Voila le rapport et Bravo pour ta rapidité
ComboFix 09-02-11.02 - Artur 2009-02-12 4:27:57.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1257 [GMT 1:00]
Lancé depuis: d:\documents and settings\Artur\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\data.dll
d:\windows\system32\AIhkQqru.ini
d:\windows\system32\AIhkQqru.ini2
d:\windows\system32\aobjyyry.ini
d:\windows\system32\awsvxclv.ini
d:\windows\system32\axomhwmr.ini
d:\windows\system32\bilpvlkb.ini
d:\windows\system32\bjyqinks.ini
d:\windows\system32\bklvplib.dll
d:\windows\system32\bkngpwue.ini
d:\windows\system32\ceinrvgp.dll
d:\windows\system32\cibgfmox.ini
d:\windows\system32\cijrcabl.dll
d:\windows\system32\citxxwnq.ini
d:\windows\system32\cqwlangx.dll
d:\windows\system32\crdvaxhx.ini
d:\windows\system32\dhpuktes.ini
d:\windows\system32\djrfxfff.dll
d:\windows\system32\dmtwla.dll
d:\windows\system32\doutpghc.ini
d:\windows\system32\duadhmrq.dll
d:\windows\system32\dwnpnntf.ini
d:\windows\system32\efcARjGW.dll
d:\windows\system32\esiyuvrk.dll
d:\windows\system32\exukfqsu.ini
d:\windows\system32\exxxzh.dll
d:\windows\system32\fffxfrjd.ini
d:\windows\system32\fgwydt.dll
d:\windows\system32\fooagxwy.dll
d:\windows\system32\fwneoxyw.ini
d:\windows\system32\gbcyrrmx.dll
d:\windows\system32\gbuyduyy.ini
d:\windows\system32\gdnwfo.dll
d:\windows\system32\gmtnwcax.ini
d:\windows\system32\gqltfqbb.ini
d:\windows\system32\grmrgi.dll
d:\windows\system32\gvezzs.dll
d:\windows\system32\gzhuyo.dll
d:\windows\system32\hbbckrcx.ini
d:\windows\system32\hgbkpluq.ini
d:\windows\system32\hgxhaqoj.ini
d:\windows\system32\htjjxvrm.ini
d:\windows\system32\iaxrxbgj.ini
d:\windows\system32\ikjjhpka.ini
d:\windows\system32\ilokwk.dll
d:\windows\system32\ionpavqm.ini
d:\windows\system32\ixuhjh.dll
d:\windows\system32\jecuflvl.ini
d:\windows\system32\jeiqvfxg.ini
d:\windows\system32\jjbacwaw.ini
d:\windows\system32\jnhvqydl.dll
d:\windows\system32\kcjpuwrr.ini
d:\windows\system32\klcloatf.ini
d:\windows\system32\kqvbhcox.ini
d:\windows\system32\lbacrjic.ini
d:\windows\system32\ldopixdl.ini
d:\windows\system32\llcxvbsx.dll
d:\windows\system32\loygvh.dll
d:\windows\system32\ltwgsjnb.dll
d:\windows\system32\lwimacgs.dll
d:\windows\system32\lxbify.dll
d:\windows\system32\mcrh.tmp
d:\windows\system32\mhofjskl.dll
d:\windows\system32\mjxiew.dll
d:\windows\system32\mkhbfwuo.ini
d:\windows\system32\mlJApOFv.dll
d:\windows\system32\mqhkdwjj.ini
d:\windows\system32\mrcilfco.ini
d:\windows\system32\msssc.dll
d:\windows\system32\mxmkdp.dll
d:\windows\system32\mxymot.dll
d:\windows\system32\myuqjmut.dll
d:\windows\system32\nlhaaz.dll
d:\windows\system32\nmqleb.dll
