2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys

2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys

2008-04-14 02:00 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll

2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys

2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys

2008-04-14 01:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll

2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-04-14 01:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys

2008-04-14 01:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll

2008-04-14 01:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll

2008-04-14 01:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys

2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys

2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys

2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys

2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys

2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys

2008-04-14 01:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll

2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys

2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys

2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys

2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys

2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys

2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys

2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys

2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys

2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys

2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys

2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys

2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys

2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys

2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys

2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys

2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys

2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys

2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys

2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys

2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys

2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys

2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys

2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys

2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys

2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys

2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys

2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys

2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys

2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys

2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys

2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys

2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys

2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys

2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360]

"ares"="J:\Ares\Ares.exe" [2008-02-20 16:33 963072]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2004-11-24 21:10 344064]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-01-31 12:56 58728]

"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 17:16 376912]

"vmtalk"="C:\Program Files\Fichiers communs\Talkway\vmtalk.exe" [2003-07-24 17:21 61440]

"Workflow"="D:\install\Workflow.exe" [ ]

"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00 98304]

"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-05-17 20:10 100056]

"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 12:01 1037736]

"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]

"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-18 16:04 185896]

"ISUSPM Startup"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" [2005-08-11 15:30 249856]

"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30 81920]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"lphcataj0et4t"="C:\WINDOWS\system32\lphcataj0et4t.exe" [2008-06-04 21:35 92160]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-06-06 09:20 155648]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 04:33 15360]

 

C:\Documents and Settings\marquet-auger-sebti\Menu D‚marrer\Programmes\D‚marrage\

Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe [2007-07-19 11:03:40 5484544]

OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]

 

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Docteur Club Internet.lnk - C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe [2008-05-17 17:54:57 217088]

D‚marrage d'Office.lnk - J:\Office\OSA.EXE [1997-08-29 51984]

Microsoft Recherche acc‚l‚r‚e.lnk - J:\Office\FINDFAST.EXE [1997-08-29 111376]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"NoDispBackgroundPage"= 1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"J:\\eMule\\emule.exe"=

"J:\\Ares\\Ares.exe"=

"J:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"J:\\Warcraft III\\Warcraft III.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"11797:TCP"= 11797:TCP:emule

 

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;C:\WINDOWS\system32\DRIVERS\nvcchflt.sys [2005-02-11 20:11]

R3 3xHybrid;Pinnacle PCTV Stereo service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 15:57]

R3 AEXPAM;Philips SmartManage Service;C:\WINDOWS\system32\Drivers\aexpamdrv.sys [2004-09-01 14:10]

S3 maconfservice;maconfservice;"C:\Program Files\ma-config.com\maconfservice.exe" [2008-05-14 16:40]

S3 MEGAUSB0101;MegawinMa100;C:\WINDOWS\system32\Drivers\usbscan.sys [2008-04-13 20:45]

S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 20:56]

S3 XDva093;XDva093;C:\WINDOWS\system32\XDva093.sys []

 

*Newly Created Service* - CATCHME

.

Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

"2008-05-30 18:12:13 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - marquet-auger-sebti.job"

- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-06-06 18:22:05

Windows 5.1.2600 Service Pack 3 NTFS

 

Balayage processus cachés ...

 

Balayage caché autostart entries ...

 

Balayage des fichiers cachés ...

 

Scan terminé avec succès

Les fichiers cachés: 0

 

**************************************************************************

.

Temps d'accomplissement: 2008-06-06 18:22:50

ComboFix-quarantined-files.txt 2008-06-06 16:22:44

 

Pre-Run: 186,223,226,880 octets libres

Post-Run: 188,514,979,840 octets libres

 

318 --- E O F --- 2008-06-03 12:05:38