d:\windows\system32\NopYyyay.ini
d:\windows\system32\NopYyyay.ini2
d:\windows\system32\npudac.dll
d:\windows\system32\nroegtxk.ini
d:\windows\system32\obsbud.dll
d:\windows\system32\ocborw.dll
d:\windows\system32\ofqshfdk.ini
d:\windows\system32\oletmblk.dll
d:\windows\system32\omxrljgb.dll
d:\windows\system32\oswisqhj.dll
d:\windows\system32\paxwnmfh.ini
d:\windows\system32\pladolsa.dll
d:\windows\system32\pqfpmcwe.ini
d:\windows\system32\pwmkaild.ini
d:\windows\system32\qaxznw.dll
d:\windows\system32\qcksabew.ini
d:\windows\system32\qeonaj.dll
d:\windows\system32\qhltut.dll
d:\windows\system32\qkkoln.dll
d:\windows\system32\qlwddibx.ini
d:\windows\system32\qpqrow.dll
d:\windows\system32\qshesorx.ini
d:\windows\system32\rBeLVvut.ini
d:\windows\system32\rBeLVvut.ini2
d:\windows\system32\rdnurjfb.dll
d:\windows\system32\rkrofoht.ini
d:\windows\system32\rnmwcdij.ini
d:\windows\system32\rqcxuoqg.ini
d:\windows\system32\rvhxpb.dll
d:\windows\system32\ryspmeop.dll
d:\windows\system32\sbecpfqs.ini
d:\windows\system32\sckhoqoe.ini
d:\windows\system32\smwpjxeu.ini
d:\windows\system32\snadai.dll
d:\windows\system32\spkfox.dll
d:\windows\system32\sswsrhvk.ini
d:\windows\system32\swtqhpud.dll
d:\windows\system32\tfnlsa.dll
d:\windows\system32\thqkao.dll
d:\windows\system32\tjpdnqyu.ini
d:\windows\system32\tokxfa.dll
d:\windows\system32\toupxdfo.ini
d:\windows\system32\tudoadam.dll
d:\windows\system32\txabuhdi.ini
d:\windows\system32\tyjgwg.dll
d:\windows\system32\uawgpr.dll
d:\windows\system32\ubmeeiav.ini
d:\windows\system32\uhecuvyo.ini
d:\windows\system32\unutig.dll
d:\windows\system32\urqQkhIA.dll
d:\windows\system32\urwxxjvf.ini
d:\windows\system32\vhmvuq.dll
d:\windows\system32\vngjtl.dll
d:\windows\system32\webaskcq.dll
d:\windows\system32\WGjRAcfe.ini
d:\windows\system32\WGjRAcfe.ini2
d:\windows\system32\whhmolbn.ini
d:\windows\system32\wliciqqg.ini
d:\windows\system32\wsvgvpne.dll
d:\windows\system32\wtcfljhc.ini
d:\windows\system32\xjpkad.dll
d:\windows\system32\xllulqyc.ini
d:\windows\system32\xlrpsl.dll
d:\windows\system32\xnmedi.dll
d:\windows\system32\xonuml.dll
d:\windows\system32\xuhomu.dll
d:\windows\system32\xwfjdtes.ini
d:\windows\system32\yayyYpoN.dll
d:\windows\system32\yemrhh.dll
d:\windows\system32\ygjewonr.dll
d:\windows\system32\ygmzwf.dll
d:\windows\system32\yjsakbhn.ini
d:\windows\system32\yonqmp.dll
d:\windows\system32\ytjaqvqa.ini
d:\windows\system32\ytulmmjx.ini
d:\windows\system32\ywqbpmlx.ini
d:\windows\system32\zmqyye.dll
d:\windows\taskmgr.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-12 au 2009-02-12 ))))))))))))))))))))))))))))))))))))
.
2009-02-12 04:32 . 2009-02-12 04:32 <REP> d-------- d:\windows\system32\xircom
2009-02-12 04:32 . 2009-02-12 04:32 <REP> d-------- d:\windows\srchasst
2009-02-12 04:32 . 2009-02-12 04:32 <REP> d-------- d:\program files\microsoft frontpage
2009-02-12 04:08 . 2009-02-12 04:08 <REP> d-------- d:\program files\Trend Micro
2009-02-08 03:10 . 2009-02-08 03:10 <REP> d-------- d:\documents and settings\Artur\Application Data\vlc
2009-02-08 03:04 . 2009-02-12 04:29 <REP> d-------- d:\documents and settings\Artur\Application Data\LimeWire
2009-02-08 00:46 . 2006-07-31 17:00 49,152 -r------- d:\windows\system32\ChCfg.exe
2009-02-08 00:45 . 2009-02-08 00:45 <REP> d-------- d:\program files\Realtek
2009-02-08 00:45 . 2006-12-15 17:00 499,712 -r------- d:\windows\RtlExUpd.dll
2009-02-04 16:54 . 2009-02-04 16:54 <REP> d-------- D:\ProgramData
2009-01-20 06:34 . 2009-01-20 06:34 <REP> d-------- d:\program files\Uniblue
2009-01-20 05:04 . 2009-01-20 05:27 <REP> d-------- d:\program files\RivaTuner v2.22
2009-01-19 22:18 . 2009-01-19 22:18 <REP> d-------- d:\program files\Fichiers communs\Futuremark Shared
2009-01-18 03:25 . 2009-01-18 03:25 <REP> d-------- d:\program files\Fichiers communs\Adobe Systems Shared
2009-01-18 03:25 . 2009-01-18 03:25 <REP> d-------- d:\documents and settings\All Users\Application Data\Adobe Systems
2009-01-18 03:24 . 2009-01-18 03:27 <REP> d-------- d:\program files\Fichiers communs\Adobe
2009-01-16 19:27 . 2009-01-24 23:02 <REP> d-------- d:\documents and settings\Sona\Tracing
2009-01-15 23:43 . 2009-02-08 00:35 <REP> d-------- d:\documents and settings\Artur\Tracing
2009-01-15 23:42 . 2009-01-15 23:42 <REP> d-------- d:\program files\Windows Live SkyDrive
2009-01-15 23:42 . 2009-01-15 23:42 <REP> d-------- d:\program files\Microsoft
2009-01-15 23:41 . 2009-01-15 23:42 <REP> d-------- d:\program files\Windows Live
2009-01-15 23:39 . 2009-01-15 23:39 <REP> d-------- d:\program files\Fichiers communs\Windows Live
2009-01-15 23:21 . 2009-01-15 23:25 <REP> d-------- d:\documents and settings\All Users\Application Data\WLInstaller
2009-01-15 09:37 . 2009-01-15 09:37 42,320 --a------ d:\windows\system32\xfcodec.dll
2009-01-15 00:51 . 2009-01-15 00:51 268 --ah----- D:\sqmdata05.sqm
2009-01-15 00:51 . 2009-01-15 00:51 244 --ah----- D:\sqmnoopt05.sqm
2009-01-15 00:35 . 2009-01-15 00:35 268 --ah----- D:\sqmdata04.sqm
2009-01-15 00:35 . 2009-01-15 00:35 244 --ah----- D:\sqmnoopt04.sqm
2009-01-15 00:13 . 2009-01-15 00:13 <REP> d-------- d:\documents and settings\Artur\Application Data\New Technology Studio
2009-01-13 21:58 . 2009-01-13 21:59 <REP> d-------- d:\windows\SxsCaPendDel
2009-01-13 21:57 . 2009-01-13 21:57 <REP> d----c--- d:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-01-13 21:52 . 2009-01-13 21:52 <REP> dr-h----- D:\AHCache
2009-01-13 21:40 . 2008-04-13 10:46 85,248 --a------ d:\windows\system32\drivers\NABTSFEC.sys
2009-01-13 21:40 . 2008-04-13 10:46 19,200 --a------ d:\windows\system32\drivers\WSTCODEC.SYS
2009-01-13 21:40 . 2008-04-13 18:34 16,384 --a------ d:\windows\system32\ipsink.ax
2009-01-13 21:40 . 2008-04-13 10:46 15,232 --a------ d:\windows\system32\drivers\StreamIP.sys
2009-01-13 21:40 . 2008-04-13 10:46 11,136 --a------ d:\windows\system32\drivers\SLIP.sys
2009-01-13 21:40 . 2008-04-13 10:46 10,880 --a------ d:\windows\system32\drivers\NdisIP.sys
2009-01-13 21:40 . 2008-04-13 10:39 5,504 --a------ d:\windows\system32\drivers\MSTEE.sys
2009-01-13 21:39 . 2008-04-13 18:34 92,160 --a------ d:\windows\system32\kswdmcap.ax
2009-01-13 21:39 . 2008-04-13 18:34 61,952 --a------ d:\windows\system32\kstvtune.ax
2009-01-13 21:39 . 2008-04-13 18:33 54,784 --a------ d:\windows\system32\vfwwdm32.dll
2009-01-13 21:39 . 2008-04-13 18:34 43,008 --a------ d:\windows\system32\ksxbar.ax
2009-01-13 21:39 . 2008-04-13 18:34 28,672 --a------ d:\windows\system32\vidcap.ax
2009-01-13 21:39 . 2008-04-13 10:46 17,024 --a------ d:\windows\system32\drivers\CCDECODE.sys
2009-01-13 21:34 . 2005-07-19 17:31 53,248 -ra------ d:\windows\system32\InstMed.exe
2009-01-13 21:33 . 2009-01-13 21:33 <REP> d-------- d:\program files\Logitech
2009-01-13 21:33 . 2009-01-13 21:33 <REP> d-------- d:\program files\Fichiers communs\Logitech
2009-01-13 02:55 . 2009-01-13 02:56 <REP> d-------- d:\program files\Google
2009-01-13 02:55 . 2009-02-12 01:51 <REP> d-------- d:\documents and settings\All Users\Application Data\Google Updater
2009-01-12 23:03 . 2009-01-14 18:32 <REP> d-------- d:\documents and settings\Artur\Application Data\Mumble
2009-01-12 23:01 . 2009-01-12 23:03 <REP> d-------- d:\program files\Mumble
2009-01-12 15:28 . 2009-01-12 15:28 <REP> d-------- d:\documents and settings\LocalService\Application Data\Xfire
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 02:42 --------- d-----w d:\program files\Steam
2009-02-12 02:40 --------- d-----w d:\documents and settings\Artur\Application Data\Hamachi
2009-02-12 02:38 --------- d-----w d:\program files\SuperCopier2
2009-02-12 02:37 --------- d-----w d:\program files\ma-config.com
2009-02-12 02:37 --------- d-----w d:\documents and settings\All Users\Application Data\ma-config.com
2009-02-12 02:36 --------- d--h--w d:\program files\InstallShield Installation Information
2009-02-12 02:36 --------- d-----w d:\program files\Fichiers communs\DVDVideoSoft
2009-02-12 02:34 --------- d-----w d:\program files\Pcsx2_0.9.4
2009-02-11 23:26 --------- d-----w d:\program files\CCleaner
2009-02-11 16:13 --------- d-----w d:\program files\Xfire
2009-02-05 02:15 --------- d-----w d:\program files\Rockstar Games
2009-02-01 19:56 --------- d-----w d:\program files\SystemRequirementsLab
2009-01-23 07:13 --------- d-----w d:\documents and settings\Artur\Application Data\Xfire
2009-01-22 18:44 --------- d-----w d:\documents and settings\Artur\Application Data\uTorrent
2009-01-11 18:19 --------- d-----w d:\program files\Lavalys
2009-01-08 21:25 --------- d-----w d:\documents and settings\Artur\Application Data\ACASystems
2009-01-08 21:25 --------- d-----w d:\documents and settings\All Users\Application Data\ACASystems
2009-01-08 21:24 --------- d-----w d:\program files\ACASystems
2009-01-08 20:52 --------- d-----w d:\program files\DVDVideoSoft
2009-01-07 15:35 --------- d-----w d:\documents and settings\Artur\Application Data\Nonoh
2009-01-04 21:09 220 ----a-w D:\data.dll
2009-01-04 10:00 --------- d-----w d:\program files\Hamachi
2009-01-04 09:59 25,280 ----a-w d:\windows\system32\drivers\hamachi.sys
2009-01-04 09:52 --------- d-----w d:\documents and settings\NetworkService\Application Data\Xfire
2009-01-03 12:37 73,738 ----a-w d:\windows\firewall.exe
2009-01-02 10:18 --------- d-----w d:\program files\DAEMON Tools Lite
2009-01-02 08:52 --------- d-----w d:\documents and settings\Artur\Application Data\DAEMON Tools Lite
2009-01-02 08:51 --------- d-----w d:\documents and settings\Artur\Application Data\DAEMON Tools Pro
2009-01-02 08:51 --------- d-----w d:\documents and settings\Artur\Application Data\DAEMON Tools
2009-01-02 08:50 --------- d-----w d:\program files\DAEMON Tools Toolbar
2009-01-02 08:50 --------- d-----w d:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-02 08:45 717,296 ----a-w d:\windows\system32\drivers\sptd.sys
2009-01-02 06:10 --------- d-----w d:\program files\Futuremark
2009-01-01 14:36 --------- d-----w d:\documents and settings\All Users\Application Data\nView_Profiles
2008-12-29 01:27 --------- d-----w d:\program files\NaturalMotion
2008-12-26 19:34 --------- d-----w d:\program files\Bethesda Softworks
2008-12-15 19:19 --------- d-----w d:\documents and settings\Artur\Application Data\Uniblue
2008-12-14 21:15 22,328 ----a-w d:\windows\system32\drivers\PnkBstrK.sys
2008-12-14 21:15 --------- d-----w d:\documents and settings\All Users\Application Data\TEMP
2008-12-14 18:25 --------- d-----w d:\program files\Ray Adams
2008-12-14 16:20 --------- d-----w d:\program files\Fichiers communs\Wise Installation Wizard
2008-12-14 16:20 --------- d-----w d:\program files\AGEIA Technologies
2008-12-14 15:57 22,328 ----a-w d:\documents and settings\Artur\Application Data\PnkBstrK.sys
2008-12-14 15:48 --------- d-----w d:\program files\Activision
2008-12-14 13:33 28,160 ----a-w d:\program files\LaunchGTAIV.exe
2008-12-11 12:14 868,080 ----a-w d:\program files\Paul.dll
2008-12-08 17:05 601,789 ----a-w D:\cpu-z_cpu-z_1.49_anglais_11090.zip
2008-11-10 14:32 13,411,688 ----a-r d:\program files\GTAIV.exe
.
------- Sigcheck -------
2008-10-30 16:59 361600 e248a8391d7388a0a3679d1fb33e003d d:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue SpeedUpMyPC"="d:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [2008-04-02 9442584]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2008-12-02 13680640]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-18 d:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 d:\windows\SkyTel.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2008-08-26 d:\windows\system32\advpack.dll]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"d:\\Program Files\\Xfire\\Xfire.exe"=
"d:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Nonoh.net\\Nonoh\\Nonoh.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;d:\windows\system32\drivers\l151x86.sys [2008-12-06 37376]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{72B65CA5-5A85-BFCE-9E76-6CCD383258A4}]
D:\firewall.exe
.
Contenu du dossier 'Tâches planifiées'
2009-02-12 d:\windows\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 02:55]
2009-01-24 d:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
2008-12-15 d:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{3E1A2DE2-66DB-4B4B-9493-8D884662E004} - d:\windows\system32\urqQkhIA.dll
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext =
https://login.live.com/ppsecure/sha1auth.srf?lc=2060
uInternet Settings,ProxyServer = 212.156.96.206:8080
IE: ACA Capture: Capture all Flash... - d:\program files\ACASystems\ACACapturePro\add-ons\ie-flash-all.htm
IE: ACA Capture: Capture all images... - d:\program files\ACASystems\ACACapturePro\add-ons\ie-image-all.htm
IE: ACA Capture: Capture current image... - d:\program files\ACASystems\ACACapturePro\add-ons\ie-image.htm
IE: ACA Capture: Capture webpage contents to image... - d:\program files\ACASystems\ACACapturePro\add-ons\ie-webpage-to-image.htm
FF - ProfilePath - d:\documents and settings\Artur\Application Data\Mozilla\Firefox\Profiles\uvciouws.default\
FF - component: d:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: d:\documents and settings\Artur\Application Data\Mozilla\Firefox\Profiles\uvciouws.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: d:\program files\Google\Google Updater\2.4.1441.4352\npCIDetect13.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-02-12 04:33:23
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2000478354-484763869-1606980848-1005\Software\SecuROM\License information*]
"datasecu"=hex:34,71,ef,bb,61,35,6c,c1,87,89,2a,0a,2d,8e,46,3e,df,c4,96,2c,e9,
2f,c6,29,47,16,56,fb,67,7b,52,2b,6e,78,8c,54,35,da,59,3d,44,8d,2e,fb,35,89,\
"rkeysecu"=hex:a6,1b,81,6e,fb,46,c1,b0,73,6b,ee,92,cc,9c,e2,58
.
------------------------ Autres processus actifs ------------------------
.
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\nvsvc32.exe
d:\windows\system32\PnkBstrA.exe
.
**************************************************************************
.
Heure de fin: 2009-02-12 4:35:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-12 03:35:03
Avant-CF: 46.388.342.784 octets libres
Après-CF: 46,334,021,632 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
d:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
385
